View
834
Download
1
Category
Preview:
Citation preview
Extending AnsibleWhen you want some more of your favorite tool
Ansible Benelux meetup, 11-02-2016Amsterdam, Sentia
Pavel Chunyayev
@PavelChunyayev
Amsterdam
Levi9 HQAmsterdam – 2005
25 people
Novi Sad
SerbiaNovi Sad – 2005
320+ people
Zrenjanin
SerbiaZrenjanin– 2014
30+ people
Iasi
RomaniaIasi – 200780+ people
Kiev
UkraineKiev – 2008130+ people
@PavelChunyayev
Electronic Retail
DigitalMarketing
Traffic and Transport
Software Services
@PavelChunyayev
Customer satisfaction 2015
• 4th year great results in Outsourcing Performance study
• 2015: 100% customer recommendation scoreExcellent trust score
@PavelChunyayev
About me• 12 years of IT experience• Lived and worked in Ukraine and Estonia • Moved a year and half ago to the Netherlands
• Learning Dutch• Love cycling
• De Hollandse 100 - https://www.dehollandse100.nl/actie/pavel-chunyayev• Alpe d’HuZes - http://deelnemers.opgevenisgeenoptie.nl/levi9
Continuous Delivery
* I had to talk about Continuous Delivery shortly. I’m Continuous Delivery Architect after all.
Safely, rapidly and predictably deliver new features to production
@PavelChunyayev
Continuous Delivery
• Faster time to market
• How many deployments a day?
• Time between committing line of code and running in
production
It’s not only about speed
@PavelChunyayev
It’s not only about speed•Right process to support continuous feature delivery,
improvements and learning.
•Proper testing to be able to deliver at high speed.
Quality > Speed
Continuous DeliveryBuild • Test • DeployAnsible is perfect for Continuous DeliveryEspecially with immutable infrastructure
Ansible is powerful out of the boxExtremely easy to extend
@PavelChunyayev
Plenty of information on the internet• Most covers Ansible pre 2.0, but perfect to start with• http://slides.com/alejandroguiraorodriguez/ee-ansible-with-python• http://tylerturk.com/extending-ansible/• http://www.slideshare.net/YanKurniawan1/extending-ansible• http://www.llabs.io/ansible-action-plugins
• http://docs.ansible.com/ansible/developing.html
@PavelChunyayev
Extending Ansible• Dynamic inventory• Plugins• Modules• Python API
Dynamic inventory
@PavelChunyayev
Dynamic inventory• http://docs.ansible.com/ansible/developing_inventory.html• http://docs.ansible.com/ansible/intro_dynamic_inventory.html
• Just a script that returns JSON dictionary of all the groups• Numerous dynamic inventory scripts: https://
github.com/ansible/ansible/tree/devel/contrib/inventory• AWS, Azure, GCE, Digital Ocean, Docker, Openstack, Jails, Zabbix• VMware, Virtualbox, Nagios, oVirt, Consul, etc.
@PavelChunyayev
More dynamic inventories?• Combining several service providers• SNMP • LDAP• Sentia :)
@PavelChunyayev
Ideas for dynamic inventories generated during meetup• SIDN• CMDB• nmap• DNS (scan to identify inventory)• Network inventory• Ssh host config (from files)• Bonjour / ZeroConf• DHCP server• Racktables (or similar services)
Plugins
@PavelChunyayev
Plugins• http://docs.ansible.com/ansible/developing_plugins.html• https://github.com/ansible/ansible/tree/devel/lib/ansible/plugins
• callback• connection• filter• lookup• strategy
@PavelChunyayev
Callback plugins• React on certain events during
Ansible execution
• Some existing:• OS X say• HipChat• Mail• Syslog JSON• Timer
• More?
• Send logs to ELK• Send metrics to Grafana• Leave audit trails• Slack• IRC
@PavelChunyayev
Ideas for callback plugins generated during meetup• Tags (assign tags based on execution)• Backup (additional step before changing something)• Change output• Nagios (or general notification to monitoring systems)
@PavelChunyayev
Connection plugins• More ways to connect to remote
systems
• Some existing:• Docker• chroot• WinRM• Jail• LXC
• More?
• Someone using anything besides SSH? :)• SNMP• SSH gateway• Multifactor authentication
@PavelChunyayev
Filter plugins• Jinja2 filters to use
• Some existing:• Various sets manipulations (math)• IP addresses manipulations• String manipulations• to / from JSON
• More?
• Test is the string is a valid running AWS EC2 instance• Convert AWS instance id into
instance name (IP, DNS name, etc)
@PavelChunyayev
Ideas for connection plugins generated during meetup• telnet• RADIUS• WebDAV / HTTP• mosh • Serial• IPMI
@PavelChunyayev
Lookup plugins• Constructs like with_items:
• Some interesting existing• consul• dict• dig• etcd• redis• etc.
• More?
• RDBMS• LDAP• DNS (IN SRV)
@PavelChunyayev
Ideas for lookup plugins generated during meetup• Mongo• Monitoring (e.g. top 10 hosts with problems)• ElasticSearch• Netstat (services or routing tables)• Multicast• IPtables / other firewalls• Vnstat• /etc/password (not a generic file lookup)
@PavelChunyayev
Strategy plugins• How to execute tasks in
playbook
• Existing:• Linear• Free
• More?
• Random• Some tasks free, some linear
@PavelChunyayev
Ideas for strategy plugins generated during meetup• One host, one task at a time• Scoring (calculate the sequence based on the score)
Modules
@PavelChunyayev
Modules• http://docs.ansible.com/ansible/developing_modules.html• Reusable units of magic that can be used by the Ansible API, or by the ansible or ansible-playbook programs.
• Reading official modules is a good way to start• Test your module with hacking/test-module script• Create pull request to modules-extra
@PavelChunyayev
Modules?• Deploying your applications• Configuring running applications• Maven (manage artifacts)• Usage of less popular applications• LDAP manipulation / credentials checking• All those AWS services that are not yet covered by modules• Custom backup• Pipelines as code
Ansible API
@PavelChunyayev
Execute Ansible programmatically • Trigger Ansible run or Ansible-playbook from your application!
• React to some events with running Ansible playbook• Get facts about infrastructure directly from an application• Your own Infrastructure as a Service
@PavelChunyayev
Extending Ansible
•Dynamic inventory
•Plugins
•Modules
•Python API
@PavelChunyayev
Takeaways• Ansible is a perfect tool• Easily extendable when needed• Don’t be afraid to extend Ansible• Don’t forget to return code to community
• Participate in Ansible Coder’s Dojo
pavel@levi9.com
Any questions?
Recommended