intro to automation & orchestration with red hat ansible · •jump-start your automation...

Intro to Automation & Orchestration with Red Hat AnsibleBogdan BeneaRed Hat Solution Architect 26/02/2020

Azure

AWS

Private

First Some Terminology

• Private Cloud – Data Center virtualized• Public Cloud – AWS & Azure• Hybrid Cloud – mix of both

© 2020 F5 Networks 2

App2

Apps

Apps

App2

Apps AppsApps

App1

App1

Apps

Apps

Deploying Applications in Traditional DC

• Ask Network team for Resources

• Ask Server team for Resources

• Ask Storage team for Resources

• Buy needed hardware

• Finally build App and test

$© 2020 F5 Networks 3

Why Cloud?

Two Reasons…

• Cost• Rent vs Buy Hardware

• Speed to Market (Business Agility)• What does Business Agility Mean? -> Deploy Apps FAST

• “2~3 weeks -> 1 day” – banking company A• “1~2 weeks -> 1 day” – banking company B• “11 days -> 6 hours” – ISP hosting company

Only in some cases


How do you get “Speed” to Market?

• Automation & Orchestration

• Automation Tools

• Container Platforms

• Cloud Environments

© 2020 F5 Networks

5

What is Automation & Orchestration?

Historically• Command scripts to create config • Customer Issues – BIG-IP knowledge needed• Difficult to Add & Delete BIG-IP’s Now• iControl REST API – Customers build their own• BIG-IP Cloud Edition –

• App Templates & Service Scaling Groups• Application views from BIG-IQ

Future • Cloud-native App services & F5 Cloud services


Silverline

App Servers

Public

What value does F5 bring to Cloud?

Full Proxy

TCP Client

TCP Server

SSL Offload

Internet

Access (APM)

Auth Servers

Security (AFM & ASM)

BIG-IP

1. Common Interface

2. Proxy between

3. Application Services

ADC Portfolio to address All Applications

• Source: IDC, 2018; F5

Applications1000’sFEW

Applications

More complex, higher TCO

Cloud-native

Application architecture BIG-IP Cloud Edition

Cloud-Native App Services

BIG-IP HW, VE

F5 Cloud Services

# of applications, 2017, millions

33 M 36 M 191 M

# of applications, 2022, millions 44 M 198 M 1,452 M


Evolution of Apps Architecture

Monolithic Microservices


Container 3Container 2Container 1VM 3VM 2VM 1

What are Containers?

Infrastructure

Operating System

Hypervisor

Guest OS Guest OSGuest OS

Bins/Libs

App 1

Bins/Libs

App 2

Bins/Libs

App 3

Infrastructure

Operating System

Container Runtime Environment

Bins/Libs

App 1

Bins/Libs

App 2

Bins/Libs

App 3

Virtual Machines Containers

Lightweight, fast, portable!

“Kind of feels like a virtual machine, but sheds all the weight and startup overhead of a guest operating system”

vs


Methodologies

Traditional• Organizational Silos• Monolithic Processes• Waterfall Development

Agile• Collaborative Teams• Continuous Processes• Agile Development

STOP GO ∞© 2020 F5 Networks 11

Declarative Model

• Declarative methodology implies that you define the desired outcome and depend on underlying mechanisms to deliver that outcome.

• This methodology tries to reduce or eliminate the need for domain specific knowledge.


Why organizations use automated frameworks


71% 51%

REDUCE OPEX SCALING TO MEET DEMAND

43%

TIME TO MARKET

$

Why Ansible?


SIMPLE POWERFUL AGENTLESSHuman readable

automation

No special coding skills needed

Tasks executed in order

Get productive quickly

App deployment

Configuration management

Workflow orchestration

Orchestrate the app lifecycle

Agentless architecture

Uses OpenSSH & WinRM

No agents to exploit or update

More efficient & more secure

• Composed of three different high-level elements:

What is Ansible?


Modules are the tools in your workshop

Playbooks are your instruction manuals

The Inventory of hosts are your raw material

F5 Modules in Ansible v2.9


BIG-IP device features• bigip_device_dns

• bigip_device_ntp

• bigip_device_sshd

• bigip_hostname

• bigip_routedomain

• bigip_selfip

• bigip_sys_db

• bigip_sys_global

• bigip_vlan

• bigip_user

• bigip_provision

• bigip_qkview

• bigip_snmp

• bigip_snmp_trap

• bigip_configsync_actions

BIG-IP DNS features• bigip_gtm_datacenter

• bigip_gtm_facts

• bigip_gtm_virtual_server

• bigip_gtm_wide_ip

• bigip_gtm_pool

BIG-IP LTM Features• bigip_irule

• bigip_monitor_tcp_echo

• bigip_monitor_tcp_half_open

• bigip_monitor_http

• bigip_monitor_tcp

• bigip_node

• bigip_pool

• bigip_pool_member

• bigip_snat_pool

• bigip_ssl_certificate

• bigip_virtual_server

• bigip_virtual_address

164 Modules + Active Development!

BIG-IP ASM, AFM & APM• bigip_asm_secpolicy

•

• bigip_afm_acls

•

• bigip_apm_access_policy

• Jump-start your automation project with content from the Ansible community. Galaxy provides pre-packaged units of work known to Ansible as roles.

• Roles can be dropped into Ansible PlayBooks and immediately put to work.

• Community driven pre-made modules & roles available for download:• https://galaxy.ansible.com/search?deprecated=false&keywords=F5%20&orde

r_by=-relevance&page=1• Simple customization

Ansible Galaxy

https://galaxy.ansible.com/search%3Fdeprecated=false&keywords=F5%2520&order_by=-relevance&page=1

• Ansible web-based interface• RBAC• Credentials management• Priced and supported

Ansible Tower


PROJECT

PLAYBOOKSINVENTORY TEMPLATES

PLAY 1

PLAY 2

BIG-IP .JSON

AS3 JINJA2

intro to automation & orchestration with red hat ansible · •jump-start your automation...

Documents