Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "ansible"
So that high level prank from yesterday.
Senior Linux engineer, the fucker.
He somehow installed shitloads of cron jobs onto my system.
Every few minutes it would create a new user with a freaking complicated password. Then it would install openssh server in case it wasn't installed yet. After that it'd set all iptables rules to allow incoming AND outgoing connections on port 22.
That was one badass ansible script though!
I'm not sure what more there's to it because sometimes when i removed crons, they'd magically appear again later AND i forgot to check the boot scripts so i might be fucked again when I get to work today!
Plus side, i finally fully understand cron 😅19
Not a rant, but I found this funny enough to share.
About two weeks ago, I’m contacted by a third party development firm that is responsible for building the next iteration of a control board were are developing. Alongside build of the PCB they were scoped to flash the firmware and verify all connected components.
During the call, they tell me they don’t have the resources to build our testing environment with the Ansible script I provided, and they don’t know if the updates they have made will work with our control system. Ugh...really...
I attempt to walk them through the 3 pretty simple commands to launch the playbook. Instead of listening, their project manager insists that I need to load up the environment and send them a ready to go system.
I quickly load up a RaspberryPi and prepare it for shipping. I hand the box to our shipping clerk and fill out the shipping request documentation. Then about a week goes by and this is where the story really begins.
I get an email from the same rep asking where the environment is, and I head down to the warehouse to inquire where the RaspberryPi might be. After speaking with the head clerk, we can’t seem to track down the package. I’m assured that they will find the Pi and send me the shipment update.
I pass the information along and after about a day and a half I still didn’t receive word back from the warehouse team. I load up another Pi and head back down to the warehouse. I follow up with the warehouse staff. They inform me that they have not been able to locate my package and another warehouse worker is called over. He says he hasn’t seen it, but they they were having a food day that day and he thinks more than likely someone ate it.
Like it didn’t even click at first but after a few seconds I realize that these guys have literally been looking for a pie for the past two days...and I JUST DIE.
After the 5 or so minutes of laughing I show them the newly flashed RaspberryPi, and of course they know exactly where the original one was.
It’s shipped out now, but wow. Also, it turns out the PCB manufacturing company didn’t even really need this and it was all a guise to hide that they are behind schedule and that they will not be able to finish the work scoped. FML!6
I'm a week into my new job right now. What do I love the most about it?
Learning things all day long and getting paid for it!
I'm learning about hosting things, DNS, cyber security, configurations, Linux (although my current skill set with Linux has been enough for now) and so on!
Hell, easy day today (not that many tickets) so decided to start learning Ansible! Next to that I've gotta learn vim (it just autocorrected that to cum.... O.o), work with hosting panels, mail stuffs (dns, debugging etc etc) and so fucking on.
The boss hasn't been at location yet which will happen tomorrow but he seemed like a very chill guy.
I love this!23
I live in the terminal. I write lots of scripts (Shell, Python, node js) to automate tasks that would take hours to do by my teammates. Recently, I started automating everything that I put my hands on using Ansile: from pointing DNS server to continuons deployment, provisionning a fully customized infrastructure on the cloud using just a single command!
This is because automation gives you super power, the feeling that what you do help tl increase the productivity, reduce bugs etc.. Simply, once mastered, automation is ausome!12
I find it super annoying, this trend where no one wants to write learning documentation anymore, but instead put up a bunch of demo videos and video "training courses."
I don't want to spend 5 minutes watching you do something that would take me 10 seconds to read. I can't search for terms in your video, and I can't use them as a general reference manual. I can't go at my own pace, easily keep my place between devices, enter code as you go, the list of cons goes on and on.
I would rather pay you money for a good eBook (and no, PDFs don't count), than to have the only realistic way to learn about your software be a playlist on your YouTube channel.
This, however, this...
Went to check out Ansible again, because I've heard good things lately and it's been a couple years since I've looked at it.
Took me a while to find their docs because there's almost no mention of anything on the home page except trying Tower for free.
Found the docs. The first item there is the Quick Start Video and I think, "Cool. That's a good use of video, showing off the product."
I dig out some headphones, click play:
"Ansible is a powerful" BOOM!
Enter my email to watch the video?!
Ah, forget it. Maybe I'll see you next time, Ansible.8
My first complete pipeline with Jenkins:
- push on gitlab
- build with maven
- test with junit
- deploy with Ansible
- integration test with Selenium
I love devops!6
That would probably be implementing multithreading in shell scripts.
The idea (though not the project itself) was born back when I still was a sysadmin. Maintaining 30k servers 24/7 was quite something for a team of merely ~14 people. That includes 1st line support as well.
So I built a script to automate most of my BAU chores. You could feed a list of servers - tens or hundreds or more - and execute the same action on each of them (actions could be custom or predefined in the list of templates). Neither Puppet nor Chef or Ansible or anything of sorts was consistently deployed in that zoo, not to mention the corp processes made use of those tools even a slower approach than the manual one, so I needed my own solution.
