►
Description
Get your espresso ready for the EMEA OpenShift Coffee Break together with Natale Vinto and Tero Ahonen. Ansible is one of the hottest tools for automation in the community, and in this session we will discuss with Faz Sadeghi (@the_fazifs) and Andrés Valero (@anvarui) how to connect Ansible automation with OpenShift together with the multi-cluster support of ACM.
A
Good
morning,
good
morning,
everyone
welcome
to
the
openshift
coffee
break,
so
my
name
is
natalie
binta,
I'm
a
product
marketing
manager
for
openshift,
and
today,
I'm
presenting
this
show
our
openshift
coffee
break
episode
about
hybrid
cloud
automation
with
ansible,
and
I
read
that
acm,
I'm
here
co-presenting.
This
show,
together
with
terrell,
hey
terrell,
good,
to
see.
A
B
Hey
sure,
good
morning,
everyone
I'm
farsi
biki,
I'm
one
of
the
ansible
specialist
solution:
architects
in
emea,
in
red
hat,
so
I
focus
on
ansible
automation
platform,
mainly
I'm
based
in
london,
but
covering
mia,
and
I
work
in
the
same
team
as
natalia
otero
and
andres.
I
didn't
meet
in
a
minute
great
to
be
here.
C
A
D
Now
my
speakers
here
we
go
yeah.
I
had
some
problems
with
the
sound
hi,
I'm
terra
honen,
I
would
say
co-host
with
natalie
in
the
awesome
show
and
I'm
an
open
specialist
in
the
emma
tiger
team,
and
I
just
do
everything
around
openshift,
whatever
you
can
so,
basically
everything
because
everything
is
openshift.
Now,
thanks.
A
That's
that's
the
way
to
go,
and
the
idea
is
that
we
took
our
coffee
shop
in
the
morning
just
to
wake
up
ourselves
and
talking
about
cool
things:
the
techno
new
technology,
new
cool
technology,
things
around
openshift,
and
today
I'm
really
thrilled
at
fuzz
and
dress.
We
have
a
fantastic
talk.
I
think
that
people
are
thrilled
about
the
possibility
to
combine
automation
with
ansible
and
a
multi-cluster
capability
of
openshift.
So
please
do
you
want
to
start
showing
us
this
fantastic
use
case.
B
Sure
I
think
I
can
go
first,
if
that's
okay,
andres
yeah,
so
when
andres-
and
I
were
talking
about
how
to
prepare
for
this
show-
we
thought
about
having
an
introduction
into
automation.
But
then
we
thought
we
don't
really
need
to
have
that,
because
we
don't
need
to
get
into
the
details
of
what
automation
is
nowadays
or
why
we
need
it.
I
think
it's
established
by
now
that
the
only
way
that
we're
able
to
keep
up
with
all
these
rapid
changes
we're
experiencing
in
our
environment
is
to
automate.
B
We
know
how
crucial
it
is
to
be
easily
adaptable
to
the
changing
business
and
market
conditions.
While
we
also
need
to
deal
with
the
enhanced
security
and
compliance
demands,
so
we're
left
with
no
choice.
We
need
to
be
scalable
consistent
and
reliable
all
in
a
secure
way,
and
we
cannot
possibly
do
this
manually.
We
have
to
automate.
C
B
Well,
ansible
is
just
extremely
flexible
and
powerful,
so
it
fits
in
a
large
variety
variety
of
use
cases
you
can
use
ansible
in
anything
from
provisioning
configuration
management,
your
application,
development,
networking
security
cloud
on
premise
and
so
forth.
So
pretty
much
anything
you
can
think
of
you
can
use
ansible
to
automate.
B
It
can
be
used
as
something
as
simple
as
running
just
a
simple
playbook
or
the
automation,
keys,
they're
called
playbooks
and
ansible
for
people
who
may
not
be
familiar
with
that.
You
can
just
run
that
start
by
running
a
playbook
on
the
command
line,
and
that
could
be
as
simple
as
adding
a
file
adding
a
line
to
a
file
or
manipulating
some
configuration
files
or
adding
and
deleting
users
or
it
could
be
used
in
more
complex
scenarios
like
complicated
orchestration
use
cases.
