Try   HackMD
tags: CfgMgmtCamp 2025

CfgMgmtCamp 2025 : Day 1 Ansible Talks

Room : Ansible 1 (B.1.017)

Gundalow: Ansible - State of the Community

Time: 14:00–14:50

Notes

Felix Fontein: Using SOPS to manage secrets in Ansible

Time: 14:50–15:40

Notes

Mark Bolwell: Making OS compliance bearable

Time: 16:00–16:50

Notes

Fabio Alessandro "Fale" Locati: Simplifying container orchestration with Ansible and Podman

Time: 16:50-17:40

Notes

Room : Ansible 2 (B.1.014)

Alina Buzachis: Automating AWS Cloud Services with Ansible

Time: 14:00–14:25

https://cfp.cfgmgmtcamp.org/ghent2025/talk/UGQHAP/

13 attendees

Q&A

Tim: Any focus areas for AWS collections? Any module wishlist?

  • No responses.

What is the process for promoting modules?
When there is a customer use case, we try to support it that way. Also when modules are frequently used.

Is there a correlation between most used modules and their quality?
Tim: With enough eyes, the more they get looked at and the better the quality.

Ganesh B Nalawade: Streamlining the Ansible creator experience with the new and improved Ansible Development tools

Time: 14:25–14:50

https://cfp.cfgmgmtcamp.org/ghent2025/talk/EDFRP8/

20 attendees

Ganesh: How many have used dev containers? Approx 3 people raised their hand.

Q: Dev container only used for vscode integration? Can you use it with vim or environments outside of VSCode?
A: VSCode just makes it easier. Dev container has builder so you can build and test your container. Language server you can use with vim.

Sorin Sbarnea: Beyond copy-paste: Using Ansible Development Tools for Robust Automation Content

Time: 14:50–15:40

https://cfp.cfgmgmtcamp.org/ghent2025/talk/GK8THR/

Full house. Approx 50 attendees.

Q: Collections installed in venv. Also possible to install roles?
A: Yes, it is possible.

Q: How do EEs interact with molecule?
A: Molecule is inside the Ansible dev tools container.

Q: Does it spawn other containers?
A: Yes but you might need to be careful for security risks. Start a container that starts another container.

How many people use molecule?
Show of hands is pretty low. About 7.

Who has never run Ansible Lint?
Nobody raises their hands.

Who hasn't had problems with Ansible Lint?
No response.

Q: Is there anything on the roadmap like markdown linting in order to fix what it discovers?
A: Linter has the auto fix feature. Linting markdown is high on the list - it's part of the collection.

Q: Many ways to create a collection? Which would you recommend? Why is the linter so slow in vscode?
A: Multiple reasons for the slow performance. Can be something specific to your use case. By default the linter investigates all files that are not ignored by git, can take up time if you have a large collection installed for example.

Q: Using bitwarden to manage ansible vault secrets, not optimized for speed. Have issue with lint being slow, does lint need access to vault? // Unlocking Ansible secrets takes time, makes lint slow.
A: Can deny access and provide dummy passwords. Ideally provide access to secrets, better quality answer.

Q: Decent ways to reuse molecule scenario content? Deploy MySQL with tls and without tls support. How to create reusable scenarios for this?
A: Could use a loop inside an existing scenario. Can add feature to allow matrix expansion for scenario parameters.

Toshaan Bharvani: Running Ansible, Icinga and Request Tracker to have event driven automated infrastructure management

Time: 16:00–16:50

https://cfp.cfgmgmtcamp.org/ghent2025/talk/7QPPY3/

Approx 40 attendees

What other use cases other than host down?
MySQL cluster remediation. If more than 3 hosts go down in a group, generates a ticket and notifies Tosh.

Did you consider using ServiceNow?
SN is not open-source. Also do a bunch of other stuff with the system other than monitoring so there is a lot of complexity built in over 20 years.

