Transcription
For NetworksAutomation for allAnsible te chnical introduction and ove rvie w
Automation happens when one person meetsa proble m the y ne ve r want to solve again
Teams are automating.Lines Of tructure
Ad- hoc Automation is happe ning in silosAnsible used in siloDevelopersDIY scripting automationSecurityOpe n source configmanage me nt toolInfrastructureProprie tary ve ndor supplie dautomationNetwork4Is organicautomation e nough?
Why Ansible?SimplePowerfulAgentlessHuman re adable automationApp de ployme ntAge ntle ss archite ctureNo spe cial coding skills ne e de dConfiguration manage me ntUse s Ope nSSH & WinRMTasks e xe cute d in orde rWorkflow orche strationNo age nts to e xploit or updateUsable by e ve ry te amNe twork automationGe t starte d imme diate lyGet productive quicklyOrchestrate the app lifecycleMore efficient & more secure
Red Hat Ansible Core6Cross platformHuman readablePerfect descriptionof applicationAgentless support for all major OSvariants, physical, virtual, cloud andnetwork devices.Perfectly describe and document everyaspect of your application environment.Version controlledDynamic inventoriesOrchestration playswell with othersPlaybooks are plain- text. Treat themlike code in your existing versioncontrol.Capture all the servers 100% of thetime, regardless of infrastructure,location, etc.Orchestration plays well with others:ServiceNow, Infoblox, AWS, Terraform,Cisco ACI and moreEvery change can be made byPlaybooks, ensuring everyone is on thesame page.
Red Hat Ansible Automation Platform 27Push buttonRESTful APIRBACAn intuitive user interface experiencemakes it easy for novice users toexecute playbooks you allow themaccess to.With an API first mentality every featureand function of Tower can be APIdriven. Allow seamless integration withother tools like ServiceNow andInfoblox.Allow restricting playbook access toauthorized users. One team can useplaybooks in check mode (read- only)while others have full administrativeabilities.Enterprise integrationsCentralized loggingWorkflowsIntegrate with enterprise authenticationlike TACACS , RADIUS, Azure AD.Setup token authentication with OAuth2. Setup notifications with PagerDuty,Slack and Twilio.All automation activity is securelylogged. Who ran it, how theycustomized it, what it did, where ithappened - all securely stored andviewable later, or exported throughAnsible Tower’s API.Ansible Tower’s multi- playbookworkflows chain any number ofplaybooks, regardless of whether theyuse different inventories, run asdifferent users, run at once or utilizedifferent credentials.
What can I do using Ansible?Automate the de ployme nt and manage me nt of your e ntire IT footprint.Do this.Orche strationConfigurationManage me ntApplicationDe ployme ntProvisioningContinuousDe live rySe curity andComplianceOn these.8Fire wallsLoad Balance rsApplicationsContaine rsCloudsSe rve rsInfrastructureStorageNe twork De vice sAnd more.
Ansible automates technologies you useTime to automate is measured in minutesCloudVirt & igital OceanGoogleOpenStackRackspace moreDockerVMwareRHVOpenStackOpenShift igsUsersDomains F5LenovoMikroTikJuniperOpenSwitch o AltoSnort moreDynatraceDatadogLogicMonitorNew RelicSensu moreOperatingSystemsRHELLinuxWindows moreStorageNetappRed HatStorageInfinidat moreDevopsJiraGitHubVagrantJenkinsSlack more
Ansible Automation Platform 2 .ADMINSANSIBLE CLI & CI SYSTEMSANSIBLE PLAYBOOKSROLE-BASEDACCESS CONTROLANSIBLETOWERKNOWLEDGE& VISIBILITYCLOUD.REDHAT.COMSCHEDULED &CENTRALIZED JOBSAUTOMATIONHUBTOWER APISIMPLE USER INTERFACEUSERSANSIBLEENGINEAUTOMATIONANALYTICSOPEN SOURCE MODULE LIBRARYPLUGINSPYTHON CODEBASECERTIFIED COLLECTIONSPARTNER COLLECTIONSPERFORMANCE DASHBOARDORGANIZATIONAL STATSTRANSPORTSSH, WINRM, NETWORK CLI, SECURITYCLOUDSERVICESAPP S,CONTAINERS ARISTA,CISCO,JUNIPERINFOBLOXF5 CHECKPOINT,QRADAR,SNORTCYBERARK,SPLUNK,FORTINET AWS,GOOGLE CLOUD,AZURE,IBM CLOUD DATABASES,LOGGING,SOURCE CONTROLMANAGEMENT PYTHON URITY &COMPLIANCEORCHESTRATION
Red Hat Ansible AutomationPlatform Le ade r in AutomationRed Hat named a Leader in The ForresterWave ( ): Infrastructure AutomationPlatforms, Q3 2019 “Reference customers said they were replacingother tools mentioned in this Forrester Wavewith Ansible and praised the solution’s ability tobridge operations and development.”Received highest possible score in the criteriaof planned enhancements, vision, consulting,training and support, community support, andmarket approach.“Red Hat’s solution is best for customers thatwant a holistic infrastructure automation solutionand could stand to rationalize a few unneededtools out of their portfolios.”
What makes up AnsibleAutomation Platform 2?
