ansible,

Ansible Automation - Use Case Gallery

Gineesh Gineesh Follow · 5 mins read
Ansible Automation - Use Case Gallery
Share this

Immutable Infrastructure

  • Configure your re-buildable replicas of server set or application stack.
  • Use Ansible for Infrastructure as Code (IaC)

Provisioning

Provision your bare-metal, private cloud and public cloud infrastructure using modules and configure them to use for day 2 operations.

AWS

  • Instance Provisioning
  • LoadBalancer / TargetGroup Creation
  • VPC Creation

Application Deployment

Manage your applications deployments, re-deployments, migration using simple ansible playbooks; and implement DevSecOps methods in your infrastructure operations.

Security Management

  • Incident Response

Manage network configurations

  • Configure new network devices with same configurations as we need
  • Add new rules or changes in configurations (eg: new VLAN, new Virtual Interface)
  • Add/Remove rule in firewall

Package Deployment

OpenShift Container Platform

OpenShift Day 2 Cluster upgrade Auto-scaling of worker nodes AD group synchronization Time synchronization Housekeeping Pruning objects (namespaces, builds, etc.) Certificate update/rotation

Business Continuity etcd backup Global Load Balancer (GTM) failover Cluster rebuild and recovery Master/Worker nodes VM snapshot

Application Deployment/CD Namespace creation Network policy creation Application deployment, resource provisioning and testing Application upgrade

Compliance CIS OpenShift scanning and reporting Leveraging compliance operator and generating HTML reports

Operating System Patching

Weekly system reboot

Eliminate repetitive, manual processes with automation.

Enforce security guidelines

Rules are rules. It’s best to automate in an effort to achieve strict security standards.

Configuration Management

Keep your configurations as a code and also can check if someone made chages to the same.

Disaster recovery

Disaster recovery can involve a wide range of components. Act across different variables of the technology stack to identify problems and eliminate cross team dependencies.

Adhoc Commands

Remarkably easy to write, you can run commands across your environment for any number of servers.

Database

Ansible Oracles Modules

Database binary patching

Several databases use outdated binary sets. Patch the binaries in accordance with the release of the latest patch.

Service license agreements

  • Gather subscription information and generate reports.
  • Auto reminder emails on subscription and license renewal

Provisioning

Provisioning VMs on RHV, VMware and Hyper-V using templates Provisioning on AWS VM Snapshots on RHV and VMware

Network

Firewall rules orchestration with AlgoSec, Tuffin Load Balancer orchestration with OS updates SD-WAN Integration with Infoblox (IPAM) Asset management with Solarwinds

Compliance and Security

CIS Scanning and Hardening for RHEL, SUSE and Windows CIS benchmark for Kubernetes Rapid 7 Nexpose / Tenable Nessus Integration Anti-virus, e.g. Trend Micro, Symantec

Application

Integration with CI/CD tools such as Azure DevOps Application Deployment Installation and lifecycle management of middleware Installation of IIS, MS-SQL Installation of .NET app on Windows Application health check Dynatrace webhook Integration with Jira ServiceDesk

Config Management

RHEL and Windows patching with Red Hat Satellite and WSUS Red Hat Clustering Setup Health Check Onboarding of Windows vm to Windows AD Integration with CyberArk vault DR failover for Ansible Tower Golden Image management Configuration drift management, with baseline configurations

System and Server Automation 1. VM provision and deprovision for Windows 2016/2019, RHEL 8.x 2. Scale up/down CPU and Memory of VMs 3. Add/Delete Virtual Disks for VMs 4. Agent Installations for APM, McAfee, SCCM, Backup, Monitoring etc. 5. Join to Domains 6. Patch Management with WSUS/Satellite 7. Compliance Management for RHEL, Windows 8. Server Hardening 9. Health Check for Windows and Linux Servers 10. Server Stop/Start/Restart

Cloud Related Automation 1. VMs and Kubernetes provisioning on AWS/Azure 2. Provisioning with Autoscaling Group on AWS 3. Configure ALB 4. Create Lambda Functions to update AMI 5. VPC provision and deprovision with related network services 6. Windows/Linux Patch Management 7. Windows/Linux Hardening and Rollback Management 8. Windows/Linux Compliance Management 9. Golden Image Builds 10. CloudWatch configurations 11. Logs management/archival 12. Lifecycle management of AWS accounts, organizations, roles and access 13. Network security and WAF policy configurations 14. AWS Resource backup 15. Set budget limits and budget monitoring 16. SFTP configurations with RBAC 17. Cloud DB provisioning 18. Azure SQL managed instance provisioning 19. SNS configurations and alarm settings 20. VAPT scanning

Database and Middleware 1. Installation and configuration of MySQL, MSSQL, Oracle DB, PostgreSQL, MariaDB 2. Installation and configuration of WebLogic, Apache, NGINX, Tomcat, WebSphere, JBoss EAP 3. DB health check for MySQL, MSSQL, Oracle DB 4. DB housekeeping and archival for MySQL, Oracle DB 5. DB ad-hoc backup/restore for MySQL, MSSQL, Oracle DB 6. DB patching for MySQL, MSSQL, Oracle DB 7. DB hardening and compliance for MySQL, MariaDB, MSSQL, PostgreSQL 8. Platform build/installation for Bamboo, Jira, Bitbucket, Confluence, minio, MQ etc 9. Start/Stop/Restart DB and middleware services 10. Patching for WebLogic, JBoss EAP, Tomcat

Network 1. FW rules management (Add, delete and modify 2. Cloud FW rules management (AWS and Azure) 3. Compliance check for Cisco ASR, CSR, 9K, ACI, SD-WAN, Allot, F5, AlgoSec, Palo Alto, Panorama 4. Hardening of Cisco ASR, CSR, 9K, ACI, SD-WAN, Allot, F5, AlgoSec, Palo Alto, Panorama 5. Patch management for F5, InfoBlox, vEdge 6. PKI Certificate management 7. Configuration backup for Cisco IOS/XE, Palo Alto, F5, ACI 8. Provisioning for vEdge, F5, ACI, Cisco IOS/XE, Palo Alto 9. Health Check for Cisco IOS/XE, NX-OS, Palo Alto, F5 10. Palo Alto user management, NSP, FW session, deprovisioning

Security 1. Backup of Fortigate Config into Tectia 2. Failover and Failback of Fortigate 3. Install Security Agents for Imperva, TrendMicro, McAfee, Splunk UF, Nessus, Carbon EDR 4. CyberArk Credential retrievals 5. Palo Alto Patching 6. Palo Alto Provision/Deprovision and Firmware upgrades 7. F5 Patching

Operational Task 1. System Health Check for Windows, Linux, MySQL, Oracle DB 2. Network Health Check for AlgoSec, Infoblox, ACI, Firepower, Router, F5, Palo Alto 3. Server, DB and Application Services Stop/Start/Restart 4. Common Incident Remediations 5. DB Operational Tasks

Gineesh
Written by Gineesh Follow
Backpacker, Foodie, Techie

Latest Stories

Featured