 Hello, my name is John Holly. I'm an open source developer at VMware and today I'm going to be talking to you about ansible I'm trying to do a tutorial over the internet and to kind of give you an overview of What ansible is what it does how it can help you build out better infrastructure and more consistent infrastructure. So If for whatever reason you want to reach out to me My email jholly at work or jholly at view more calm or warthog nine and eagles craig net Both work go ahead and drop me an email IRC Warthog nine. I'm on a bunch of the the different networks free note being the obvious one Twitter at wordy nine and get up at Warthog nine if for any reason you can't seem to track me down There are a number of people who you know who I am who should be able to help point you in the right direction But feel free to reach out to me either Through any of these beans. So Let's talk about ansible ansible is one of the many configuration and management systems that are out there Ansible being very specifically targeted at large-scale infrastructure So there's a lot of different players in this space um if you're familiar with you know chef or puppet or Any of these kinds of pieces they exist specifically to help you manage Your infrastructure, so if we if we kind of take a step back and to go back to the you know The the bad old days, you know back into the 1990s Or even potentially before that the number of machines that assist that manner that a Company would have could basically be counted on you know one or two hands Maybe one or two, you know the number of racks that they have filled with machines could be counted on one or two hands This isn't a lot of machines for for a variety of reasons. They were very expensive and It was much easier for somebody to be able to just directly log in make the changes that they needed to make and then move on with life well Unsurprisingly fast-forwarding to today The world is a very different place. We no longer Measure machines in terms of even numbers if you look at the the large Data centers that are out there they're not measured in number of servers or you know number of CPUs or whatnot They're measured in mega watts of power use So we have gone so far beyond the scale of a single individual being able to trivially manage the number of machines that they have to to being into the tens or even hundreds of thousands of machines category where consistency and Reproducibility it becomes much much stronger a need than it used to be So things like chefs things like puppet things like ansible have all come about to try and solve this problem Ansible specifically Comes at this problem in a very different way than a lot of the other options that are out there, which I personally think actually makes it a lot more powerful a tool and The biggest reason for that is that it uses SSH directly as its mechanism of communicating with all the servers as well as being able to talk to other APIs more directly so What does this actually mean in the case of a lot of other options that are out there? The way they communicate is that you actually bring up a service statement on the machine You want to configure that the machine that you want to control and that stays resident And that stays persistent for the entire lifespan of that machine that you want Assuming you want to control it. This has the advantage that it is a dedicated Channel for doing this communication for doing this command and control However, it also means that now you have an additional process that's running You have an additional authentication mechanism that you have to worry about There's a number of different pieces here that add to the complexity without necessarily actually making it better um Now that being said Ansible Actually uses just SSH. So all of the Linux boxes that we can basically think of all Run SSH even you know Windows machines or or you know small iot devices all run SSH Um, and this makes it a really common really easy way To at least start the process of getting into the device that you can actually start interacting with it And so what Ansible does is instead of you know having this piece there It just SSH is in and then passes over the pieces that it needs to run and then actually runs them This is really really awesome It makes use of a lot of the the system tools that are already there and on top of that the authentication mechanism is a very well understood Because we already you know if you're running SSH you already have to deal with how do you authenticate SSH? Well now it now you just have an additional user that can make use of that machine um and While you know SSH works really really great For you know your Servers and whatnot. Well, what about your switches? Well again a lot of the switches out there particularly high-end ones, you know things from Cisco or Arista or Dell They all actually run SSH as well So you can actually SSH in and issue commands directly into an SSH Session there so this actually still gives you a mechanism for not only controlling your servers But your switch infrastructure, you know your your NAS infrastructure a lot of other things start becoming available that you can use Now what do you do when you run into situations where you can't SSH into something? Let's take, you know, oh, I don't know VMware From the the ESX or the vSphere perspective they Those particular systems. They don't want you SSHing into them They actually have a rich API for being able to control them either through a rest API or there's a an older SOBA API that can actually go and control most aspects of your entire vCenter or ESX experience now in the normal case Ansible will SSH out and run commands either On whatever you're doing. Well You can also Run things against a local host So if you actually have all the pieces that you need to be able to communicate with Something like VMware Through it a an additional channel you can actually just run those effectively against the local host that would then connect back out to the remote Endpoint and be able to configure it So that this is why Ansible gets very very interesting when you look at some of the other options They have a tendency to not really be able to you know, and I'm going to pick on switches because this is a really easy low hanging fruit to pick on but they It's much