 So, in the last session, it was a smaller group, so we gathered at the pantry and there was a lot of conversations. So, I do see a couple of new faces as well. So, I guess who's the first time in Ansible meet up? Maybe something with F5 that attracted them here really. So, or the rainy weather. Then maybe the water is good, right? Water. I didn't announce it really. Last time it was better, the pizza was so big, right? So, thank you. I hope you enjoyed the session. I guess some of the things here, if I see so many new faces, my concern is how many of you are here to learn or pick up Ansible, right? Or fairly new or experimenting, right? Ya, that I see quite a few. So, I guess I have taken for granted, right? That most of the time I have some loyal supporters that come in and we start diving really, really deep, right? And the reason one of the topics I select was for F5 to come in was that to develop it into a deeper conversation how to integrate and work closely with different technologies that is relevant to my users. And one of them fairly that, fairly popped up a lot was how to have, how to serve mobile apps or serve applications and make them highly available rather than depending, I mean, rather than depending on engine necks or those regular open source, reverse proxies and sort of, which are always available outside and you can get your hands on. That's why I start to actually work with partner technologies to make sure that Ansible gets exposed to enterprise solution. Open source doesn't mean that we have to work with open source solution, right? We want to work with enterprise. We want to work with all technologies that is relevant as well, right? So in that case, at the very end, what I'll do is that since I'm getting so many new users and probably you guys hope to pick up skills in Ansible, I will organize a separate session where you have the opportunity to get your hands on and start off with Ansible. I guess that probably would become more relevant. So today, Rah, I'm talking more about Ansible from the perspective. Let me start off presentation mode from Ansible and not Ansible only but Ansible together with technologies, other technology. So one of the topics I'm going to talk about today is Ansible Service Broker. So those who are familiar with containers or containers is a new way of utilizing compute resource. Previously, we all know that many years ago, we started off with bare metal. We install server, wait for the operating system, boot up. So those who actually does mainframe or even unix, they have the pleasure of waiting around and drink coffee for two hours waiting for it to boot up. But today, therefore, we require things fast, quick, instant gratification like Instagram. So containers is the new way to experience compute resource. So slowly, we graduated from bare metal virtual machines. And along the way, we have Hyper-V, we have VMware all who have actually taken over the virtualization market. Then we have open source, projects, Zen, all these come in and no open up virtualization. Now, everyone knows what virtualization is. Every single company SME out there has taken advantage of virtualization. So what's next, right? Then the next is how to make it even more lean and more responsive, far, small, quick. You get it immediately like Instagram. So OpenShift or containers was born in a way. OpenShift is not new. Or I would say containers are not new. It's been around for quite a while. Right? What you experience is with OpenShift is that all containers is what you're familiar with operating system. Get virtualized and sort of things become sandbox in a way. Instead of virtualization where you create copies of operating system and then you start working with applications. Why not have a layer where all you need to take care of is putting the applications or taking for granted that all the kernel, everything has been virtualized. Right? So without having a virtual machine and knowing that it's always Linux and at this version immediately you can actually start interacting. In fact, we encourage you to build container images with applications already there. So immediately you have out of the box close to software as a service immediately to develop on. So we allow developers to quickly get on the platform and start developing code. Start working on code without having to go through the entire length of installing. Operating system making the bios of the firmware is patch, etc. Immediately instant gratification. That's as close as you get. Now, the next big thing of course is software as a service where you completely do not need to install anything immediately you code. Containers or OpenShift origin in that case the open source version that's a hosted version which immediately you can get on there and you can write code and you can immediately host. So that's the software as a service portion. If you want it nice sitting in a bare metal box then you install OpenShift and you get containers. So the next best thing if you want to enjoy containers on your laptop it would be to go and get Docker. Install Docker and it can have a whole library of software to develop on. So with Docker you can spin up a Ansible Tower container image as well without having to spin up EC2 instance for example or start up a VM and then install Ansible and then install the database and etc. Immediately you can interact with Ansible Tower. So that should be one of the today. So I guess when you load a mobile on your phone you do not need to load the whole OS and everything again. Just click, select and bam you have your software. So OpenShift or containers is that way but OpenShift or containers the entire platform when you're doing it on your laptop that's one person you're serving. One user, one customer, one service you do not need to take care of everyone else in front of the keyboard. However multi-tender environment that's a different thing because I may want this version 1 he may want this version 2 many things changes based on demand. I may want to have this version I may want to have a different development or different repo I think even to the point that I want to have different IDEs to develop my code on expectations is different some are not happy with just having a text editor some they need visual studio to develop on so different code, different environment they have different packages or libraries and how many python guys down here I love python man show some hands it's not even just a