The problem was the timing. I needed all those commands to execute on all the servers. However, as you might expect, some servers could be frozen, others could be in DMZ, some could be long decommed (and not removed from the listings), etc. And these buggars would cause my solution to freeze for longer than I'd like. Not to mention that running something like `sar -q 1 10` on 200 servers is quite time-consuming itself :)
And how do I get that output neatly and consistently (not something you'd easily get with moving the task to a background with '&'. And even with that you would not know when are all the iterations complete!)?
So many challenges...
I started building the threading solution that would
- execute all the tasks in parallel
- do not write anything to disks
- assign a title to each of the tasks
- wait for all the tasks to complete in either
> the same sequence as started
> as soon as the task finishes
- keep track of each task's
> return code
> sequence ID
- execute post-finish actions (e.g. print to the console) for each of the tasks -- all the tracked properties are to be accessible by the post-finish actions.
The biggest challenges were:
a) how do I collect all that output without trashing my filesystems?
b) how do I synchronize all those tasks
c) how do I make the inception possible (threads creating threads that create their own threads and so on).
Took me some time, but I finally got there and created the libbthread library. It utilizes file descriptors, subshells and some piping magic to concentrate the output while keeping track of all the tasks' properties. I now use it extensively in my new tools - the ones where I can't use already existing tools and can't use higher-level languages.4
An important message:
PrOpErLy managing servers is HARD.
I get pissed off at customers with ZERO server knowledge who think they can manage their VPS. “Just get a control panel and a VPS” from some flashy provider that makes server management look way too easy.. Clicking around in their fancy control panel, until:
- they need help with their *self-managed* VPS;
- their email ends up in spam;
- they suffer from performance issues;
- they need to restore a backup;
- something breaks, because YES, things break
Way too little people are able to answer:
- when and how do you make backups?
- how do you monitor your servers and which services?
- how do you keep track of trend analysis?
Then I come by with necessary software. SNMP for trend analysis, Graphite for infrastructure health, Sensu for monitoring, Kibana, Ansible for configuration management..
Things that servers need but that customers have never even heard of.. because they can do everything in their control panel..
Until they come crying to me because it broke and they don’t even know how to get into SSH.
I think the ones to blame are VPS providers that tell the tale of how easy it is to install a control panel and never look at your server again.
Customers become responsible for something *business-critical*! Yet they don’t know how it works.6
I’m sitting in the parking lot 1.5 hours early to start my new job today. I’ve been rather nervous about it since I accepted the job offer in early December. I’m going to be working with completely foreign tools and software stacks than what I’m used to. I never said I was pro or experienced at this tech stack, let them know during the interviews repeatedly that I’m just getting started with this kind of work and tech stack (devops role using jenkins and ansible mostly). And my experience and knowledge is limited to theoretical understanding of how these tools work together.
I’m excited to get to learn all kinds of new tech and push myself. But I’m also terribly nervous about how quickly I can pick this all up so I’m not a burden to the team.16
Who was the fucking genius that hatched the idea that all these CI workflows should be controlled by all those stupid files such as yml and whatever other format each and every fuckstick came up with?
Like, are we really supposed to remember all that fucking gibberish you type in a file to automagically do your shit?
Fuck all that shit including but not limited to:
50 years of developing all this crap and we can't come up with something that's easy to use? why the fuck did all this crap have to turn into such a convoluted pile of shit23
Ugh, ansible and yml formats. I thought to fix a small issue fast and commit it directly.. but noooo2
I fucking hate YAML!!! Whoever thought a fucking whitespace delimited file was a good idea should......
Ahh that's better; back to learning Ansible.21
Let's setup my email server again! Found an awesome open source solution which installs it through Ansible.
Now i can't get past a fucking error 😫
Here goes my day :(3
She is my "dummy test" for me to make sure that I explain things clearly enough so that anyone could understand. So far, I taught her how Docker, Ansible and CSS work 👌
School gave me 3 DigitalOcean droplets to try out Kubernetes in the cloud, awesome!
Wrote an Ansible script to not only simply install docker and add users but also add kubernetes, nice!
Oh wait, error?! Well I should've known this wasn't going to be easy... ah well no problem. Let's see... Ansible is cryptic as always, it can't connect to the API server? Is it even running?
Let's ssh to the master, ah nothing is running, great. Let's try out kubeadm init and see what happens, oh gosh, my Docker version has not been validated! No problem, let's just downgrade!
How do I do that? Oh I know, change the version in the role! Wait that version doesn't exit? Let's travel to Docker's website and see what versions exist of docker-ce, oh I see, it needs a subversion, no problem.
