Ansible is a popular choice for automating infrastructure provisioning, config management, deployments, etc. Shippable provides a perfect complement with native CI, release management functionality as well as the ability to create event-driven workflows across ansible playbooks and other DevOps tools and activities. This talk was presented by Shippable's co-founder and VP Product Management Manisha Sahasrabudhe at AnsibleFest 2017.

1. Leveraging Ansible for CI/CD
Manisha Sahasrabudhe
VP Product Mgmt @ Shippable
Twitter: @ms_koffee
GitHub: manishas
Email: manisha@shippable.com

2. Fast innovation is key to survival
and winning

3. Continuous Delivery enables
Fast Innovation
• Every code change can be deployed to production, if
desired
• Fully automated deployment pipelines with a manual
approval gate to push to Production
• All teams working together to deliver incremental software
updates quickly, reliably, and with better quality

4. app
code
build & test
app
pr
base docker
image
commit build, test &
push image
build & push
app image
review &
commit
machine
image
commit
build, test &
push ami
network
config
commit
prov test vpc prov test ecs
deploy app to
test
prov prod vpc
functional
test
prov prod ecs
deploy app to
prod
smoke
test
code repo
Events + transfer of state
CI/CD for a Single Application
SECOPS
DEV
OPS
TEST

5. • 450+ modules to create and manage
infrastucture, build AMIs, manage config, and
many other tasks
• Event-driven workflow automation platform for
ansible playbooks and other activities, with
visibility, traceability, and audit trails
• Manages state information across playbooks
• Makes playbooks reusable with runtime injection
of config & state
• Native functionality like CI, release mgmt, etc
• Declarative YAML language for versioning and
reusability
• Secure and agentless
• Low learning barrier
• Controls access with roles and permissions
• Runtime images with pre-configured tools,
CLIs, languages, etc

6. Demo

7. app
code
build & test
app
pr
base docker
image
commit build, test &
push image
build & push
app image
review &
commit
machine
image
commit
build, test &
push ami
network
config
commit
prov test vpc prov test ecs
deploy app to
test
prov prod vpc
functional
test
prov prod ecs
deploy app to
prod
smoke
test
code repo
Shippable handles
events + transfer of state
CI/CD for a Single Application
ansible Shippablejob

8. Job resource
CI/CD Building blocks
• Performs a CI/CD activity, such as CI,
provision a VPC or environment, create a
svc definition, manage release numbers,
deploy an app version
• Can be a Shippable native job, a wrapper
for an ansible playbook, or a generic job
running any custom script
• Executes on a pre-configured runtime,
depending on job type
• Contains information required to run jobs
• Also used to communicate state between
jobs
• Can be a Shippable defined resource or a
generic resource with key-value pairs

9. 9
# Test VPC Creation Config
- name: test_conf
type: params
version:
params:
STATE_RES_NAME: "test_info"
VPC_NAME: "test_vpc"
VPC_CIDR_BLOCK: "210.0.0.0/16"
VPC_SUBNET_NAME: "test_vpc_subnet_pub"
VPC_SUBNET_CIDR_BLOCK: "210.0.0.0/24"
ECS_CLUSTER_NAME: "test-aws"
INST_COUNT: 2
INST_TAG: "test_ecs_inst"
INST_TYPE: “t2.micro"
# Output of Test Provisioning
- name: test_info
type: params
version:
params:
SEED: "initial_version"
example: shippable.resources.yml (partial)
Information for provisioning Test
VPC and Test Environment
Job that provisions test VPC will
use this resource to store state

10. 10
# PROV Test VPC with Ansible
- name: prov_test_vpc
type: runSh
steps:
- IN: create_app_man
- IN: aws_region
- IN: aws_creds
- IN: ans_demo
switch: off
- IN: test_conf
- TASK:
- script: |
export AWS_ACCESS_KEY_ID=$(shipctl get_integration_resource_field
aws_creds aws_access_key_id)
export AWS_SECRET_ACCESS_KEY=$(shipctl get_integration_resource_field
aws_creds aws_secret_access_key)
cd $(shipctl get_resource_state ans_demo)
shipctl replace an_vpc_prov.yml
ansible-playbook -v an_vpc_prov.yml
- OUT: test_info
example: shippable.jobs.yml (partial)
# ansible playbook path
Shippable utility to replace env
vars for playbook
# test VPC config
# aws credentials & region
# don’t auto-trigger on change
# run after creating service definition, aka manifest

11. 11
- hosts: localhost
connection: local
gather_facts: False
vars:
STATE_RES_NAME: "${STATE_RES_NAME}"
VPC_CIDR_BLOCK: "${VPC_CIDR_BLOCK}"
VPC_NAME: "${VPC_NAME}"
VPC_SUBNET_CIDR_BLOCK: "${VPC_SUBNET_CIDR_BLOCK}"
VPC_SUBNET_NAME: "${VPC_SUBNET_NAME}"
tasks:
- name: Create VPC {{ VPC_NAME }}
ec2_vpc_net:
name: "{{ VPC_NAME }}"
cidr_block: "{{ VPC_CIDR_BLOCK }}"
tags:
module: "{{ VPC_NAME }}"
register: vpc
- name: run cmd
shell: |
shipctl put_resource_state "{{ STATE_RES_NAME }}" VPC_ID "{{ vpc.vpc.id }}"
example: ans_vpc_prov.yml (partial)
Shippable sets these vars,
making the playbook reusable
Set state for use in
downstream jobs

12. Thanks!
Schedule a demo at:
https://www.shippable.com/schedule-demo.html
For more information:
Email: manisha@shippable.com
Twitter: @ms_koffee
Demo repository:
https://github.com/avinci/ans_demo