quarter python you still haven't picked it up it's the number one top language now so you make sure you get more job opportunities if you know python really it's number one now based on research so it's the most in demand language as well so personally for python for me I use just plain old subline text to get on with things but if I develop a lot of projects usually I need to develop many virtual environments and many different packages if you do big data analysis packages can conflict with another package so you start a virtual environment having a container environment allows me to start up a virtual or environment at the snap of the finger and I just retire it as close as you get just like a virtual environment so I encourage you to look container or containers as a platform so for me if you are interacting with multi users with multi-tendon with multiple kinds of demands and request things will change even I think good old days where we have a windows laptop we load with all sorts of things some of them they like their own software so imagine and multiply that a thousand or a million times it's impossible to satisfy each and every single developer so that we need an orchestration platform and there's a limitation to what we can build and from here containers are meant to standardize and when we build a container image we will tend to standardize that this is the development environment whatever we want to develop your application for your mobile app and we sort of lock them down and building all these images takes a lot of time and with current culture of depth ops what we are trying to do is we want to do things fast that's why we have Ansible to become the language for infrastructure as code so today if you know Ansible or what you are familiar with presentation what happens is that he has take a piece of equipment and write code for it and in effect he has written infrastructure or network as code what you are seeing here is network as code and he can take this go to EC2 go to Alibaba Club go to Rackspace and it will run consistently the same as before and it's portable across different clubs and environment in fact he can take this and do some small modification and run it on premise on his VMware infrastructure as well so this is infrastructure as code the true spirit of what we are trying to accomplish here same with OpenShift because we are managing thousands and thousands of container images we need to build this according to the flavor of the lollipop the developer want to eat so what we do is that we make use of Ansible Service Broker so OpenShift and Origin they have kindly built what they call an API the Open API OpenService Broker API it allows Fendors like Ansible like VMware or even AWS to create a Service Broker to allow it to bridge the gap between what's running on OpenShift and bridge it across different environment so today imagine I'm hosting Service Broker imagine I'm hosting Service Broker in F5 Office and I use their VMware infrastructure and tomorrow I want to spin up something somewhere maybe easy to Amazon Azure it's very tough for me because how do I take care of the network how do I take care of many of the settings to make sure that they all look the same and when I don't need it how do I skill it all back now that's one big challenge and you imagine you have to write all these code yourself so imagine if you write them Ansible you have to write them all yourself as well that's uphill huge task thereby born OpenService API what happens is that this is a typical workflow of how a user would consume or request a service just the same you go to an online shopping site click click click that's a workflow end to end where you order something and you get something you want you must get something at the very end and it must be exactly what you want or else you ask for refund so this is what typical of a user or developer asking to deploy or requesting for a service an app for example or it can be an environment that is doing development on regardless he will go in open the ticket wait for it wait for someone to work on it need to be allocated someone must be free or in this case an old location can mean there must be enough resource because it can't be infinite or there must be budget for it then he will receive the credentials and add it to the pool to have the app deploy and the app is deployed and he gets to use it then he is happy he receives his candy he does his work and he becomes productive and he earn money for his company so this is a typical workflow and all this is done in a portal which has a service catalog so just look at this as a shopping list where you can find all your products and of course the service provider has to be someone so imagine it's the container platform so this is a workflow of how a service broker can deliver the service for that user previously he will go to the service catalog and get his service so to give you a more concrete view this is a service catalog it looks like a shopping list so for developer or quite a technical junkie he look at this someone will do a lot of development and like to do a lot of development on different software this is fantastic i want this i want that and it gets deployed but it gets deployed it can deploy on premise but what if i run out of CPU i run out of resources, this space whatever on premise it has to be deployed somewhere and if you're elastic enough you want to stretch it into a cloud because cloud pay as you go i just need a credit card someone's credit card gonna pay for this someone else someone else i love it as much as possible so that we have the service broker and the service broker will have a bunch of curated ansible playbooks so these playbooks they have to observe a certain kind of format and structure they are limited as well and they are named strictly as well like provision launch, terminate, etc but the difference the variance is within the playbooks within the playbooks they will call different infrastructure they will build different imagers or they will deploy to different cloud environments and there is a flow and there is an orderly flow and they need to strictly conform to certain key value pairs so if you're doing ansible everything is done in key value pairs YAML our module everything is key value pairs it's very human readable we say start, state, start, stop or restart everything is state decorative it's either install or not install present, absent to remove example everything