harder to be able to configure or Deal with those if you need some sort of a resident process on them The fact that you can just SSH out to them even just normally like a normal, you know admin would an issue commands means that you can actually script all of this into an Ansible playbook and The other really nice thing about how Ansible works is that it works kind of the way Assist admin would approach Scripting this up themselves. So if you look at some of the other options, they tried to make this a very Perscriptive or very You give the program the end goal that you want and you just blindly accept that it will be able to figure out how to get there Now this has some advantages because it means that you don't have to think too hard about how you get there But that's not the way a lot of us think that's not the way a lot of these things actually get set up So the way Ansible actually works is it's declarative in nature So if you do one thing then you do another then you do another then you do another and really what this is is It's basically like a shell script that's running on the remote machine Although you don't actually write this in shell you write it in YAML And this is this gets passed off to the machine the remote machine to actually run And so you know things kind of happen in a specific order checks can be done You know comparisons and verification can also be done. So there's a lot of really nice pieces that can happen there So this is What Ansible is now Ansible is not bare metal provisioning The really big Reason for this is that bare metal provisioning is actually really really hard because there's no good way There's no common API. There's no simple way to to bring up a machine and just start spewing Stuff at it, you know set up hard drives and do all these kinds of things. There's some other products that try to do this There they're much more complicated They're much more bizarre and that you actually have to really control the entire stack to be able to use them You know be able to net run your own DHCP run your own, you know DNS and you know a number of other pieces there So this can this mostly cannot deal with bare metal. There is some movement to to be able to use some IPMI and some other pieces there Doesn't really quite work out the way you expect So more or less you're still going to need somebody to go in and get a basic operating system on there A really minimal install doesn't take that long. It's really easy to be prescriptive And it and it just you just need to get it up to the point where it has network and you can Log into it with SSH after that everything else can be be handled from Ansible It's also technically not configuration management Exactly sort of So really what this is is that Ansible is a piece of orchestration of a piece of Infrastructure to go and rebuild Servers or services and whatnot. It is not necessarily configuration management. However because In the course of trying to set things up. You do need to copy configuration configurations out to machines set up make sure things are in place it basically acts as configuration management if you Kind of think about it in a slightly a skew way If you're going to use this for configuration management You are almost certainly going to need to make sure that you actually keep track of what those configurations all do Something like hmm source control which Ansible is also not source control So if you're going to do this use something like get SVN per force It doesn't all it almost doesn't matter what version control system you use But if you're going to do configuration management You almost certainly need to keep something like get around just so that you can keep track of what's going on and when things fail You can roll them back Now there is some caveats with configuration management and source configuration going on here Ansible is not a set there. It's all by itself is not centralized Anybody who has access to that machine with the appropriate permissions it can run ansible against it so if you have a Large system you could run the entire configuration and deployment from a laptop and then the next day run it from a different server or Somewhere else. There's no specific central point here that necessarily is the source of truth Another reason why that that you may or may not want to use this for configuration management or source control Keep it keep that in mind again centralized It's not centralized unless you really really wanted to be this would require basically keeping all of the authentication Tokens in a central location instead of necessarily keeping them and we're distributed fashion There's person cons to both sides of this That is outside of the the scope of this discussion, but it's something to be aware of it's not capable of making eggs and bacon at least not with external hardware and Its YAML processing is not kind If anybody has actually dealt with YAML before and in fact in some of the examples I give further on Um, the YAML that the the YAML does actually screw up. It's kind of a mess It's in some respects, it's white space matters to an even further extent than you would expect even in Python So Unfortunately, this is the the configuration tool It's both powerful, but it's also slightly obnoxious And if you're going to be looking at the slides later on for things, there's going to be YAML examples in there You will the almost certainly you will not be able to tell the correct indentation There's not much I can do about it. Um, just because of the way Variable with fonts work Sorry, but please if you take a look at the slides after the fact or you just open them up They should be available if they're not Yellow me on Twitter or something and I'll make sure to get those up somewhere where you should be able to find them there's also a couple of Virtual machines that are intended to go with this They're based on CentOS 7 at least at the time of this recording So that you can actually follow along and do exactly what The the examples that I give later or all of or any of the code in here. Um, they were actually basically generated from Their own Ansible files themselves so that they're actually reproducible in a useful way They have been updated at least up to the the point where That this video was shot and those should be available