Download - Automated UCS configuration with Ansible
Klicken Sie, um die Formate des Gliederungstextes zu bearbeiten Zweite Gliederungsebene Dritte Gliederungsebene Vierte Gliederungsebene Fnfte Gliederungsebene Sechste Gliederungsebene Siebente Gliederungsebene
Headline
Klicken Sie, um die Formate des Gliederungstextes zu bearbeitenZweite GliederungsebeneDritte GliederungsebeneVierte GliederungsebeneFnfte GliederungsebeneSechste GliederungsebeneSiebente Gliederungsebene
Ansible Modules
Manage UCS with Ansible Configuration Management
Tobias RueetschiAdfinis SyGroup [email protected]
- Welcome
Person
Work at Adfinis SyGroup AG
Linux System Engineer
Experience with Ansible and Python
- Adfinis SyGroup- Linux System Engineer- Programming skills- Python, ...- Configuration Management- e.g. Ansible- Task > 30s => automation
Adfinis => Project SIP21
SIP21
Schul Informatik Platform 21
Univention Corporate Server as base
Small individual schools
Standardised school corporate serversSamba
Squid
Mediatomb
Terminalserver
...
- Schul Infrastructure Server- Small individual schools- Standard Setup- Fileshare (Samba, SFTP, OwnCloud, )- Internet-Steuerung- Mediensharing (MediaTomb)- Virtual Desktop (NX)
SIP21 - Goals
Easy to scale
Fully automated installation and configurationPreseeding installation
Automated configuration
- easy skalierbar- automated installation, configuration- one-click- preseeding- configuration => ansible (Erfahrung)
Configuration => Ansible
Ansible
Free and Open Source
Simple IT automation platform
Ansible loves the repetitive work your people hate
Configuration management
RedHat since 2015Q4
- Simple - Human readable - no special coding skills - tasks executed in order- Powerful - App/Website deployement - Configuration management
Ansible
Using OpenSSH for communication
Agentless architecture
Written in Python
Configured in YAML
Low learning curve
- Agentless- OpenSSH- Written in Python- YAML 4all- Easy to extend
Ansible structure
ProjectPlaybookPlaybookPlaybookRole
RoleRoleRoleRole
TaskModule
TaskModule
TaskModule
TaskModule
TaskModule
TaskModule
- Project beinhaltet 1.. Playbooks- Playbooks referenziert 1.. Roles- Roles beinhaltet 1.. Tasks- Tasks referenziert 1 Module
750+ Modules
Ansible Modules
Can be written in Python
A module does something, likeCreate a configuration out of a template
Install a package
Create a MySQL database
750+ Ansible Modules
- Do something- copy files, render templates- create POSIX users, groups- create MySQL users, database
- Python UCS API
udm_groupEquivalent to udm groups/group
udm_userEquivalent to udm users/user
Ansible UCS Modules User & Group management
- create update delete operations- No moving- support all udm parameters
Ansible UCS Modules User & Group management
- name: create group udm_group: name: admins
- name: create users udm_user: name: SheldonCooper firstname: Sheldon lastname: Cooper password: Bazinga
Group & User creationudm_user parameter groups
udm_dns_zoneEquivalent toudm dns/forward_zone
udm dns/reverse_zone
udm_dns_recordEquivalent toudm dns/*_record
udm dns/alias
Ansible UCS Modules DNS management
- create update delete operations- No moving- support all udm parameters
Ansible UCS Modules DNS management
- name: create dns zone udm_dns_zone: zone: example.com type: forward_zone nameserver: ns1.example.com interfaces: 192.0.2.1
Create a dns zoneNameserver und interface of UCS system
Create dns RR equivalent
udm_shareEquivalent to udm shares/share
Ansible UCS Modules Samba & NFS share management
- create update delete operations- No moving- support all udm parameters - NFS - samba - ACL
Ansible UCS Modules Samba & NFS share management
- name: create a new share udm_share: name: documents host: {{ ansible_fqdn }} path: /home/documents samba_name: Documents
ansible_fqdn = UCS FQDN
Upstream (ansible-modules-extras)
Source on GitHubhttps://github.com/ansible/ansible-modules-extras/tree/devel/univention
Documentation http://docs.ansible.com/ansible/list_of_cloud_modules.html
Feel free to contribute
Ansible UCS Modules
- Univention Directory Manager- UCS Developer API- Upstream
Example (1/2)
Variables:---user_list: - name: LeonardoDaVinci passwd: MonaLisa - name: VincentVanGogh passwd: Sunflowers - name: Rembrandt passwd: TheJewishBride
- grsseres Beispiel- mehrere User- anzahl irrelevant
Example (2/2)
Task:---- name: create users udm_user: name: {{ item.name }} firstname: {{ item.name }} lastname: {{ item.name }} password: {{ item.passwd }} with_items: {{ user_list }}
- user aus variable anlegen
Conclusion
Automation of UCS is time costly
Ansible makes it much easier
5 Ansible modules exists, more are needed
- Frher Bash Scripts- Ansible schneller- Ansible Module erstellen => Aufwand- Alle UDM Module mit Ansible abdecken
Thanks for listening
Contact
Tobias RueetschiAdfinis SyGroup [email protected]://www.adfinis-sygroup.ch/
- Danke fr Aufmerksamkeit