Technical introduction to Red Hat Ansible
pbtest
127 views
50 slides
Sep 06, 2024
Slide 1 of 50
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
About This Presentation
Technical introduction to Red Hat Ansible
Slide Content
© IBM
Red Hat Ansible
Cloud & Cognitive Webinar Series
14 August 2019
Red Hat Ansible
Cloud & Cognitive Webinar Series
14 August 2019
© IBM
Cloud & Containerisation Webinar Series
•A Series of Webinars
•Technical Audience
•IBMers& Business Partners
•Delivered online –and recorded to view later & share with your teams
1 AP Webinar: Cloud & Containerisation Launch 12 June
2 AP Webinar: IBM Cloud Private -Under the hood for an hour 14 June
3 AP Webinar: Red Hat OpenShift -See it presented by a Red Hatter. 21 June
4 AP Webinar: Multi Cloud Manager -From zero to demo in an hour. 28 June
5 Technical introduction to Red Hat Ansible 14 August
6 Technical introduction to Red Hat Enterprise Linux & Red Hat Satellite21 August
7 Technical introduction to Red Hat OpenStack 28 August
Cloud & Containerisation Webinar Series
•A Series of Webinars
•Technical Audience
•IBMers& Business Partners
•Delivered online –and recorded to view later & share with your teams
1 AP Webinar: Cloud & Containerisation Launch 12 June
2 AP Webinar: IBM Cloud Private -Under the hood for an hour 14 June
3 AP Webinar: Red Hat OpenShift -See it presented by a Red Hatter. 21 June
4 AP Webinar: Multi Cloud Manager -From zero to demo in an hour. 28 June
5 Technical introduction to Red Hat Ansible 14 August
6 Technical introduction to Red Hat Enterprise Linux & Red Hat Satellite21 August
7 Technical introduction to Red Hat OpenStack 28 August
IBM Cloud / July 2019 / © 2019 IBM Corporation
Open standards to liberate apps, workloads, and developers
Open source ecosystems to speed innovation
Secure, open access to data and AI for new insights
Open standards to liberate apps, workloads, and developers
Open source ecosystems to speed innovation
Secure, open access to data and AI for new insights
IBM Cloud / July 2019 / © 2019 IBM Corporation
Expertise –Ecosystem
An extensive ecosystem built on open source and open standards accelerate innovation.
Expertise –Ecosystem
An extensive ecosystem built on open source and open standards accelerate innovation.
© IBM
Speaker
Brian Stinehart
Solution Architect
Red Hat
Speaker
Brian Stinehart
Solution Architect
Red Hat
Technical Introduction to Red Hat Ansible
Introduction to Ansible for engineers and operators
Introduction to Ansible for engineers and operators
●Introduction to automation
●How Ansible automation works
●Understanding Ansible modules and playbooks
●Executing Ansible playbooks
●Using Ansible Tower to scale automation to the enterprise
7
What you will learn
●How Ansible automation works
●Understanding Ansible modules and playbooks
●Executing Ansible playbooks
●Using Ansible Tower to scale automation to the enterprise
7
What you will learn
8
Automation happens when one person meets a
problem they never want to solve again
Automation happens when one person meets a
problem they never want to solve again
ACCELERATE INTEGRATE COLLABORATE
9
9
An enterprise-wide
automation strategy
INDIVIDUAL
TEAM
ENTERPRISE
must benefit individuals first.
automation strategy
INDIVIDUAL
TEAM
ENTERPRISE
must benefit individuals first.
11
Ansible Trajectory
Ansible Trajectory
Why Ansible?
Simple Powerful Agentless
App deployment
Configuration management
Workflow orchestration
Network automation
Orchestrate the app lifecycle
Human readable automation
No special coding skills needed
Tasks executed in order
Usable by every team
Get productive quickly
Agentless architecture
Uses OpenSSH & WinRM
No agents to exploit or update
Get started immediately
More efficient & more secure
Simple Powerful Agentless
App deployment
Configuration management
Workflow orchestration
Network automation
Orchestrate the app lifecycle
Human readable automation
No special coding skills needed
Tasks executed in order
Usable by every team
Get productive quickly
Agentless architecture
Uses OpenSSH & WinRM
No agents to exploit or update
Get started immediately
More efficient & more secure
RED HAT ANSIBLE TOWER
RED HAT ANSIBLE ENGINE
Scale + operationalize your automation
Support for your Ansible automation
CONTROL KNOWLEDGE DELEGATION
SIMPLE POWERFUL AGENTLESS
FUELED BY AN INNOVATIVE OPEN SOURCECOMMUNITY What is Ansible Automation?
