Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Getting Started with Ansible

Erika Heidi
October 28, 2014

Getting Started with Ansible

Slides for my talk "Getting Started with Ansible", as presented at Domcode - Utrecht.

Erika Heidi

October 28, 2014
Tweet

More Decks by Erika Heidi

Other Decks in Programming

Transcript

  1. whoami • (PHP) Developer Advocate at DigitalOcean • Working with

    PHP and Linux for 10+ years • Author of Vagrant Cookbook and phansible.com
  2. What to expect from this talk 1. Ansible Overview and

    Installation 2. Inventories and ad-hoc Commands 3. Working with Playbooks 4. Useful Resouces
  3. 1.1 Ansible Overview • Simple and Straightforward • Human-readable automation

    language • Agentless - needs only SSH • Extensive list of build-in modules • Used by Twitter, Atlassian, EA, Spotify, even NASA!
  4. 1.2 Installation $ brew update $ brew install ansible $

    sudo apt-add-repository -y ppa:ansible/ansible $ sudo apt-get update $ sudo apt-get install -y ansible Detailed installation instructions: do.co/ansible-docs Mac OSX Ubuntu *Windows is not officially supported as controller machine.
  5. 1.3 Setting up SSH access • Servers should be accessible

    via SSH using keypair authentication • It's recommended to have a user with sudo permission to run the tasks in the server How to configure your SSH access for running Ansible: bit.ly/ansible-ssh
  6. 2.2 ad-hoc commands $ ansible all -m ping $ ansible

    webservers -a “php -v” $ ansible all -i staging -a “sudo apt-get update” ansible group [-i inventory] [-m module]
  7. 3.1 A Simple Playbook # playbook.yml --- - hosts: all

    sudo: true tasks: - name: Update apt-cache apt: update_cache=yes - name: Install Nginx apt: pkg=nginx state=latest
  8. 3.2 Playbook x Manifest #Ansible playbook.yml --- - hosts: all

    sudo: true tasks: - name: Update apt-cache apt: update_cache=yes - name: Install Nginx apt: pkg=nginx state=latest #Puppet default.pp exec { 'apt-get update': command => '/usr/bin/apt-get update' } package { 'nginx': ensure => "installed", require => Exec['apt-get update'], }
  9. 3.3 Running playbooks $ ansible-playbook -i staging -l webservers playbook.yml

    $ ansible-playbook playbook.yml --list-hosts $ ansible-playbook playbook.yml --list-tasks ansible-playbook [-i inventory] [-l group] playbook.yml
  10. 3.3 Variables --- - hosts: all sudo: yes vars: web_server:

    nginx tasks: - name: Install {{ web_server }} apt: pkg={{ web_server }} state=latest
  11. 3.3 Variables (facts) • Information discovered from systems • Globally

    available • Example: ansible_default_ipv4.address
  12. 3.4 Loops (with_items) tasks: - name: Install Packages apt: pkg={{

    item }} state=latest with_items: - nginx - php5-fpm - git
  13. 3.4 Loops (with_items) tasks: - name: Add several users user:

    name={{ item.name }} state=present groups={{ item.groups }} with_items: - { name: 'testuser1', groups: 'wheel' } - { name: 'testuser2', groups: 'root' }
  14. 3.4 Loops (with_items) --- - hosts: all sudo: yes vars:

    sys_packages: [ 'nginx', 'php5-fpm', 'git' ] tasks: - name: Install Packages apt: pkg={{ item }} state=latest with_items: sys_packages
  15. 3.5 Conditionals - name: "shutdown Debian flavored systems" command: /sbin/shutdown

    -t now when: ansible_os_family == "Debian" - name: foo is defined shell: echo "I've got '{{ foo }}' and am not afraid to use it!" when: foo is defined - name: foo is not defined fail: msg="Bailing out. this play requires 'bar'" when: bar is not defined
  16. 3.4 Templates <VirtualHost *:80> ServerAdmin webmaster@localhost DocumentRoot {{ doc_root }}

    <Directory {{ doc_root }}> AllowOverride All Require all granted </Directory> </VirtualHost>
  17. 3.4 Templates - Usage - name: Change default apache vhost

    template: src=templates/apache.tpl dest=/etc/apache2/sites-available/000-default.conf
  18. 3.5 Handlers (services) --- - hosts: all sudo: yes vars:

    - doc_root: /vagrant tasks: - name: Change default apache vhost template: src=templates/apache.tpl dest=/etc/apache2/sites- available/000-default.conf notify: restart apache handlers: - name: restart apache service: name=apache2 state=restarted
  19. 3.6 Including Tasks --- - hosts: all sudo: true vars:

    doc_root: /vagrant/web tasks: - include: tasks/init.yml - include: tasks/nginxphp.yml handlers: - name: restart nginx service: name=nginx state=restarted
  20. 3.7 Roles . ├── playbook.yml └── roles ├── init │

    └── tasks │ └── main.yml └── nginxphp ├── handlers │ └── main.yml ├── tasks │ └── main.yml └── templates └── vhost.tpl #playbook.yml --- - hosts: all sudo: true vars: doc_root: /vagrant/web roles: - init - nginxphp