B
The
example
that
I
can
think
of
it
could
be
if
you
want
to
update
your
web
service
as
an
example,
you
will
need
to
stop.
What's
monitoring
them,
then
you
need
to
stop
the
service
and
the
services
on
your
service.
You
need
to
take
them
away
from
your
load
balancing.
Then
you
need
to
do
your
updates.
Then
again
them
to
load
balancer
and
then
monitoring.
All
of
this
can
be
done.
B
A
You
know
there
are
lots
of
questions
about
how
to
meet
this
automation
with
kubernetes.
No,
so
kubernetes
does
also
its
own
or
orchestration
automation,
so
how
to
mix
the
automation
world-
let's
say
agnostic,
one
with
kubernetes.
So
this
is
the
key
question
and
I'm
glad
to
have
you
vote
today
to
try
to
answer
to
your
quest
to
this
question.
B
B
B
First
of
all,
first
of
all
is
both
of
them
being
really
widely
used,
open
source
projects,
and
they
both
have
wonderful
active
communities
behind
them.
They
both
use
yaml
to
model
the
declarative,
desired
states
of
our
targets,
and
they
both
make
automation
and
orchestration
easy
for
us.
But
going
back
to
your
question,
is
it
pops
up
a
lot
that?
Why
would
I
need
ansible,
if
I'm
already
using
kubernetes
or
how
can
I
fit
in
answer
with
my
kubernetes
clusters
and
cloud
native
environment?
B
There
are
a
few
things,
first
of
all,
if
even
if
you're,
using
an
enterprise
solution
like
your
like
openshift
for
your
kubernetes
installation,
that
takes
care
of
everything
such
as
networking,
firewalls,
dns
figure
management
and
lab
so
forth,
but
sometimes
there's
some
additional
configuration
that
is
very
specific
to
your
environment
and
that
that
installer
may
not
necessarily
take
care
of.
So
you
really
need
something
specific
to
your
needs.
So
you
need
an
automation
tool
for
that
and
that's
when
you
can
use
ansible.
B
Another
thing
is
not
all
infrastructure
can
be
hosted
or
replaced
by
a
kubernetes
cluster.
You
may
have
invested
significantly
in
your
current
id
infrastructure
in
all
the
skills
and
operations
that
you
currently
have
are
working
for.
You,
you
don't
necessarily
want
to
replace
any
of
these
things,
but
you
want
to
be
able
to
connect
and
integrate
your
current
infrastructure
with
your
kubernetes
and
your
cloud
native
environment.
B
You
need
a
tool
and
again
that's
when
ansible
comes
in.
Also
there
are
some
use
cases
that
we
will
see
in
the
demo
as
well
later
on.
In
fact,
sometimes
you
are
deploying
an
application
in
cloud
native
on
your
kubernetes,
but
you
also
need
to
rely
on
another
tool
like
notification
in
a
messaging
app
and
seeing
the
demo,
and
you
need
a
tool
like
ansible,
for
that
this
use
case
could
be
extended.
B
C
Yeah,
in
fact,
we
will
see
later
that
we
have
some
integration
with
with
acm
and
and
ansible,
and
I
always
like
to
say
that
acm
speaks
kubernetes,
but
acm
or
openshift
are
not
able
out
of
the
box
to
to
interact
with
the
load
balancer
with
firewall
with.
I
don't
know,
with
many
pieces
that
are
currently
existing
in
your
infrastructure
and
and
and
we
need.
We
need
something
that
allow
us
to
establish
that
communication.
C
That
communication-
and
that
basically
is,
is
essential
and
we
will
show
an
integration
with
ansible
for
sending
a
notification
to
slack
is
nothing
super
advanced,
but
you
could,
for
instance,
you
can
set
when
you
deploy
applications
using
asm.
You
can
set
pre
and
post
tasks
and
we
will
see-
and
we
will
explain
more
later
on-
and
maybe
you
need
to
you-
know,
open
a
ticket
in
servicenow
to
play
an
application,
and
then
configuring
a
load
balancer.
That's
something
that
now
you
can
do
all
in
one
with
integration
of
acm
and
enhanceable.