What makes a platform?Ansible automationProviding scalable, secure implementation for describing,building, and managing the deployment of enterprise ITapplications across diverse enterprise architectures.Combining the universal automationCloud serviceslanguage with cloud services andCloud services that facilitate team collaborationcertified content for automating,and provide operational analytics for automatingdeploying, and operating applications,infrastructure and services securely atenterprise scale.heterogeneous, hybrid environments.Certified contentExtends native platform capabilities with certified,supported content designed to expand the automationdomain and accelerate adoption for enterprise customers.13
Red Hat Ansible Platform technical deck: CreateWhat makes up an Ansible playbook?Plays14ModulesPlugins
Ansible playsWhat am I automating?What are they?Top level specification for a group of tasks.Will tell that play which hosts it will execute onand control behavior such as fact gathering orprivilege level.Building blocks for playbooksMultiple plays can exist within an Ansibleplaybook that execute on different hosts.--- name: install and start apachehosts: webbecome: yes
Ansible module sThe “tools in the toolkit”What are they?Parametrized components with internal logic,representing a single step to be done.The modules “do” things in Ansible.LanguageUsually Python, or Powershell for Windowssetups. But can be of any language.- name: latest index.html file .template:src: files/index.htmldest: /var/www/html/
Red Hat Ansible Platform technical deck: CreateAnsible pluginsThe “extra bits”What are they?Plugins are pieces of code that augmentAnsible’s core functionality. Ansible uses aplugin architecture to enable a rich, flexible,and expandable feature set.17Example become plugin:--- name: install and start apachehosts: webbecome: yesExample filter plugins:{{ some variable to nice json }}{{ some variable to nice yaml }}
Red Hat Ansible Platform technical deck: CreateAnsible role sReusable automation actionsWhat are they?Group your tasks and variables of yourautomation in a reusable structure. Write rolesonce, and share them with others who havesimilar challenges in front of them.18--- name: install and start apachehosts: webroles:- common- webservers
Red Hat Ansible Platform technical deck: CreateColle ctionsSimplified and consistent content deliveryWhat are they?Collections are a data structure containingautomation content: Module s Playbooks Role s Plugins Docs Te sts19
Red Hat Ansible Platform technical deck: CreateAutomation HubTrusted sourceCustomer controlledDeploying either on- prem or to a cloud, customers canrun their own private instances of Automation Hubintegrated into Red Hat Ansible Automation Platform.Private contentManage the lifecycle and internal distribution of in- houseAnsible content within Private Automation hub.Customizable Content CatalogVia synch from community (Galaxy) and supported(Automation Hub) sources, customers can supply internalusers with approved content in one controlled location inPrivate Automation hub.20
ANSIBLE NETWORK AUTOMATION65 1000 Ne tworkPlatformsNe tworkModule sGalaxyNe twork Role sansible .com/ for/ ne tworksgalaxy.ansible .com/ ansible - ne twork*Roles developed and maintained by Ansible Network Engineering15*
ANSIBLE NETWORK AUTOMATION
WHAT CAN I DO USING ANSIBLE OUR NETWORK?CONFIDENTIAL Designator Collect network device data Deploy a VLAN on multiple switches Update SNMP configuration on all network devices Load balancer configuration for new application servers Detect and correct configuration drift Modify access lists Establish new firewall rules Modify usernames and passwords across all network devices Configure QoS23
ANSIBLE FOR NETWORKS FAQ“”Q: Why should I use Ansible and not aproprietary network tool for network“”Q: How is Ansible a better choicethan Chef or Puppet?“”Q: How important is it to knowbash/Linux/Python when usingAnsible?automation?A: With a proprietary tool you are limitedA: Ansible is powered by a vibrant andA: Python is not required unless you plan toto one or a few platforms that arestrong community and was part of the Topdevelop custom modules. With the manysupported. Ansible is a cross-vendor10 Open Source Projects in 2019. Ourtraining and support options provided byautomation platform which can automatemission is to provide a Simple, PowerfulRed Hat; you can begin to learn all of theagainst 100’s of platforms and many moreand Agentless automation platform to thecomplementary skills required.in the near futuremarket. One that is easy to use, can scalewhen needed and be shared amongst yourteam and organization.24CONFIDENTIAL Designator
Strategic Use Cases
USE CASE: CREATE NEW LOCAL USER. PURGE ALL EXISTINGUSERS
USE CASE: ADD NEW CISCO USER27CONFIDENTIAL Designator
USE CASE: UPDATE AN ACCESS-LIST28CONFIDENTIAL Designator
USE CASE: ENABLE AN L2 PORT29CONFIDENTIAL Designator
USE CASE: CONFIGURE QoS30CONFIDENTIAL Designator
USE CASE: CREATE A CSV OF ALL SNMP HOST AND COMMUNITY STRINGS31CONFIDENTIAL Designator
Next steps:Get startedJoin the communityansible.com/get - startedansible.com/communityansible.com/tower - trialFreenode IRC - #ansible- network FreenodechannelSlack - https://ansiblenetwork.slack.comGetting started with AnsibleNetworkWorkshops and trainingShare your storyansible.com/workshopsFollow us @AnsibleRed Hat TrainingFriend us on Facebook
Thank youRed Hat is the world’s leading provider ofenterprise open source software solutions.linkedin.com/company/red -hatyoutube.com/ user/ AnsibleAutomationfacebook.com/ AnsibleAutomationAward-winning support, training, and consultingservices make Red Hat a trusted adviser to theFortune 5 0 0 .twitter.com/ Ansible
There are plugins. Plugins are pieces of code that augment Ansible’s core functionality. Ansible uses a plugin architecture to\ഠenable a rich, flexible and expandable feature set. Ansible ships with a number of handy plugins, and you can easily write
