foolproof ansible playbooks with molecule
play

Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1 - PowerPoint PPT Presentation

Mar 26, 2024 •556 likes •831 views

Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1 Nathaniel Beckstead Automation extraordinaire Never enough infrastructure Favorite ice cream flavor is mint chocolate chip 2 Ansible 3 Ansible

  1. Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1

  2. Nathaniel Beckstead Automation ● extraordinaire Never enough ● infrastructure Favorite ice cream ● flavor is mint chocolate chip 2

  3. Ansible 3

  4. Ansible Configuration management ● Manage servers ○ Connect over SSH/WinRM ■ Deploy applications ○ Configure services ○ Executes tasks ● Make user ○ Start service ○ Download a file ○ …. ○ Written in Python ● 4

  5. YAML Ain't Markup Language Data serialization format ● JSON ○ XML ○ Common configuration file format ● 5

  6. Ansible Inventory Set of hosts Ansible has access to ● INI format ● Groups ● Variables ● Host Variables ● IP, Hostname ○ SSH User, Password/Keyfile ○ 6

  7. Ansible Tasks ● Execute single action ○ ex. Install package ○ Roles ● List of tasks ○ Reusable ○ Ex. Install and configure NGINX ○ Connects variables, files, templates ○ Playbooks ● Connect roles to hosts ○ 7

  8. Testing 8

  9. Test Automation Reliable ● Simultaneous ● Test same change on different OS’s, devices, ○ browsers, etc in parallel Reduce time and effort ● Available 24/7 ○ 9

  10. Testing Ansible Playbooks “Can’t you just run the playbook to test it?” - Anonymous Challenge: Ansible requires infrastructure Create base test server ● Setup access ○ Configure the test Ansible inventory ○ Run ansible-playbook commands ● Check for expected behavior ● Reset to snapshot ● 10

  11. Molecule Aids in the development and testing of Ansible roles. Created by Metacloud ● OpenStack-based on-prem private cloud ○ Bought by Cisco ○ GitHub full of tools for Ansible and OpenStack ○ https://github.com/metacloud/molecule 11

  12. Molecule - Init Role pip install molecule docker-py molecule init role -r myapp --verifier-name goss 12

  13. Molecule - Init Role Creates initial Ansible files and Molecule configuration ● *Can test an existing role with init scenario 13

  14. Molecule Test ● Style and syntax ○ That it actually works ○ Idempotence ○ On Varying ● Operating Systems ○ Distributions ○ Virtualization Providers ○ Testing Frameworks ○ 14

  15. Molecule - Lint Yamllint ● All YAML files ○ Flake8 ● Testinfra ○ PEP 8 ○ Ansible-lint ● Ansible playbooks ○ Strict by default ● Warnings (trailing whitespace) will stop testing ○ Set rules to ignore ○ Create the best playbooks possible ● 15

  16. Molecule - Destroy Destroy any preexisting containers used by Molecule ● 16

  17. Molecule - Dependency Pull in other roles ● Support for Ansible Galaxy, Gilt, or shell commands ● 17

  18. Molecule - Syntax Have Ansible natively check for syntax errors ● 18

  19. Molecule - Create Supports multiple providers (called Drivers ) ● Docker, Azure, EC2, GCE, Vagrant ○ Actual creation done by the Provisioner (Ansible) ● Creates Instances ● 19

  20. Molecule - Prepare Get the instance to a state you want before converging ● Base enterprise configuration ● 20

  21. Molecule - Converge Run the role being tested on all instances ● Runs like a normal playbook ● 21

  22. Molecule - Idempotence “An operation is idempotent if the result of performing it once is exactly the ● same as the result of performing it repeatedly without any intervening actions.” - Ansible Docs Check that there are no unexpected changes when running a playbook ● multiple times If no tasks are marked as changed, role is considered idempotent by ● Molecule 22

  23. Molecule - Side-Effect “Post-Tasks” to test operability of installed services ● Test situations like high availability failover ● Disabled by default ● 23

  24. Molecule - Verify Test the actual server state after ● configuration Supports multiple verifiers ● Testinfra ○ Python ■ Goss ○ YAML ■ Inspec (Chef) ○ 24

  25. Molecule - Destroy Destroy any containers used by Molecule ● Use molecule test --destroy never to keep instance up ● Debugging ○ 25