Oh that errors too? Wait then what... Oh I need a ~ and a ubuntu and a 0 somewhere, my mistake!
Let's run it again! Fails!
Same ssh process, oh wait...
Oh god no...
Kubernetes requires 2 cores and these things only have 1...
Welp, time to ask the teachers to resize my droplet by a small amount tomorrow, hopefully I'll get a new error!
My adventure so far with Kubernetes. I'm not installing it for any serious/prod reason, just for educational purposes. K8s seems like 'endgame' to me, like one of the 'big guys' that big enterprises use so I'm eager to throw stuff at a droplet and see what happens.
Going further down the rabbit hole tomorrow!
Wish me luck :3
(And yes, I could've figured this all out beforehand with documentation, but this is more fun in my opinion)8
tl;dr - install ‘Pop!_os’ and try it out if you haven’t yet, it’s pretty damn good!
Heavy Micro$haft user here, have tried using ubuntu a bunch of times in the past and fucking regretted it every time. Ran into issues with stupid shit like the apt cache growing exponentially until the drive was full, or something like the the system python getting borked.
To be fair, I’m 120% certain my dumb-assery is what caused the problems. I’m definitely not trying to blame the OS. But my experience was shitty, even if it was at my own hands lol.
Started playing around with Pop!_os from the system76 team. And I’m seriously in freakin’ love with this OS. It’s clean, is performant, feels way less buggy or just feels more stable somehow. I know it’s based on ubuntu, but I’ve had a great time thus far using it. I’ve got ansible, docker, aws toolkit, aws cli, sam-cli, vscode, dynamodb-local, serverless, npm, brew, and working on steam now.
Everything has been a breeze and again the system feels really fast and snappy. It feels a lot like mac on the smoothness scale, but snappy like a windows box with beefy hardware specs.
I’m still just in the testing phase on a VM, but I’m seriously thinking about blowing away my windows install for Pop!_os.
(I’ll try arch someday when I’m up for some hardcore masochism)8
Are there more people here who use Makefiles as a façade for complicated commands? For example, 'make dev.up' executes a long docker-compose command and 'make dev.expose.secrets' activates ansible-vault with some variables. It makes doing stuff easier and makes it so that developers with less shell experience can quickly get going instead of having to use long boring commands.
Each time I try to look up what the actual purpose of a makefile is I get a long list of explanatioms talking about building C programs etc. But it never talks about using it to just put shell commands in one big file with subtargets 🤔
So, my question, any of you guys use a makefile to facilitate a facade too?3
I think I made someone angry, then sad, then depressed.
I usually shrink a VM before archiving them, to have a backup snapshot as a template. So Workflow: prepare, test, shrink, backup -> template, document.
Shrinking means... Resetting root user to /etc/skel, deleting history, deleting caches, deleting logs, zeroing out free HD space, shutdown.
Coworker wanted to do prep a VM for docker (stuff he's experienced with, not me) so we can mass rollout the template for migration after I converted his steps into ansible or the template.
I gave him SSH access, explained the usual stuff and explained in detail the shrinking part (which is a script that must be explicitly called and has a confirmation dialog).
Weeeeellll. Then I had a lil meeting, then the postman came, then someone called.
I had... Around 30 private messages afterwards...
- it took him ~ 15 minutes to figure out that the APT cache was removed, so searching won't work
- setting up APT lists by copy pasta is hard as root when sudo is missing....
- seems like he only uses aliases, as root is a default skel, there were no aliases he has in his "private home"
- Well... VIM was missing, as I hate VIM (personal preferences xD)... Which made him cry.
- He somehow achieved to get docker working as "it should" (read: working like he expects it, but that's not my beer).
While reading all this -sometimes very whiney- crap, I went to the fridge and got a beer.
The last part was golden.
He explicitly called the shrink script.
And guess what, after a reboot... History was gone.
And the last message said:
Why did the script delete the history? How should I write the documentation? I dunno what I did!
*sigh* I expected the worse, got the worse and a good laugh in the end.
Guess I'll be babysitting tomorrow someone who's clearly unable to think for himself and / or listen....
Yay... 4h plus phone calls. *cries internally*1
So last week I really fucked up
I had this new implementation that was supposedly to be integrating smoothly into the rest of the service. It depended on a serialized model made by a data scientist. I test it in local, in QA environment: no problem.
So, Friday, 4pm, I decide to deploy to production. I check once from the app: the service throw an error. Panic attack, my chief is at my desk, we triy to understand what went wrong. I make calls with cUrls: no problem. Everything seems fine. I recheck from the app again: no problem.
We dedice to let it in prod, as the feature work. I go get some beers with the guys, to celebrate the deploy.
Fast-forward the next morning, 11am, my phone ring: it's a colleague of my chief. "Please check Slack, a client is trying to use the feature, it's broken"
Panic attack again. I go to the computer, check the errors: two types of errors. One I can fix, the other from a missing package on the machine that the data guy used.
