DO407/EX407 -- Automation with Ansible
wolfinsheepsclothing
Member Posts: 155
I'm taking the new DO407 course ("Automation with Ansible") next month in Raleigh I've used Ansible to deploy OpenShift 3.x, but really haven't had the opportunity to 'deep dive.' I'll let you know what I think of the course/exam. Anyone taken the course? I'm looking over the coursebook currently and was happy to see the inclusion of Tower.
Comments
-
alias454 Member Posts: 648 ■■■■□□□□□□I think that is pretty cool. I should throw ansible on my short list of things to learn. How much is the course?“I do not seek answers, but rather to understand the question.”
-
wolfinsheepsclothing Member Posts: 155I think that is pretty cool. I should throw ansible on my short list of things to learn. How much is the course?
-
varelg Banned Posts: 790That is so awesome! Isn't the Tower in the title of the course?
How big is the class? Oh I bet it's a lot of fun! -
wolfinsheepsclothing Member Posts: 155That is so awesome! Isn't the Tower in the title of the course?
How big is the class? Oh I bet it's a lot of fun! -
asummers Member Posts: 157It does seem strange that RH is now providing puppet and ansible courses and certs. I know they are slightly different but they are competitors.
I do feel RH will want to push Ansible considering they bought it -
wolfinsheepsclothing Member Posts: 155It does seem strange that RH is now providing puppet and ansible courses and certs. I know they are slightly different but they are competitors.
I do feel RH will want to push Ansible considering they bought it
I was told that the only reason they were able to run a puppet course is because of the Satellite 6 component; had it been straight puppet coding, Red Hat would not have offered the course. Both are neat tools. At this point, I'm not sure which I 'prefer.' I do like the agentless nature of Ansible (and the fact that it uses SSH, which is open in almost all environments, so no need for additional firewall rules). Plus, it doesn't require anything to be preinstalled on the hosts that are to be managed. -
chanakyajupudi Member Posts: 712Do let us know how the class is. We hope that it comes to the Partner learning subscription soon!Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
http://adarsh.amazonwebservices.ninja -
Verities Member Posts: 1,162Haven't taken the course, looking forward to hearing about it. I recently deployed Tower and I'm in the first phase of testing. I've tested 1 job template so far to ensure functionality of the product with a trial license. The setup and configuration was a lot easier than Satellite 6. I had it up and running in a matter of maybe 10 minutes or less.
Something to be aware of is the plain text yml that's created after the installation.....make sure to either encrypt it afterward or trash it because it stores all the passwords created by the configure script. I'll be looking around the server tomorrow to see if anymore clear text passwords remain elsewhere. -
Verities Member Posts: 1,162Loving Tower so far...haven't run into any issues with the program, setup, or maintenance. The most time consuming part of it all is creating a playbook to fit your needs. The language is easy and you can get away with a lot of things by keeping your playbooks simple.
When you get to the more advanced stuff like replacing lines in files (think sshd_config and removing the # infront of Protocol 2) using regular expressions it gets a bit more difficult. I'm very happy with the results so far and the most interesting part of it all is the extensibility of playbooks. There is no one right way to do things and you can create playbooks as complex or as simple as you want.
Back to reading about modules... -
wolfinsheepsclothing Member Posts: 155Thanks for the posts Verities. Good information. Regex is also permissible in puppet manifests. My one gripe about YAML is that it's less forgiving syntactically than JSON; otherwise, it's very easy to read/understand what the playbooks are trying to accomplish.
-
Verities Member Posts: 1,162You are very welcome. So I've come to the conclusion its much faster to build and run playbooks as well as debug from Ansible using CLI and to not use Tower. Tower doesn't provide the option to write playbooks from within the GUI...which doesn't make sense to me. Also, I've run into issues where error messages are completely obscure and don't point to the real issue. You essentially have a GUI that allows you to see if a playbook failed or not and allows you to create reoccurring jobs. I can't justify 10k for those two options when I can do everything other than reoccuring scheduling from the CLI. I'll just do the archaic method of using a cron job for a playbook if necessary.
When I go and run a playbook from the CLI, I see the real errors and I'm able to troubleshoot. Using the GUI, you still have to go into the CLI to troubleshoot.
Another thing...if you decide to use Ansible, make sure you set the proper configurations in the /etc/ansible/ansible.cfg file. The bare minimum if you're using ssh keys (which I highly recommend) instead of using root is set the following settings:
host_key_checking = False
So I don't think I'll be continuing with Ansible Tower, but I will continue using Ansible. I'm finding myself looking at creating playbooks for all sorts of issues: STIGs (yes they can be automated!), updating servers and adjusting server configurations. -
chanakyajupudi Member Posts: 712I had a go at the class and I think it is only for those who do not have any Ansible knowledge or experience. If you do then skip the class.Work In Progress - RHCA [ ] Certified Cloud Security Professional [ ] GMON/GWAPT if Work Study is accepted [ ]
http://adarsh.amazonwebservices.ninja -
Amuerte Registered Users Posts: 1 ■□□□□□□□□□Hello there. Any returns for the classes and exams ? Is it worth it ?
-
Canon55 Registered Users Posts: 1 ■□□□□□□□□□Hi chanakyajupudi, can you please tell us some more about the course? You say that it is only for those who do not have any Ansible knowledge. Do the instructors give you some good tricks etc?
What would you recommend to prepare for this course? -
ky13 Member Posts: 14 ■■□□□□□□□□The course provides a good baseline imo. No prep work is necessary. Ansible is still in EPEL, so I'd recommend just downloading it, visit docs.ansible.com, and start building playbooks/roles
-
anfield Member Posts: 18 ■■■□□□□□□□Does anyone have any pointers for the actual exam itself? Information is quite thin on the ground...aside from exam outline. I am getting ready to take this test soon
-
chmod Member Posts: 360 ■■■□□□□□□□I would like to take the exam one day, i love ansible but the exam is not been offered in my CR as of yet.
Ansible is such great tool.