I have just started my first job as a DevOps after being graduated.
My boss wants to implement IaC for all our projects.
I am the only one working on it, but its a huge task so I’m honored.
However, I have plenty other tasks on a daily basis and have also other technologies to learn from scratch like ELK, PKI, K8s and so on.
I have to be good at programming with Ansible as quickly as possible. What is the best way to do so? Reading the documentation seems to be good for me as Udemy or other videos explain stuff for hours and I often feel I learn passively. What are your recommendations?
What kind of projects, applications, and infrastructure do you plan on building with your IaC automation? That will make a big different about where to get started, what topics to recommend, and how to get your hands dirty.
Not sure yet. Actually it’s my first job and I have never done anything like this before. My boss said to me “I give you an esx and an IP and all our infrastructure must be running after a click on a button.”
I highly recommend starting with a well designed deployment process done manually first. A lot of people think that automation just means push this button and things works. They don’t realize that automation is actually a process itself. The part that everyone thinks of as automation is actually the last step.
Design the environment
Document the steps
Standardize your inputs and data sources
Document your automation plan
Automate the thing you want
As a set of basic steps, i would recommend to get started:
Create a Visio or Draw.io drawing that identifies all the pieces needed to complete your goal. This will force you to work with the various teams and managers to figure out the requirements.
Work with your current coworkers to create a checklist of items that need to happen and in which order, to accomplish the requirements.
Identify all data sources needed for the automation process (IPAM, VM Inventory Management, ITSM, CMDB, etc.) and standardize the data formats you will use for each.
Fire up Visio or Draw.io, or Confluence (I prefer confluence) and make a design document for your automation to show off what you want it to look like, how you want it to operate for users, and how it will satisfy the requirements.
Start automating and update your design documents as you go. Start small and expand as your skills and capabilities grow. I.E. Automate assignment of next available IP, then automate provisioning of ESX Hypervisor software, then automate initializing the configuration of ESX, then automate provisioning a VM, etc.
Thank you it is very useful.
I agree on your point but the fact is that I am a complete beginner so this is the kind of advice I need. I would even say that I need a roadmap or an example of the implementation of IaC that was done by someone and especially how it has been done, like what kind of diagrams I must draw, what kind of information I should collect, how to set up deadlines and so on. The best would be to follow up
Honestly, I don’t think you’ll be able to envision a solution or a path forward without understand the requirements.
The part that makes this hard to help on is that your only requirement detail is:
I give you an esx and an IP and all our infrastructure must be running after a click on a button.
That’s not a requirement, that’s a wish. Infrastructure in this context is a loaded term. Network engineers think infrastructure is routes and switches. Server admins think infrastructure is server hardware. Storage engineers think infrastructure is hard disks, arrays, and fiber channel switches. Application admins think infrastructure is servers and OS.
Before you can do anything with your project, you’ll need to identify what your manager thinks infrastructure means. I can’t even make a recommendation about setting up an Ansible environment and engineering automation on the fly without even knowing what infrastructure means in your scenario.
I totally agree with you, but I have goals to achieve. This is my first time tackling such tasks. I work at a small company where I handle IT duties and need to set up Infrastructure as Code (IaC) for our systems, doing it by projects, not all at once. Before I start coding, I know I need to check our infrastructure and write detailed documentation because we currently don’t have any. I want to make sure I do the documentation well, especially since it’s my first time, and I’d like to learn from others to make it as complete as possible. So, I’m asking for your advice!
My plan is to audit and document our infrastructure while learning new skills, particularly Ansible. That’s why also I posted here, to find out how I can quickly learn enough Ansible to be effective. I don’t need to be an expert, just productive.
When you first automation is ready to be shared, install AWX (too big to cover in one topic).
When your AWX install and automated process is ready for production, pay for some AAP licenses and get a supported Ansible Enterprise solution installed to production. Some people forgo this route and just run an instance of AWX. I’ll let others chime in on Pros and Cons of that decision.
If you get stuck on certain parts, you can always read the Ansible docs. They are usually thorough enough to get you through. If you get stuck, come back in here and ask around.
I will say, if you want full fledged IaC you’ll need more than just Ansible. Ansible is great for configuring infrastructure after it is deploy, but it’s not the best as deploying infrastructure. For instance, Terraform has a pretty good module for deploying VMs onto VMWare vSphere and ESXi hypervisors (also outside the scope of this forum).
A very generic pseudo workflow that could be considered IaC:
Manually Install a barebones server in your datacenter
Manually get an IP from your IPAM
Manually install ESXi
Manually setup IP connectivity and remote login
Ansible configures your ESXi install
Ansible calls Terraform to build the VMs you want
Ansible get’s the VM data from Terraform and pushes desired configurations to the VMs
Edit: Thanks @samccann for the updated Dir Laytout link.
Thank you very much I think I got the point.
But before setting up something I should write a documentation that explain the current infrastructure and that explain each step of the implementation of the IaC?
It would be nice if any of you could tell share your experiences/examples on what you write in documentations and the ways that you implement IaC in your infrastructure with your stack, This way I could be inspired by your works and implement IaC for my infrastructure.
I hope this doesn’t sound harsh, but your best bet is probably to leverage Google and the documentation sites of the technologies you are trying to automate.
Since you specifically mentioned VMware, here are some architectural diagrams I plagiarized from Google image search.