C
A
I,
like
I
like
what
you
say
fast
and
undress,
so
they
complement
each
other.
The
power
of
the
automation
of
ansible
is
empowering
kubernetes
orchestration,
automation
features.
This
is
one
key
message
I
would
like
to
to
send
today
and
with
your
help,
your
super
cool
live
dem.
I
know
you
prepared
something
really
cool
for
us,
so
I
know
you
know
that
terror
is,
is,
is
the
person
that
tell
us
to
do
only
live
demos,
so
we
follow
is
wise
advice
and
we
do
only
live
demos.
No
jokes.
A
Cool
yeah,
if
you,
if
you
would
like
to
to
proceed
with
that
in
the
while,
I
will
take
care
if
we
have
any
question
in
the
chat.
If
you
have
any
question
for
or
undress
and
fuss,
in
the
chat
about
ansible
kubernetes
in
the
while
we're
doing
the
show,
please
write
it
down
in
the
chat.
We
take
care
to
answer
them
during
the
show
yeah.
So,
let's,
let's
start
it.
Let's
start
this.
C
Okay,
we
we
spoke
about
ansible
about
acm,
but
now
I
like
to
to
speak
about
a
little
bit
and-
and-
and
I
will
count
on
this-
also
with
the
collaboration
of
us
and
about
operators,
because
operators
are
based
basic
piece
for
automation
in
in
in
kubernetes
in
openshift,
mainly
so,
the
operators
are
part
also
of
advanced
cluster
management
for
kubernetes,
and
also
operators
can
be
created
with
with
ansible
and
fast
will.
Tell
us
a
little
bit
about
about
this.
C
So
basically,
and
operators
are
best
based
on
on
controllers
and
kubernetes
controllers
and
a
kubernetes
controller.
Basically
is
a
control
loop
that
watch
the
state
of
the
caster
more
concretely,
it
uses
it.
It
watches
our
resource
and,
and
it
reacts
to
force
that
resource
to
be
in
a
desired
state.
And
again
we
are
going
to
hear
a
lot
today
about
the
cellular
state.
C
So,
basically
the
idea
behind
all
the
kubernetes
is
defining
as
code,
what
you
want
and
using
these
controllers
to
make
sure
that
this
desired
state
is
matched
in
our
cluster,
and
it's
also
the
idea
behind
ansible.
So
basically-
and
I'm
going
to
show
you
a
stupid
slide-
that
I
like
that
is
is-
is
pretty
pretty
split
now
itself.
So
so,
basically,
when
we
speak
about
operators,
they
have
three
pieces
right.
C
We
need
a
custom
resource
definition,
because
the
operator
will
look
into
into
that
concrete
resource.
Then
we
need
a
custom
controller
that
will
watch
this
definition
and
then
a
certain
specific
domain
knowledge
I
mean,
and
we're
going
to
to
see
it
in
a
demo,
with
acm,
with
installation
of
h
to
a
officium
to
be
more
concrete.
So
basically
we're
going
to
watch
what
is
happening
with
a
custom
resource
definition
using
a
custom
controller
and
when
something
happens
around
these
kind
of
objects,
we
will
trigger
an
action
based
on
the
domain
knowledge.
C
B
B
That
you're
already
somewhere
in
your
organization
using
assabel
and
you
can
leverage
that
pattern
that
power
and
that
existing
knowledge
you
can
develop
full-featured
operators
using
as
a
operator
sdk
and
one
advantage,
is
that
it
provides
you,
the
scaffolding
that
you
need
for
your
operator
development,
because
a
lot
of
these
generic
functions
need
to
be
implemented
and
managed
in
go.
But
when
you
use
ansible
operator
sdk,
you
have
all
of
these
implemented
and
taken
care
of
for
you.
So
you
don't
need
to
worry
about
that.
So
you
can
see
straight
away.
B
That
the
ansible
operators
work
is
by
reading
a
watcher's
file
you
said
is,
is
looking
into
what's
happening
in
your
cluster,
so
it's
reading
a
watches,
file,
watches
that
the
ammo
file
and
it's
monitoring
the
events
on
the
cluster
based
on
what's
specified
in
there
and
when
it
finds
a
matching
event.
