Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Ansible Automation Best Practices From Startups...

Ansible Automation Best Practices From Startups To Enterprises

Ansible is the Swiss Army knife of DevOps, capable of handling many powerful automation tasks with the flexibility to adapt to many environments and workflows. Not all approaches are created equally, though. Don't let yours undermine the simplicity and power of Ansible. Based on actual experiences helping Ansible users, we'll show you what to do, and what not to do, to create the most reliable, resilient, and easy-to-manage solutions.

Keith Resar

June 08, 2017
Tweet

More Decks by Keith Resar

Other Decks in Technology

Transcript

  1. a simple automation language that can perfectly describe an IT

    application infrastructure in Ansible Playbooks. an automation engine that runs Ansible Playbooks. Ansible Tower is an enterprise framework for controlling, securing and managing your Ansible automation with a UI and restful API.
  2. • 22,000+ stars & 7,100+ forks on GitHub • 2600+

    GitHub Contributors • Over 1000 modules shipped with Ansible • New contributors added every day • 1400+ users on IRC channel • Top 10 open source projects in 2014 • World-wide meetups taking monthly • Ansible Galaxy: over 7,000 Roles • 250,000+ downloads a month • AnsibleFests in NYC, SF, London
  3. Human readable automation No special coding skills needed Tasks executed

    in order Get productive quickly App deployment Configuration management Workflow orchestration Orchestrate the app lifecycle Agentless architecture Uses OpenSSH & WinRM No agents to exploit or update More efficient & more secure @KeithResar
  4. @KeithResar From: The Boss To: Sweater Subject: Rebuild Web02! Sweater,

    Get Apache installed straight away on web02. Corp-web is down. Use the same config as web01. - The Boss.
  5. @KeithResar > ssh web02 web02> yum -y install httpd web02>

    sudo yum -y install httpd Sweater, INSTALL APACHE on WEB02
  6. @KeithResar > ssh web02 web02> yum -y install httpd web02>

    sudo yum -y install httpd web02> # Copy configs from web01 Sweater, INSTALL APACHE on WEB02
  7. @KeithResar > ssh web02 web02> yum -y install httpd web02>

    sudo yum -y install httpd web02> # Copy configs from web01 web02> # DONE? Sweater, INSTALL APACHE on WEB02
  8. @KeithResar --- - name: install and start apache hosts: all

    vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: install httpd yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf - name: start httpd service: name=httpd state=running
  9. @KeithResar --- - name: install and start apache hosts: all

    vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: install httpd yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf - name: start httpd service: name=httpd state=running
  10. @KeithResar --- - name: install and start apache hosts: all

    vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: install httpd yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf - name: start httpd service: name=httpd state=running
  11. @KeithResar --- - name: install and start apache hosts: all

    vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: install httpd yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf - name: start httpd service: name=httpd state=running
  12. @KeithResar --- - name: install and start apache hosts: all

    vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: install httpd yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf - name: start httpd service: name=httpd state=running
  13. @KeithResar --- - name: install and start apache hosts: all

    vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: install httpd yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf - name: start httpd service: name=httpd state=running
  14. @KeithResar --- - name: install and start apache hosts: all

    vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: install httpd yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf - name: start httpd service: name=httpd state=running
  15. @KeithResar > ansible -m setup > ansible -m ping >

    ansible -m command -a ‘rm -rf /var/tmp/session’ > ansible -m copy -a ‘src=foo dest=/foo/bar’
  16. @KeithResar roles/ common/ # This hierarchy represents a "role" tasks/

    # main.yml # <-- tasks file can include smaller files handlers/ # main.yml # <-- handlers file templates/ # <-- files for use with template module httpd.conf.j2 # <-- templates end in .j2 files/ # bar.txt # <-- files for use with the copy module foo.sh # <-- script files used with script module vars/ # main.yml # <-- variables associated with this role
  17. @KeithResar CROSS PLATFORM – Linux, Windows, UNIX Agentless support for

    all major OS variants, physical, virtual, cloud and network HUMAN READABLE – YAML Perfectly describe and document every aspect of your application environment PERFECT DESCRIPTION OF APPLICATION Every change can be made by playbooks, ensuring everyone is on the same page VERSION CONTROLLED Playbooks are plain-text. Treat them like code in your existing version control. DYNAMIC INVENTORIES Capture all the servers 100% of the time, regardless of infrastructure, location, etc. ORCHESTRATION THAT PLAYS WELL WITH OTHERS Homogenize existing environments by leveraging current toolsets