In our first presentation-style forum, André Prado walked us through the basics of what kind of infrastructure it takes to run a VFX studio. He also gave a hands-on introduction to Ansible, showing us how to use it and exploring how it can be used to manage VFX infrastructure.
The slides and other tutorial material from AndrĂ©’s presentation can be found on GitHub
Is the Ansible host file always a static list of ip addresses?
no, the list of hosts and host groups can also be dynamically fetched by Ansible. Usually this is done via a simple Python script that queries some inventory system and outputs an appropriate JSON blob for Ansible.
What has been the experience creating custom extensions for Ansible?
In general you very rarely need to, there’s so much out there already. That being said, some custom filters are often helpful - like a template function to reduce repetitiveness or make specific transforms on data. The key challenge to creating extensions is making them idempotent, since anyone who uses it will be used to running playbooks over and over again. Whatever you write as an extension needs to run many times and not duplicate efforts, resources, etc
Does Ansible maintain a central state or data file for idempotency?
No, all Ansible code tries to query the actual state of the system rather than store state information. Eg if you ask for a package to be installed, it first queries the package manager of the system to see if it is installed, missing, etc. before trying to make changes. It does seem to heavily leverage the
/tmpdirectory while running, though.
How does Ansible perform? Even this simple example is not speedy…
Tagging is a really helpful way to divide up a playbook into smaller sub-sections, allowing users to run only some parts of the entire process. The example that we followed was also managing public cloud infrastructure, but usually when dealing with on-premise hardware and networks things are generally a little faster.
Ansible can also be used to run commands on many hosts at once. Just as a general sysadmin tool, once you have a handle on the basics you can write simple playbooks to run on many hosts at once. A good example of this is running one-off or irregular maintenance tasks on all farm hosts (like cleaning zombie processes, etc.)
Ansible is not running all the time, so a cron job or scheduled pipeline of some kind is needed instead if you want to monitor or run regular jobs on your infrastructure. There is also Ansible Tower and AWX that can provide some of these centralized features.
Ansible is not really a solution for all kinds of software deployment. It’s best at managing server-side deployments, with other solutions being better for desktop/client-side software.
Ansible, and the complete set of dependencies that you need to maintain a production environment can become a pretty big environment. Creating and curating a virtual environment or other isolated runtime environment is a great way to make sure that the Ansible tool set is accessible to other devs, TDs and anyone who needs to self-provision and manage infrastructure.
Ansible’s Jinja2 templating can get messy, and there are definitely ways to shoot yourself in the foot if you get too excited about the templating. Sometimes it’s okay to just duplicate code in ansible rather than trying to create complex templates to handle it all.
I think that I speak for everyone when I say that the tutorial was a really interesting experience for everyone. We had some great questions come up from the group and had a good discussion about Ansible, how it can be leveraged in a VFX environment, as well as possible alternatives and related tech. If you were not able to make it, I hope that you find these notes useful and we hope to see you at the next forum!
Thanks for reading!