Ansible Advanced Oleg Fiksel Security Consultant @ CSPI GmbH - PowerPoint PPT Presentation

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND M ODULE INSIGHTS Most work in ansible is handled by modules 1 . ◮ connection modules ◮ connect to machines ◮ lookup modules ◮ give data ◮ filter modules ◮ transform data ◮ callback modules ◮ register events that happen when tasks are executed ◮ task modules ◮ self contained script 1 Ansible - Developing Plugins

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND M ODULE INSIGHTS Most work in ansible is handled by modules 1 . ◮ connection modules ◮ connect to machines ◮ lookup modules ◮ give data ◮ filter modules ◮ transform data ◮ callback modules ◮ register events that happen when tasks are executed ◮ task modules ◮ self contained script ◮ any programming language (core modules - python only) 1 Ansible - Developing Plugins

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND M ODULE INSIGHTS Most work in ansible is handled by modules 1 . ◮ connection modules ◮ connect to machines ◮ lookup modules ◮ give data ◮ filter modules ◮ transform data ◮ callback modules ◮ register events that happen when tasks are executed ◮ task modules ◮ self contained script ◮ any programming language (core modules - python only) ◮ do the heavy lifting 1 Ansible - Developing Plugins

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND M ODULE INSIGHTS Most work in ansible is handled by modules 1 . ◮ connection modules ◮ connect to machines ◮ lookup modules ◮ give data ◮ filter modules ◮ transform data ◮ callback modules ◮ register events that happen when tasks are executed ◮ task modules ◮ self contained script ◮ any programming language (core modules - python only) ◮ do the heavy lifting ◮ copied to the target machine 1 Ansible - Developing Plugins

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND M ODULE INSIGHTS Most work in ansible is handled by modules 1 . ◮ connection modules ◮ connect to machines ◮ lookup modules ◮ give data ◮ filter modules ◮ transform data ◮ callback modules ◮ register events that happen when tasks are executed ◮ task modules ◮ self contained script ◮ any programming language (core modules - python only) ◮ do the heavy lifting ◮ copied to the target machine ◮ executed with (json) input 1 Ansible - Developing Plugins

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND M ODULE INSIGHTS Most work in ansible is handled by modules 1 . ◮ connection modules ◮ connect to machines ◮ lookup modules ◮ give data ◮ filter modules ◮ transform data ◮ callback modules ◮ register events that happen when tasks are executed ◮ task modules ◮ self contained script ◮ any programming language (core modules - python only) ◮ do the heavy lifting ◮ copied to the target machine ◮ executed with (json) input ◮ (json) output is registered 1 Ansible - Developing Plugins

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND P LAYBOOKS IN DEEP

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND T AGS

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND T AGS 1 # main.yml 2 --- 3 − hosts: webservers gather_facts: false 4 tasks: 5 - package: 6 name: "lighttpd" 7 s t a t e : i n s t a l l e d 8 tags: 9 - packages 10 - template: 11 src: "template/lighttpd.j2" 12 dest: "/etc/lighttpd/lighttpd.conf" 13 tags: 14 - configuration 15

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND T AGS 1 # main.yml 2 --- 3 − hosts: webservers gather_facts: false 4 tasks: 5 - package: 6 name: "lighttpd" 7 s t a t e : i n s t a l l e d 8 tags: 9 - packages 10 - template: 11 src: "template/lighttpd.j2" 12 dest: "/etc/lighttpd/lighttpd.conf" 13 tags: 14 - configuration 15 Run: ansible − playbook main . yml − − tags packages ansible − playbook main . yml − − skip − tags configuration 1 More details: Ansible - Playbook Tags

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND C USTOM ACTIONS

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND C USTOM ACTIONS 1 --- 2 − include_vars: "includes/{{ ansible_os_family }}.yml" 3 − name: "remove the apache package" action: "{{custom_package_mgr}} name={{apache}} state=absent" 4

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND I NTERACTION

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND COMMANDLINE / FILE

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND COMMANDLINE / FILE ansible − playbook − e ’ apache_hostname=example . com’ deploy . yml ansible − playbook − − extra − vars " @vars . json " deploy . yml 1 # vars . json 2 { " apache_hostname " : " example . com" }

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND P ROMPTS AND P AUSE 1 Ansible - Playbook Prompts 2 Ansible - Pause Module