Needless to say, I had a fairly good weekend.
- make sure Dev, QA and Prod are exactly the same (use Ansible or Container)
- never deploy on a Friday afternoon if you don't have a quick way to revert1
My kind of Makefile:
make it.run: docker-compose up
make it.stop: docker-compose down
make it.clear: docker logs cont_1
make it.test: npm run test
make it.deploy: ansible-playbook site.yml
Took a devops position for a friend who needed help managing a small datacenter.
Five months of writing nothing but yaml for ansible. I'm about to go mad...1
neat, ansible control server on my phone, now I can transfer my playbooks and ssh keys and have it execute things on the go.7
Trying to automate gitlab deployment with Ansible. It runs but freaking keeps failing on task. Reconfigure the gitlab server. Without helpful output!
After 2 days bashing and commenting line after line the answer reveals.
True != true Fuuucc...1
It promised full-blown CRDT functionality. So I decided to adopt it.
Disappointment number one: you have to use CouchDB, so your data model is under strict regulations now. Okay.
Disappointment number two: absolutely messed up hack required to restrict users from accessing other users’ data, otherwise you have to store all the user data in single collection. Not the most performant solution.
Disappointment number three: pagination is utter mess. Server-side timestamps are utter mess. ANY server-side logic is utter mess.
Just to set it to work, you need PouchDB itself, websocket adapter (otherwise only three simultaneous syncs), auth adapter (doesn’t work via sockets), which came out fucking large pile of bullshit at the frontend.
Disappointment number four, the final one: auth somehow works but it doesn’t set cookie. I don’t know how to get access.
GitHub user named Wohali, number one CouchDB specialist over there, doesn’t know that either.
It also doesn’t work at Incognito mode, doesn’t work at Firefox at all.
So, if you want to use PouchDB, bear that in mind:
1. CouchDB only
2. No server-side logic
3. Authorization is a mess
4. Error logs are mess too: “ERROR 83929629 broken pipe” means “out of disk space” in Erlang, the CouchDB language.
5. No hosting solutions. No backup solutions, no infrastructure around that at all. You are tied to bare metal VPS and Ansible.
6. Huge pile of bullshit at frontend. Doesn’t work at Incognito mode, doesn’t work at Firefox.8
When you finally have some servers racked and configured in VMware to build a lab environment for the team....
But to access VMware you need to run citrix receiver from a mac to launch Chrome on Windows to access the VMware ESX Web UI but only on the HTML5 version as Flash doesn't work....
Now to spin up virtual machines that you can only upload via ova images but not locally cos that tries to show you the Windows citrix local files....
Do I even dare ask if I can access this via API so I can actually provision this with Ansible like I want too?!
Have a spare server at work doing nothing. Think to myself "I'll play around with kubernetes".
Step 1: install openshift (there's ansible, should just work...right?)
It's been three days and I am haven't started paying around with kubernetes yet. *Sigh*3
Have u guys ever wonder, all those devs we rant about (mostly senior developer), how it feels like to be them? Today I realized, I am most probably becoming like one.
I joined devops 7 month back(around one and half year in industry). Right now, I am 2nd senior member in project. I have done deployment on multiple environments more than 100 times. But till today, I never knew how the deployment is being done. I knew to trigger job but I never knew how it worked. Today when a junior asked me, then I learn ansible, then I understand whole deployment process.(and remember I am 2nd senior most with 7 month in project)
Now I fear that someday I will write piece shit of code and whole efficiency of project will go down cause of me. Atleast, the person who will get to fix it will get a chance to have good rant here. I tried open source projects to understand how to write good code but I always have hard time understanding new-projects which I never worked on.
Then there is reputation on Indian devs. This is my another Fear. That someday cause of me, my fellow devs will get bad reputation as well.
This coming year, my goal is to fill up all the holes but I don't know why my fingers are crossed.
Sorry, I had to bring this out somewhere. And please ignore my grammatical mistakes.4
The most difficult part about learning/working with new technology is the lack of online support and a really small community! So every time you're stuck with an error you got to open each and every configuration file to see which little value was throwing that page long error!!!!
The same happened with me while working with the new RedHat CEPH Storage while I was configuring my nodes using ceph-ansible. A new error pops up and it was like reaching milestones when I found the error halting up the execution of the playbook!1
To me this is one of the most interesting topics. I always dream about creating the perfect programming class (not aimed at absolute beginners though, in the end there should be some usable software artifact), because I had to teach myself at least half of the skills I need everyday.
The goal of the class, which has at least to be a semester long, is to be able to create industry-ready software projects with a distributed architecture (i.e. client-server).
The important thing is to have a central theme over the whole class. Which means you should go through the software lifecycle at least once.
