June 23, 2017 - London, UK
This year, I decided to go to AnsibleFest.
Since the day before AnsibleFest, an Ansible Contributor Conference was scheduled, I decided to partecipate to both.
On Wednesday morning I arrived to the location and I had the pleasure of speaking with few people before the begin of the Contributor Conference.
The Contributor Conference was very interesting and I had the occasion to speak with many other people over the course of the day.
Read More 
June 5, 2017
Lately I have been programming quite a bit and - for the first time - I have used Golang doing so.
Go is a very nice language and really helped me with the development.
One of the reasons why I have enjoyed this much Go is the standard library, which is amazing.
I would like to share today the easiness of creating a basic Certificate Authority and signed certificates in Go.
Read More 
May 31, 2017
Ansible Tower 3.1 has recently been released, and it does implement real HA.
In fact, up to version 3.0, Ansible Tower multi-node installation, only allowed a single machine to be primary and the switch was not possible in an automated fashion, so if the primary Ansible Tower would have collapsed, an operator should have promoted one of the secondary Ansible Tower to be primary to be able to carry on the work.
With Ansible Tower 3.1 this is no longer the case, since all Ansible Tower machines are active all the time.
Read More 
April 26, 2017
After many years of using Hetzner as a server provider, and having rented from them multiple servers for many reasons, I decided to rent a server with 128Gb of RAM to do some tests with many (virtualized) machines on top of CentOS.
As it often happens, hosting providers put in place a lot of security measurements that sometimes make doing simple stuff more complex.
The first approach I tried was using the (only) Ethernet interface as a bridged interface, but that did not brought me very far.
Speaking with the support they pointed out that it was impossible in my setup, so I moved to the second option: the broute.
Read More 
March 21, 2017
Sometimes I need to do some tests which are destructive and I need to perform them over and over until I figure out a process that reliably brings me to a desired state.
I usually create some kind of easy to provision environments and work on it.
In the last few weeks I found myself working on an etcd cluster, so I created an environment with Vagrant, and since I had to write the majority of this by myself, since I have not found anything on Google that suited my needs, I’m going to share this with you.
Read More 
March 1, 2017
I often receive questions about Ansible Inventories (far more often than any other Ansible component).
My guess is that Inventories are effectively among the most complex things in Ansible.
Ansible Inventories are complex in the following ways:
- After you have decided an Inventory model is hard to change it, in fact you would probably be required to touch all your Playbooks to make everything working again
- There is not a single way of doing Inventories
- Often Inventories are the glue to make a generic Playbook run properly on your specific architecture.
Grouping philosophies
The two main philosophies I saw in the many years I’ve worked with Ansible are:
Read More 
February 5, 2017 - Bruxelles, BE
FOSDEM is a must for all open source enthusiast in Europe and close by.
I think that the reasons to go to FOSDEM are different from the reasons of many other conferences, but equally valid.
The comparison with DevConf is obvious, due to the temporal closeness of the two events.
I think that DevConf is more about enterprise grade software (or close to be), while FOSDEM is more about experimentations and community.
The causes for this are probably obvious if you consider that DevConf is mainly sponsored by Red Hat, while FOSDEM is completely community driven.
Read More 
January 29, 2017 - Brno, CZ
I think this is a special moment of the year, where in less than two weeks is possible to meet a huge amount of Open Source contributors in person.
Obviously you will need to take few flights, but it’s definitely worth.
DevConf this year was great.
I’ve been able to assist to a huge amount of talks (more than 20) and the majority of which were very interesting.
As always in conferences, there are themes heavily discussed and other completely absent.
This year at DevConf (like in many others conferences) containers are a very big topic.
The other big topic (related, but different) was Modularization, an approach Fedora is trying to
Read More 
December 13, 2016
When I speak with people that are starting with Ansible from Puppet, the first thing they want to experiment is Ansible Galaxy.
This leaves me very sceptical, since I think the default mode in Ansible should be DIY.
Since I’ve found myself in this situation far to many times, I decided to write down all the reasons why you should avoid Ansible Galaxy in the majority of situations.
Using Ansible Galaxy often violates the Ansible way.
My interpretation of the Ansible Way, is do not do adopt overkill solution (also known as the classic “Keep It Simple Stupid” principle).
Many times the Ansible Roles you can find in Ansible Galaxy are completely overkill because are created by people coming from the Puppet world (that has a completely different approach).
Modules that install for you and configure NTP or Java for any possible distribution (and sometimes even different OS) means that you substitute a couple of Tasks with hundreds of lines of code.
Often the majority of the code can be stripped because is not applicable to the specific environment.
Read More
December 1, 2016
The single most frequent complain I hear about Ansible is about it’s slowness.
This is very common, but even more common among people that used to use Puppet.
There are many reasons why Ansible is slower than Puppet.
The three main reasons are:
- Linear execution: Ansible will execute each operation in order and will not run many steps at the same time as Puppet does.
- SSH Connection: all Ansible commands will be issued from the control system to the controlled system via SSH. On the other hand, in Puppet, all commands will be issued locally on the controlled host by the Puppet agent.
- Host limitation: since the Ansible Controller is involved with the process of applying changes to the controlled system, a limited number of systems can be changes at once.
Those limits come out from design decisions that preferred a simpler Playbook writing and a safer execution rather than speed.
There are some things that can be done to increase the performances of Ansible:
Read More 
(Fabio Alessandro Locati|Fale)'s blog