RED HAT ANSIBLE ENGINE
Scale + operationalize your automation
Support for your Ansible automation
CONTROL KNOWLEDGE DELEGATION
SIMPLE POWERFUL AGENTLESS
FUELED BY AN INNOVATIVE OPEN SOURCECOMMUNITY What is Ansible Automation?
USE CASES
USERS
ANSIBLE
ENGINE PYTHON CODEBASE
OPEN SOURCE MODULE LIBRARY
PLUGINS
CLOUD
AWS,
GOOGLE CLOUD,
AZURE …
INFRASTRUCTURE
LINUX,
WINDOWS,
UNIX …
NETWORKS
ARISTA,
CISCO,
JUNIPER …
CONTAINERS
DOCKER,
LXC …
SERVICES
DATABASES,
LOGGING,
SOURCE CONTROL
MANAGEMENT…
TRANSPORT
SSH, WINRM, ETC.
AUTOMATE
YOUR
ENTERPRISE
ADMINS
ANSIBLE CLI & CI SYSTEMS
ANSIBLE PLAYBOOKS
….
ANSIBLE
TOWER
SIMPLE USER INTERFACE TOWER API
ROLE-BASED
ACCESS CONTROL
KNOWLEDGE
& VISIBILITY
SCHEDULED &
CENTRALIZED JOBS
CONFIGURATION
MANAGEMENT
APP
DEPLOYMENT
CONTINUOUS
DELIVERY
SECURITY &
COMPLIANCE
ORCHESTRATIONPROVISIONING
USERS
ANSIBLE
ENGINE PYTHON CODEBASE
OPEN SOURCE MODULE LIBRARY
PLUGINS
CLOUD
AWS,
GOOGLE CLOUD,
AZURE …
INFRASTRUCTURE
LINUX,
WINDOWS,
UNIX …
NETWORKS
ARISTA,
CISCO,
JUNIPER …
CONTAINERS
DOCKER,
LXC …
SERVICES
DATABASES,
LOGGING,
SOURCE CONTROL
MANAGEMENT…
TRANSPORT
SSH, WINRM, ETC.
AUTOMATE
YOUR
ENTERPRISE
ADMINS
ANSIBLE CLI & CI SYSTEMS
ANSIBLE PLAYBOOKS
….
ANSIBLE
TOWER
SIMPLE USER INTERFACE TOWER API
ROLE-BASED
ACCESS CONTROL
KNOWLEDGE
& VISIBILITY
SCHEDULED &
CENTRALIZED JOBS
CONFIGURATION
MANAGEMENT
APP
DEPLOYMENT
CONTINUOUS
DELIVERY
SECURITY &
COMPLIANCE
ORCHESTRATIONPROVISIONING
Common use cases
●Role out patches and
updates
●Schedule backups
●Restore from any timestamp
●Build workflows that rollback
Update, Backup and Restore
●Check configuration
standards
●Track configuration drift
●Enforce configuration policy
Configuration
●Adhere to security standards
●Build reports
●Audit systems and
configurations
Compliance
✓
✓ ✓ ✓
●Role out patches and
updates
●Schedule backups
●Restore from any timestamp
●Build workflows that rollback
Update, Backup and Restore
●Check configuration
standards
●Track configuration drift
●Enforce configuration policy
Configuration
●Adhere to security standards
●Build reports
●Audit systems and
configurations
Compliance
✓
✓ ✓ ✓
What else can I do using Ansible?
Automate the deployment and management of your entire IT footprint.
Orchestration
Do this...
Firewalls
Configuration
Management
Application
Deployment
Provisioning
Continuous
Delivery
Security and
Compliance
On these...