Let's say the class consists of 10 Units à ~3 hours (with breaks ofc) and takes place once a week, because that is the absolute minimum time to enable the students to do their homework.
1. Project setup, explanation of the whole toolchain. Init repositories, create SSH keys for github/bitbucket, git crash course (provide a cheat sheet).
Create a hello world web app with $framework. Run the web server, let the students poke around with it. Let them push their projects to their repositories.
The remainder of the lesson is for Q&A, technical problems and so on.
Homework: Read the docs of $framework. Do some commits, just alter the HTML & CSS a bit, give them your personal touch.
For the homework, provide a $chat channel/forum/mailing list or whatever for questions where not only the the teacher should help, but also the students help each other.
2. Setup of CI/Build automation. This is one of the hardest parts for the teacher/uni because the university must provide the necessary hardware for it, which costs money. But the students faces when they see that a push to master automatically triggers a build and deploys it to the right place where they can reach it from the web is priceless.
This is one recurring point over the whole course, as there will be more software artifacts beside the web app, which need to be added to the build process. I do not want to go deeper here, whether you use Jenkins, or Travis or whatev and Ansible or Puppet or whatev for automation. You probably have some docker container set up for this, because this is a very tedious task for initial setup, probably way out of proportion. But in the end there needs to be a running web service for every student which they can reach over a personal URL. Depending on the students interest on the topic it may be also better to setup this already before the first class starts and only introduce them to all the concepts in a theory block and do some more coding in the second half.
Homework: Use $framework to extend your web app. Make it a bit more user interactive with buttons, forms or the like. As we still have no backend here, you can output to alert or something.
3. Create a minimal backend with $backendFramework. Only to have something which speaks with the frontend so you can create API calls going back and forth. Also create a DB, relational or not. Discuss DB schema/model and answer student questions.
Homework: Create a form which gets transformed into JSON and sent to the backend, backend stores the user information in the DB and should also provide a query to view the entry.
4. Introduce mobile apps. As it would probably too much to introduce them both to iOS and Android, something like React Native (or whatever the most popular platform-agnostic framework is then) may come in handy. Do the same as with the minimal web app and add the build artifacts to CI. Also talk about getting software to the app/play store (a common question) and signing apps.
Homework: Use the view API call from the backend to show the data on the mobile. Play around with the mobile project to display it in a nice way.
5. Introduction to refactoring (yes, really), if we are really talking about JS here, mention things like typescript, flow, elm, reason and everything with types which compiles to JS. Types make it so much easier to refactor growing codebases and imho everybody should use it.
Flowtype would make it probably easier to get gradually introduced in the already existing codebase (and it plays nice with react native) but I want to be abstract here, so that is just a suggestion (and 100% typed languages such as ELM or Reason have so much nicer errors).
Also discuss other helpful tools like linters, formatters.
Homework: Introduce types to all your API calls and some important functions.
6. Introduction to (unit) tests. Similar as above.
Homework: Write a unit test for your form.
Me: your SSH wrapper is breaking how Ansible works
Ops: try to use Ansible in another way
Me: your SSH wrapper is breaking how Ansible works
Ops: try to use Ansible in another way
< This goes on for two weeks >
Me: can we please not use wrapper
Ops: we use it to manage ssh keys
Me: this is breaking basic ssh functionality
Ops: OK we are setting up a weird convoluted way so you can run your Ansible playbooks.
Me: ... < doing "it is at least something" dance >
Time to get going properly with ansible, consul and docker swarm.
Idea is first to convert tinc to a container, which automatically sets itself up based on previous consul announced tinc nodes.
Consul to keep track of all the nodes with prometheus too and hopefully auto attach to grafana.
Ansible to set up new nodes right with DO API, announce to consul, pull docker images and join the docker swarm master.2
Ansible be like:
[DEPRECATION WARNING]: The sudo command line option has been deprecated in favor of the "become" command line arguments. Yadda yadda yadda yadda yadda...
# grep -rnw . -e 'sudo'
Then why the fuck do you keep yelling at my face?10
Some time ago I was looking for materials regarding Ansible automation tool and realized that most of them suggests setting up the lab environment using virtualization (like VirtualBox). In my opinion that is not the best approach – virtual machines consume lots of resources and take some time to start/kill. So I decided to write a guide for setting up Ansible lab environment using Docker containers. Containers require significantly less resources than vm’s and can be bring up and down really quickly. Additional advantage is easy way of automating whole environment using docker-compose. You can find my guide at github: https://github.com/LMtx/... Any feedback is very welcome :)3
Ansible... Why do one simple task manually, when you can do many smaller more complex ones automatically?
Looking to sharpen and pursue a SysAdmin/DevOps career, looking at online job offers to get the big picture of required skills and I say FUCK. It would take me a lifetime.
Azure, AWS, Google cloud platform.