Then
the
operator
sdk
wants
the
ansible
automation
associated
with
it.
B
It
does
everything
it
needs
to
do
and
then,
when
it's
completed,
then
the
sdk
binary
would
take
the
results
of
what's
happened
in
a
specific
answer.
Automation
run
and
update
the
status
of
the
custom
resource-
that's
associated
with
it.
So,
as
I
just
mentioned,
as
well
as
an
operator
developer,
when
you're
working
with
ansible
sp
ansible
operator
sdk,
all
you
need
to
do
is
to
provide
the
watch,
watches
file
and
the
ansible
content
that
manages
your
application
life
cycle.
B
A
C
Pretty
pretty
easy
to
be,
to
be
honest,
and
around
this
I
I
got
questions
usually
from
customers
like
and
do
my
my
staff
to
to
they
need
to
learn.
Go
to
to
do
these,
and
no
I
mean
you
have
actually
playbooks
and
you
have
roles
that
do
something
that
you
need
to
automate
and
you
want
to
bring
that
knowledge
and
that
experience
to
the
kubernetes
world
just
use
the
operator
framework.
That
will
easy
that
touch
for
you.
C
You
will
recycle
the
the
role
or
the
knowledge
that
you
already
implemented
in
ansible,
and
you
will
be
able
to
reduce
that
so
so
the
the
idea
here
is
offering
you
solutions,
so
you
have
a
knowledge
like
fast
said
previously,
you
have
already
a
knowledge,
you
trained
your
people
inansible
and
now
you
are
starting
or
you
are
on
boarding
on
kubernetes
and,
and
you
don't
want
like
to
to
throw
away
everything
and
start
from
scratch.
You
want
to
recycle
what
you
have.
C
A
C
Not
really
much,
I
mean
if
it's
a
simple
playbook
that
produces
an
asterisk
bucket
and
you
need
to
consume
that
using
the
the
operator
or
framework
it
will.
It
will
be
done.
I
don't
know,
maybe
the
first
time
it
will
take
a
little
bit
longer,
but
probably
around
20
minutes
to
20
minutes
or
an
hour.
You
can
have
it
running
the
first
time
because
you
have
to
you
know,
start
using
it
installing
configuring,
but
it's
something
that
is
going
to
be
pretty
fast
once
once.
C
C
B
F
C
A
C
C
C
Yeah,
so
the
operator
is
installed
and
is
waiting
for
foreign
and
and
concrete
action,
and
the
discount
reduction
is
the
creation
of
a
multi-cluster
hub
cr.
So
we're
going
to
create
it.
And
now
you
see
that
the
face
says
it's
installing
and
if
we
come
back
to
the
developer
view
we
will
see
here
in
that
there
are
pods
starting
to
create.
So
basically
we
had
our
operator
installed,
but
we
didn't
have
acn
installed.
C
Acm
was
waiting
on
this
object,
that
is
the
multi-cluster
hub
object
and
now
that
we
created
it's
starting
to
actually
install
acn
and
we
will
come
back
later
because
this
takes
like
six
seven
minutes
to
to
finish,
and
it
is
not
worth
to
to
wait
here
and
let's
move
on
to
an
actual
acm
and
acm,
as
natalie
said,
is
a
multi-cluster
and
managing
tool
and
it
can
manage
not
only
openshift
but
also
the
public
cloud.
Kubernetes
services
like
aks
ekgs,
geeky
rocks.
So
we
can.
C
We
can
manage
different,
different
kubernetes
platforms,
not
just
openshift,
and
in
here
we
see
like
four
boxes,
and
these
are
the
four
areas
where
acm
can
help
you
in
the
in
the
multi-cluster
management.
So
and
today,
more
concretely,
we
will
be
focusing
in
those
these
two
areas,
so
how
the
automation
of
acn
can
help
us
for
governance,
risk
and
compliance.
A
D
C
C
Entities-
and
that
was
what
I
was
planning
to
do
right
right
now,
so
this
top
part
is
the
the
acm
part.
Let's
say:
okay
and
I'm
going
to
explain
you
a
little
bit
more
about
these
pieces
and
down
there.