Load Balancers Applications Containers Clouds
Servers Infrastructure Storage And more...Network Devices
Automate the deployment and management of your entire IT footprint.
Orchestration
Do this...
Firewalls
Configuration
Management
Application
Deployment
Provisioning
Continuous
Delivery
Security and
Compliance
On these...
Load Balancers Applications Containers Clouds
Servers Infrastructure Storage And more...Network Devices
Ansible Automation works across teams
DEV QA/SECURITY I.T. OPERATIONSBUSINESS NETWORK
DEV QA/SECURITY I.T. OPERATIONSBUSINESS NETWORK
Cloud Virt & Container Windows Network Devops Monitoring
Ansible automates technologies you use
Time to automate is measured in minutes
AWS
Azure
Digital Ocean
Google
OpenStack
Rackspace
+more
Docker
VMware
RHV
OpenStack
OpenShift
+more
ACLs
Files
Packages
IIS
Regedits
Shares
Services
Configs
Users
Domains
+more
Arista
A10
Cumulus
Bigswitch
Cisco
Cumulus
Dell
F5
Juniper
Palo Alto
OpenSwitch
+more
Jira
GitHub
Vagrant
Jenkins
Bamboo
Atlassian
Subversion
Slack
Hipchat
+more
Dynatrace
Airbrake
BigPanda
Datadog
LogicMonitor
Nagios
New Relic
PagerDuty
Sensu
StackDriver
Zabbix
+more
Storage
Netapp
Red Hat Storage
Infinidat
+more
Operating Systems
Rhel And Linux
Unix
Windows
+more
Ansible automates technologies you use
Time to automate is measured in minutes
AWS
Azure
Digital Ocean
OpenStack
Rackspace
+more
Docker
VMware
RHV
OpenStack
OpenShift
+more
ACLs
Files
Packages
IIS
Regedits
Shares
Services
Configs
Users
Domains
+more
Arista
A10
Cumulus
Bigswitch
Cisco
Cumulus
Dell
F5
Juniper
Palo Alto
OpenSwitch
+more
Jira
GitHub
Vagrant
Jenkins
Bamboo
Atlassian
Subversion
Slack
Hipchat
+more
Dynatrace
Airbrake
BigPanda
Datadog
LogicMonitor
Nagios
New Relic
PagerDuty
Sensu
StackDriver
Zabbix
+more
Storage
Netapp
Red Hat Storage
Infinidat
+more
Operating Systems
Rhel And Linux
Unix
Windows
+more
7 Platforms
28 Modules
17 Platforms
141 Modules
29 Platforms
267 Modules
33 Platforms
463 Modules
2.1
May 2016
2.2
Oct 2016
2.3
Apr 2017
2.4
Sep 2017
NETWORK AUTOMATION PROGRESS
40 Platforms
572 Modules
2.5
Mar 2018
45 Platforms
639 Modules
2.6
Jun 2018
50 Platforms
700 Modules
2.7
Oct 2018
2.8
July 2019
65 Platforms
1000 Modules
28 Modules
17 Platforms
141 Modules
29 Platforms
267 Modules
33 Platforms
463 Modules
2.1
May 2016
2.2
Oct 2016
2.3
Apr 2017
2.4
Sep 2017
NETWORK AUTOMATION PROGRESS
40 Platforms
572 Modules
2.5
Mar 2018
45 Platforms
639 Modules
2.6
Jun 2018
50 Platforms
700 Modules
2.7
Oct 2018
2.8
July 2019
65 Platforms
1000 Modules
ANSIBLE AUTOMATION ENGINE
CMDB
USERS
INVENTORY
HOSTS
NETWORK
DEVICES
PLUGINS
CLI
MODULES
ANSIBLE PLAYBOOK
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
CMDB
USERS
INVENTORY
HOSTS
NETWORK
DEVICES
PLUGINS
CLI
MODULES
ANSIBLE PLAYBOOK
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
ANSIBLE AUTOMATION ENGINE
CMDB
USERS
INVENTORY
HOSTS
NETWORK
DEVICES
PLUGINS
CLI
MODULES
ANSIBLE PLAYBOOK
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
PLAYBOOKS ARE WRITTEN IN YAML
Tasks are executed sequentially
Invoke Ansible modules
CMDB
USERS
INVENTORY
HOSTS
NETWORK
DEVICES
PLUGINS
CLI
MODULES
ANSIBLE PLAYBOOK
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
PLAYBOOKS ARE WRITTEN IN YAML
Tasks are executed sequentially
Invoke Ansible modules
---
-name: install and start apache
hosts: web
become: yes
vars:
http_port: 80
tasks:
-name: httpd package is present
yum:
name: httpd
state: latest
-name: latest index.html file is present
copy:
src: files/index.html
dest: /var/www/html/
-name: httpd is started
service:
name: httpd
state: started
