AUTOMATING THEENTERPRISE with ANSIBLE

Chris SaundersSr. Cloud Solutions Architect

Automation is impacting every aspect of life and is undergoing a shift from

discrete, disconnected to holistic and integrated

NAVIGATION SYSTEMSTell us where to turn

REAR CAMERASGuide us to places we can’t easily see

BACKUP SENSORSAlert us when to stop

BUT THIS IS WHAT WE REALLY WANTSystems that don’t just talk to us,

but talk to each otherPhoto via Volvo

EVEN MORE INTERESTING

Systems of self-driving cars

Photo via Google

TODAY’S IT ARCHITECTURES are rapidly changing and business demands infinite flexibility.

LINE OF BUSINESS

DEVELOPERS

IT OPERATIONS

CEO

IT OPERATIONS BEARS THE BURDEN

DYNAMIC ENVIRONMENTS DEMAND NEW MANAGEMENT TOOLS

GOVERNANCE, RISK, COMPLIANCEAN

ALYTICS, OPTIM

IZATION

AWSAZURE GCPOPENSTACK

ORCHESTRATION & AUTOMATION

RHV

SELF-SERVICE PORTALS, SERVICE CATALOGS, DASHBOARDS

FIN

ANCI

AL M

ANAG

EMEN

T

PUBLIC CLOUDPRIVATE CLOUD

VSPHERESCVMM

No matter where you are on your path to digital transformation, you can make an impact with automation.

How are you thinking about management?

What is your automation strategy?

SERVERS CLOUD NETWORK

APPS

CONTAINERS

AUTOMATION IN ENTERPRISE IT TODAY

AUTOMATED SILOS ARE

SILOS

STILL

AUTOMATION IN ENTERPRISE IT TODAY

Milind Govekar, Research VP Gartner

“Most current use of automation in IT involves scripting. Scripts are more fragile than agile. What you end up with is

disconnected islands of automationwith spaghetti code throughout the organization when what you need is a systematic, enterprise-wide lasagne.”

ReferenceSmarter with Gartner: Automation: The Next Frontier for IT May 18, 2016 Contributor Susan Moore http://www.gartner.com/smarterwithgartner/automation-the-next-frontier-for-it-2/

AUTOMATESORGANIZATIONS

Isolated scripts

AUTOMATES FUNCTIONS

Integratedautomation

Ansible solves these problems where no other technology has been able to do so.

SIMPLE AGENTLESS EXTENSIBLE

DEV QA/SECURITY IT OPERATIONSBUSINESS

ANSIBLE IS THE UNIVERSAL LANGUAGE

CLOUD VIRT & CONTAINER WINDOWS NETWORK CHAT MONITORING

ANSIBLE AUTOMATES TECHNOLOGIES YOU USE1000+ INTEGRATIONS

AWSAzureCenturyLinkDigital OceanDockerGoogleOpenStackRackspace+more

DockerVMwareRHEVOpenStackOpenShiftAtomicCloudStack+more

ACLsFilesPackagesIISRegeditsSharesServicesConfigsUsersDomains+more

AristaA10CumulusBigswitchCiscoCumulusDellF5JuniperPalo AltoOpenSwitch+more

HipChatIRCJabberEmailRocketchatSendgridSlackTwilio+more

AirbrakeBigPandaDatadogLogicMonitorMonitNagiosNew RelicPagerDutySensuStackDriverZabbix+more

20 CONFIDENTIAL

WHAT CAN I DO WITH ANSIBLE?

Automate the deployment and management of your entire IT footprint.

Orchestration

Do this...

Firewalls

Configuration Management

Application Deployment Provisioning Continuous

DeliverySecurity and Compliance

On these...

Load Balancers Applications Containers Clouds

Servers Infrastructure Storage And more...Network Devices

21 CONFIDENTIAL

CROSS PLATFORM

Agentless support for all major OS variants, physical, virtual, cloud and network devices.

HUMAN READABLE

Perfectly describe and document every aspect of your application environment.

PERFECT DESCRIPTION OF APPLICATION

Every change can be made by Playbooks, ensuring everyone is on the same page.

VERSION CONTROLLED

Playbooks are plain-text. Treat them like code in your existing version control.

DYNAMIC INVENTORIES

Capture all the servers 100% of the time, regardless of infrastructure, location, etc.

ORCHESTRATION PLAYS WELL WITH OTHERS

Every change can be made by Playbooks, ensuring everyone is on the same page.

THE ANSIBLE WAY

22 CONFIDENTIAL

WHAT IS ANSIBLE AUTOMATION?

