ANSIBLE

ANSIBLE TOWER
Ansible Tower by Red Hat helps you scale IT automation, manage complex deployments
and speed productivity. Centralize and control your IT infrastructure with a visual dashboard,
role-based access control, job scheduling, integrated notifications and graphical inventory
management. And Tower's REST API and CLI make it easy to embed Tower into existing
tools and processes.

Features
1. As soon as you log in, you'll see your host and inventory status, all the recent job
activity and a snapshot of recent job runs. Adjust your job status settings to
graph data from specific job and time ranges.
2. Within Tower, Playbook runs stream by in real time. As Ansible automates across
your infrastructure, youll see plays and tasks complete, broken down by each
machine, and each success or failure, complete with output. Easily see the status of
your automation, and whats next in the queue.
3. Other types of jobs, such as source control updates or cloud inventory refreshes,
appear in the common job view.
4. Tower workflows allow for many complex operations. You can build a provisioning
workflow that provisions machines, applies a base system configuration, and deploys
an application, all with different Playbooks maintained by different teams.
5. Build a CI/CD testing workflow that builds an application, deploys it to a test
environment, runs tests, and automatically promotes the application based on test
results.
6. Easily model complex processes with Towers intuitive workflow editor.
7. With Tower, all automation activity is securely logged. Who ran it, how they
customized it, what it did, where it happened - all securely stored and viewable later,
or exported through Towers API.
8. Connect Tower to your external logging and analytics provider to perform analysis of
automation and event correlation across your entire environment.
9. Notify a person or team when your job succeeds, or escalate when jobs fail. Send
notifications across your entire organization at once, or customize on a per-job
basis.
10. Connect your notifications to Slack, Hipchat, PagerDuty, SMS, email, and more - or
post notifications to a custom webhook to trigger other tools in your infrastructure.
11. Playbook runs, cloud inventory updates, and source control updates can be
scheduled inside Tower - run now, run later, or run forever.
12. Set up occasional tasks like nightly backups, periodic configuration remediation for
compliance, or a full continuous delivery pipeline with just a few clicks.
13. Tower helps you manage your entire infrastructure. Easily pull your inventory from
public cloud providers such as Amazon Web Services, Microsoft Azure, and more.
14. Synchronize from your local OpenStack cloud or VMware environment.
15. Connect your inventory directly to your Red Hat Satellite or Red Hat CloudForms
environment. Or connect Tower directly to your custom CMDB.
16. Tower can keep your cloud inventory in sync, and Tower's powerful provisioning
callbacks allow nodes to request configuration on demand, enabling autoscaling.
 17. Tower lets you launch Playbooks with just a single click. It can prompt you for
variables, let you choose from available secure credentials and monitor the resulting
deployments.
18. Tower's simplified portal mode and survey features allow IT administrators to
delegate automation job runs to users across the organization - synchronized directly
from corporate directories such as LDAP, Active Directory or delegated SAML
authentication.
19. Tower delegation, developers or QA departments can provision their own dev and
test environments.
20. Customer service agents can provision a new demo environment. Or junior admins
can run simple jobs - like changing passwords - all at the press of a button.
21. Run simple tasks on any host or group of hosts in your inventory with Tower's remote
command execution.
22. Add users or groups, reset passwords, restart a malfunctioning service or patch a
critical security issue, quickly.
23. Remote command execution uses Tower's role-based access control engine and
logs every action.
24. Towers system tracking gives you the necessary tools to audit and verify that your
machines are in compliance.
25. Discover how a machine has changed over time, or compare machines in your
cluster to see how they are different.
26. Use system tracking and Towers push-button automation to ensure machines are
configured and deployed exactly how they should be.
27. Call Tower jobs from your build tools, show Tower information in your custom
dashboards and more.
28. Tower's CLI tool is available for launching jobs from CI systems such as Jenkins, or
when you need to integrate with other command line tools.

CONVEYING IN INTERVIEW

1. Purpose of using Devops example

COMPLEXITY KILLS PRODUCTIVITY and to overcome this, industry gurus have come up with
opensource and purchase based tools which further refine the usage and daily tasks WITH
products like ANSIBLE ETC

Every business is a digital business. Technology is your innovation engine, and delivering your
applications faster helps you win.

Ansible - the simple, yet powerful IT automation engine that thousands of companies are using
to drive complexity out of their environments and accelerate DevOps initiatives.