-name: install and start apache
hosts: web
become: yes
vars:
http_port: 80
tasks:
-name: httpd package is present
yum:
name: httpd
state: latest
-name: latest index.html file is present
copy:
src: files/index.html
dest: /var/www/html/
-name: httpd is started
service:
name: httpd
state: started
GITHUB
github.com/ansible/ansible-examples
LAMP + HAPROXY + NAGIOS
github.com/ansible/ansible-examples/tree/master/lamp_haproxy
WINDOWS
github.com/ansible/ansible-examples/tree/master/windows
SECURITY COMPLIANCE
github.com/ansible/ansible-lockdown
NETWORKAUTOMATION
ansible.com/linklight
github.com/network-automation
Playbook examples:
github.com/ansible/ansible-examples
LAMP + HAPROXY + NAGIOS
github.com/ansible/ansible-examples/tree/master/lamp_haproxy
WINDOWS
github.com/ansible/ansible-examples/tree/master/windows
SECURITY COMPLIANCE
github.com/ansible/ansible-lockdown
NETWORKAUTOMATION
ansible.com/linklight
github.com/network-automation
Playbook examples:
ANSIBLE AUTOMATION ENGINE
CMDB
USERS
INVENTORY
HOSTS
NETWORK
DEVICES
PLUGINS
CLI
ANSIBLE PLAYBOOK
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
MODULES ARE “TOOLS IN THE TOOLKIT”
Python, Powershell, or any language
Extend Ansible simplicity to the entire stack
MODULES
CORE NETWORK COMMUNITY
CMDB
USERS
INVENTORY
HOSTS
NETWORK
DEVICES
PLUGINS
CLI
ANSIBLE PLAYBOOK
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
MODULES ARE “TOOLS IN THE TOOLKIT”
Python, Powershell, or any language
Extend Ansible simplicity to the entire stack
MODULES
CORE NETWORK COMMUNITY
How Ansible Works
NETWORKING
DEVICES
LINUX/WINDOWS
HOSTS
Module code is
copied to the
managed node,
executed, then
removed
Module code is
executed locally on
the control node
NETWORKING
DEVICES
LINUX/WINDOWS
HOSTS
Module code is
copied to the
managed node,
executed, then
removed
Module code is
executed locally on
the control node
Module Documentation
https://docs.ansible.com/
●Documentation is required as part
of module submission
●Multiple Examples for every
module
●Broken into relevant sections
https://docs.ansible.com/
●Documentation is required as part
of module submission
●Multiple Examples for every
module
●Broken into relevant sections
ANSIBLE AUTOMATION ENGINE
CMDB
USERS
HOSTS
NETWORK
DEVICES
CLI
ANSIBLE PLAYBOOK
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
MODULES PLUGINS
INVENTORY
INVENTORY
[web]
webserver1.example.com
webserver2.example.com
[db]
dbserver1.example.com
[switches]
leaf01.internal.com
leaf02.internal.com
[firewalls]
checkpoint01.internal.com
[lb]
f5-01.internal.com
CMDB
USERS
HOSTS
NETWORK
DEVICES
CLI
ANSIBLE PLAYBOOK
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
MODULES PLUGINS
INVENTORY
INVENTORY
[web]
webserver1.example.com
webserver2.example.com
[db]
dbserver1.example.com
[switches]
leaf01.internal.com
leaf02.internal.com
[firewalls]
checkpoint01.internal.com
[lb]
f5-01.internal.com
ANSIBLE AUTOMATION ENGINE
USERS
HOSTS
NETWORK
DEVICES
CLI
ANSIBLE PLAYBOOK
MODULES PLUGINS
INVENTORY
CMDB
ServiceNow, Cobbler, BMC, Custom cmdb
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
CMDB
USERS
HOSTS
NETWORK
DEVICES
CLI
ANSIBLE PLAYBOOK
MODULES PLUGINS
INVENTORY
CMDB
ServiceNow, Cobbler, BMC, Custom cmdb
PUBLIC / PRIVATE
CLOUD
PUBLIC / PRIVATE
CLOUD
CMDB
ANSIBLE AUTOMATION ENGINE
USERS
HOSTS
NETWORK
DEVICES
CLI
ANSIBLE PLAYBOOK
MODULES PLUGINS
INVENTORY
PUBLIC / PRIVATE
CLOUD PUBLIC / PRIVATE
CLOUD
CLOUD
Red Hat Openstack, Red Hat Satellite, VMware,
AWS EC2, Rackspace, Google Compute Engine, Azure
CMDB
USERS
HOSTS
NETWORK
DEVICES
CLI
ANSIBLE PLAYBOOK