They won't necessarily be immediately available Along with this recording But they I will make sure that there is some sort of a note somewhere on where you should be able to get your hands on those so They're about two gigs in size When you need to go grab them and I'll talk about the rest of that later, but Moving on And of course, you can't really talk about Ansible without also talking about Ansible tower because it's going to come up So Ansible tower is basically on Ansible itself is completely open source. You can you know use it In for your own infrastructure or anything you want, but the but it's not It doesn't have a gooey and it doesn't have a number of other pieces that are sometimes really really useful Those are all encapsulated into red hats Commercial offering which is Ansible tower. It's basically Ansible Everything you know and love about Ansible except that it also has a gooey It does centralize everything, but it centralizes that so that you have job scheduling access control and a few other nice pieces It's also where the commercial support for Ansible has a tendency to go again, I work for VMware not not Ansible or Red Hat so If you really want to talk about Ansible tower go talk to them Not gonna spend too much more time about that from here so This is where things get a little exciting So let's talk about the VMs that we're gonna work on I've already just kind of mentioned them There's two of them. There's a client and there's a target The client is arguably misnamed, but that is the machine that we're going to be working from so this is the machine that you know We would be typing things in too so we can communicate with the the the target machine Which is where we're going to be configuring that that machine specifically Um, I've already pre-canned the SSH keys So if anybody ever find these SSH keys, please consider these absolutely burned because That they're basically publicly available on the internet with no password on their key in the whole line yard Obviously that I said like I said before the the virtual machines are sent off seven and Everything should be installed for these to work. So all of the the examples that I'm going to give here were run Exclusively on the virtual machines just to make sure they all worked and that's how they were done. Um, They will boot up and unfortunately my video here is obscuring it a little bit But this will come up a little bit later in a video Um, but once they boot up, they should show you what the you the username and the password are as well as any IPv4 IPv6 interface Address that is associated with that VM This is so that You can actually figure out what's going on on that machine, you know, where it's virtual virtual machine addresses and those kinds of things So, um, I would also like to point out that these were created and mostly tested with VMware Workstation They have been shown to work with both AW directly in AWS and With virtual box. I haven't really tested them anywhere else. So your mileage may vary But they're relatively straightforward. They're not super complicated. There's not a lot Really weird going on there other than I've pre-installed a few things where I have a couple of extra specific files For the purposes of showing folks everything So, you know, if you can't get this to work on whatever your favorite virtual machine platform is Give me a ping. I may be able to help you. I'm trying to make the these as easy to use as possible. So Um, and Obviously, like I said, these work on These were tested on VMware Workstation. They should work fine on Fusion Obviously, ESX would work if you have it. That's although that seems kind of like overkill Virtual box and AWS have been confirmed to work Everything else that you're kind of on your own. So Let's talk about So something really really basic When you start when you start using Ansible, you need to tell Ansible where the machines that you want to interact with are This typically gets put into Etsy Ansible hosts There are ways of passing in this hosts file From a more from a more localized directory. So if you wanted to keep everything in get directly, that's possible It just means that you have to pass some slightly different configuration options or switches into Ansible when you run it But the typical location is in the Etsy Ansible host I've already dealt with the SSH keys that we're going to deal with for the virtual machine And the simplest thing we can do is as it's written here Ansible all so all of the machines that Ansible knows to talk to Run the module ping this literally just Verifies that it can access and talk to the remote system. And if you run that, this is what you should get now You know, I show you the output, but let's actually take a look at what this actually looks like So this is the virtual machine booting up Takes a little bit it is an actual virtual machine I didn't want to Delude the experience and I wanted everybody to kind of see what this looks like During its boot-up process It realistically just looks like every Linux box that ever boots in the universe So if you've never had to to boot a Linux box, this is probably a new experience But yeah, so it boots up and In the off chance that it boots up and it shows you the login screen, but it doesn't actually show you the IP information log in Which in this case is root and Tutorial underscore base and then just exit and that should refresh correctly It's usually a problem of the IP or the interface hasn't quite gotten a DHCP response in time So that is what it ultimately should look like Once this is actually done so again the username and the password for the machine are written right there and The IP addresses should also be there if you want go ahead and log in obviously, I can't type the the password and You should be If for any other reason you need to look up what the IP address is without just exiting IP space at earth Great way to get get back at that so Now that we've actually proven that we can talk to the Local machine because all we've done From paying so far is the only thing in Etsy a host Should have been this one machine now You are gonna have to actually boot up both machine or both VMs to get both IP addresses And what you're going to put into Etsy Ansible host is actually exactly the The 192 168 in the video example. It's 