We
have
the
kubernetes
pieces
or
the
openshift
pieces,
a
stereo
set
so
basically
to
deploy
this.
We
are
using
some
deployments.
C
We
are
using
a
pb
to
store
information
and
we
exposing
a
service
in
a
root.
So
we
can
actually
access
the
application.
And
now
I'm
going
to
show
you
a
little
bit
on
the
on
here
and,
of
course,
I'm
going
to
make
it
bigger
sorry.
So
we
have
this
application.
Lifecycle.
Okay-
and
you
see
here
that
we
have
two
different
folders
and
this
is
because
acm
uses
as
a
back
tool
githubs
so
for
applications
and
for
policies.
C
We
need
to
define
things
in
a
git
repo
or
in
a
hand
chart
in
a
way
that
acm
can
consume
it,
and
any
change
that
will
be
propagated
in
our
clusters
will
be
done
using
githubs.
So
in
here
to
make
it
simple.
I
put
this
application
and
I
put
these
resources
in
two
folders,
so
acm
understands
that
in
here
I'm
defining
the
pieces
that
acm
needs
to
manage
this
pacman
repo.
C
So
the
piece
that
is
going
to
be
github's
affected
is
this
folder,
this
pacman
folder
and
this
repo,
this
other
folder,
creates
all
the
resources
that
we
need.
So
basically
there
are
three
pieces.
This
is
the
channel
and
the
channel.
Basically
we're
telling
okay,
I
need
a
source
of
information,
and
this
is
the
same
for
applications
and
for
policies
that
we
will
see
later
on,
but
we've
seen
like
okay,
this
is
a
channel,
I'm
defining
a
github
repo,
that's
cool.
I
have
my
git
repo.
C
So
now
I
need
what
is
called
a
placement
rule
and
a
placement
rule
basically
is
defining
where
I
want
to
deploy
and
using
placement
rules,
application
and
subscriptions
and
and
channels.
We
are
able
to
manage
at
scale,
and
you
will
see
how
that's
how
it
works
later
on,
but
basically
in
here
in
the
placement
rule,
mainly
I'm
saying
okay,
I
want
you
to
deploy
this
on
the
environment,
that
clusters
that's
cool,
and
then
we
have
some
extra
information
here,
so
we
are
seeing
that
we
are
specifying
okay.
C
I
want
you
to
deploy
the
applications
in
clusters
that
have
this
label,
but
also
in
clusters
that
are
actually
online
and
reporting,
and
there
is
another
automation
piece
here
that
is
cluster
replicas
and
we
will
see
in
the
demo.
Basically
I'm
telling
it
okay,
I
may
have
five
clusters
that
can
be
affected.
Three
clusters
25,
but
I
just
want
to
deploy
this
in
two
clusters
and
if,
in
any
moment,
one
of
these
two
clusters
is
not
accomplishing
this
condition,
so
it's
not
online
reporting,
because
something
happened.
C
C
Because,
in
fact,
this
is
the
most
important
piece
the
subscription
basically
is
joining
the
channel,
so
it's
using
okay,
this
is
the
source
of
my
information-
is
using
the
placement
rule.
I
want
it
to
deploy
here
with
certain
conditions,
and
now
I
want
you
to
deploy
whatever
is
inside
this
channel
in
this
folder
in
this
branch.
C
I
want
you
to
deploy
it
in
the
affected
clusters,
so
let's
go
into
to
see
how
how
it
works
here.
At
this
moment,
we
saw
that
we
are
deploying
in
the
tech
clusters.
So
if
we
move
to
the
clusters
we'll
see
that
we
have
full
clusters,
so
we
have
environment
that
in
three
clusters,
so
in
amazon,
in
bare
metal
and
in
the
local
cluster.
C
Not
in
this
occasion,
but
if
you
had
you
could
use
ansible
to
configure
that
load
balancer
when
you
redeploy
and
change
the
application
from
one
cluster
to
another,
not
in
this
case.
This
case
is
just
deployed
in
two
different
clusters,
but
we
could
configure
a
global
load
balancer
in
front
in
front
of
them,
but
not
in
this
case.