MODULES PLUGINS
INVENTORY
PUBLIC / PRIVATE
CLOUD PUBLIC / PRIVATE
CLOUD
CLOUD
Red Hat Openstack, Red Hat Satellite, VMware,
AWS EC2, Rackspace, Google Compute Engine, Azure
CMDB
Individual
ENGINE
Inventory
Target
Environment
Modules
Playbook
How Ansible Works
Source Control
Configuration
Playbooks
Credentials
ENGINE
Inventory
Target
Environment
Modules
Playbook
How Ansible Works
Source Control
Configuration
Playbooks
Credentials
How Ansible Works -The Power of Ansible Tower
1
2
3
4
5
6
7
8
9
1
2
3
4
5
6
7
8
9
[student1@ansible networking-workshop]$ ansible-playbook facts.yml
PLAY [gather information from routers] *********************************************************
TASK [gather router facts] *******************************************************************
ok: [rtr1]
PLAY RECAP ******************************************************************************
rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Running the Ansible Playbook
What did this Ansible Playbook do?
PLAY [gather information from routers] *********************************************************
TASK [gather router facts] *******************************************************************
ok: [rtr1]
PLAY RECAP ******************************************************************************
rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Running the Ansible Playbook
What did this Ansible Playbook do?
[student1@ansible networking-workshop]$ ansible-playbook facts.yml -v
PLAY [gather information from routers] *********************************************************
Using /home/student1/.ansible.cfg as config file
TASK [gather router facts] *******************************************************************
ok: [rtr1] => changed=false
ansible_net_iostype: IOS-XE
ansible_net_memtotal_mb: 2180495
ansible_net_model: CSR1000V
ansible_net_python_version: 2.7.5
ansible_net_serialnum: 964A1H0D1RM
ansible_net_system: ios
ansible_net_version: 16.09.02
<<abbreviated output>>
PLAY RECAP ******************************************************************************
rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Running the Ansible Playbook with verbosity
PLAY [gather information from routers] *********************************************************
Using /home/student1/.ansible.cfg as config file
TASK [gather router facts] *******************************************************************
ok: [rtr1] => changed=false
ansible_net_iostype: IOS-XE
ansible_net_memtotal_mb: 2180495
ansible_net_model: CSR1000V
ansible_net_python_version: 2.7.5
ansible_net_serialnum: 964A1H0D1RM
ansible_net_system: ios
ansible_net_version: 16.09.02
<<abbreviated output>>
PLAY RECAP ******************************************************************************
rtr1 : ok=1 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
Running the Ansible Playbook with verbosity
Build reports with Ansible Facts
AUTOMATION ACROSS
THE ENTERPRISE
THE ENTERPRISE
36 CONFIDENTIAL
Individual
Network
device
Playbooks
ENGINE
Individual
Windows Team Network Team
Playbooks Playbooks
Network
device
Teams
Windows Team Network Team
Playbooks Playbooks
Network
device
Virtual project or
automation Team
WORKFLOW
Enterprise
Extending Ansible to the Enterprise
Individual
Network
device
Playbooks
ENGINE
Individual
Windows Team Network Team
Playbooks Playbooks
Network
device
Teams
Windows Team Network Team
Playbooks Playbooks
Network
device
Virtual project or
automation Team
WORKFLOW
Enterprise
Extending Ansible to the Enterprise
Automatic Provisioning at Speed
and Scale -The Journey.