  26. Demo 26

  27. Resources 1. Ansible Hacknight Presented by Sean Newman 10/29 7-11pm Seclab a. 2. Ansible Crash Course Shoutout to Duc for starring this on GitHub a. b. https://github.com/blacksaildivision/ansible-tutorial 3. Molecule GitHub Repo a. https://github.com/metacloud/molecule 4. The Wizard: Ansible, Molecule and Test Driven Development a. https://blog.octo.com/en/the-wizard-ansible-molecule-and-test-driven-development/ 5. Digital Ocean Tutorial a. https://www.digitalocean.com/community/tutorials/how-to-test-ansible-roles-with-molecule-on-ubuntu-1 6-04 6. Goss Manual a. https://github.com/aelsabbahy/goss/blob/master/docs/manual.md 27

Recommend

Ansible in Operatjon Bruce Becker: Coordinator, SAGrid | bbecker@csir.co.za |

Ansible in Operatjon Bruce Becker: Coordinator, SAGrid | bbecker@csir.co.za |

Ansible in Operatjon Bruce Becker: Coordinator, SAGrid | bbecker@csir.co.za | http://www.sagrid.ac.za Learning Goals Manage inventory Ansible ad-hoc commands Write & run Playbooks Understanding of variables Loops and

586 views • 33 slides
The FoolProof Initiative FoolProof Financial Education: For no cost to schools: A program that

The FoolProof Initiative FoolProof Financial Education: For no cost to schools: A program that

10/22/14& The FoolProof Initiative FoolProof Financial Education: For no cost to schools: A program that quickly engages students. Unique type of web-driven financial literacy instruction. 1& 10/22/14& What FoolProof Provides:

480 views • 19 slides
Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible?

Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible?

Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible? Ansible is an open source automation engine Why Ansible? Modular Idempotent Huge support/community Agentless Simple to learn

709 views • 29 slides
Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com

Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com

Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com Introduction What is Ansible? Ansible.com Gaining momentum Ansible on GitHub Very fast learning curve Python based Easy to get

375 views • 18 slides
SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red Hat whoami ? 2 AGENDA Ansible use cases Information security Why Ansible? Examples Get involved 3 FreeImages.com/kovik COMMON ANSIBLE USE

495 views • 22 slides
SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red Hat whoami ? 2 AGENDA Ansible use cases Information security Why Ansible? Examples Get involved 3 FreeImages.com/kovik COMMON ANSIBLE USE

513 views • 29 slides
Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible?

Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible?

Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible? software platform for CM systems Agentless Secure Scalable ....so what can we do with ansible? package installation

497 views • 16 slides
Ansible weithenn.org Agenda Infrastructure as Code

Ansible weithenn.org Agenda Infrastructure as Code

Ansible AWX Ansible weithenn.org Agenda Infrastructure as Code (IaC) Why Ansible Ansible Engine vs Tower vs AWX Ansible AWX Features Use Case Demo 3 Infrastructure as Code (IaC)

622 views • 23 slides
Life Skills Curriculum ADD PIX OF HOME PAGE OF CRONKITEPROJECTTHAT REALLY GREAT PIX AND

Life Skills Curriculum ADD PIX OF HOME PAGE OF CRONKITEPROJECTTHAT REALLY GREAT PIX AND

High School Financial Literacy Life Skills Curriculum ADD PIX OF HOME PAGE OF CRONKITEPROJECTTHAT REALLY GREAT PIX AND THE FOOLPROOF EXISTS BECAUSE OF WALTER CRONKITE FoolProof Florida You can use FoolProof right away, for free!

368 views • 26 slides
Whats New With Ansible Collections Diving into the How to use Collections with Ansible

Whats New With Ansible Collections Diving into the How to use Collections with Ansible

INSERT CONFIDENTIAL designator Whats New With Ansible Collections Diving into the How to use Collections with Ansible 2.9.10+ and beyond Andrius Benokraitis Iftikhar Khan Bradley Thornton Sr. Principal Product Manager Sr. Manager,

423 views • 19 slides
ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub:

ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub:

ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub: tima Twitter: appnelgroup THE ANSIBLE WAY 2 COMPLEXITY KILLS PRODUCTIVITY That's not just a marketing slogan. We really mean it and believe that.