C
C
We
have
three
clusters
with
the
right
label
and
it's
deployed
in
this
bare
metal
and
in
this
one,
so
I'm
going
to
remove
the
label
from
here
the
environment
dev-
and
this
is
kind
of
a
cheap
simulation
of
that
this
cluster
went
down
and
what
is
going
to
happen
is
now
acm
is
going
to
react.
It's
going
to
detect
that
this
cluster
is
not
affected,
no
longer
for
the
placement
rule
and
is
going
to
redeploy
the
application
and
it's
in
fact
it
says
now
that
is
one
remote
and
one
local.
C
It
is
deploying
now
the
application
in
the
local
cluster,
and
we
can
see
here
that
is
in
fact
not
yet
deployed.
It
is
working,
it
is
advanced
and
in
here
it
changed
from
aws,
manage
one
and
bare
metal
to
aws
management
and
local
cluster.
So
now
it's
really
deploying
the
pacman
application
in
the
in
the
local
cluster.
C
So
this
is
this
is
how
we
can
automate
in
case
of
problems,
or
we
can
automate
just
changing
labels
whole
to
the
where
to
deploy
our
applications.
So
you
define
a
git
repo,
your
application,
you
create
the
pieces
and
you
deploy,
and
here
we
have
also
a
cool
editor
if
we
want
to
use
it
to
make
sure
that
it's
easier
for
you
to
deploy
an
application.
C
This
is
the
upstream
right
for
ocm,
and
here
you
can
find
application
samples.
You
can
find
demos,
you
can
find
policies,
and-
and
this
is
something
that
we
are
going
to
use
now-
the
policy
collection
and-
and
you
have
a
lot
of
information
around
the
acm
and
how
to
how
to
use
it.
So
this
is
a
a
repo
that
you
should
bookmark.
Okay,.
A
C
That
that
that
definitely
you
can
do
and
now
that
we
see
this
and
you
can
see
if
I
make
it
bigger,
of
course
that
now
the
applications
are
are
deployed,
and
I
can
go
now
to
this
route
in
my
local
cluster
and
I
have
pacman
running
here
also
and
regarding
the
githubs
I
introduce,
I
want
to
make
a
change
now,
so
you
can
see.
So
basically
you
see
that
we
are
using
a
blue
background:
pacman,
okay!
So
it's
okay!
Now
I'm
going
to
change
that
using
using
githubs.
F
C
C
I
don't
know
now:
what
is
the
zoom
chat?
To
be
honest,
so
I'm
going
to
share
to
you
in
in
telegram:
okay,
okay,
cool,
I'm
not
table,
it's
everything
got
minimized
when
I
started
to
to
use
sharing
my
screen
and
now
I
don't
know
what
it
is
to
be
honest.
So
basically
hey
it's
let's,
let's
be
frank.
Now,
basically,
what
I'm
going
to
do
is
in
this
repo.
C
C
D
Earlier
automation,
munziple
puppet
soul
stack
whatever
were
created
to
kind
of
automate,
the
let's
say:
stateful
servers,
let's
say
vm's
bare
metal,
and
now
we
can
see
that
there
is
going
to
be
like
containers
are
linux,
so
you
are
deploying
a
new
host
and
there
is
a
multiple
deployments
key
tops
and
everything
and
the
everything
around
kubernetes
is
moving
so
fast.
Do
you
think
that
ansible
is
keeping
the
pace?
D
B
So
I've
been
asked
to
reframe
from
using
githubs,
so
I'm
gonna
refer
to
github
as
devops
and
just
to
keep
my
dear
colleague
happy,
and
so
definitely
when
we're
talking
about
something
in
detox
devops,
we
need.
We
need
to
be
able
to
codify
that
state
of
our
I.t
infrastructure.
Right
and
ansible
is
one
of
the
best
solutions
and
the
most
simple
and
most
powerful
solutions
that
we
can
do
at.
So
absolutely.
B
It
fits
in
really
well
with
your
devops
strategy,
because
then
you'll
be
able
to
keep
your
git
as
your
single
source
of
truth
and
then
have
your
infrastructure
modeled
in
a
declarative
way
using
ansible.
