foolproof ansible playbooks with molecule
play

Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1 - PowerPoint PPT Presentation

Mar 26, 2024 •556 likes •831 views

Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1 Nathaniel Beckstead Automation extraordinaire Never enough infrastructure Favorite ice cream flavor is mint chocolate chip 2 Ansible 3 Ansible

  1. Foolproof Ansible Playbooks with Molecule Nathaniel Beckstead 1

  2. Nathaniel Beckstead Automation ● extraordinaire Never enough ● infrastructure Favorite ice cream ● flavor is mint chocolate chip 2

  3. Ansible 3

  4. Ansible Configuration management ● Manage servers ○ Connect over SSH/WinRM ■ Deploy applications ○ Configure services ○ Executes tasks ● Make user ○ Start service ○ Download a file ○ …. ○ Written in Python ● 4

  5. YAML Ain't Markup Language Data serialization format ● JSON ○ XML ○ Common configuration file format ● 5

  6. Ansible Inventory Set of hosts Ansible has access to ● INI format ● Groups ● Variables ● Host Variables ● IP, Hostname ○ SSH User, Password/Keyfile ○ 6

  7. Ansible Tasks ● Execute single action ○ ex. Install package ○ Roles ● List of tasks ○ Reusable ○ Ex. Install and configure NGINX ○ Connects variables, files, templates ○ Playbooks ● Connect roles to hosts ○ 7

  8. Testing 8

  9. Test Automation Reliable ● Simultaneous ● Test same change on different OS’s, devices, ○ browsers, etc in parallel Reduce time and effort ● Available 24/7 ○ 9

  10. Testing Ansible Playbooks “Can’t you just run the playbook to test it?” - Anonymous Challenge: Ansible requires infrastructure Create base test server ● Setup access ○ Configure the test Ansible inventory ○ Run ansible-playbook commands ● Check for expected behavior ● Reset to snapshot ● 10

  11. Molecule Aids in the development and testing of Ansible roles. Created by Metacloud ● OpenStack-based on-prem private cloud ○ Bought by Cisco ○ GitHub full of tools for Ansible and OpenStack ○ https://github.com/metacloud/molecule 11

  12. Molecule - Init Role pip install molecule docker-py molecule init role -r myapp --verifier-name goss 12

  13. Molecule - Init Role Creates initial Ansible files and Molecule configuration ● *Can test an existing role with init scenario 13

  14. Molecule Test ● Style and syntax ○ That it actually works ○ Idempotence ○ On Varying ● Operating Systems ○ Distributions ○ Virtualization Providers ○ Testing Frameworks ○ 14

  15. Molecule - Lint Yamllint ● All YAML files ○ Flake8 ● Testinfra ○ PEP 8 ○ Ansible-lint ● Ansible playbooks ○ Strict by default ● Warnings (trailing whitespace) will stop testing ○ Set rules to ignore ○ Create the best playbooks possible ● 15

  16. Molecule - Destroy Destroy any preexisting containers used by Molecule ● 16

  17. Molecule - Dependency Pull in other roles ● Support for Ansible Galaxy, Gilt, or shell commands ● 17

  18. Molecule - Syntax Have Ansible natively check for syntax errors ● 18

  19. Molecule - Create Supports multiple providers (called Drivers ) ● Docker, Azure, EC2, GCE, Vagrant ○ Actual creation done by the Provisioner (Ansible) ● Creates Instances ● 19

  20. Molecule - Prepare Get the instance to a state you want before converging ● Base enterprise configuration ● 20

  21. Molecule - Converge Run the role being tested on all instances ● Runs like a normal playbook ● 21

  22. Molecule - Idempotence “An operation is idempotent if the result of performing it once is exactly the ● same as the result of performing it repeatedly without any intervening actions.” - Ansible Docs Check that there are no unexpected changes when running a playbook ● multiple times If no tasks are marked as changed, role is considered idempotent by ● Molecule 22

  23. Molecule - Side-Effect “Post-Tasks” to test operability of installed services ● Test situations like high availability failover ● Disabled by default ● 23

  24. Molecule - Verify Test the actual server state after ● configuration Supports multiple verifiers ● Testinfra ○ Python ■ Goss ○ YAML ■ Inspec (Chef) ○ 24

  25. Molecule - Destroy Destroy any containers used by Molecule ● Use molecule test --destroy never to keep instance up ● Debugging ○ 25

  26. Demo 26

  27. Resources 1. Ansible Hacknight Presented by Sean Newman 10/29 7-11pm Seclab a. 2. Ansible Crash Course Shoutout to Duc for starring this on GitHub a. b. https://github.com/blacksaildivision/ansible-tutorial 3. Molecule GitHub Repo a. https://github.com/metacloud/molecule 4. The Wizard: Ansible, Molecule and Test Driven Development a. https://blog.octo.com/en/the-wizard-ansible-molecule-and-test-driven-development/ 5. Digital Ocean Tutorial a. https://www.digitalocean.com/community/tutorials/how-to-test-ansible-roles-with-molecule-on-ubuntu-1 6-04 6. Goss Manual a. https://github.com/aelsabbahy/goss/blob/master/docs/manual.md 27

