![Page 1: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/1.jpg)
Changing the way we do IT at Best Buy: Using Ansible by Red Hat for automationPeople | Processes | Tech
Tom HudakSenior Platform Engineer - Best BuyMike DahlgrenSenior Cloud Solution Architect - Red Hat
![Page 2: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/2.jpg)
● Who are we?● Why are we here?● Why Ansible?● What did we solve?● What did we learn?
Todays Agenda
![Page 3: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/3.jpg)
Who are we?
-Two people with a long history in retail
![Page 4: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/4.jpg)
MIKE D
"The future is already here, it's just not widely distributed"
TWEET ME: @mikedahlgren
![Page 5: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/5.jpg)
Tom Hudak
MADHAKISH
I’ve been using a Deprecated automation tool for a decade.
TWEET ME: @madhakish
![Page 6: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/6.jpg)
WHY ar
e
we her
e?
● EVERYONE is now an IT company (especially retail)● Traditionally IT was OUTSOURCED as a commodity● CONTRACTORS come and go, POLICIES and PROCESSES stay
○ Knowledge transfer is a huge problem○ Different teams come with different tooling○ Not fully utilizing tooling
![Page 7: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/7.jpg)
Developers
Operations
![Page 8: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/8.jpg)
simple things should be simple &
HARD THINGS POSSIBLE ALAN KAY
What he said!
![Page 9: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/9.jpg)
IDEMPOTENCE
An operation that has [no additional effect] if it is called more than once with the same “input parameters”
VS.
/ īdemˈpōt(ə)nt,ˈēdemˌpōt(ə)nt /
Idempotent jokes are funny every time you tell them...
![Page 10: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/10.jpg)
SIMPLE
Human Readable
No Special Coding Skills
POWERFUL
App Deployment
Config Management
AGENTLESS
Uses SSH or WinRM
No Agent to exploit
![Page 11: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/11.jpg)
sysadmincasts.com
![Page 12: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/12.jpg)
sysadmincasts.com
![Page 13: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/13.jpg)
sysadmincasts.com
![Page 14: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/14.jpg)
trends.google.comNOW THIS IS A TREND!
trends.google.com
![Page 15: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/15.jpg)
● Consider IT as a core competency
● Learning vs buying skills
● Focus on automation
TIME TO DOUBLE DOWN ON INTERNAL SKILL SETS
![Page 16: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/16.jpg)
AUTOMATE ALL THE THINGS
![Page 17: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/17.jpg)
CASE STUDY # 1
INSTALL
![Page 18: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/18.jpg)
“Chicken and an Egg”
Bootstrapping automation … Implies that there is no automation.
Solved a “new to us” use case - one-time automation.
Powerful new pattern for developing SOP’s into repeatable, manageable Playbooks.
![Page 19: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/19.jpg)
Install the puppet Client how
hard can it be?
![Page 20: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/20.jpg)
Security does not allow auto registration! You will have
to reproduce all that logic in Ansible!
![Page 21: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/21.jpg)
... - name: Generate certificate request command: /opt/….bin/puppet agent -t --noop arg1 args: creates: "/…./certificate_requests/{{ ansible_fqdn }}.pem" register: puppet_agent changed_when: puppet_agent.rc == 1 failed_when: puppet_agent.rc != 1 and puppet_agent.rc != 0 notify: sign client certificate tags: - agent
tasks/main.yml
![Page 22: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/22.jpg)
…- name: sign client certificate delegate_to: "{{ puppet_ca }}" command: /opt/…./puppet cert --sign {{ ansible_fqdn }} 2>/dev/null arg1 args: creates: "/etc/…./ssl/ca/signed/{{ ansible_fqdn }}.pem" register: sign_client changed_when: sign_client.rc == 24 or sign_client.rc == 0 failed_when: sign_client.rc != 24 and sign_client.rc != 0 notify: puppet first run
handlers/main.yml
![Page 23: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/23.jpg)
- name: puppet first run command: /opt/…./bin/puppet agent -t --noop arg1 register: first_run changed_when: first_run.rc !=0 failed_when: first_run.rc !=0 and first_run.rc != 1 args: creates: "/etc/…./ssl/certs/{{ ansible_fqdn }}.pem"
handlers/main.yml (Continued)
![Page 24: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/24.jpg)
CASE STUDY # 2
SATELLITE 5 -> SATELLITE 6.5 .6>>>>
![Page 25: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/25.jpg)
We must install new tools & register thousands of servers.
We only need to do this one time Ok, maybe two times.
Whatever you do, make sure you do it at night!
![Page 26: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/26.jpg)
The Easy Sat5 -> Sat6 solution!1. Check for and remove rhnsd Daemon2. Install the new package bundle3. Register to Sat 6 (With correct orgs)4. Refresh yum, Install katello agent,
and run yum cleanup
rpm says no but,rpm --force --nodeps says YES!
![Page 27: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/27.jpg)
● Not all systems were registered with Sat 5● Not all have subscription manager installed● RHEL versions have different dependencies● Some missing RHEL release certificates● Different parameters for Prod vs Non-Prod● Some had full partitions (e.g. /var)● After you remove satellite 5,
- how do you update?
Easy... except for all the snowflakes!
What’s a snowflake?
![Page 28: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/28.jpg)
CASE STUDY # 3
OPENSHIFT
Loading...
![Page 29: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/29.jpg)
At this point we’ve been using Ansible for some time
First time Ansible is used for Install/config/deploy and post tasks
Familiar landscape, familiar language, and familiar approach
I’ve waited my whole life to
manage containers with Ansible!
![Page 30: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/30.jpg)
WHAT DIDWE LEARN?
![Page 31: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/31.jpg)
Automation Challenges - “Half of being smart is knowing what you’re dumb about.” -Solomon Short
● Automation will expose limitations and you will find all the things
● Fight the urge to boil the ocean
● Change is scary, automation is change, thus automation is scary!
![Page 32: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/32.jpg)
Lessons Learned w/ Automation
● Get buy in early!● Change is hard!● No longer the domain of one person● Must think big picture (holistically)
![Page 33: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/33.jpg)
What if internal IT teams focus was on INNOVATION not task management?
The 80/20 Rule!
![Page 34: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/34.jpg)
● Computers follow directions ~100% of the time, 80% of the time
● Iteration lets humans think more critically about solutions
● Consistency becomes the norm
● Inconsistency becomes very apparent
I NEED 10,000STRONG ROBOT
ARMY STAT!
![Page 35: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/35.jpg)
● Collaboration! (Open Source and Interoffice)
● Value of Internal Knowledge and Culture
You have been learned!
● The importance of common shared language!○ Operations○ Development○ Change Management○ QA Testing○ App Teams
![Page 36: Using Ansible by Red Hat for automation Changing the …€¦ · Using Ansible by Red Hat for automation People | Processes | Tech Tom Hudak ... failed_when: puppet_agent.rc != 1](https://reader031.vdocuments.us/reader031/viewer/2022013110/5b5c70497f8b9aa1428c2a38/html5/thumbnails/36.jpg)
Special thanks to Ray Hansen for all the help, we couldn’t do it without you!