CD tools: Ansible, Chef or Puppet
Scripting ninja with Python/Node and Shell/Power shell.
Linux & Windows administration
Mongo, MySQL and their relatives.
Networking, troubleshooting failure in disturbed systems
Familiarity with different stacks. Fuck. (Apache, nginx, etc..)
Monitoring infrastructure ( nagios, datadog .. )
CI tools: jenkins, maven, etc..
DB versioning: liquibase, flyway etc.
FUCK FUCK FUCK.
Are they looking for Voltron? FUCK YOU FROM THE DEEPEST LEVEL OF MY DEEP FUCK.1
I've been working on migrating my personal e-mail server for nearly a month.
Old (Linode): opensuse 13.1 (no longer gets update) running postfix + amavis-new(with spamassassin and clamav) + dkimproxy + dovecot
New (Vultr): OpenBSD 6.3 running opensmtpd + spampd(spamassassin proxy) + clamav + dkimproxy + dovecot
I'm surprised I only have 5GB of e-mail, considering I migrated all my gmail there a while back; 5GB for ever e-mail since 2004.
I finally got all the DNS switched over and tested all the end points this morning. The whole thing is done in Ansible so hopefully switching to another provider will be a lot faster:
Guys, I want to get into a DevOps role.
I'm already looking into Linux, Terraform, Ansible and k8s.
If you are a DevOps Engineer, what kind of tooling or knowledge do I need to know before applying to companies?
Any tip is welcome and I would greatly appreciate it! Thank you!9
For me, it was when I was on a team doing government work. We had an entire team devoted to deployments etc which were handled via ansible.
Ansible was fairly new at the time (~2015, they had just been bought by RedHat) but the team was definitely doing a great job picking it up and creating install playbooks for _every_ piece of our distributed infrastructure (load balancers, application servers, queues, databases, everything).
I luckily left before stuff got too hairy, but last I heard they are more than 6 months behind schedule. They STILL can't get a reproducible install process with the ansible playbooks! And it's all due to tech debt ie not giving any time to fix things, so its just band aid after band aid.
It's really sad to hear because the sytem itself was pretty cool, completely horizontally scalable and definitely miles ahead of the program they've been using for the last 20 years.
Intellij / vim
I primarily use intellij(-based ides) or vim.
Jetbrains is doing an awesome job with the intellij platform.
If its GoLand, IDEA, Pycharm, Webstorm, Rider or DataGrip.
Once you have indexed your project it works flawless. The autocomplete is EXTREME fast and very good. You got quick actions, refactoring and barely need to use your mouse.
Everything works fine. And if there is something missing there is an plugin for it. And if there even doesnt exist a plugin already, you can code one!
The price is relatively high, but its worth every damn cent!
For light editing and ansible stuff i primarily use vim.
Its good to go and i am pretty sure i am using not even 1 percent of the features. Although i am learning new stuff about it every day.
Its cool if i just want to code distraction free and dont want to leave my sweet $HOME. Yeah i am a linux & bash fetishist, although sometimes its driving me crazy.4
Way back no full stack. Now theres full stack and companies expect us also to be full stack + DevOps God that knows Azure, AWS, Jenkins, Docker, Ansible , puppet etc.
They want to save money and hire a one man IT department.
Full stack web and mobile developer with DevOps God skills.
Frontend = Angular React
Backend = Java Python
DB = NoSQL, MySQL, Firebase, Postgres6
Tfw you write your i3 gaps Ansible playbook, it works first try and you to explain what you do to your mother2
as a seasoned systems eng myself, i had huge mental block of "i am not a programmer" whining when starting to incorperate agile/infrastructure as code for more seasoned syseng staff.
leadership made devops a role and not a practice so lots of growing pains. was finally able to win them over by asking them to look at how many 'scripts' and 'tools' they wrote to make life easier... and how much simpler and sustainable using puppet/ansible/chef/salt... and checking in all our sacred bin files and only approved 'scripts' would be pushed thru automation tool after post review.
we still are not programmers or developers, but using specific practices and source control took some time but saving us loads of time and gives us ability to actually do engineering
but just have 2 groups of younger guys that grew up wanting to be the bofh/crumudgen get off my systems types that are like not even 30... frustrating as they are the ones that should be more familiar with the shift from strictly ops to some overlap. and the devs that ask for root now that they can launch instances on aws or can launch docker containers and microservice..... ugggg. these 2 groups have never had to rack and stack servers, network gear, storage... just all magic to them because they can start 50 servers with a button click.
try to get past the iam roles, acls, facls, selinux and noshell i have been pushing. bitches.
In V 1.7 Ansible added support for managing Windows servers ... A proper treatment of using Ansible with Windows hosts probably deserved is own book.