---- name: install and start apache hosts: all vars: http_port: 80 max_clients: 200 remote_user: root

tasks: - name: install httpd yum: pkg=httpd state=latest

- name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf

- name: start httpd service: name=httpd state=started

[user@hostname: $] ansible-playbook -i inventory playbook.yml

PLAY [install and start apache] ***********************************

TASK [Gathering Facts] ********************************************

ok: [webserver.local]

TASK [install httpd] **********************************************

changed: [webserver.local]

TASK [write the apache config file] ********************************

changed: [webserver.local]

TASK [start httpd] *************************************************

changed: [webserver.local]

PLAY RECAP *********************************************************

webserver.local : ok=4 changed=3 unreachable=0 failed=0

Ansible Tower is an enterprise framework for controlling, securing and managing your Ansible automation with a UI and RESTful API.

Ansible is an open source community project sponsored by Red Hat. It’s a simple automation language that can perfectly describe IT application environments in Ansible Playbooks.

23 CONFIDENTIAL

HOW ANSIBLE WORKS

USERS

ANSIBLE PLAYBOOK

ANSIBLE’S AUTOMATION ENGINE

HOSTS

NETWORK DEVICES

PLUGINS

API

MODULES

PUBLIC / PRIVATECLOUD

INVENTORY

CMDB PUBLIC / PRIVATE

CLOUD

24 CONFIDENTIAL

PLAYBOOK EXAMPLE---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: httpd package is present

yum:

name: httpd

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/

- name: httpd is started

service:

name: httpd

state: started

---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: httpd package is present

yum:

name: httpd

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/

- name: httpd is started

service:

name: httpd

state: started

---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: httpd package is present

yum:

name: httpd

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/

- name: httpd is started

service:

name: httpd

state: started

---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: httpd package is present

yum:

name: httpd

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/

- name: httpd is started

service:

name: httpd

state: started

---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: httpd package is present

yum:

name: httpd

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/

- name: httpd is started

service:

name: httpd

state: started

---

- name: install and start apache

hosts: web

become: yes

vars:

http_port: 80

tasks:

- name: httpd package is present

yum:

name: httpd

state: latest

- name: latest index.html file is present

copy:

src: files/index.html

dest: /var/www/html/

- name: httpd is started

service:

name: httpd

state: started

25 CONFIDENTIAL

RED HAT ANSIBLE TOWER

RED HAT ANSIBLE ENGINE

Scale + operationalize your automation

Support for your Ansible automation

CONTROL KNOWLEDGE DELEGATION

SIMPLE POWERFUL AGENTLESS

FUELED BY AN INNOVATIVE OPEN SOURCE COMMUNITY

26 CONFIDENTIAL

USE CASES

USERS

ANSIBLEPYTHON CODEBASE

OPEN SOURCE MODULE LIBRARY

PLUGINS

CLOUDAWS,GOOGLE CLOUD,AZURE …

INFRASTRUCTURELINUX,WINDOWS,UNIX …

NETWORKSARISTA, CISCO, JUNIPER …

CONTAINERSDOCKER, LXC …

SERVICESDATABASES, LOGGING,SOURCE CONTROL MANAGEMENT…

TRANSPORT

SSH, WINRM, ETC.

AUTOMATEYOUR

ENTERPRISE

ADMINS

ANSIBLE CLI & CI SYSTEMS

ANSIBLE PLAYBOOKS

….

ANSIBLETOWER

SIMPLE USER INTERFACE TOWER API

ROLE-BASEDACCESS CONTROL

KNOWLEDGE& VISIBILITY

SCHEDULED &CENTRALIZED JOBS

CONFIGURATIONMANAGEMENT

APP DEPLOYMENT

CONTINUOUSDELIVERY

SECURITY &COMPLIANCE

ORCHESTRATIONPROVISIONING

Only respects security in place at host user level

No abstraction of remote host or cloud credentials from user

No guarantee of execution parameters or integrity of Playbook as designed by the team

Creates an isolated runtime environment to control execution of Ansible

Abstracts security credentials and specifics from end user

Guarantees execution parameters as designed for the playbook

Ansible solves the problem of automating and orchestrating

Does not address bigger picture security/compliance

Tower spotlights security considerations and provides predictability

Role-based access control and secure credential storage

API integrations, accountability and execution history

DEMO

30 CONFIDENTIAL

Have you used Ansible already? Try Tower for free: ansible.com/tower-trial

Would you like to learn Ansible? It’s easy to get started: ansible.com/get-started

Want to learn more?

Videos, webinars, case studies, whitepapers: ansible.com/resources

GETTING STARTED

THANK YOUplus.google.com/+RedHat

linkedin.com/company/red-hat

youtube.com/user/RedHatVideos

facebook.com/redhatinc

twitter.com/RedHatNews