Book Image

Mastering Ansible. - Third Edition

By : James Freeman, Jesse Keating
Book Image

Mastering Ansible. - Third Edition

By: James Freeman, Jesse Keating

Overview of this book

Automation is essential for success in the modern world of DevOps. Ansible provides a simple, yet powerful, automation engine for tackling complex automation challenges. This book will take you on a journey that will help you exploit the latest version's advanced features to help you increase efficiency and accomplish complex orchestrations. This book will help you understand how Ansible 2.7 works at a fundamental level and will also teach you to leverage its advanced capabilities. Throughout this book, you will learn how to encrypt Ansible content at rest and decrypt data at runtime. Next, this book will act as an ideal resource to help you master the advanced features and capabilities required to tackle complex automation challenges. Later, it will walk you through workflows, use cases, orchestrations, troubleshooting, and Ansible extensions. Lastly, you will examine and debug Ansible operations, helping you to understand and resolve issues. By the end of the book, you will be able to unlock the true power of the Ansible automation engine and tackle complex, real- world actions with ease.

Related Content you might be interested in

Current Title:

Small book image
Mastering Ansible. - Third Edition
James Freeman | Jesse Keating
Mar, 2019 | 412 pages
Small book image
Practical Ansible 2
Fabio Alessandro Locati | Daniel Oh | James Freeman
Jun, 2020 | 410 pages
Small book image
Practical Ansible
Fabio Alessandro Locati | Daniel Oh | James Freeman
Sep, 2023 | 420 pages
Small book image
Hands-On Enterprise Automation on Linux
James Freeman
Jan, 2020 | 512 pages
Table of Contents (17 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Get in touch
Free Chapter
1
Section 1: Ansible Overview and Fundamentals
Section 1: Ansible Overview and Fundamentals
2
The System Architecture and Design of Ansible
The System Architecture and Design of Ansible
Technical requirements
Ansible version and configuration
Inventory parsing and data sources
Playbook parsing
Module transport and execution
Variable types and location
Accessing external data
Variable precedence
Summary
3
Protecting Your Secrets with Ansible
Protecting Your Secrets with Ansible
Technical requirements
Encrypting data at rest
Mixing encrypted data with plain YAML
Protecting secrets while operating
Summary
4
Ansible and Windows - Not Just for Linux
Ansible and Windows - Not Just for Linux
Technical requirements
Running Ansible from Windows
Setting up Windows hosts for Ansible control
Handling Windows authentication and encryption
Automating Windows tasks with Ansible
Summary
5
Infrastructure Management for Enterprises with AWX
Infrastructure Management for Enterprises with AWX
Technical requirements
Getting AWX up and running
Integrating AWX with your first playbook
Going beyond the basics
Summary
6
Section 2: Writing and Troubleshooting Ansible Playbooks
Section 2: Writing and Troubleshooting Ansible Playbooks
7
Unlocking the Power of Jinja2 Templates
Unlocking the Power of Jinja2 Templates
Technical requirements
Control structures
Data manipulation
Comparing values
Summary
8
Controlling Task Conditions
Controlling Task Conditions
Technical requirements
Defining a failure
Defining a change
Error recovery
Iterative tasks with loops
Summary
9
Composing Reusable Ansible Content with Roles
Composing Reusable Ansible Content with Roles
Technical requirements
Task, handler, variable, and playbook inclusion concepts
Roles
Summary
10
Troubleshooting Ansible
Troubleshooting Ansible
Technical requirements
Playbook logging and verbosity
Variable introspection
Debugging code execution
Summary
11
Extending Ansible
Extending Ansible
Technical requirements
Developing modules
Developing plugins
Developing dynamic inventory plugins
Contributing to the Ansible project
Summary
12
Section 3: Orchestration with Ansible
Section 3: Orchestration with Ansible
13
Minimizing Downtime with Rolling Deployments
Minimizing Downtime with Rolling Deployments
Technical requirements
In-place upgrades
Expanding and contracting
Failing fast
Minimizing disruptions
Serializing single tasks
Summary
14
Infrastructure Provisioning
Infrastructure Provisioning
Technical requirements
Managing cloud infrastructures
Managing a public cloud infrastructure
Interacting with Docker containers
Ansible Container
Summary
15
Network Automation
Network Automation
Technical requirements
Ansible for network manage ment
Handling multiple device types
Configuring Cumulus Networks switches with Ansible
Summary
16
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Encrypting data at rest

As a configuration management system or an orchestration engine, Ansible has great power. To wield that power, it is necessary to entrust secret data to Ansible. An automation system that prompts the operator for passwords at each connection is not very efficient. To maximize the power of Ansible, secret data has to be written to a file that Ansible can read and from which it can utilize the data.

This creates a risk, though! Your secrets are sitting there on your filesystem in plain text. This is a physical and digital risk. Physically, the computer could be taken from you and pored over for secret data. Digitally, any malicious software that can break the boundaries set upon it is capable of reading any data to which your user account has access. If you utilize a source control system, the infrastructure that houses the repository is just as much at risk...

Previous Section
End of Section 3
Next Section