922 views • 38 slides
Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow

Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow

Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow 2016 @steinim stein.inge.morisbak@BEKK.no OPEN Slides Slides http://steinim.github.io/slides/devopspro/zero-downtime-ansible/tutorial.html Source

884 views • 61 slides
Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez

Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez

Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez Hernndez Don Vosburg SUSE Senior Software Engineer SUSE Technology Specialist psuarezhernandez@suse.com dvosburg@suse.com People are using Ansible

476 views • 31 slides
ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan

ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan

ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan cloudguy@redhat.com about jduncan 6+ years with Red Hat Coming Soon #shamelessPlug My daughter Elizabeth #cutestThingEver 2 THIS SESSION IS ABOUT

656 views • 37 slides
Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible

Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible

Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible Engineering Agenda Whats a Collection? Why Collections? Deep dive with Collections Collection demo Ansible galaxy for Collections

904 views • 21 slides
Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this

Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this

Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this would be proof Its is not the pretiest, but it is functional Assuming you use LaTeX Who doesnt? Shame on you. Robin Long ( Lancaster

111 views • 7 slides
Single Molecule Bio-Physics Single Molecule Fluorescence Techniques Single Molecule Fluorescence

Single Molecule Bio-Physics Single Molecule Fluorescence Techniques Single Molecule Fluorescence

Single Molecule Bio-Physics Single Molecule Fluorescence Techniques Single Molecule Fluorescence Techniques State of the Art imaging of single (immobilized) fluorescent Cy5 molecules Pictures: Tinnefeld Lab Fluorescence Techniques / GFP Green

1.16k views • 50 slides
Managing 15,000 network devices with Ansible Landon Holley & James Mighion December 4, 2018

Managing 15,000 network devices with Ansible Landon Holley & James Mighion December 4, 2018

Managing 15,000 network devices with Ansible Landon Holley & James Mighion December 4, 2018 What is it Combining the foundation of Ansible Engine with the enterprise abilities of Ansible Tower to automate physical networking devices.

253 views • 22 slides
SUSE Cloud 8 CLM Overview Input Model and Configuration Processor Configuration Processing Flow

SUSE Cloud 8 CLM Overview Input Model and Configuration Processor Configuration Processing Flow

SUSE Cloud 8 CLM Overview Input Model and Configuration Processor Configuration Processing Flow Key Build Artifacts Ansible Playbooks Ardana release Configuration file templates Generated Customer Examples Service Edit Definitions

108 views • 10 slides
ANSIBLE Configuration Management System done right Fabio Alessandro Locati Senior Cloud

ANSIBLE Configuration Management System done right Fabio Alessandro Locati Senior Cloud

ANSIBLE Configuration Management System done right Fabio Alessandro Locati Senior Cloud Consultant 29 November 2016 OUTLINE Intro Automation Automation Concepts Ansible 2 INTRO IT Consultant since 2004 Ansible user since 2013

1.11k views • 55 slides
FREEIPA INSTALLATION USING ANSIBLE-FREEIPA FOSDEM - 2018-02-03 Thomas Wrner Senior Software

FREEIPA INSTALLATION USING ANSIBLE-FREEIPA FOSDEM - 2018-02-03 Thomas Wrner Senior Software

FREEIPA INSTALLATION USING ANSIBLE-FREEIPA FOSDEM - 2018-02-03 Thomas Wrner Senior Software Engineer, Red Hat Inc. https://github.com/freeipa/ansible-freeipa/ AGENDA Project goals IPA installers vs. ansible-freeipa IPA client installation

406 views • 16 slides
Quick Poll questions How familiar are you with Ansible? Yes/No Are you using IBM Power

Quick Poll questions How familiar are you with Ansible? Yes/No Are you using IBM Power

Quick Poll questions How familiar are you with Ansible? Yes/No Are you using IBM Power Systems? Yes/No Which OS are you running on Power? AIX, IBM i or Linux (Multi-select) Have you used any Ansible modules to automate AIX and

283 views • 17 slides
Ansible A brief overview Robin Long June 22, 2016 Robin Long (Lancaster University) Ansible

Ansible A brief overview Robin Long June 22, 2016 Robin Long (Lancaster University) Ansible

Ansible A brief overview Robin Long June 22, 2016 Robin Long (Lancaster University) Ansible June 22, 2016 1 / 1 Introduction How could we configure a server? Manual install? - Slow Shell scripts? - What is I run them a second

468 views • 23 slides
Making Default Address Selection More Robust FoolProof

Making Default Address Selection More Robust FoolProof

Making Default Address Selection More Robust FoolProof draft-linkova-6man-default-addr-selection-update-00 Jen Linkova IETF99, Prague, July 2017 When Does a Host Stop Using an Address? Preferred lifetime expired An RA received

540 views • 14 slides

More recommend