Developing long running tasks might be my least favorite coding activity. I love writing and debugging code…I’d be crazy to be in this profession if I did not. But when a task takes long enough, your attention wanders and you get out of the zone.
Building the Linux Kernel takes time. Even checking the Linux Kernel out of git takes a non-trivial amount of time. The Ansible work I did back in the OpenStack days to build and tear down environments took a good bit of time as well. How do I keep from getting out of the zone while coding on these? It is hard, but here are some techniques.
Category Archives: Ansible
When to Ansible? When to Shell?
Any new technology requires a mental effort to understand. When trying to automate the boring stuff, one decision I have to make is whether to use straight shell scripting or whether to perform that operation using Ansible. What I want to do is look at a simple Ansible playbook I have written, and then compare what the comparable shell script would look like to determine if it would help my team to use Ansible or not in this situation.
Continue readingRemotely checking out from git using ssh key forwarding.
Much of my work is done on machines that are only on load to me, not permanently assigned. Thus, I need to be able to provision them quickly and with a minimum of fuss. One action I routinely need to do is to check code out of a git server, such as gitlab.com. We use ssh keys to authenticate to gitlab. I need a way to do this securely when working on a remote machine. Here’s what I have found
ipxe.efi for aarch64
To make the AARCH64 ipxe process work using bifrost, I had to
git clone https://github.com/ipxe/ipxe.git cd ipxe/src/ make bin-arm64-efi/snponly.efi ARCH=arm64 sudo cp bin-arm64-efi/snponly.efi /var/lib/tftpboot/ipxe.efi |
This works for the Ampere reference implementation servers that use a Mellanox network interface card, which supports (only) snp.
How do you keep the Kolla Playing?
(With apologies to Bergman and Legrand)
I need to modify how the ipxe container mounts directories. Why? AARCH64 iPXE stuff. Specifically, I need to get my own version of a file into the directory that a container mounts when it is running. How do I do that? I don’t know yet, so I am going to look.
Continue readingAn Ansible Approach to Registering RHEL Systems
I am constantly creating and deleting virtual machines. These virtual machines often are RHEL systems, and need to be registered with Red Hat’s CDN. While In the past I had a Role that was wrapped into other provisioning playbooks to perform this task, I find that there are enough one-offs to make it useful to do this as a stand alone playbook. Here is how I set it up, including my rational.
Continue readingRefactoring in Ansible: extract Variable
“Let the complexity emerge.” Probably the best advice I ever got in coding. Do something in as straight-forward manner as possible. When you find your self repeating code, extract it. Here’s an example from an ansible playbook I’m working on.
Continue readingAnsible and FreeIPA Part 2
After some discussion with Bill Nottingham I got a little further along with what it would take to integrate Ansible Tower and FreeIPA. Here are the notes from that talk.
Continue readingAnsible and FreeIPA Part-1
Ansible is a workflow engine. I use it to do work on my behalf.
FreeIPA is an identity management system. It allows me to manage the identities of users in my organization
How do I get the two things to work together? The short answer is that it is trivial to do using Ansible Engine. It is harder to do using Ansible tower.
Edit: Second part is here. Third part is coming.
Continue readingYour Own, Personal, Ansible
Me. Us. Them.
The story I tell when I explain the various offereings that Red Hat has based on Ansible follow is based on the progression of Me. Us. Them.
Me: Get my playbook working for me on my workstation. For this, I use Ansible Engine.
Us: Share my playbook with my larger team. For this, I use Ansible Tower.
Them: Make a Self service catalog for the larger organization to consume. This is where Ansible integration into other products comes in to play. I typically talk about CloudForms integration here, but Satellite and OpenShift are also capable of making use of Ansible here.
Here is how I have my local setup for doing Ansible based development. This is organized roughly around how Tower will later consume the roles and playbooks I design here.
Continue reading