and Scale -The Journey.
38 CONFIDENTIAL
Post Installation
-Basic Sanity Checks
-Compliance Checks
-Initiate Pen tests.
Post build configuration
-NTP
-DNS
-Compliance & Security. C2S, STIG
-Install Additional Software
Stage 1: improving existing processes
SOE Request
Initiated by Service Desk.
-Approvals
-Change Control
-Business Processes
Build workload specific SOE (Keep
current tooling in place)
-Satellite & SCCM
-Vmware & Hyper-V Templates
-Cloud Instance templates (AMI,
ARM..)
API Call back to
Service Desk to close
off process
Your organisationmay have invested in processes and tooling for
server provisioning. A good first step is to use Ansible to
complement existing investments by:
●Streamlining the manual process into an automation workflow
●Improving the process with pre/post config and testing
●Filling gaps in current tooling
Initiate build
-Pre-Installation checks.
Fail fast
Post Installation
-Basic Sanity Checks
-Compliance Checks
-Initiate Pen tests.
Post build configuration
-NTP
-DNS
-Compliance & Security. C2S, STIG
-Install Additional Software
Stage 1: improving existing processes
SOE Request
Initiated by Service Desk.
-Approvals
-Change Control
-Business Processes
Build workload specific SOE (Keep
current tooling in place)
-Satellite & SCCM
-Vmware & Hyper-V Templates
-Cloud Instance templates (AMI,
ARM..)
API Call back to
Service Desk to close
off process
Your organisationmay have invested in processes and tooling for
server provisioning. A good first step is to use Ansible to
complement existing investments by:
●Streamlining the manual process into an automation workflow
●Improving the process with pre/post config and testing
●Filling gaps in current tooling
Initiate build
-Pre-Installation checks.
Fail fast
39 CONFIDENTIAL
As you go, look to further improve the process by reducing the
number of tools and manual steps
For example use Ansible modules that can hook into VMWare and
Cloud APIs to provision base templates.
Initiate build
-Pre-Installation checks.
Fail fast
Post build configuration
-NTP
-DNS
-Compliance & Security. C2S, STIG
-Install Additional Software
SOE Request
Initiated by Service Desk.
-Approvals
-Change Control
-Business Processes
API Call back to
Service Desk to close
off process
Build workload specific SOE
(Ansible modules)
-Vmware & Hyper-V Templates
-Cloud Instance templates (AMI,
ARM..)
Post Installation
-Basic Sanity Checks
-Compliance Checks
-Initiate Pen tests.
Stage 2: reducing the number of tools
As you go, look to further improve the process by reducing the
number of tools and manual steps
For example use Ansible modules that can hook into VMWare and
Cloud APIs to provision base templates.
Initiate build
-Pre-Installation checks.
Fail fast
Post build configuration
-NTP
-DNS
-Compliance & Security. C2S, STIG
-Install Additional Software
SOE Request
Initiated by Service Desk.
-Approvals
-Change Control
-Business Processes
API Call back to
Service Desk to close
off process
Build workload specific SOE
(Ansible modules)
-Vmware & Hyper-V Templates
-Cloud Instance templates (AMI,
ARM..)
Post Installation
-Basic Sanity Checks
-Compliance Checks
-Initiate Pen tests.