has a key and has a value so within ansible playbook everything is stated in key value pairs so for example just take for example but take for example for understanding is that cloud provider EC2 or Azure or on-premise VMware just one key with one value will tell it what cloud provider to select simple as that that's the simplicity of ansible and we have AWS who is going to create a service broker because why? use my cloud of course of course use my cloud so if I have something to allow the customer to bridge into my cloud all the more better just your open shift template broker top specific for generic Kubernetes generic does it stop generic Kubernetes API generic target Kubernetes cluster yes it can it can it's quite deep but this is a 3000 feet deal for you so it's just release a couple of months question sorry it's just release 3.7 which is the latest version of OpenShift so have a look at it it's going to be fun I'm at newbie so actually I don't know what is OpenShift take one minute to explain what is OpenShift ansible service or show me a title simple oh yeah this is actually a fairly advanced topic so we can catch up on the site I can give you a good briefing yes it's based on Kubernetes in fact what it does is that you can look at this as a fork of the Kubernetes it's very close and we always try to we base a lot of our features based on Kubernetes so Kubernetes is sort of like the grandfather for our platform there's many other platforms container management platform Kubernetes being the most famous and I guess 70% market cap now and originally we was open source from Google Google has hosted on their Google Cloud it's a more advanced version they continue and develop it and further improve it by quite a huge scale but however what we have done is that we have taken Kubernetes into our region and develop from there container management orchestration platform and service broker was born because there's requirement for it to scale beyond scale or deploy at demand beyond its own self when it runs out of resources or you want to do it very elastically onto different cloud so Ansible becomes the automation too we build a service broker based on the open API to allow you to burst out of its own self to manage or grow muscles to so to speak grow muscles on demand so in a nutshell so Ansible was sort of developed within Red Hat for the service broker because of course Ansible and on top of that using the Ansible language sort of anyone who is familiar with Ansible will find more easy to create or write the language to burst out of the OpenShift itself so that's why it was chosen there are many other ways in fact OpenShift by itself they have their own template broker which you need to understand and write or learn OpenShift specific whereas a lot of yes, abstractionally actually the OpenShift Ansible broker is actually a lot more powerful than the second line because it can talk to for convenience why Ansible is there because there are a lot of people who find that are very more competent with Ansible rather than OpenShift they are more convenient or they just understand YAML better and it's easier to write and maintain YAML easier so that's why it's there if you need more content you have to actually mark around with it I only had a preview so what I'm talking is the extent of my knowledge but then yes platforms this is built into OpenShift CloudForms is a separate standalone solution by itself and CloudForms it it doesn't start out with OpenShift because this one starts out with OpenShift and OpenShift only with CloudForms it's more of a generic or general Cloud management tool Service Catalog no Service Broker integration so he's mentioning CloudForms so CloudForms is basically another Service Catalog solution in fact it models itself closer it starts off without aligning with any solution it's just a plain tool a solution where you can actually create a Service Catalog out of whatever you have this one starts with OpenShift and only for OpenShift CloudForms you can do OpenShift you can do just plain bare metal you can have cloud providers from EC2 and Azure and it builds a Service Catalog very close to this so basically it's like a shopping cart you build a shopping cart click click click order your software and it deploys an environment for you no services they make use of CloudForms to deliver test environment workshop environments to students so that's what he's describing sidetrack a bit so those who have written Ansible playbooks this will look familiar to them so it's kind of like a role and a structure so for those who are not Ansible whenever we want to build a role there's a directory structure we need to create and a specific name, file names that we need to create and after that we will know which one so you can see the playbooks down here the structure the names are very very specific so when you write this you use Ansible you create playbook bundles it needs to conform to this exactly so this is actually specific to OpenShift yes, very specific not GM as in so it's a competitor to Helm Helm Helm is a similar product also that is i'm not i don't have enough experience in that that product is taken care by my other peer who sits beside me so this is just a quick gif of what it looks like when someone goes in and order something from the service catalog so it's a model like a shopping cart like that so that's the experience today for software developers so in the background is launching a bunch of containers once launched it will do binding it means connecting it will give you the credentials and the username so each time you launch AVM for example on EC2 you have to provision your SSH keys and then you know what user ID so all these are done in the background and all you will get is a connection they will tell you how to connect what port what user ID etc and you start developing your code so today we make developing code very fast and easy in fact everyone should quickly jump on this and really experience it so OpenShift is available as a hosted version so do go and try it Google also have their own Kubernetes in fact Azure and AWS have their own container platforms so if you have AWS account go on there sign up launch some containers have fun with it so this is just a quick guided tour so when people develop there's always a if they develop they want to store state you always need a database of course when you have a database then you need to have an app as well and if you want to