Perfectly Awesome

Ansible for Devops - booknotes

appendix A - ansible on Windows
1. WSL (windows subsystem for linux) on ubuntu
2. when WSL is not an option
ch01 - getting started
1. intro
2. installation
3. inventory files
4. running an ad-hoc command
ch02 - local devt
1. prototyping & testing with local virtual machines
2. your first local server
3. using ansible with vagrant
4. your first playbook
5. cleanup
ch03 - ad-hoc commands
1. conducting an orchestra
2. build infrastructure with vagrant for testing
3. inventory file - multiple servers
4. first ad-hoc commands
5. individual | grouped server configs
6. users & groups
7. packages
8. files & directories
9. background operations
10. log files
11. cron jobs
12. deploying version-controlled apps
13. SSH connection history
ch06 - roles, includes, imports
1. imports
2. includes
3. roles
4. ansible galaxy
5. lamp server - 9 lines of yaml
6. solr server - 7 lines of yaml
7. galaxy commands
ch07 - inventories
1. example - real-world web app server
2. inventory variables
3. dynamic inventory
4. custom inventory - python and php
ch08 - cookbooks
1. intro
2. vagrantfile for local infrastructure via VirtualBox
3. provisioner config - DigitalOcean
4. provisioner config - AWS EC2
5. ELK logging
ch09 - deployment
1. strategies
2. single-server (ruby on rails)
3. zero-downtime, multi-server
4. capistrano style
5. blue-green
6. more features
ch12 - automating HTTPS & TLS certificates
1. generating self-signed certs
2. automating let's encrypt for free certs
3. nginx, proxy HTTP traffic, served on HTTPS
ch13 - ansible with docker
1. brief intro - docker containers
2. using ansible to manage containers
3. flask app
4. building containers from the outside
ch14 - ansible with kubernetes
1. kubernetes history
2. do you need k8s?
3. building a k8s cluster
4. managing a k8s cluster
chap 04 - playbooks
1. power plays
2. running
3. example - CentOS nodejs app server
4. example - Ubuntu lamp server with drupal
5. example - Ubuntu server with apache solr
chap 05 - playbook pt2
1. handlers
2. environment variables
3. variables
4. facts = variables derived from system info
5. ansible vault
6. variable precedence
7. if | then | when conditionals
8. delegation | local actions | pauses
9. prompts
10. tags
11. blocks
chap 10 - server security
1. brief history of SSH & remote access
2. secure & encrypted comms basics
3. disable root login - use sudo
4. remove unused sw - open only required ports
5. use "least privilege" principle
6. update OS & installed sw
7. proper firewall configs
8. log files
9. login monitors & blocking suspect IP addresses
10. SELinux or apparmor
11. summary & further reading
chap 11 - tower CI/CD
1. ansible tower
2. jenkins CI
3. unit | integration | functional testing
4. auto testing on GitHub with travis CI
5. functional testing - serverspec