21 Dot 129 and on the the the slides here it's 192 168 2.131 That's what that's all you need to put in there There should be an entry in there probably the the 2.131 entry You can just delete that and fill in the rest of the IP address that you need there. So Let's have Ansible Actually do something Because you know pinging everything making sure that it can actually do stuff Isn't all that exciting In some respects, but let's actually have it run something on the remote machine So if we run Ansible all again and you know on all of the answer will notice it knows how to talk to minus a and Then give it a command it will run that on all of the machines The answer will knows how to talk to so Obviously, we've already gotten to the point where we've got the machine up. It's running and if we just type in Ansible all apparently make sure that the host file is correctly up-to-date which this one obviously is not and secretly here I am updating the The IP ad or I'm looking at the IP address from the other machine and then if we do an Ansible all Minus M ping this is what you should get or in the in the specific case of this Ansible all minus M ping obviously you get It attempts to SSH out obviously in this case. I haven't updated the the known hosts So accepting the fingerprint anybody's curious that fingerprint should be the same across all of them And this is what you get when ping actually completes correctly so Ansible has actually done something at this point now Let's have it go and do something a little bit different Let's actually write a playbook now playbooks are typically what Ansible runs it is a collection or a set of tasks for Ansible to go and run Sometimes these include much more complicated rules In the simplest example I can give you it's literally hello world because everybody likes to run hello world when you write things and It's a YAML file. So basically on your On the client you create a directory called playbooks You create a file called hello world YAML You write in what you wanted to do, which is almost exactly what we just did with ping and then We go ahead and run it So Let's see what that looks like so in this specific instance We're only going to hello world against the local machine This is to show that you can actually run things Against the machine you're actually running Ansible from not necessarily but not necessarily having to go all the way out and talk directly to a machine and I'm gonna note one thing that's really nice in Ansible if you add a name to something that name is what is displayed When Ansible goes to run things so it's mostly just a nice way of defining What the task that it's going to do is so you'll see that? There's a top-level name for the hello world for the entire playbook And then the task itself has a name of hello world Their freeform text you can kind of put anything you want in there and obviously we're using the shell command just echo Hi so once you've got that all written in and Saved if you do Ansible playbook and then the name of the playbook it will just run This obviously connected to the local machine It's actually going to build up a bunch of facts about the local machine Which we don't necessarily need for this but in a lot of instances you do want it and then it's just going to echo Hi now The interesting thing here is that we didn't actually have any output that we could visibly see Because the the output stream that's going on the the remote machine i.e. local host in this case isn't actually visible to us Okay, that's fair now Let's take a look at what this looks like if we go ahead and do this remotely and Obviously the output if anybody else is curious what this should look like Without actually just watching the video that was embedded here. So Um Now if we want to go and do this remotely the only thing we realistically need to change is the hosts line there Now I'm also going to go down a little bit further here, and we're going to add a copy So the copy module is basically how you get You copy files either that are locally or you end up creating files on the remote machine So we um if you look at this we basically pick the remote machine We echo hi Doesn't really we don't really see anything other than it should complete assuming that echo does exist and then we copy Into a file hello world now we specifically define what that content is instead of giving it a local file to copy over It's kind of like if you were to to echo Some content directly into and pipe it into a file. This is basically the same thing So and the destination file on the roadside that we want to use is a slash temp slash test file dot text So I've got this correct More or less we do the same thing I'm just going to modify the existing Hello world Change the hosts in my example. It's 192 168 21 dot 129 I'm having to look this up because I didn't scroll this down beforehand and Then I go ahead and add an additional task for copy And if you're paying eagle-eyed attention to how this looks in the terminal window Copy and and the name of the task above it. Those are both indented identically In a second in this specific case, I'm also putting content and test on the on at the same indentation level and This is going to come back to bite me in a second because Content and desk are not the same those are Arguments to copy not arguments in and of themselves So the way this ends up getting processed actually Is wrong and unsurprisingly Ansible actually gives me an error so May a culpa if you're you're trying to read this off of the slides directly This is what I specifically meant. I actually did end up reading this directly off the slides And I missed that extra indentation even though I do this often enough that I should have known better So I add some extra indentation the amount of indentation doesn't actually matter But the consistency of that indentation does so Fix that indentation issue for content desk and then rerun it obviously it's going to SSH out to the remote host again It's going to gather those facts. It's going to run The echo high and then it's actually going to create slash temp slash test file dot text Just to confirm that this did what I was expecting I'm going to SSH out to that machine As the root user and I'm going to cat that file and as you can see in the video there Hello world does is