Automating Infrastructure

Question 1

What are the three stages to go through when you starting out automation on the network, and give an example of each one

Answer 1

RUN: read-only operations, list vlans, obtain inventory
WALK: Automate on-boarding, automate day to day tasks
FLY: Proactively manage users, complex automation

Question 2

Why do we need automation?

Answer 2

Speed and agility

Scale operations

Question 3

Risks of manually deployed managed networks (4)

Answer 3

Manual process time consuming
Subject to human error
Financial costs due to outages
Dependency on small components and many contributors

Question 4

Infrastructure automation benefits (3)

Answer 4

Speed
Repeatability
Work at scale with reduced risk

Question 5

Benefits of full-stack automation (4)

Answer 5

Self-Service
Scale on demand
Observability
Automated problem mitigation

Question 6

As part of Automated problem mitigation, what should apps be engineered to do? (3)

Answer 6

Minimize blast radius - recognize issues quickly and re-route traffic
Self-heal - automatically re-deploy failed components
Monitor events - this allows fixes to be implemented

Question 7

Benefits of cloud in automation

Answer 7

Self Service - quickly stand up whats needed
Close specifications, consistency, repeatability
Platform abstraction - the ability to containerize

Question 8

Challenges of using cloud

Answer 8

Cloud platforms design, security may add new demands to applications
Permissions could be challenging
Unforeseen costs - resource on demand or “still running unused resource”

Question 9

How should large scale app manage traffic, storage and compute

Answer 9

Provide good user experience
Be resilient, highly available and protect user data
Grow and shrink as per demand

Question 10

Benefits of microservices

Answer 10

Scalability - can be scaled and load balanced across many servers
Infrastructure automation tools - EG Kubernetes can automate scaling

Question 11

Challenges of microservices

Answer 11

Increased complexity - lots of moving parts

Automation is required - manual method is not realistic for coping

Question 12

Whats the difference between Dev and Ops

Answer 12

Dev - were the developers that created apps

Ops - were the IT staff to make the apps work for users

Question 13

Name some legacy bottlenecks

Answer 13

Project resourcing could take months
Limited resource
Setup and tear down not simple

Question 14

When Dev and Ops fused, what did they need to do? (2)

Answer 14

Make coders responsible for deployment and maintenance

Treat virtualisation as code

Question 15

What were the 3 key defining moments for DevOps evolution?

Answer 15

1: SRE
2: Debois - Agile infrastructure
3: Allspaw and Hammond - Best practice

Question 16

What is the SRE approach based on? (6)

Answer 16

Shared responsibility
Embrace of risk
Acknowledgment of failure as normal
Use automation to reduce toil
Measurement of everything
Qualifying success in terms of meeting quantitative service-level objectives

Question 17

Name 3 best practice that Allspaw and Hammond presented

Answer 17

Automated infrastructure.
Shared version control.
Single-step builds and deployments.

Question 18

Name 3 best practice for DevOps

Answer 18

Automation - reduce cost and reduce toil
Failure is normal - this should drive to build better systesm
Re-frame availability - SLO/SLI

Question 19

Name two basic tools for scripting?

Answer 19

Bash

Python

Question 20

Name 4 ways to make a script efficient

Answer 20

Standardising parameters, flags and errors
Create hierarchy and logically
Create high-level scripts for entire deployments and low-level for phases
Make code generic and re-usable as possible

Question 21

What is idempotency

Answer 21

Any script to lead to the desired state regardless of what the state was.

Question 22

Principles of idempotency

Answer 22

Look before you leap: if it aint broke don’t fix it
Get a good known state before making changes
Test for idempotency: ensure there are no side effects of automation
One bad apple spoils the bunch: all parts of the code need to be idempotent

Question 23

What benefit do you get out of automation tools? (6)

Answer 23

Simplify and Standardise
Accelerate development with out the box features
Facilitate reusability
Perform discovery and manage inventory
Handle Scale
Engage community

Question 24

Procedure or declarative: Ansible

Answer 24

Declarative

Question 25

Procedure or declarative: Puppet

Answer 25

Declarative

Question 26

Procedure or declarative: Chef

Answer 26

Procedural

Question 27

Define Procedure vs declarative

Answer 27

• Procedure code can achieve idempotency

- Declarative - static model that represents the desired model

Question 28

Describe the differences between.

