Ansible role reuse - promising but hard
13
Role reuse: promising, but hard Ansible London meet up 26 th November 2014 Martin Maisey, BJSS (Southern) CTO, @mjmaisey
-
Upload
mjmaisey -
Category
Technology
-
view
685 -
download
4
description
Role reuse: promising but hard - Martin Maisey. - Why we love Ansible - Why Galaxy doesn’t always work for us at the moment - What makes a good role? - How could we/Ansible Inc make Galaxy and Ansible’s metadata format better? Presented at Ansible Meetup London 27/11/14 - see http://www.meetup.com/Ansible-London/events/218679344/
Transcript of Ansible role reuse - promising but hard
Role reuse: promising, but hard
Ansible London meet up 26th November 2014
Martin Maisey, BJSS (Southern) CTO, @mjmaisey
© BJSS 2014
• Software engineer/architect background, early Apache Ant adopter
• Stumbled into infrastructure automation working for BJSS 2003-2005
• Co-founder/technical director of Opsview (then Opsera)
• Detica NetReveal big data / analytics / cybersecurity
• Returned to BJSS as CTO in 2010
• Ansible user since mid 2013 for www.closethedoor.org.uk
• Disgustingly proud dad
• ~500 awesome technologists, ~20%
YoY growth, lots of prizes, yada yada
• Historically used a lot of Puppet;
started adopting Ansible Dec 2013
• Redeveloped NHS Spine
• Redeveloped low latency trading
engine one for the world’s largest FX
venues
• Various large-scale data
center/virtualised
infrastructure/internal cloud
engineering projects
Who are BJSS / who am I?
© BJSS 2014
Why we love Ansible
Obvious, even
to a manager
Easy as pie
to learn
2 a.m. proof
(mostly) Oddly
beautiful
© BJSS 2014
+ Galaxy looks promising for avoiding work
…or whatever’s
your thing, really.
© BJSS 2014
However ...
© BJSS 2014
Many, many candidate roles
Too.
Much.
Choice.
© BJSS 2014
Idempotent?
Roles are of variable quality
Tested?
Documented
?Cross-
platform?Parameterise
d?
Continuously
built?
Sensibly versioned
?
Friendly license?
© BJSS 2014
Roles are abandoned
© BJSS 2014
Roles don’t reuse each other
© BJSS 2014
Only option right now is to fork, fix,
resubmit
Just
adds
more
noise
© BJSS 2014
Coalesce community
efforts around a few,
high quality roles
Make them easy to
find
What would be better?
© BJSS 2014
Extra metadata
Capture intent to:
• Keep role up to date
• Use semantic versioning
• Be idempotent
• Update in response to security issues
• Fix bugs/accept pull requests
• Capture licenses of installed software
as well as roles themselves
Take notice of
https://galaxy.ansible.com/intro
How could we/Ansible Inc do this?
Galaxy features
• Show number of downloads / github
stars / GitHub watchers
• Better search / ranking of roles and
authors
• Web of Trust
• License walking
• Abandonment workflow
• Automatic workflow if no commits on GitHub
and open issues exist
• Or user-initiated
• Email owner, encourage them to a/ certify the
role is still maintained b/ mark abandoned,
nominate a maintained fork if one exists
• If they don’t, do it for them
or documented REST API to allow others
to do this
© BJSS 2014
@mjmaisey
uk.linkedin.com/in/mjmaisey
http://mjm.name
Thoughts / Questions?
http://www.bjss.com