If you started from scratch, would you make any other choices?
Request Tracker does everything they want but it just doesn't look nice.

Tried AWX but didn't add any benefit for their use case. EDA might solve part of what they're doing but there isn't much of a need and didn't exist when they started Request Tracker.

Niklas Werker: Comparing Ansible Development Environment Implementations

Time: 16:50–17:40

20 attendees

Q: Most common pitfalls starting out with dev containers?
A: Don't overthink it. Depends on what you want to do. Depends on your workflows. Pin your versions, don't run on latest. Biggest pitfall was not starting with it.

Observation that the community-minimal-ee image was used as the basis for one of the deve

CfgMgmtCamp 2025 : Day 2 Ansible Talks

Room : Ansible 1 (B.1.017)

Luca Berton: Automating AI-Powered Graph Databases with Ansible: A Neo4j GenAI Case Study

Time: 14:00–14:25

Notes

Helen Bailey: Modernizing AWX: From monolith to pluggable services

Time: 14:25–14:50

Notes

Tim Appnel: You’re Doing Ansible Roles All Wrong

Time: 14:50-15:40

Notes

Don Naro, Andrei Klychkov: Creating Ansible modules is a lot easier than you think

Time: 16:00–16:25

Notes

Kirill Satarin: Functional programming design patterns in Ansible code

Time: 16:25–16:50

https://cfp.cfgmgmtcamp.org/ghent2025/talk/NVGQ39/

Sorin Sbarnea: From Manual Testing to Continuous Validation: Taking the Quality of Ansible Content to the Next Level

Time: 16:50–17:40

Notes

Room : Ansible 2 (B.1.014)

James Freeman: Securing Secrets at Scale: Integrating Ansible Automation with Conjur

Time: 14:00–14:50

https://cfp.cfgmgmtcamp.org/ghent2025/talk/ERF7ZA/

approx 30 attendees

Q: Token lifetime is 5 mins default, are the tokens needed for lookups or only for adding control nodes to conjur?
A: works like an invitation token for control node

Q: scalability - because of lazy loading, lookups have multiple calls, takes time
A: need to do research

Q: ansible cannot read passwords but applications can - what did you mean?
A:

Rohit: Resilient Network Automation: Deploy, Validate, Backup and Restore with Ansible

Time: 14:50-15:40

https://cfp.cfgmgmtcamp.org/ghent2025/talk/TRZ3PA/

Q: backup and restore, how do you pick a specific file? (??)
A: relies on a tag

Q: why have different roles for remediate and deploy?
A: reason is so many platforms, separate collections with different modules. including everything in one role would add complexity

Q: how "smart" is remediate? is it smart enough to reorder () lines?
A: yes, it will point to whatever data store you provide. complexity is taken care of by acl modules that include checks.

Q: can still extend to work with network systems not juniper, arista, cisco?
A: platform is not supported? you have to write modules first, either writing a connection plugin and then come up with the modules. once you have those modules then it's a lot easier to write this content

Q: collections on GH but not galaxy?
A: only on GH right now. getting into shape, looking for more involvement and community suggestions before going to galaxy

Fabio Alessandro "Fale" Locati: Leverage Event-Driven Ansible to reduce your automation reaction time

Time: 16:00-16:50

Notes

Last changed by 
Ansible Community
Support Ansible Community working groups and related initiatives
0
33

Read more

Migrating the docs subdomain

This proposal outlines the plan to migrate the docs.ansible.com subdomain to Read The Docs.

Mar 13, 2025
Ansible Contributor Summit, Ghent 2025

Contributor Summit notes

Mar 10, 2025
Cfgmgmtcamp speaker updates

Please update the speakers for the following talks:

Dec 11, 2024
Cfgmgmtcamp 2025 Ansible tracks

Details for organizing Ansible tracks at Cfgmgmtcamp 2025.

Dec 2, 2024
Read more from Ansible Community
Published on HackMD