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Ansible in Operatjon Bruce Becker: Coordinator, SAGrid | bbecker@csir.co.za |

Ansible in Operatjon Bruce Becker: Coordinator, SAGrid | bbecker@csir.co.za |

Ansible in Operatjon Bruce Becker: Coordinator, SAGrid | bbecker@csir.co.za | http://www.sagrid.ac.za Learning Goals Manage inventory Ansible ad-hoc commands Write & run Playbooks Understanding of variables Loops and

586 views • 33 slides
The FoolProof Initiative FoolProof Financial Education: For no cost to schools: A program that

The FoolProof Initiative FoolProof Financial Education: For no cost to schools: A program that

10/22/14& The FoolProof Initiative FoolProof Financial Education: For no cost to schools: A program that quickly engages students. Unique type of web-driven financial literacy instruction. 1& 10/22/14& What FoolProof Provides:

480 views • 19 slides
Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible?

Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible?

Infrastructure Automation Infrastructure Automation 2 Ansible Ansible What is Ansible? Ansible is an open source automation engine Why Ansible? Modular Idempotent Huge support/community Agentless Simple to learn

709 views • 29 slides
Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com

Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com

Ansible Wechat Account Ansible Meetup Shanghai August 17th ansible.com wiredcraft.com Introduction What is Ansible? Ansible.com Gaining momentum Ansible on GitHub Very fast learning curve Python based Easy to get

375 views • 18 slides
SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red Hat whoami ? 2 AGENDA Ansible use cases Information security Why Ansible? Examples Get involved 3 FreeImages.com/kovik COMMON ANSIBLE USE

495 views • 22 slides
SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red

SECURITY AUTOMATION WITH ANSIBLE Michelle Perz, Associate Manager-Ansible Support, Ansible by Red Hat whoami ? 2 AGENDA Ansible use cases Information security Why Ansible? Examples Get involved 3 FreeImages.com/kovik COMMON ANSIBLE USE

513 views • 29 slides
Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible?

Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible?

Contributing to Ansible Developing Ansible Modules ....wait a min....what the heck is Ansible? software platform for CM systems Agentless Secure Scalable ....so what can we do with ansible? package installation

497 views • 16 slides
Ansible weithenn.org Agenda Infrastructure as Code

Ansible weithenn.org Agenda Infrastructure as Code

Ansible AWX Ansible weithenn.org Agenda Infrastructure as Code (IaC) Why Ansible Ansible Engine vs Tower vs AWX Ansible AWX Features Use Case Demo 3 Infrastructure as Code (IaC)

622 views • 23 slides
Life Skills Curriculum ADD PIX OF HOME PAGE OF CRONKITEPROJECTTHAT REALLY GREAT PIX AND

Life Skills Curriculum ADD PIX OF HOME PAGE OF CRONKITEPROJECTTHAT REALLY GREAT PIX AND

High School Financial Literacy Life Skills Curriculum ADD PIX OF HOME PAGE OF CRONKITEPROJECTTHAT REALLY GREAT PIX AND THE FOOLPROOF EXISTS BECAUSE OF WALTER CRONKITE FoolProof Florida You can use FoolProof right away, for free!

368 views • 26 slides
Whats New With Ansible Collections Diving into the How to use Collections with Ansible

Whats New With Ansible Collections Diving into the How to use Collections with Ansible

INSERT CONFIDENTIAL designator Whats New With Ansible Collections Diving into the How to use Collections with Ansible 2.9.10+ and beyond Andrius Benokraitis Iftikhar Khan Bradley Thornton Sr. Principal Product Manager Sr. Manager,

423 views • 19 slides
ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub:

ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub:

ANSIBLE BEST PRACTICES: THE ESSENTIALS Timothy Appnel Senior Product Manager, Ansible GitHub: tima Twitter: appnelgroup THE ANSIBLE WAY 2 COMPLEXITY KILLS PRODUCTIVITY That's not just a marketing slogan. We really mean it and believe that.