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND P ROMPTS AND P AUSE 1 --- 2 − hosts: localhost gather_facts: false 3 vars_prompt: 4 - name: "name" 5 prompt: "What is your name?" 6 private: no 7 - name: "location" 8 prompt: "What is you location?" 9 private: no 10 tasks: 11 - debug: 12 msg: "{{name}}, let me think for a moment..." 13 - pause: 14 seconds: 10 15 - debug: 16 msg: "Let me guess, you are now at {{location}}?" 17 1 Ansible - Playbook Prompts 2 Ansible - Pause Module

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND P LAYBOOK AS AN EXECUTABLE 1Example from: Ansible Webinar - Tips and Tricks by Brian Coca

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND P LAYBOOK AS AN EXECUTABLE Use Shebang to run ansible as an executable. 1 #!/usr/bin/ansible-playbook 2 --- 3 − hosts: a l l gather_facts: false 4 5 # sudo: true v a r s _ f i l e s : 6 - departed_users . yml 7 tasks: 8 - name: Delete departed users and a l l i t ’s files 9 user: name={{ item } } s t a t e =absent remove=yes 10 with_items: "{{departed}}" 11 1Example from: Ansible Webinar - Tips and Tricks by Brian Coca

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND P LAYBOOK AS AN EXECUTABLE Use Shebang to run ansible as an executable. 1 #!/usr/bin/ansible-playbook 2 --- 3 − hosts: a l l gather_facts: false 4 5 # sudo: true v a r s _ f i l e s : 6 - departed_users . yml 7 tasks: 8 - name: Delete departed users and a l l i t ’s files 9 user: name={{ item } } s t a t e =absent remove=yes 10 with_items: "{{departed}}" 11 1 # departed_users.yml 2 --- 3 − departed: [ "toor" , "admin" ] 1Example from: Ansible Webinar - Tips and Tricks by Brian Coca

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND P LAYBOOK AS AN EXECUTABLE Use Shebang to run ansible as an executable. 1 #!/usr/bin/ansible-playbook 2 --- 3 − hosts: a l l gather_facts: false 4 5 # sudo: true v a r s _ f i l e s : 6 - departed_users . yml 7 tasks: 8 - name: Delete departed users and a l l i t ’s files 9 user: name={{ item } } s t a t e =absent remove=yes 10 with_items: "{{departed}}" 11 1 # departed_users.yml 2 --- 3 − departed: [ "toor" , "admin" ] ./ delete_departed_users . yml − i . . / inventory − l host1 1Example from: Ansible Webinar - Tips and Tricks by Brian Coca

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D ELEGATION

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D ELEGATION 1 --- 2 − name: shush nagios before deployment nagios: 3 action: s i l e n c e 4 host: "{{inventory_hostname}}" 5 delegate_to: "{{nagios_host}}" 6 7 . . . deployment 8 9 10 − name: unshush nagios a f t e r deployment nagios: 11 action: unsilence 12 host: "{{inventory_hostname}}" 13 delegate_to: "{{nagios_host}}" 14

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND L OOKUPS

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND L OOKUPS 1/4 Lookups are executed on ansible controller.

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND L OOKUPS 1/4 Lookups are executed on ansible controller. Probably most well known lookup is: 1 --- 2 − name: add ssh key authorized_key: 3 user: root 4 key: "{{ lookup(’file’, ’~/.ssh/id_rsa.pub’) }}" 5

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND L OOKUPS 2/4 You can use lookups for other weird things too:

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND L OOKUPS 2/4 You can use lookups for other weird things too: 1 --- 2 − hosts: localhost gather_facts: false 3 tasks: 4 - name: random number ( using lookup ) 5 debug: 6 msg: "Random number {{ lookup(’pipe’, ’perl -e " print i n t ( 7 rand (100) ) "’) }}"

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND L OOKUPS 3/4 Or just use build-in function:

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND L OOKUPS 3/4 Or just use build-in function: 1 --- 2 − hosts: localhost gather_facts: false 3 tasks: 4 - name: ansible native random number 5 debug: 6 msg: "{{100 | random}}" 7

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND L OOKUPS 4/4 Lookups list (incomplete): ◮ pipe ◮ redis_kv ◮ template ◮ etcd ◮ dig (DNS) ◮ csvfile ◮ ini ◮ . . .

