Does your automation require more or less work? Avi's take is less. That’s why Avi offers zero-code multi-cloud automation for Day 0 and Day 1+. DevOps and IT teams can achieve self-service application and infrastructure resources provisioning (Day 0) without writing custom scripts per app or per cloud. We will walk through how to leverage Ansible and Terraform to automate tasks throughout the lifecycle of an application (Day 1+) using YAML-based declarative configurations.
Learn how to:
- Achieve efficient, repeatable, and automated app provisioning without writing code
- Use Ansible roles and modules or Terraform providers to easily automate common tasks
- Deploy across multi-cloud environments with consistent experience without customizations
- Gain visibility into network topology and app performance
- Apply closed-loop analytics to drive automation
Watch the full webinar: https://info.avinetworks.com/webinars-ansible-and-terraform-recipes
5. • Automation is hard
– Complicated
– Fragile
• Full lifecycle automation
– Day 0
– Day 1+
– Multi-cloud
• Ecosystem integration
– 100% vs. 99% RESTful APIs
– Least amount of friction to
leading platforms integration
Top 3 Challenges
7. Intent-based Application Services
Declare desired outcomes and Avi does the heavy lifting
AVI VANTAGE PLATFORM
Software Load Balancers
Intelligent
Web Application Firewall Elastic Service Mesh
8. BARE METAL VIRTUALIZED CONTAINERSON PREMISES PUBLIC CLOUDVIRTUALIZED CONTAINERS
Avi Vantage Platform
CONTROLLER
SERVICE
ENGINE
SEPARATE CONTROL
& DATA PLANE
ELASTICITY
INTELLIGENCE AUTOMATIONMULTI-CLOUD
9. Automation Operationalizes Digital Transformation
Day 1+
• Use case driven
• Full lifecycle management
• Recurring savings
• Adaptive to changes
Intent-based
Adaptive and learning based
Dynamic & continuous monitoring
Automatically program network, cloud,
and app environments
CLI/Scripting
/Excel
GUI/Workflow/
Tools
API/Orchestration
Framework
Day 0
• Configuration focused
• Self-service provisioning
• One time saving
• Static
10. Poll: Do you plan to use the
following automation tools?
12. Ansible - IT automation and orchestration platform
• Now acquired by Redhat
• It can streamline operations such as:
– Configuration of servers
– Application deployment
– Continuous testing of already installed applications
– Provisioning
– Orchestration
– Automation of tasks
• YAML based configuration which is easy to read and write till one has to use
JinJa!
13. Why Ansible?
• Shell / Perl scripts rock in the beginning – then they turn into a rock!
– Unmanageable and difficult to maintain
– Cannot skip N steps and start shell script from N+1th step
– Does not provide feedback on what has been done and what it is doing!
– Not easy to add option to simply skip some steps
– It does not provide feedback on what steps did not change vs what changed?
– Audit and debug logs
– Need to be a developer!
• Ansible can invoke modular shell scripts - very common practice!
“I can write a shell script to do everything! why not Python?”
14. Terraform - Write, Plan, and Create Infrastructure as Code
• HashiCorp Terraform enables you to safely and predictably create, change, and improve
infrastructure. It is an open source tool that codifies APIs into declarative configuration files that
can be shared amongst team members, treated as code, edited, reviewed, and versioned.
• Like Ansible it can be used for full application automation
• It is declarative by design - Manages dependency of resources implicitly
• HCL based “plans” for infrastructure
16. Poll: What are your top challenges
with automation integration?
17. Avi Ansible Integration Landscape
Avi Controller / SE Roles
avicontroller
(linux server)
avicontroller-csp
avicontroller-azure
avicontroller-vmware
avicontroller-k8s
Avi Ansible modules (Avi within top 50 contributors)
avisdk role - packages all Avi Ansible modules
avise-csp
Ansible Modules (104) - one / REST resource + others
Ansible Utilities
Avi Migration output as Ansible
Avi Config (JSON) to Ansible Converter
aviconfig role - Declarative Model
Avi Ansible Examples - Devops Github
Avi Docker Role
18. Avi Ansible Special Modules in addition to the REST modules
• avi_api_session: Proxy to any AVI API
• avi_useraccount: Module to change password on controller
• avi_gslb_service_patch_member: Helper moule to do smart deep level PATCH
not possible via API
• avi_api_version (PaddyPower): Fetch controller version
• avi_api_file_service: Fetch and upload files to Avi Controller: supports check
mode and idempotency
19. Avi Terraform Integration
https://github.com/avinetworks/terraform-provider-avi
• Full featured Avi Terraform provider
• Resources: CRUD for Avi REST resources.
• Data Sources: Expose Read-only Avi REST resources.
• Import Avi REST resources
• Special handling for System objects that are not created by Terraform but can
still be managed via Avi provider
20. Goal – Path to Zero Code Application Automation
Automation with different levels of abstraction based on your preference
API SDK
JSON
Swagger Spec
Python
Go, etc.
Ansible
Modules
Ansible
Role
Playbook as Code
Custom, in-house orchestration
(Dev teams)
Focus on automation, not code
(DevOps, ITOps, NetOps)
Terraform Provider
ZeroCode
YAM / HCL
Config
22. Avi Ansible Modules - Proxy+ to REST API
check mode, idempotent, single connection to Avi Controller across tasks...
Avi Module Common Params
● name- Name of the object
● tenant- Tenant context for operation
● tenant_ref- tenant of object
● avi_credentials- API credentials
● state- present or absent
● cloud_ref- Reference to cloud when using non
default cloud
● api_context- re-use existing login CSRFToken and
sessionid
● avi_api_update_method- PUT vs PATCH
● avi_api_patch_op: Patch operation
● Mostly Auto-generated
● Documentation at Ansible
---
- hosts: localhost
connection: local
vars:
avi_credentials:
controller: "{{ controller }}"
username: admin
password: "{{ password }}"
api_version: 17.2.1
tenant: admin
tasks:
- name: Avi Pool
avi_pool:
name: test-pool
avi_credentials: "{{avi_credentials}}"
state: "{{ state | default('present')}}"
health_monitor_refs:
- '/api/healthmonitor?name=System-HTTP'
25. Demo #2
1. Create a new avi_config.yml
2. Perform deployment using Ansible
3. Confirm Deployment is successful
4. There should not be any change reported for second run