922 views • 38 slides
Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow

Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow

Zero Downtime Deployment with Ansible Zero Downtime Deployment with Ansible DevOps Pro Moscow 2016 @steinim stein.inge.morisbak@BEKK.no OPEN Slides Slides http://steinim.github.io/slides/devopspro/zero-downtime-ansible/tutorial.html Source

884 views • 61 slides
Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez

Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez

Running Ansible within Salt How to smoothly migrate away from Ansible to Salt Pablo Surez Hernndez Don Vosburg SUSE Senior Software Engineer SUSE Technology Specialist psuarezhernandez@suse.com dvosburg@suse.com People are using Ansible

476 views • 31 slides
ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan

ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan

ANSIBLE BEST PRACTICES: THE ESSENTIALS Ansible Automates: DC Jamie Duncan @jamieeduncan cloudguy@redhat.com about jduncan 6+ years with Red Hat Coming Soon #shamelessPlug My daughter Elizabeth #cutestThingEver 2 THIS SESSION IS ABOUT

656 views • 37 slides
Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible

Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible

Introduction to Ansible Collections Ganesh Nalawade Principal Software Engineer Ansible Engineering Agenda Whats a Collection? Why Collections? Deep dive with Collections Collection demo Ansible galaxy for Collections

904 views • 21 slides
Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this

Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this

Using Ansible Robin Long June 15, 2017 Can you build a presentation in Ansible? Well this would be proof Its is not the pretiest, but it is functional Assuming you use LaTeX Who doesnt? Shame on you. Robin Long ( Lancaster

111 views • 7 slides
A Sub-pA Current Sensing Front-End for Transient Induced Molecular Spectroscopy Da Ying, Ping-Wei

A Sub-pA Current Sensing Front-End for Transient Induced Molecular Spectroscopy Da Ying, Ping-Wei

A Sub-pA Current Sensing Front-End for Transient Induced Molecular Spectroscopy Da Ying, Ping-Wei Chen, Chi-Yang Tseng, Yu-Hwa Lo, and Drew A. Hall University of California, San Diego, CA, USA Symposia on VLSI Technology and Circuits New Drug

812 views • 32 slides
based virtual screening Peter Willett, University of Sheffield Computers in Scientific Discovery

based virtual screening Peter Willett, University of Sheffield Computers in Scientific Discovery

Similarity methods for ligand- based virtual screening Peter Willett, University of Sheffield Computers in Scientific Discovery 5, 22 nd July 2010 Overview Molecular similarity and its use in virtual screening Use of fragment weighting

765 views • 24 slides
Accelerated Molecular Dynam ics w ith the Bond Boost Method Kristen A. Fichthorn The

Accelerated Molecular Dynam ics w ith the Bond Boost Method Kristen A. Fichthorn The

Accelerated Molecular Dynam ics w ith the Bond Boost Method Kristen A. Fichthorn The Pennsylvania State University University Park, PA 16802 USA DMR-1 0 0 6 4 5 2 DE-FG0 2 0 7 ER4 6 4 1 4 Rare-Event Methods Search and Characterization R *

716 views • 36 slides
Accelerating Exascale How the End of Moores Law Scaling is Changing the Machines You Use, the

Accelerating Exascale How the End of Moores Law Scaling is Changing the Machines You Use, the

Accelerating Exascale How the End of Moores Law Scaling is Changing the Machines You Use, the Way You Code, and the Algorithms You Use Steve Oberlin CTO, Accelerated Computing NVIDIA TEGRA K1 Mar 2, 2014 NVIDIA Confidential 1 A Little

624 views • 41 slides
The VAMDC infrastructure Standard procedures to publish, search and process atomic and molecular

The VAMDC infrastructure Standard procedures to publish, search and process atomic and molecular

The VAMDC infrastructure Standard procedures to publish, search and process atomic and molecular data N.Moreau Paris Observatory, LERMA Asterics - Heidelberg Gathering heterogeneous data Many services provide atomic and molecula data

481 views • 20 slides
Using cold molecules to detect molecular parity violation Joost van den Berg KVI SSP2012

Using cold molecules to detect molecular parity violation Joost van den Berg KVI SSP2012

Using cold molecules to detect molecular parity violation Joost van den Berg KVI SSP2012 Groningen Outline Parity violation in diatomic molecules Ultracold molecules Experiment Stark decelerator Laser cooling 2 Parity

458 views • 19 slides
Long range behavior of the van der Waals forces between a molecule and a perfectly conducting

Long range behavior of the van der Waals forces between a molecule and a perfectly conducting

Long range behavior of the van der Waals forces between a molecule and a perfectly conducting metallic plate based on joint work with Mariam Badalyan and Dirk Hundertmark Ioannis Anapolitanos special thanks to: Kurt Busch, Francesco

644 views • 25 slides
Hardware Accelerated Similarity Search George Williams Who Am I? Director, GSI Technology

Hardware Accelerated Similarity Search George Williams Who Am I? Director, GSI Technology

Hardware Accelerated Similarity Search George Williams Who Am I? Director, GSI Technology Previously, Chief Data Scientist Senior Data Scientist AI Research Scientist Software Engineer Recent Headlines Convergence and Integration That was

923 views • 56 slides

More recommend