call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Automating Yourself Out of Trouble
1. Automate yourself out of trouble
with Ansible
How we use Ansible at Dell EMC
Jose Delarosa / Sambhu Kalaga
Dell EMC
May 8th, 2019
2. Who are we
• Jose Delarosa
- Software Engineer
- Infrastructure solutions team
• Sambhu Kalaga
- Software Engineer
- OpenStack solutions team
3. Before we begin
1. Thank you for attending!
2. Please ask questions anytime
3. If time runs out, happy to talk to you afterwards
4. Why are we here today?
1. These days, automation is a necessity, not a luxury.
2. Ansible is a great tool for automation!
3. Dell EMC is active in the Ansible community and we
want to share with you some of the work we’ve done.
5. Agenda
1. Brief overview of Ansible
2. How Dell EMC uses Ansible
• Network switch configuration
• OpenStack configuration
• Out-of-band server management
• OpenShift deployment
3. Conclusion
7. Ansible in a nutshell
1. Agentless, no DB backend Minimum footprint
2. Remote tasks are run in parallel Fast & efficient
3. Only do things if needed Idempotent
4. Easy to learn and use Reduced learning curve
8. Some use cases for automation
OpenStack
• Compute nodes
• Storage nodes
• Controller nodes Container Management
• Stop & remove containers
• Refresh container images
• Deploy new containers
1-to-n management
Executes tasks in parallel
IT Security Hardening
• Firewall rules
• Remove unused packages
• Install security updates
9. Ansible components
Task: A Task is the smallest unit of work: “install a package” or “remove a user”.
Play: A Play is composed of tasks: The Play “prepare database” is composed of two
Tasks:
Task 1: Create database
Task 2: Give users access to database
Playbook: A Playbook is a collection of plays: The playbook “Setup my application” has
two Plays: 1) “prepare database” and 2) “prepare web server”.
Playbook: Setup my web application
Play 1: Setup database
Task 1:
Install mysql
package
Task 2:
Create database
customer_db
Play 2: Setup web server
Task 1:
Install httpd
package
Task 2:
Configure
site for TLS
10. Example
Say you provision 100 servers every
day and you run these commands
in each server:
The same
commands can be
placed in an Ansible
playbook and
executed in 100
servers.
daily_tasks.yml
$ ansible-playbook daily_tasks.yml
11. Ansible module
• An Ansible module is the code that implements all
the commands specified in playbooks.
• Modules can be written in any language, but most
popular is Python.
• If you are a system administrator, you will work
mostly with playbooks.
• If you are a developer, you will work mostly with
modules.
12. Ansible Template
Sample VLAN template –Dell EMC OS10 NOS
Template: A template is a file in
Ansible which is used to dynamically
create configurations using the
values from a variable file.
13. Ansible Roles
• Role: Dell EMC Networking modules are packaged
and distributed through Ansible-galaxy. These pre-
packaged units are known as roles. Ansible roles
have specific file structure and are easily shared
with other users. Roles help separate configuration
syntax from data.
Sample file structure:
31. Out-of-Band management
1. Server management independent of the operating system.
2. Provided by an embedded chip with its own Ethernet port.
3. Goes by many names: iDRAC, iLO, IMM, but commonly referred to as
BMC (Baseboard Management Controller).
4. Capabilities include:
Component inventory
Hardware failure detection & alerting
Power management
BIOS configuration
32. Communicating with the BMC
1. There are several legacy protocols that can be used: IPMI, WS-MAN,
racadm, etc. but these are not secure, hard to use, proprietary and
not very scalable.
2. Redfish addresses all these short-comings! It is the best method to
communicate with the BMC:
Open source
RESTful interface
Secure
Scalable
3. A Redfish request is sent as an URI, so a client could be any
application on a server, workstation or mobile device.
33. Ansible modules for Redfish
1. Dell created and merged upstream 3 modules for Redfish.
2. Everything you need to manage your servers:
• redfish_facts: status, hardware inventory, etc.
• redfish_command: power management, user management, etc.
• redfish_config: BIOS attributes, boot mode, etc.
3. Vendor-neutral, with ongoing contributions from developers
at the DMTF, Dell, HP, Lenovo and others.
4. Use these modules to manage your heterogeneous server
infrastructure from one Ansible controller.
34. Server management made easy
Management
Network
https://<BMC-IP>/redfish/v1/Systems/Systems.Embedded.1
{
Health OK
HealthRollup OK
}
1
2
35. Server management made really easy
Management
Network
{
Health OK
HealthRollup OK
}
1
2
Module: redfish_facts
Category: Systems
Command: GetSystemInventory
Module: redfish_config
Category: Systems
Command: SetBiosAttributes
Playbook Playbook
44. Reference Architecture for OpenShift
1. Deployment was 95% automated with Ansible
2. Used Ansible to automate:
Switch configuration (VLT, VLANs, LACP)
Server BIOS configuration
OS Provisioning via iPXE
OpenShift deployment: master, infrastructure, application &
storage nodes
GlusterFS pool
46. Reference Architecture for OpenShift
1. Download OpenShift RA here.
2. Roles and playbooks available here.
3. Future Reference Architectures between Dell and
Red Hat will continue to leverage Ansible.
48. Conclusion
1. These are just a few examples of how we use Ansible.
2. Code contributions are welcome!
3. Want feedback on what you’d like to see automated