serve web pages if you develop develop the web front end then there will be web server on the front end as well and if you want to have sticky sessions or load balancing then you put another F5 there so you can see the list will grow and based on the language you want to develop you just click and you deploy the environment that you want to develop so typically there won't be so many options because your organization may support application platform one single application platform with a certain version level because there are people are competing in it so it won't be such a large piece down here is that we give you the whole nine years of it ok so yes it's done for you it's done for you it's already done for you so everything containers we do not need to know availability because that has been taken care for you as well every day by policy I need to have 3 notes cluster reputation that is a policy and that is taken care for you so all you need to do is what flavor do you want AWS flavor Google flavor so you just select the flavor and all this is taken care for you connection from the app connection screen to the database so for the app to connect to the database they've been chose by the app it's all done so it's like all package in one nice little and all you need to do is to feed it application code of course that may sounds very so far some people who have not developed on container platform but that's what you're getting if the environment is properly provisioned and set up the developer do not need to do very much because that is the job last time it used to be infrastructure administrator job or the network admin's job now devops everyone do one job and everyone can do each other's job this is devops it's a problem when you build your application you need to bake the doctor image to push to open shape and then then the database connection so what happen is you develop your code you don't need to care about the underlying infrastructure which means that most of the time you resize software report so you do a pull so anytime you're done with this you retire this, you need to go production you do a push yeah so your new application or new release like that all these taken care for you of course you need to architect your application to behave this way i'm taking for granted is develop this way with this kind of methodology different people develop their app differently i'm just taking for granted is develop in a way that allows you to push or pull without disruption so most mobile apps are done this way because you wouldn't know what server you're connecting to what database you're connecting to when you play pokemon, you can catch your pokemon you don't know that you don't know that and when there's 1000 users congregate at the playground how do you know who's connecting with who server you don't know that and when there's an update, there's a new pokemon someone server did push something and say that this pokemon is available to be catch again, you don't know when the push was done it just happen application are develop this way to allow if you develop it or write the application that way it can be updated without you knowing or understanding how is it done so how many pokemon just now anyone catch now that we have a training stadium in front of the see okay i think there's a gym at the founder of wealth there's a gym later i'll see you guys there okay so it goes through there's a simple workflow where we can make available for you to key in all those credentials because database connection screen or whatever can be default values or those can be specified by you you key in everything you need to populate and the entire bundle is given to you sounds like black magic but it says almost there so the next bleeding edge would be what microsoft or what aws i've been doing for quite a while but it's going to get better it's a lambda even trigger and google script if you develop google script everything is triggers but now it's only restricted to google docs and stuff like that so you develop javascript based on what you key in in your word document or email it gets triggered so that is the next evolve rate going towards there eventually the container platform to go there as well so that sort of wraps up my container piece it has been a bit lengthy but thanks for the feedback and information i think the next part is to get people excited about what we are going to release for 2.5 right so some release details for 2.5 as we are ramping up and getting into february we have target date to release march 2018 we are already over a thousand modules now so with 10% of engineering growth to deliver twice the modules which is really quite a big job so so for your information we our engineering team is basically less than 10 people for the call so it's quite a big feed for them you can call yourself a software product develop with just 10 people incredible community supported so of course we do not count community contributors so yeah thousands of contributions that's what makes the solution possible ansible possible so you can use google analytics and go and track it what's the activity on github for ansible project it's really active i guess part of the magic is the ability to contribute and own and maintain your own module which f5 they actively contribute and people are given due credit and recognition in fact what it does is that it drives more people to consume their own technology and the example is easy too i cannot run away i'm sucked into i use it day in day out and i use ansible ec2 module so one big change coming to ansible 2.5 is that we are refactoring ec2 module it has grown to be very big and clumsy too many key value pairs but some of them is redundant some of them you don't really need to do it and many of you are using aws when you provision there are plenty of things you need to click through you need to select your this size so imagine every small little parameter to how many gig what vpc what kind of instance every single small detail you need to key in the key value pairs it has grown quite clumsy and very long so we are refactoring it so that you need less input to get it going so that's one feature i'm looking forward to so if you are using aws a lot this is something you want to pay attention to when it comes up you will you will you either when you migrate it will be easy to module that's why it's refactor module name change it will be a separate module break i will say it will not break