*Throws Windows server away*
We're busy upgrading our application and our hosting servers from its current legacy setup. In a meeting today suggesting that we rebuild our stack with packer and Ansible and automate deployments with rundeck. Our head engineer said that automation is too risky and we should continue doing things manually. Right now he just sshd into a production machine to do a git pull...2
I know a lot of people aren't fans of Microsoft here, but does anyone have some extended experience with using powershell?
I've been using it for creating a script that handles quite a large set of tasks for setting up and configuring some application servers and so far I have been really digging the language. Being able to invoke the script against remote hosts in parallel like ansible has been a really cool learning experience.
Admittedly it's verbose as fuck, so getting the same thing done in something like python/perl might be like half the lines of code. And I know that some of the commands illicit a "WTF?" every now and again. But I think one of the powershell tutorials I watched early on in attempting this helped make using powershell not suck ass.
Every command is basically 'verb-noun'. You don't know what the command or switches are:
> get-help "command" -showwindow
It will give you a list of options if you didn't select the exact command with get-help.
It feels* amazingly buttoned up as a scripting language and it's really cool to be able to take advantage of lower level stuff, like you can run alternative shells (we have cygwin installed on some of our servers), you can run C# code, you have access to interfacing with .NET api's. I haven't messed with anything azure yet, but being able to interface with products and services like SQL/Exchange/O365/azure/servers/desktops from the same language seems pretty cool.
Admittedly, the learning curve feels terrible though. I felt like a dunce for the first couple weeks, couldn't navigate the language at all, and was always in the docs trying to figure stuff out. I think I just needed to understand how the people developing powershell intended for it to be used. Once I was able to put two-and-two together about the verb-noun structure and how to find information/examples about the cmdlets it's been quite easy to work with it.
If anyone else has any extended experience with it, please share your thoughts/opinions. Curious to see if your experiences are/were similar to mine.
If you don't have Powershell experience, please feel free to share your opinions of Micro$haft and me for using Micro$haft products too! It's all good 😎11
Srsly Ansible/awx? No migrate scripts in a Django powered application? No one commits „python manage.py makemigrations“? 🤬
My website is now deployed on a Digitalocean droplet using Terraform to provision the infrastructure and Ansible to configure the server. It creates users, sets up SSH config and deploys the required containers I want all using an Azure pipeline and an Azure storage account to store the TF state.
Now I need a frontend... ._.2
Making a hard switch to ubuntu on my desktop at home. Getting just a teeny tiny, tad, bit: absolutely fucking livid....
Trying to learn ansible, vagrant, and docker more in depth for both work and my personal projects. All that I’ve been doing is just spinning my wheels trying to figure out the stupid fuck-mothering quirks with running this shit on Windows. Yes you absolutely can use all of these tools on a Windows box. There’s plenty of ports, patches, and workarounds. But I have spent all day trying to build a few vagrant boxes and use ansible to set them up. Simple LAMP stack boxes on CentOS7. Nothing major... unfortunately I spent like 90-110 minutes trying to figure out why virtualbox wouldn’t run properly. Dumbass me forgot that I installed Hyper-V ages ago.
O...K.... whelp... hyperv provider it is...
Luckily it only took about 15 minutes to determine that Hyperv’s networking can’t be setup from vagrant because vagrant doesn’t know how to interact with the hyperv - vswitch. So networking config is ignored and all VMs run on default switch (NAT) which is annoying but workable.
Ran into other issues trying to stay SSH’ed into the VM. PowerShell core (6) ssh’es into the box perfectly fine, but every time I opened vi to edit configs my terminal color scheme and fonts got fucked harder than a 2 dollar hooker on nickel night.
I’m a bright-green text on black background kinda guy. However the terminal kept changing to bright-red text on white background! It was like getting skull-fucked by a minotaur.
After a while I said fuck it, let’s try putty. Vagrant was using it’s own ssh keypair for the boxes, at work on my mac. Works like a dream. Putty failed me hard and shit the bed, kept getting all kinds of keypair errors. At this point I was finished spent too long trying to make shit work correctly on this jankbox. With enough time and patience I probably could’ve figured all of these problems out. I’m certain that at least 70% of them were caused by user error. I’m known by many as the walking ID-10t.
But alas, I have no time left in the day to fuck around with shit that doesn’t work immediately for morons like myself. My only hang up for the longest time with a complete switch to Linux was gaming. But with Proton and WINE I’m comfortable with giving it the ol’ college try. (Shhhh, don’t remind me I dropped out of college...
The gamble here is that I’ll give more than 2 halves of a fuck about trying to get my games working. A Study environment and materials for certs and general training won’t be getting anywhere near my full attention.
So, at long last, I hope this attempt at a full *nix switch finally sticks!!!
Working on terraform and ansible for provisioning and config management. The experience so far was "Terrible".
Let's talk about superagent, the nodejs http client.