OTHER BENEFITS
TEAM IMPACT
 1) Save time and be more productive
2) Eliminate repetitive tasks
3) Fewer mistakes & errors
4) Improve collaboration and job satisfaction

ENTERPRISE IMPACT
1) Overcome complexity
2) More resources for innovation
3) Increase accountability and compliance

SIMPLE
1) Human readable automation
2) No special coding skills needed
3) Tasks executed in order
4) Get productive quickly

POWERFUL
1) App deployment
2) Configuration management
3) Workflow orchestration
4) Orchestrate the app lifecycle

AGENTLESS
1) Agentless architecture
2) Uses OpenSSH and WinRM
3) No agents to exploit or update
4) Predictable, reliable and secure

EXTEND THE POWER OF ANSIBLE WITH ANSIBLE TOWER

1. Ansible Tower by Red Hat is an enterprise framework for controlling, securing
and managing your Ansible automation with a UI and RESTful API.
 2. Tower builds on the underlying Ansible automation engine by adding control,
access, security, auditing, and delegation capabilities required in the
enterprise.

Ansible is a radically simple IT automation engine that automates cloud provisioning,

configuration management, application deployment, intra-service orchestration, and
many other IT needs.

Designed for multi-tier deployments since day one, Ansible models your IT
infrastructure by describing how all of your systems inter-relate, rather than just
managing one system at a time.

It uses no agents and no additional custom security infrastructure, so it's easy to

deploy - and most importantly, it uses a very simple language (YAML, in the form of
Ansible Playbooks) that allow you to describe your automation jobs in a way that
approaches plain English.

Ansible works by connecting to your nodes and pushing out small programs, called
"Ansible modules" to them.
These programs are written to be resource models of the desired state of the
system. Ansible then executes these modules (over SSH by default), and removes
them when finished.

Your library of modules can reside on any machine, and there are no servers,
daemons, or databases required. Typically you'll work with your favorite terminal
program, a text editor, and probably a version control system to keep track of
changes to your content.

Passwords are supported, but SSH keys with ssh-agent are one of the best ways to
use Ansible. Though if you want to use Kerberos, that's good too. Lots of options!
Root logins are not required, you can login as any user, and then su or sudo to any
user
Ansible's "authorized_key" module is a great way to use ansible to control what
machines can access what hosts. Other options, like kerberos or identity
management systems, can also be used.
ssh-agent bash
ssh-add ~/.ssh/id_rsa

"We can learn something once by doing it ourselves, then with an Ansible Playbook, we can
share that with the rest of the team and now everybody knows how to do it." Thats
simplicity in action.

simplicity as a requirement to scale automation. Spread that message across your

organizations. Make "simplicity" a requirement of the IT solutions that you adopt. Put it in
RFPs and RFQs, and hold your vendors accountable for reducing the complexity in your
processes.

The first time we have to figure out how to do it manually, and then we'll make the
Playbook to do it.
By default, Ansible 1.3 and later will try to use native OpenSSH for remote communication
when possible.
Enables ControlPersist (a performance feature), Kerberos, and options
in ~/.ssh/config such as Jump Host setup.

When using Enterprise Linux 6 operating systems as the control machine (Red Hat
Enterprise Linux and derivatives such as CentOS), the version of OpenSSH may be too old
to support ControlPersist.

Edit (or create) /etc/ansible/hosts and put one or more remote systems in it. Your public
SSH key should be located in authorized_keys on those systems:

Well assume you are using SSH keys for authentication. To set up SSH agent to avoid
retyping passwords, you can do:
$ ssh-agent bash
$ ssh-add ~/.ssh/id_rsa

(Depending on your setup, you may wish to use Ansibles --private-key option to specify a
pem file instead)
ping all your nodes: $ ansible all -m ping
Ansible will attempt to remote connect to the machines using your current user name, just
like SSH would. To override the remote user name, just use the -u parameter.

To access sudo mode

# as bruce
$ ansible all -m ping -u bruce
# as bruce, sudoing to root
$ ansible all -m ping -u bruce --sudo
# as bruce, sudoing to batman
$ ansible all -m ping -u bruce --sudo --sudo-user batman

# With latest version of ansible `sudo` is deprecated so use become

# as bruce, sudoing to root
$ ansible all -m ping -u bruce -b
# as bruce, sudoing to batman
$ ansible all -m ping -u bruce -b --become-user batman

The sudo implementation is changeable in Ansibles configuration file if you happen to want
to use a sudo replacement. Flags passed to sudo (like -H) can also be set there.

Now run a live command on all of your nodes:

$ ansible all -a "/bin/echo hello"

Open stack administration with ansible

rest api vs web api

Responses are formatted by Web API's MediaTypeFormatter into JSON, XML or whatever
format you want to add as a MediaTypeFormatter.