it's not just changing it will be new module so that eventually slowly we can deprikate so if you look at how ansible push out modules usually what happens is that we will deprikate over 2 releases which on average takes around 9 months so we will come up with big red banner and message every time you run it deprikated get off it fast you've seen that right all the red messages deprikated get off currently we are also on python 2.7 we are hoping to go python 3 python 2.4 died python 2.4 we are the next version we deprikate so anyone still on python 2.4 need to get off it fast thank you this is very important so you new users coming on board 2.7 and above don't stay away from python 2.4 still because unless their customer insist on staying on they compile their own libraries and they no go 2.4 to make it compatible with 2.7 but we are moving towards 3 entire industry is moving towards 3 although community users are still holding back they are very very loyal if you are python star there are a lot of people hold on to python 2.4 and they love it because the way you just do a print statement can be different between 3 and 2.4 and they love to do their own print statements that's all we love our print statements so interesting but I'm schooled to be flexible so the less I type I will choose anything that is easy to type so sort of the new version so let me exit a bit and go into my browser so what's on the roadmap is open to all all in its full glory and as usual for new features or request for certain things to be done and open source software is not the one who shout the loudest or the one that has the most money is the one who contributes most so if you want something you contribute to it and you will get it so of course we will do quality checks and make sure that it's well written open a backdoor into the software that's the whole point so quality of life that's just some statement is more process but have a look at it we have a lot of engine improvements so just now when I mention the EC2 is also inside as well those who actually like to manage vault use vault there's some improvements to it and folks so just now you mentioned about cloud forms so another very popular service catalog cloud management tool is Terraform that's going to be we are trying Terraform module so there's going to be Terraform module some people they are getting users so we always like to work with more popular solutions they are going to be more runtime checks for example someone is going to push in some blacklisted modules people will write malware people will write malicious module so we are going to also do our good citizen in case you should put a module that has been blacklisted malicious into your module library that will tell you so it's kind of like an AV kind of like an AV interesting we are trying our best to improve our windows support so a lot to be desired but it's improved by lips and bounce so we have windows administrators or people who actually depend their paychecks on the windows now Ansible becomes more reliable for them to use so the Terraform module AWS we are refactoring some of the modules and putting in AWS network load balancer support so now you can use the easy to module and the provision competition we have an engineering team that was created for the sole purpose of managing or creating modules for network equipment but mostly it's around all the router switches in a data center which is more layer 3 switches like Cisco things like that so there's quite a fair number of them because in our North America region we have customers as big as disney they have thousands of switches which are not humanly possible to manage so our latest key customer for network win is Microsoft so Microsoft they use to manage their network switches their own data center by themselves which is humanly not possible but they manage to do it so they probably cobble their own software together so recently they acquired ansible solution to manage their network environment in the data center thousands of switches basically so you can imagine the skills our key customer down here just like 2 months ago big win for North America for our colleagues so you can be confident it can be done or do the work quite well okay so i gotta do the plug so you need support so sometimes we need to because the quality of some of the modules some of them are not very well developed especially for some customers they have the strength and resources and they push in a lot of modules but much of the modules cobble together that's not conform to our our our requirements we have strict requirements that need to output this format it looks like this commented after that you need to write the documentation and you must show that this is what version and iterate etc so this is not properly done so a lot of things so last but not least being great hand right? we we actually provide or sell an enterprise version of whatever you see for ansible open source so one thing here is that a lot of users started off as open source community users and eventually they require some enterprise support thereby last the questions comes the questions right where is the support how is it supported so if you use ansible everything is done with modules so naturally what we can support is based on modules as well so this is a list and community means that submit by community maintain by community that means quality is based on community as well so once it is labelled as community not that is community is not any no less better than the stable you will find that there is a lot of community they are in the supported list and you will find that many of this many of the enterprise modules started off live as a community module and someone like said they were continually contribute to it so one example is one of my colleague who actually wrote much of the open stack modules he started off writing it and he publish it and eventually someone took over and continue to develop it he just did the first version because there is a need for it you always need someone to start the fire then you will grow so you can start small identify something really niche and interesting and it is a good way to pick up ansible and to understand or how the ansible way really and nice little thing to put on your CV as well ok that sort of very much ans I took an hour seriously I didn't know I was such a long my breath is so long ok, thank you very much if you have questions please send them out thank you