in that file on the remote machine So yay, we have now actually configured a remote machine and um and done something to it yay so and again if you Didn't or didn't watch the video or something. This is the expect roughly the expected output of what? the that playbook should run so and Obviously, I've gone ahead and already Shown that what is in the test home machine is what I'm expecting it to be which is hello world So now that we've kind of talked about copying files Let's actually copy an actual file instead of just creating content into that file in this particular case We're just going to use the copy mechanism I've already basically discussed it except that what we're using for source is actually a little bit different So in this specific case, I've already downloaded 20,000 leaks under the sea into the virtual machine And we're just going to copy that copy of 20,000 leads under the sea into the remote machine so Nothing too exciting there Again, I'm just going to end up Creating this file, but I wanted to prove to you that 20,000 leads under the sea already exists on the virtual machine It was there. It's got a few kilobytes of data Associated to it and then I'm literally, you know, just copying or rewriting the the entire yaml file here As I have to go look up the IP address yet again This is kind of the the really wonderful thing for groups or host names When you start dealing with systems It makes it so much easier but for this example just having the the actual IP address is what we're going to do because I don't want everyone to have to figure out how to do DNS and all this other kind of stuff just to test this so and then We copy in the source we copy in the destination obviously SRC and DEST are Basically arguments that are being passed into the copy command once we've got those all in there save it and we're going to go ahead and Run that as a playbook so Again, the process that this is going to undergo it's going to go it's going to Get a bunch of facts about the remote post This is what it does by default at the beginning of every any time it runs There are ways to turn this off. There are reasons why you may want to do this and then After it's gotten the facts and it's gotten kind of all set up so that it can run the next command Which is literally just copy 20,000 leagues under the sea to the remote machine under slash 10 and At this point as you can see in the video it should have completed and Then at this point I'm going to shaw 256 some the local copy which gives you a nice giant Checksum and then on the remote machine. I'm going to actually run ansible on all of the remote machines and Run the exact same shaw 256 except against the the path. I'm expecting it to be and This will run and we'll get a response back on this one So depending on what's going on and how you're running things you do actually get information back and as you can see from the video We did end up having the same hash so the file was copied over and And for anybody who didn't watch the video, this is what the roughly was seen okay Copying files is all well and good, but let's kind of move on to something a bit more interesting package management Everybody loves package management. We all need packages where you know, the generally the idea with a an ansible box That you're going to admit is What you're going to do is we're going to do the most basic minimal install You can't just enough to get you up to SSH and have a network configuration Once you've gotten there you can process everything else But usually what this means is that you're missing anything else useful that you would want So in this particular example, we're going to make sure that core utilities is installed We're then also going to make sure that ansible is absent on the remote machine So we want to make sure that ansible isn't present on the target Because we don't actually need ansible present on the target when ansible wants to do something It actually bundles it all up and copies the entire thing that it wants to execute out to the remote host for execution Including the the predominance of it's the libraries it needs to run This is really really awesome Because your remote machine doesn't necessarily need to know anything about ansible to be able to take advantage of it Again, the same reason that things like Switches and whatnot can take advantage of this when you usually can't install random packages for the most part And then we're going to install cow say because if you've never played with cow say it's a fun stupid little a utility That's worth playing with So Let's go ahead and do that so new playbook Quickly fill in all of the intermediate pieces. This is this kind of ends up becoming Second hat for most people and in fact you're going you'll notice from the slides. I actually used the yum module Which is technically been deprecated for the DNF module, although it's just a basically a search and replace for yum for DNF But I'm but in the video you're going to notice that I'm actually using package. So packages a slightly more Higher level version of yum or DNF and packet what package can do is it actually takes a look at the system that you're running on and Uses the native package management system instead of just assuming that you're on a red hat type system or sent to us or Fedora and using RKM or yum and Actually gives you the option of using apt or apt-get or I believe even emerge and a few other things are supported But this basically makes it a more generic way of doing package management the For the most part like the state command and whatnot are all the same across things like yum or package But package unsurprisingly because it is It can be used across a much more or many more or distros It is slightly more limited in what it can do So if they're there can definitely be situations where you may need to actually fall all the way back to you know a distro specific situation If you're particularly if you're writing world common rules across, you know different distros debut and they're been to Red Hat sent us Fedora and But if you're just doing basic things package should work and Once we've written the The playbook itself we run the playbook and then this is going to chug for a little bit in this specific case again, it's going to fetch all of the the The information about