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND F ILTERS

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND F ILTERS Filters manipulate data and are executed on the ansible controller. More information: ◮ http://docs.ansible.com/ansible/playbooks_filters.html ◮ http://jinja.pocoo.org/docs/dev/templates/#builtin-filters

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND E XAMPLE 1 Not all filters are dependency-free. IP address validation needs python-netaddr. 1 --- 2 − hosts: localhost gather_facts: no 3 tasks: 4 - debug: msg={{ ip | ipv4 } } 5

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND E XAMPLE 2 1 --- 2 − hosts: localhost gather_facts: false 3 tasks: 4 - debug: 5 msg: "{{ ’ansible’ | regex_replace(’^a.*i(.*)$’, ’a\\1’) }}" 6 Produces: “able”

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND V ARIABLE VALIDATION

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND V ARIABLE VALIDATION 1 --- 2 − hosts: a l l gather_facts: no 3 tasks: 4 - debug: msg={{ hostname | mandatory } } 5 - debug: msg={{ ip | mandatory } } 6 . . . 7

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND I NCLUDES AND R OLES

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND I NCLUDES

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND I NCLUDES 1 --- 2 − servers: a l l tasks: 3 - include: set_mysql_password . yml mysql_user=root mysql_pass 4 ={{ var_mysql_pass } } . . . 5

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND R OLES

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND R OLES 1 # sample r o l e s t r u c t u r e 2 roles/ common/ 3 f i l e s / 4 templates/ 5 tasks/ 6 handlers/ 7 vars/ 8 defaults/ 9 meta/ 10

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND I NCLUDES V . S . R OLES When use includes and when roles?

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND I NCLUDES V . S . R OLES When use includes and when roles? ◮ includes for small code pieces ◮ if you have files/templates/handlers - use roles

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND V ERBOSITY AND ERROR HANDLING

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND IGNORE _ ERRORS Continue running the task disregarding an error. 1 --- 2 − name: mysql root password mysql_user: name=root password ={{ db_root_password } } 3 ignore_errors: true 4

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND ASSERT 1 --- 2 − hosts: localhost gather_facts: false 3 vars_prompt: 4 - name: "name" 5 prompt: "What is your name?" 6 # show input contents 7 private: no 8 tasks: 9 - name: Very secure user validation 10 as s e r t : 11 that: "name == ’Oleg’" 12

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND FAIL 1 --- 2 − hosts: localhost gather_facts: false 3 vars_prompt: 4 - name: "name" 5 prompt: "What is your name?" 6 # show input contents 7 private: no 8 tasks: 9 - name: Very secure user validation 10 f a i l : 11 msg: "You are not allowed to run this playbook, {{name}}!" 12 when: "name != ’Oleg’" 13

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND W HAT ’ S NEW IN A NSIBLE 2.0 1 Details: Ansible 2.0 Release Notes

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND W HAT ’ S NEW IN A NSIBLE 2.0 ◮ Task Blocks 1 Details: Ansible 2.0 Release Notes

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND W HAT ’ S NEW IN A NSIBLE 2.0 ◮ Task Blocks ◮ Playbook parsing and Error Reporting improvements 1 Details: Ansible 2.0 Release Notes

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND W HAT ’ S NEW IN A NSIBLE 2.0 ◮ Task Blocks ◮ Playbook parsing and Error Reporting improvements ◮ Syntax error shows the exact place in a playbook and gives sugestions 1 Details: Ansible 2.0 Release Notes

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND W HAT ’ S NEW IN A NSIBLE 2.0 ◮ Task Blocks ◮ Playbook parsing and Error Reporting improvements ◮ Syntax error shows the exact place in a playbook and gives sugestions ◮ No more escaping of escapings needed (\\\\) 1 Details: Ansible 2.0 Release Notes

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND W HAT ’ S NEW IN A NSIBLE 2.0 ◮ Task Blocks ◮ Playbook parsing and Error Reporting improvements ◮ Syntax error shows the exact place in a playbook and gives sugestions ◮ No more escaping of escapings needed (\\\\) ◮ Dynamic Includes 1 Details: Ansible 2.0 Release Notes

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND W HAT ’ S NEW IN A NSIBLE 2.0 ◮ Task Blocks ◮ Playbook parsing and Error Reporting improvements ◮ Syntax error shows the exact place in a playbook and gives sugestions ◮ No more escaping of escapings needed (\\\\) ◮ Dynamic Includes ◮ Execution Strategy Plugins 1 Details: Ansible 2.0 Release Notes

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND T ASK B LOCKS - B ASIC E XAMPLE