This fucker defaults to localhost when it find the url to be incorrect. It doesn't complain or tell you your url suck. No. It reverts to localhost.
So "http://www.url.com" is fine and " http://www.url.com" reverts to localhost.
I spent 3 hours debugging this shit yesterday.
Then today, I started by looking at the config to realise the config template in ansible had an extra space before the url.
Seriously though!! Don't try to help, just tell me when I fuck up. Don't be another HTML!
The "language" without errors.
Questions more then a rant...
I've moved from being a lead on imploring DevOps and Agile practices in a large Telco to now working for a security consultancy... The team I'm with are s*** hot when it comes to SecOps (which is why I changed jobs) and I've been hired to he the automation and working practice expert on the team. Already got some of them learning Ansible which is a great start!
I've got delivery now being pushed to Git and all client work being tracked in Jira and properly documented and collaborated through HipChat and other CI tools on the way....
My question is this... Does anyone have some awesome resources to teach people Git, Jira, Jenkins, etc. quickly without forking or branching out on expensive training? Focus on being a technical but consultative team. Ideally just wanna pull some awesome guides and make. My own commits on them for the team... Please fire a story or epic away!1
I have set up my automation through a private GitHub repo.
I know there is puppet, and salt, and Ansible.
If you write ansible playbooks that aren't idempotent then you deserve a quick meeting with the sharp end of a knife. I've wasted too much of my life dealing with this crap.
Any string-related operations in ansible are just pure pain in the ass
Anything related about vars in ansible is just pure pain in the ass.
Fuck ansible I rather to write this automation in JS...2
It's okay to slow down. Seriously it's fine. You can write 203 wpm... as long as the command you enter includes all necessary limits. Nothing is worse than having ansible rm -r the wrong directory or the wrong server because you missed a limit and put all.
Bloody ansible playbooks...I feel like bashing my brains on the wall.. I know they are a wonderful tool but why God, why do I have to spend 2 hours to figure out it's an ansible issue or a this or a that....sigh.
Got my ActiveMQ-Zookeeper Replicated LevelDB setup finished! All provisioned with Ansible. so happy :) needed to share. anyone else like setting up high availability stuff?9
No ansible, go home. You can not compete with mature programs used worldwide for many years.
Your "main" function for get_url module has 200 lines with comments dividing "sections" with different ifs. And it's one of best of your modules...
Just look: http://bit.ly/2d4LhTr1
Started learning Ansible and HashiCorp's Terraform and it is really cool. I like their documentation so much!))
Are they the best for now, or there are some better similar projects?1
Ok... I am defeated I don't know what else to try...
Do you guys have any experience with ansible vault? I have my SSH password stored on a vault. It's referenced in my host file like this:
myhost ansible_user=my username
default_pass is stored as a yaml variable in passed.yml that I supply using --extra-vars '@passwd.yml'
When I enter my vault password I get an exception 'non hexadecimal digit found'.
The password is right for the vault, the vault file is in PWD .... I cannot find anything helpful.
What's the simplest way to deploy a small node project to a private root server, possibly dockerized?
I feel like there are thousands of possibilities nowadays, like Ansible and so on. But is there something more in the the KISS way? Apart from just hacking a bash script together of course, it should be portable (and work on windows too).1
my worst mistake was when I was using Ansible with AWS tags and I accidentally termianted a server that had been provisioned to handle users authentication and redirect them to their proper applications.
The struggle when you're just starting with Ansible and you are tasked to orchestrate the deployment of a giant monolith on a fully customised AWS infrastructure in two weeks
Ansible on centos.
Does anyone have any kind of experience with this? For some reason I could install it and now I can't... It says their aren't any mirrors find...2
Fellow Ansible developers. I'm talking to you.
Are you freaking high or simply your morning pills have some serious side effects?
How do you manage to introduce a number of regressions in every fucking major release? How on earth you feel comfortable in breaking API in a minor and even bug fix releases?
You need to get me right. I really like Ansible project but those things... I imaging you every other day as a bunch of hamsters trying to find an exit in a shitty labyrinth which you call the codebase.
If you will not stop to eat and smoke those things this would became a lot worse indeed.3
wanted to set up a k3s cluster with my pi's. took me a fucking whole day to find useful ansible playbooks (which I needed to fix because outdated).
I want to habe metallb and nginx ingress running, so that differs from the default.
and now i spent the whole day trying to install a fucking pi hole and for some reason metallb does not fart out an external ip for the pi hole.
found several issues regarding this matter.
maaaan i am completely new to this whole clusterfuck and i feel a bit overwhelmed atm. i thought this would be easier. am i just an idiot?8
What do you guys think? We decided to rewrite Ansible. And I made a post about it. Is it ok to write about project having no code in the repo yet?
I love the ansible documentation, so many examples which cover so many use cases and all the descriptions of all the possible arguments are very clear :)