So
definitely
in
that
front,
yes,
in
terms
of
you
mentioned
debt
psychops,
yes,
ansible
is,
is
moving
forward
in
in
the
area
of
security
operations,
automating
security
operations.
B
Specifically,
we
have
a
lot
of
development
into
getting
security,
vendors
and
security
solutions
on
board,
as
our
certified
partners
that
are
we
extending
into
the
soccer
security
operations
center
automation
as
well
so
yeah
we're
keeping
up
the
architecture
of
ansible
is
changing.
So
the
way
that
you're
running
your
answer,
but
it's
all
going
to
be
containerized
called
execution
environments
so
yeah
we
are
moving
on.
D
E
D
C
Yeah
and
as
you
can
see
now,
pac-man
background
is
now
green
and
of
course,
I
prepared
something
that
is
maybe
very
simple
that
it's,
for
instance,
in
this
case
no
pipelines
involved.
I
just
pushed
the
code
and
the
code
went
to
to
the
proper
clusters,
but
you
could
you
could
also
involve
pipelines
with
tech
tune
with
what,
with
any
tool
for
pilots
you're
using
and
push
a
new
image
to
the
re
to
the
registry.
So
in
this
case
it's
in
quake
and
basically
with
this
subscription
channel
and
placement
rule.
C
What
is
going
to
happen
is
that
the
the
clusters
themselves
are
getting
the
the
new
definition,
the
general
definition
of
this
application
that
you
will
have
to
push.
Let's
say
with
your
that's
the
last
step
in
your
pipeline.
In
this
case
we
change
a
deployment
file,
so
the
clusters
will
be
checking
that
repo
that
resource
in
a
repo
and
when
something
happens
they
get
that
that
update
automatically
and
you
as
you
could
see.
C
I
didn't
change
anything
from
here
from
acm
or
I
just
pushed
some
in
change
into
into
git
and
the
clusters
got
the
change
automatically.
So
again.
This
is
the
the
auto
the
automatic
automatization
automation
background.
Sorry,
my
english
is
betraying
me.
The
automation
background
for
for
acm,
I'm
using
git
in
git.
I'm
start
the
definition
of
what
I
want
and
this
definition
has
changed
and
it
got
propagated
automatically
to
the
clusters.
C
F
C
We
I
like
to
say
that
we
are
not
reinventing
the
wheel,
so
what
we
are
going
now
is
we
change
that
label
from
here
to
here
and
we
are
going
to
move
to
the
policy
area
and
we
will
see
that
we
have
a
policy
that
is
now
checking
but
not
acting
these
clusters,
so
it's
still
getting
the
status
from
this
new
one.
But
basically,
if
we
go
to
the
status,
this
policy
is
telling
us
this
is
compliant.
C
This
is
in
the
specific
version
that
we
need
to
to
be
sorry
about
that,
but
this
one
it
is
not
it's
not
in
the
in
the
person
that
we
need,
and
what
we
are
going
to
do
is
check
the
policy
in
the
repo
that
is
now
in
inform
mode,
and
this
means
that
is
checking.
But
it's
not
acting.
It
is
not
behaving
in
the
the
the
way
you
will
expect
from
an
from
a
controller,
so
the
controller
is
realizing.
C
A
C
Now,
as
you
can
see,
this
says,
enforce
and
is
setting
is
not
matching.
Oh
wait.
It
already
changed,
it's
saying
that
it's
compliant
and
now,
if
we
go
back
to
the
cluster
area,
we'll
see
that
our
cluster
is
upgrading
and
I
didn't
do
anything
super
complicated.
I
just
said:
okay,
I
want
the
clusters
in
this
cluster
version
and
again
this
is
automation.
This
is
open
shift,
so
this
is.
E
C
A
C
C
So
at
the
end,
we
are
just
sending
a
notification
when
we
deploy
the
application,
but
we
could
also
set
a
pre-hook,
so
we
could
do
something
before
deploying
application
and
something
after
the
application
it's
deployed,
and
if
we
go
there
in
here
we
get
another
cr
that
is
called
ansible
job
and
it's
using
a
secret
to
access
tower
and
we
are
deploying
an
either
path
application.
So
nothing
super
fancy
and
I'm
going
to
activate
the
slack
just
to
get
the
notification
and
looks
like
something
is
happening.
