Ansible & Friends Newsletter

July 7, 2017 - Issue 64



Hey folks,

It's been a while since the last issue of this Ansible newsletter (almost 2 years).

I recently finished some big projects and wanted to catch up on what is going on in the Ansible world. So I started collecting that news for myself and realized that I was basically re-creating the newsletter in the process.

I've missed keeping up with the community, so decided to reboot this thing since I imagine there are others that also want to keep up with news in the Ansible world :-D

Previously the newsletter was called "Ansible Weekly" then "Briefs on Ansible", now I'm just going with "Ansible & Friends". Sounded more fun for this reboot :-D

Cheers!

-Matt

Ansible Growth

This was an exciting graph to see. It's the registered interest of tools at Config Management Camp:

(Credit: @cfgmgmtcamp)

Status of open-sourcing Tower

(Full disclosure: I was contracted in 2014 by Ansible Inc to update and automate their Tower documentation toolchain)

This is often a hot topic. Tower is a great tool for those companies that need its powerful features and where the benefits justify the cost. Other companies only need a few of Tower's features and so they can't justify paying the full cost. For those companies, there are 2 options:

Wait for Tower to be open-sourced

Find alternatives for the subset of features they need

Red Hat has a history of open-sourcing projects successfully. After their acquisition of Ansible, there was an announcement by someone at some conference that Tower would be open-sourced. I forgot the details, and this newsletter issue is already taking too much time to write, so I'm going to be lazy with my research here ;)

Anyway, last month there were again rumors, rumors-of-confirmations and rumors-of-rumors-of-rumors-of-confirmations that surfaced at AnsibleFest in London and on Twitter. From what I can tell it is "months" to "several years" away.

(Credit: René Moser)

"Open Tower will have all the features of @ansible Tower. Open Tower to closed Tower will be similar to what is @fedora to #RHEL."

-Strahinja Kustudic (who attended the most recent AnsibleFest)

Update: Strahinja sent me more details: "Just so you know that information came directly from Matthew Jones @matburt, Lead Ansible Tower developer, while I was chatting with him during a break. He also told me that he is currently working on Open Tower and that it's still not finished on devs side, but it's getting close. He couldn't tell me the date of release, but he said that even when he is done, that it will take some time for it to pass through Red Hat management and everything, but I more understood him that it will be months, not years, especially since a lot of other devs were telling me Open Tower is coming."

Open Tower is exciting for the community, but also for Red Hat and for growing the Ansible ecosystem. At first I was a little confused at Red Hat cutting off the revenue stream from a product they've invested so much time, money, and sweat into. But then I remembered that it's been a successful business model for many of the other products they've open-sourced.

Of course, this model takes a leap of faith and there is risk involved, so I understand Red Hat wanting to take the time to get it right. Naturally it's a bit frustrating for the Open Tower enthusiasts to wait for it, but that's what cryogenic chambers were invented for right? ;-)

Reminder: Tower is free for up to 10 nodes. If you're small enough, this is a good case for using the vertical scaling "hack". By scaling vertically as far as you can before going horizontal, you can buy yourself simplicity and also pay less for any software that is on a per-node license. So there's no need to wait if you have under 10 servers, you can use Tower right now for free.

Alternate/partial solutions for Tower

When Tower isn't a good fit for a company, what do they use? Well, there are a few options that offer a subset of features or alternate functionality. I won't go into depth here, but here are a few that people use:

Rumored:

Tensor - this is very alpha , I worry about the future of this project since its activity is low and its goals are so broad: "Our expectation is to support other CI-CD automation tools like Chef, Puppet in the near future." Reddit discussion

, I worry about the future of this project since its activity is low and its goals are so broad: "Our expectation is to support other CI-CD automation tools like Chef, Puppet in the near future." Reddit discussion Semaphore - currently there are no feature lists, screenshots, demos, or anything substantial I can find to review. Also, don't confuse it with Semaphore CI which also has its own Ansible integrations.

Level Up

Ansible Module Development by Example

By Thomas Stringer

Exploiting Ansible logs with Callback Plugins

By Mathieu Corbin

Community Heroes

I use the word 'Hero' very rarely. It's so overused, but there are some folks in the community that have made some amazing contributions and I want to at least acknowledge them here. I'm sure I've missed some people (sorry!), but these are the people that have been consistently on my radar as huge value contributors. There are heroes on the Ansible team too of course, but they are often publicly recognized, so I'm focusing on the community heroes here ;-)

Jeff Geerling - prolific contributor, author of "Ansible for DevOps" which I purchased a few years ago and I still get regular free updates. Jeff's done an amazing job keeping the book current all this time and it's been a really great resource.

René Moser - another prolific contributor. Author of many many modules - especially the CloudStack modules. Co-author of the upcoming 2nd Edition of "Ansible: Up and Running" which is scheduled for release next month.

Lorin Hochstein - original author of "Ansible: Up and Running". I was a technical reviewer on the 1st Edition and it was a great experience. I'm used to making lots of technical corrections, but after 2 intensive weeks reviewing the book, I found hardly anything to say other than "Wow!" Lorin has a very academic approach (he's a CS PHD, so that makes sense!) - he's currently working at Netflix and just co-authored their free "Chaos Engineering" report.

Jesse Keating - in the early days, his work with Ansible at massive scale at Rackspace (tens of thousands of servers) helped silence the Ansible scaling naysayers. I believe that work contributed to some of the other big internet giants adopting Ansible. He wrote the book "Mastering Ansible" and it's next on my list to read.

AnsibleFest

Recap of AnsibleFest London 2017 - By Sean Jones. (Unfortunately the text/background contrast is quite bad on the site, so you might want to use this link for text only.)

Ansible Updates

Using Inventory Directories and Multiple Inventory Sources - very cool recent feature. I haven't needed to use it yet, but it provides some nice flexibility.

Ansible Container - this has actually been out for a while, but it's progressing nicely. I generally recommend my clients avoid the added complexity and maintenance burdens of containers in production unless it's absolutely necessary, but when it is necessary, it'll be great to have a solution like this.

Ansible 2.3.2 RC1 via James Cammarata

Re-enabled non-pipelined mode for winrm/powershell as a work-around for connection plugins that don't support pipelining.

Fixed a bug in which facts were not always properly delegated.

Fixed a bug where child roles were incorrectly included in the dependency chain when include_role was used.

was used. Fixed a bug where any_errors_fatal was not properly used when configured at the play level.

was not properly used when configured at the play level. Fixed a bug where low disk space on the remote system could cause module execution to fail.

Directories in /etc/skel will get users ownership when home dir is created.

will get users ownership when home dir is created. Lots of docker-related module fixes: Fixed #21464 - docker_network : TypeError with existing network. Fixed #22530 - docker_network Failed but Overlay network created successfully on Docker swarm mode. Properly handle Docker image comparison for published_ports defined as IP::PORT. Fixed bug where Docker does not output Status after pull anymore. Fixed bug where docker_container with empty links list always restarts.

Some PY3 bug fixes.

Security

Red Hat Patches Three Serious Ansible Flaws in Its OpenStack Distribution

By Lucian Constantin

Calls for Contributors

Ansible Windows Sprint - this started on July 4, so if you're interested, jump in right away!

New AWS Working Group - there's a need for you Amazon Web Services folks here.

Cowsay

Via @butforbot

_________________________ < Ansible but for Grocery > ------------------------- \ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w | || ||

Feedback

If you have corrections or other feedback, please let me know at matt@hvops.com - Thanks!