Stage 2: reducing the number of tools
40 CONFIDENTIAL
-Allow teams to provision corporate standard SOE’s for on-premise and
clouds as required after approval process complete
-Allow teams to extend SOE build to deliver the outcome
Network Config
-Firewall, Ports
-VPC
-VLANs
-Access Control Lists
Application/Business
Outcome
Application, CICD, Testing
teams
call Tower API
API Call back to
Service Desk to close
one process and raise
another
Application builds &
configuration
-AppServers
-DBServers
-Middleware
Initiate build
-Pre-Installation checks.
Fail fast
Post build configuration
-NTP
-DNS
-Compliance & Security. C2S, STIG
-Install Additional Software
SOE Request
Initiated by Service Desk.
-Approvals
-Change Control
-Business Processes
Build workload specific SOE
(Ansible modules)
-Vmware & Hyper-V Templates
-Cloud Instance templates (AMI,
ARM..)
Post Installation
-Basic Sanity Checks
-Compliance Checks
-Initiate Pen tests.
Stage 3: self service the SOE process & extend
-Allow teams to provision corporate standard SOE’s for on-premise and
clouds as required after approval process complete
-Allow teams to extend SOE build to deliver the outcome
Network Config
-Firewall, Ports
-VPC
-VLANs
-Access Control Lists
Application/Business
Outcome
Application, CICD, Testing
teams
call Tower API
API Call back to
Service Desk to close
one process and raise
another
Application builds &
configuration
-AppServers
-DBServers
-Middleware
Initiate build
-Pre-Installation checks.
Fail fast
Post build configuration
-NTP
-DNS
-Compliance & Security. C2S, STIG
-Install Additional Software
SOE Request
Initiated by Service Desk.
-Approvals
-Change Control
-Business Processes
Build workload specific SOE
(Ansible modules)
-Vmware & Hyper-V Templates
-Cloud Instance templates (AMI,
ARM..)
Post Installation
-Basic Sanity Checks
-Compliance Checks
-Initiate Pen tests.
Stage 3: self service the SOE process & extend
41 CONFIDENTIAL
Ansible Tower
-Schedule non critical patching &
Upgrades
-Apply compliance config
-Log outputs to SIEM
Day 2 -Updates/Patching/Continuous Compliance
Day N -Maintenance/Break Fix
Ansible Tower
-Break Fix
-Ad Hoc commands at scale
-Log Outputs to SIEM
-Resist, Resist, Resist manual
change -aspire for 80%
automated 20% manual
Team XWindows Team Network Team
Playbooks Playbooks
Network
device
Virtual project or
automation Team
WORKFLOW
Enterprise
Enterprise Tooling
-Helpdesk
-ServiceNow
-Monitoring
-Privileged Accounts
-CMDB....
Source Control
Stage 4: Day 2-N operations is just as important
Ansible Tower
-Schedule non critical patching &
Upgrades
-Apply compliance config
-Log outputs to SIEM
Day 2 -Updates/Patching/Continuous Compliance
Day N -Maintenance/Break Fix
Ansible Tower
-Break Fix
-Ad Hoc commands at scale
-Log Outputs to SIEM
-Resist, Resist, Resist manual
change -aspire for 80%
automated 20% manual
Team XWindows Team Network Team
Playbooks Playbooks
Network
device
Virtual project or
automation Team
WORKFLOW
Enterprise
Enterprise Tooling
-Helpdesk
-ServiceNow
-Monitoring
-Privileged Accounts
-CMDB....
Source Control
Stage 4: Day 2-N operations is just as important
THE LAST STAGE?
Ansible Playbook +
Network config.
Make Changes
Control Version
Check Out Branch
Check In Branch /
Create PR
1 Notifies of pass /
fail
Monitors repository
for changes
Test changes
Notify of PR
2
Merge Branch
3
Deploy Playbooks
Notifies of
deployment
Pulls new
Playbooks
4
Ansible Playbook +
Network config.
Make Changes
Control Version
Check Out Branch
Check In Branch /
Create PR
1 Notifies of pass /
fail
Monitors repository
for changes
Test changes
Notify of PR
2
Merge Branch
3
Deploy Playbooks
Notifies of
deployment
Pulls new
Playbooks
4
43
●Ansible Automation Training workshops -Windows, Linux and Networking
○hands on Ansible playbook training hosted onsite to upskill resources and increase adoption
●Ansible use case discovery workshops & ROI exercises
○Workshop to help uncover high business impact, low cost to implement automation use cases
to help drive an investment in Ansible automation
●Red Hat supported MVP Ansible Tower trials
○Prove a use case in your environment to support business case development
●Ansible smart start programs
○Combine Ansible Red Hat Training and Red Hat consulting services to fasttrackyour journey to
ROI.
