Course Overview
Infrastructure as code is one of the central mantras of the Devops movement. Adhering to this philosophy means that we facilitate best practices, supporting and encouraging developers to become more involved in defining configuration, thus allowing the operations team to get involved earlier in the development process.
Ansible is a boon to any organisation as it is the simplest way to manage configuration by leveraging native Linux/Unix technologies such as ssh and python, but it is flexible enough to handle complex processes. Linux administrators can use their existing skills to quickly and easily begin using Ansible straight away.
Course Prerequisites
Students should have a basic understanding of linux system concepts. Some optional labs have python development. Solutions are provided for those who are not familiar with Python development. Some basic knowledge of docker is helpful, but not a requirement.
Outline
Ansible Introduction
- Introduce the Ansible project
- History of Ansible
- Understand the use-cases for ansible
- Understand Ansible's idempotent behaviour
- Ansible nodes (control machine* and managed nodes)
- Ansible requirements and installation
Concepts
- Introduce tasks
- Understand ansible modules
- Understand ansible collections
- An overview of key modules
- Understand the role and rational of inventories
- Defining inventories
- Defining host groups
- Using default groups
- Discuss static and dynamic inventories
- Running ad-hoc commands with ansible
- Using inventory patterns
- Understand how tasks are executed remotely
- Introduce playbooks
- Ansible configuration techniques (ansible.cfg, environment variables and cli options)
- List key configuration parameters
- Understand variables and facts
- Understand different variable scopes (global, play and host)
- Using local facts
- Define host and group variables
- Introduce magic variables
- Introduce jinja
Ansible Playbooks
- Overview of yaml (optional)
- Understand plays and playbooks
- Defining multiple plays in a playbook
- Appreciate the anatomy of a play
- Configure hosts and behaviour for play
- Define tasks
- Identity and privilege escalation
- Using external variable files
- Prompting for values and passwords
- Setting facts values
- Introduce handlers
- Understand how and when they are invoked
- Triggering handlers
- Using ansible-lint (and yamllint)
Troubleshooting Plays
- Verify your playbooks (check mode, dry mode)
- investigating modifications (dff)
- stepping through tasks
- Using the debug module
- Enabling and using the Debugger
- Inspecting variables and facts
- Changing tasks inside debug mode
- Retrying tasks
Modules
- Running commands
- Managing files and directories (create, delete, etc)
- Copying files and directories
- Installing software (packages, pip, bower, gems, …)
- Managing users, groups and passwords
- Managing services
- Managing file contents (lines/blocks/ini files)
- Templating with jinja
- Debugging
- Managing docker images and containers
Complex playbooks
Managing Secrets with Vaults
- Appreciate and use vaults
- Creating and updating vaults
- Using vaults in playbooks
Include and import
- Discuss various playbook directory structures
- Import and include (tasks, playbooks, …)
- Understand the difference between static and dynamic import/include
- Discuss various use-cases for import/include
- Passing variables to import/include
jinja
- Explain the jinja syntax
- Understand jinja's role in ansible
- jinja expressions
- Appreciate and use tests
- Use filters to transform data
- Jinja statements (for, if, …)
- using jinja macros
- Understand lookup
- Discuss key lookup plugins
- lookup plugins and looping
- handle whitespace
Playbook structures
- Using ansible loops
- Explain deprecated with_xxx loops
- Understand the relation between loops, lookup, query and plugins
- Looping over multiple tasks using
include
- Conditional tasks using when
- Error handling playbooks
- Ignoring errors
- Define what's a failure using failed_when
- Defining blocks
- List different run strategies (linear, free and serial)
- Using batch for rolling updates
- Appreciate task delegation
- Use tags to include/exclude tasks
Dynamic inventories
- Appreciate the need for dynamic inventories
- understand the difference between scripts and plugins
- list and discuss available plugin inventories (kubernetes, aws, etc)
- Overview of developing custom inventories scripts
Plugins
- Work with cache plugins
- Using callback plugin to manage the output
- Using callback plugins to interact with other systems (logback, slack etc.)
- Use different connection types
- Using windows hosts
- Executing tasks inside docker containers
- Using inventory plugins
- Interacting with kubernetes pods
Ansible Roles & Galaxy
- Understand the need for roles
- Understand role structure
- Using roles with import/include
- Deprecated use of roles
- Passing variables
- Path to roles
- Introduce Ansible Galaxy
- Use roles from Galaxy
- Use the galaxy command line tool
- Writing roles
- Defining meta-data (e.g, dependencies)
Molecule
- Introduce molecule concepts
- List and use drivers
- Configuring instances
- Appreciate scenarios
- Understanding different phases
- Integrating with linters and other tools
- Writing verifications
- Running molecule in a devops pipeline
AWX / Ansible Tower Overview
- Introduce Ansible Tower
- Understand the benefits of using Tower
- Introduce the upstream project AWX
- Installing AWX
- Discuss access control
- Define inventories in Tower/AWX
- Supply secrets using credentials
- Define projects (using an SCM)
- Define job templates
- Running and monitoring jobs
- Job scheduling
- Creating and Defining custom Execution Environments
- Extra: using webhooks to launch a job automatically