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND T ASK B LOCKS - B ASIC E XAMPLE 1 tasks: - block: 2 - debug: msg= ’i execute normally’ 3 - command: /bin/ false 4 - debug: msg= ’i never execute, cause ERROR!’ 5 rescue: 6 - debug: msg= ’I caught an error’ 7 - command: /bin/ false 8 - debug: msg= ’I also never execute :-(’ 9 always: 10 - debug: msg= "this always executes" 11

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND T ASK B LOCKS - A DVANCED E XAMPLE 1 --- 2 − hosts: a l l 3 s e r i a l : 1 4 vars: 5 - debug: false 6 - packages: [ git , lighttpd ] 7 tasks: 8 - block: 9 - name: i n s t a l l packages 10 package: name= "{{item}}" s t a t e = i n s t a l l e d 11 with_items: 12 - "{{packages}}" 13 r e g i s t e r : packages_state 14 - debug: msg= "{{packages_state}}" 15 when: "debug == true" 16 - name: copy lighttpd config f i l e 17 template: 18 src: "lighttpd.conf.j2" 19 dest: "/etc/lighttpd/conf-enabled/00-test.conf" 20 - name: r e s t a r t lighttpd 21 service: name= "lighttpd" s t a t e =restarted 22 rescue: 23 - name: remove l i g h t t p config f i l e 24 f i l e : 25 dest: "/etc/lighttpd/conf-enabled/00-test.conf" 26 s t a t e : absent 27 - name: remove i n s t a l l e d packages 28 package: name= "{{item}}" s t a t e =absent purge= true 29 with_items: 30 - "{{packages}}" 31 when: "packages_state[’changed’] == true" 32 - f a i l :

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D YNAMIC INCLUDES 1 Porting guide to ansible 2.0

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D YNAMIC INCLUDES ◮ Before ansible 2.0 includes were preprocessed (once at start-time) 1 Porting guide to ansible 2.0

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D YNAMIC INCLUDES ◮ Before ansible 2.0 includes were preprocessed (once at start-time) ◮ From ansible 2.0 on includes are dynamically evaluated in runtime 1 Porting guide to ansible 2.0

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D YNAMIC INCLUDES ◮ Before ansible 2.0 includes were preprocessed (once at start-time) ◮ From ansible 2.0 on includes are dynamically evaluated in runtime ◮ The fact that your plabook from ansible < 2.0 is parsed correctly in ansible 2.0 doesn’t mean it will behave the same way 1 Porting guide to ansible 2.0

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D YNAMIC INCLUDES ◮ Before ansible 2.0 includes were preprocessed (once at start-time) ◮ From ansible 2.0 on includes are dynamically evaluated in runtime ◮ The fact that your plabook from ansible < 2.0 is parsed correctly in ansible 2.0 doesn’t mean it will behave the same way ◮ Examples: 1 Porting guide to ansible 2.0

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D YNAMIC INCLUDES ◮ Before ansible 2.0 includes were preprocessed (once at start-time) ◮ From ansible 2.0 on includes are dynamically evaluated in runtime ◮ The fact that your plabook from ansible < 2.0 is parsed correctly in ansible 2.0 doesn’t mean it will behave the same way ◮ Examples: ◮ − include: "{{ ansible_os_family }}.yml" 1 Porting guide to ansible 2.0

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND D YNAMIC INCLUDES ◮ Before ansible 2.0 includes were preprocessed (once at start-time) ◮ From ansible 2.0 on includes are dynamically evaluated in runtime ◮ The fact that your plabook from ansible < 2.0 is parsed correctly in ansible 2.0 doesn’t mean it will behave the same way ◮ Examples: ◮ − include: "{{ ansible_os_family }}.yml" ◮ − include_vars: "{{ ansible_os_family }}.yml" 1 Porting guide to ansible 2.0

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND E XECUTION STRATEGIES

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND E XECUTION STRATEGIES Sice ansible 2.0 execution strategies are plugins.

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND E XECUTION STRATEGIES 1/3 strategy: linear (default) host2 host1 task1=1sec task1=5sec task2=5sec task2=9sec

A BOUT I NTRODUCTION P LAYBOOKS IN DEEP W HAT ’ S NEW Amazon AWS Upcoming topics E ND E XECUTION STRATEGIES 2/3 strategy: linear strategy: free (default) host2 host1 host2 host1 task1=1sec task1=1sec task1=5sec task1=5sec t1=5sec task2=9sec task2=5sec task2=5sec t1=5sec task2=9sec