Next Steps?
●Ansible Automation Training workshops -Windows, Linux and Networking
○hands on Ansible playbook training hosted onsite to upskill resources and increase adoption
●Ansible use case discovery workshops & ROI exercises
○Workshop to help uncover high business impact, low cost to implement automation use cases
to help drive an investment in Ansible automation
●Red Hat supported MVP Ansible Tower trials
○Prove a use case in your environment to support business case development
●Ansible smart start programs
○Combine Ansible Red Hat Training and Red Hat consulting services to fasttrackyour journey to
ROI.
Next Steps?
And we are just getting
started…
started…
GET STARTED JOIN THE COMMUNITY
WORKSHOPS & TRAINING SHARE YOUR STORY
ansible.com/get-started
ansible.com/tower-trial
ansible.com/workshops
Red Hat Training
ansible.com/community
Follow us @Ansible
Friend us on Facebook
Next Steps
WORKSHOPS & TRAINING SHARE YOUR STORY
ansible.com/get-started
ansible.com/tower-trial
ansible.com/workshops
Red Hat Training
ansible.com/community
Follow us @Ansible
Friend us on Facebook
Next Steps
Chat with us
●Slack
https://ansiblenetwork.slack.com
Join by clicking here https://bit.ly/2OfNEBr
●IRC
#ansible-network on freenode
http://webchat.freenode.net/?channels=ansible-network
●Slack
https://ansiblenetwork.slack.com
Join by clicking here https://bit.ly/2OfNEBr
●IRC
#ansible-network on freenode
http://webchat.freenode.net/?channels=ansible-network
Bookmark the Github organization
●Examples, samples and
demos
●Run network topologies
right on your laptop
●Examples, samples and
demos
●Run network topologies
right on your laptop
CONFIDENTIAL Designator
linkedin.com/company/red-hat
youtube.com/AnsibleAutomation
facebook.com/ansibleautomation
twitter.com/ansible
github.com/ansible
CORPORATE SLIDE TEMPLATES
49
Thank you
linkedin.com/company/red-hat
youtube.com/AnsibleAutomation
facebook.com/ansibleautomation
twitter.com/ansible
github.com/ansible
CORPORATE SLIDE TEMPLATES
49
Thank you
© IBM
Cloud & Containerisation Webinar Series
•A Series of Webinars
•Technical Audience
•IBMers& Business Partners
•Delivered online –and recorded to view later & share with your teams
1 AP Webinar: Cloud & Containerisation Launch 12 June
2 AP Webinar: IBM Cloud Private -Under the hood for an hour 14 June
3 AP Webinar: Red Hat OpenShift -See it presented by a Red Hatter. 21 June
4 AP Webinar: Multi Cloud Manager -From zero to demo in an hour. 28 June
5 Technical introduction to Red Hat Ansible 14 August
6 Technical introduction to Red Hat Enterprise Linux & Red Hat Satellite21 August
7 Technical introduction to Red Hat OpenStack 28 August
Cloud & Containerisation Webinar Series
•A Series of Webinars
•Technical Audience
•IBMers& Business Partners
•Delivered online –and recorded to view later & share with your teams
1 AP Webinar: Cloud & Containerisation Launch 12 June
2 AP Webinar: IBM Cloud Private -Under the hood for an hour 14 June
3 AP Webinar: Red Hat OpenShift -See it presented by a Red Hatter. 21 June
4 AP Webinar: Multi Cloud Manager -From zero to demo in an hour. 28 June
5 Technical introduction to Red Hat Ansible 14 August
6 Technical introduction to Red Hat Enterprise Linux & Red Hat Satellite21 August
7 Technical introduction to Red Hat OpenStack 28 August
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 127
- Slides 50
- Age 451 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views