the remote system and more or less what this is doing is it's just filling in a Large variable set about what's going on the remote machine So, you know what kernel it's running what version of the operating system that's running whether it's dead me and or Fedora or Sent us or whatnot and just basic information like that that you would then be able to reference in your own rules or playbooks and then Again, once that's done, it's going to run through and it's going to make sure that core utility is present So if it went through and it figured out all of the packages that are available During that first step It's going to know that core utils is already present and it's not going to need to do anything It's also going to notice that ansible is already absent because it's not installed in the remote machine And then it's actually going to install cow say Which was not actually installed on the machine Well, I believe it wasn't installed because it took a little bit longer than I was expecting And then if you run cow say and move against the remote machine Congratulations, you get a cow that says move so And for anyone else who's interested, this is what the output of the playbook itself runs But Before we kind of wrap this up I want to give run into a couple of additional things that ansible can do because right now If you followed everything in this particularly if you've used the virtual machines You've actually gotten to the point where you have done the most basic hello world tutorial for ansible And this should give you a jumping point to actually being able to go out and do additional things But I want to give you an idea of some of the additional pieces that you can do so What you've got here on the top is a An example of groups so in Etsy ansible hosts you can actually define groups of hosts in this case pi3-hosts and a Host itself can actually be a member of multiple groups So instead of you know when it when an ansible playbook asks for what host to run against you can actually give it a group So in my case, this would be a pi3-hosts group And as you can see I even specifically say that the ansible port to communicate on is 456 Ie in this situation. I've changed what the SSH port is on my remote system Ansible should talk to port 456 on the remote system and just pre defines all of them But I can also Define for all of those hosts a variable and in this specific instance I can redefine what the Python interpreter is to Python 3 So for anybody who is having to interact with more recent systems Python 2 is dead Well, um yay And Python 3 is now the de facto standard for Python Except then on a lot of systems are you're still going to run into right now Python 2 and Python 3 are installed and there are situations where You may want to explicitly define that you wish to interact with Python 3 ansible is at this point all Python 3 So if it if you can use Python 3 on the remote system, that's probably the way you want to go and this basically Instead of just using slash user bin Python this explicitly tells ansible that it should go ahead and use user bin Python 3 To run Python commands on the remote system Also want to call out conditionals. So there's ways of creating variables inside of ansible and you can Use those variables to define Additional behavior so things like in this particular example copied out of my own world Role set. Um, I wanted to make sure that NTP with D was installed But I wanted to also make sure that when That it only did this for Debian because unsurprisingly Different distros call certain things slightly differently. So if you want to take a look at Apache on Fedora Red Hat or sentos, it's HTTP D if you look at it from the Debian perspective, it's Apache 2 Well at some point, you know, if you want to be able to run this module on multiple different systems Sometimes you just have to define well if this is Debian, this is what it is if this is Fedora This is what it is and there are ways of taking entire, you know default variable sets and whatnot And making this a lot easier for yourself But I want to point out that there are conditionals That can be used and they can actually be really really complicated and very interesting So that's worth looking at as well and because it I would be a terrible person to Leave you without Giving you some places to go and find additional documentation docs.ancel.com is really awesome It covers a huge amount of really useful things in the entire Ansel ecosystem And the the documentation has a tendency to be very very good So yay, this is it's not very often I Legitimately get to complement a project on their documentation, but Ansel does actually Get a solid kudo here And when you go to try and start doing things when you want to start doing more complicated things Let's say you want to set up NTP For whatever reason or you want to play with crony There's actually pre-built roles that have baked that people have baked together to do really complicated very powerful things Already for you so you don't necessarily have to reinvent all these wheels and sometimes these can be Incredibly useful particularly for being for standardizing things across your entire infrastructure And you want it to go and take a look for those in the galaxy. It's like package management To a certain extent for Ansible roles But beware, you know, basically anybody can upload things So this is a bit more of a free-for-all a la npm versus, you know, something like a Distro level package management system. So keep that in mind and obviously places like Ansible on free node are great ways to go and ask questions sometimes and Unfortunately, my my large head is covering up my own contact information Again, my email jholly at VMware.com Or Warthog nine at Eagles crag net. I'm on IRC Warthog nine At the very least on free node If you want to try and track me down on Twitter, I'm at warty nine and on github. I'm Warthog nine I would like to thank you for trying to get for taking the time to get through this. I hope it was useful Obviously, I look forward to doing this again In in person where I can actually help people more going forward But hopefully the fact that this has been recorded people will find this useful and We can actually disperse we can disperse this particular tutorial a bit further. So Thank you very much