Provisioning; configuration; deployment; orchestration

Answer 28

Provisioning - getting things ready
Configuration - installing base applications and enable testing
Deployment - building, arranging, integrating multi component apps, eg DB cluster
Orchestration - some form of automation

Question 29

In terms of Orchestration what is the difference between Concretely and Abstractly

Answer 29

Concretely - autoscaling or self-healing

Abstractly - process workflows like self-service

Question 30

Define the difference between stateless and not stateless in terms of app and server relation

Answer 30

Not stateless: an app saves important info in local files

Stateless: an app saves to remote files/database and requires no memory of state between invocations

Question 31

Name 3 popular automation tools

Answer 31

Ansible, Puppet, Chef

Question 32

What characteristics to automation tools share

Answer 32

Easy to learn
Open source
Adapters available for a given platform, eg AWS, UCS

Question 33

What architecture does Ansible have?

Answer 33

Control nodes

Question 34

What can a control node do in Ansible?

Answer 34

• Run shell commands on remote targets via Rest interface
• Inject python scripts on targets
• Install python on targets

Question 35

What data structure does Ansible use?

Answer 35

YAMl

Question 36

Describe the Ansible folder structure (5)

Answer 36

Inventory file (hostfiles) - organises your inventory of resources
Variable files - variables relating to hosts
Library and utilities - contain modules to interact with hosts/resources eg ACI
Main playbook file - YAML may reference other low level roles
Role folder and files - These are like submodules, each role folder contains task folders with main.yml in each. It also contains handler task files

Question 37

What software is available to control multiple Ansible nodes

Answer 37

Red Hat Ansible Tower

AWX

Question 38

Ansible define Module

Answer 38

Code to perform an action on a managed device. Often written in Python.

Question 39

Ansible define Task

Answer 39

An action pointing to a given module. Can accept argument and actions.

Question 40

Ansible define Play

Answer 40

A set of Tasks to a host or group of hosts.

Question 41

Ansible define Playbook

Answer 41

A set of Plays, written in a YAML file.

Question 42

Ansible define Role

Answer 42

A set of Playbooks that can repeatedly execute a standard configuration. You can assign multiple roles to a single host.

Question 43

Ansible define Inventory

Answer 43

A set of devices on which you run playbooks.

Question 44

Describe puppet architecture

Answer 44

Server for Master; Facter and PuppetDB
Client called Puppet Agent
Modules for non-agent able devices
Proxy agent to manage non-agent devices

Question 45

How many hosts can a puppet server handle

Answer 45

4000

Question 46

Name Chef components (4)

Answer 46

Chef Workstation: a standalone operator workstation
Chef Infra Client (host agent): runs on hosts; Cookbooks enable control on non chef clients, eg ios
Chef Infra Server: Replies to clients and responds to configuration updates

Question 47

Chef workstation components (5)

Answer 47

CLI tools for authoring cookbooks and applying to hosts
Interacting with server to bootstrap new servers
Test Kitchen - for testing
ChefSpec - simulates code before implementing
InSpec - security/compliance auditing

Question 48

What Chef community provides Cookbooks

Answer 48

Chef Supermarket

Question 49

How many hosts can a Chef server handle

Answer 49

10000

Question 50

What is GitOps?

Answer 50

Treating infrastructure as code and single source of truth. It makes deploying a server quicker and standarised

Question 51

Benefits of having infrastructure as code

Answer 51

Rapid reconvergence to a desired state, eg device replacement
Portability - network config moves with server/application
Version control

Question 52

What is pyAts?

Answer 52

Network device test and validate solution written in Python

Question 53

pyAts features

Answer 53

Modules available to use in Python
Testing modules available, Aetest, Easypy
CLI for test and interrogation of devices

Question 54

How do you obtain doc/help on an ansible module

Answer 54

ansible-doc mod_name

Question 55

Command to execute a playbook called site.yml and inventory called inv.txt

Answer 55

ansible-playbook -i inv.txt site.yml

Question 56

What sources of data can pyAts consume?

Answer 56

JSON, excel as YANG Models