C
B
F
C
B
Yeah,
so
what
you
see
here
is
asabo
tower,
and
this
is
how
we
are
making
that
integration
between
our
advanced
cluster
management,
so
our
clout
native
sort
of
deploying
our
application
and
linking
it
to
our
existing
id
systems,
which
in
this
case
was,
was
a
slack.
So
this
is
the
interface
to
isable
tower
when
we
finally
log
in
you'll
be
able
to
see
that.
B
This
ability
to
get
to
the
apis
of
tower,
because
we
write
and
organize
our
automation
pieces,
our
playbooks,
then
we
connect
them
together
in
order
to
achieve
an
end-to-end
automation
and
what
the
api
connection
to
tower
does
for
us
is
just
to
call
this
totally
in
a
totally
automated
way.
If
you
want
to
and
we'll
be
able
to
so
it
just.
B
It
just
opens
a
whole
new
big
world
for
us,
we
can
do
anything
and
everything
we
like
now
that
we've
got
access
to
our
support
tower
anything
that
may
be
our
existing
automation
or
anything
that
we
want
to
create
new
in
our
existing
party
and
then
connect
it
to
our
kubernetes
clusters
and
so
forth.
So
in
here
the
only
thing
we
have
is
a
simple
playbook
that
allows
us
to
send
that
notification
to
slack,
but
the
possibilities
are
endless
it
could.
B
This
could
be
anything
and
everything
from
provisioning,
your
vms
configuring
them,
then,
if
you've
got
a
set
of
applications
that
you
already
running
into
your
non-cloud
and
even
off
cluster
sort
of
setup,
even
your
application
deployment.
Everything
can
be
automated
using
ansible
this
way
and
because
of
the
connection
you
get
that's
when
you
get
the
real
power,
so
we've
always
talked
about
throughout
the
years
about
ansible
as
the
automation
glue,
because
it's
so
flexible
and
it
works
with
just
about
anything
and
yet
again,
this
connection
as
you've
seen
today.
B
It
proves
to
be
a
great
solution
for
bringing
the
traditional
and
off
cluster
and
your
cloud
might
even
unclus
their
infrastructure
together
in
a
simple,
effective
way.
So
in
effect,
you
have
a
single
workflow
to
manage
your
complex,
hybrid
cloud
environment
without
having
to
choose
in
between
one
or
two.
So
you
have
like
an
a
single
workflow
that
achieves
everything
for
us
and
enables
us
to
have
that
end-to-end
automation.
D
C
Yeah
the
operator
communicates
tower
with
acm.
Okay,
that's
easy,
yeah,
it's
not
not,
and
as
as
fast
said,
the
cool
thing
is,
you
have
towers,
you're
already
using
towers.
You
can
reduce
the
only
thing
you
have
to
take
into
account,
and
this
is
coming
from
the
kubernetes
wall
that
there
are
reconciliation
loops
that
can
be
run
at
any
time,
and
when
this
happens,
the
playbook
will
be
run
again.
A
A
A
Yeah,
so,
okay
in
the
while
what
I
wanted,
I
would
like
to
thank
faz
and
andres
to
for
preparing
this.
Super
cool
live
demo
live
demo.
We
we
have
seen
today
that,
with
acm
and
ansible
on
top
of
openshift,
we
can
have
also
connection
to
tools
like
tower
for
connecting
automation
to
non-container
workloads
and
also
container
workloads
with
kubernetes.
So
this
is
really
cool.
Thank
you
for
joining
us
today,
fuzz
and
undress.
A
The
next
episode
would
be
for
us
on
march
31,
we're
gonna
have
a
topic
about
inner
and
outer
loop
with
java,
with
other
super
cool
guests.
Today,
in
the
shadow
we
have
in
openshift
tv,
we
have
ask
an
admin,
an
openshift
admin
and
then
scalable
multiplayer
game
design
with
operation.
So
take
a
look
on
the
calendar
at
openshifttv,
and
I
would
really
like
will
thank
you,
andres
and
fast
for
joining
and
taro.
Thank
you
for
starting
this
other
cool
episode
that
we
have
here.