Vagrant + Ansible

Transcript

1. Vagrant and Ansible Michael Heap (@mheap) Developer at DataSift Presented

   at PHPNW13 Saturday, 5 October 13

2. Vagrant? Saturday, 5 October 13

3. Ansible? Saturday, 5 October 13

4. Puppet / Chef? Saturday, 5 October 13

5. Me! I’m Michael I’m @mheap Developer at... Saturday, 5 October

   13

6. Saturday, 5 October 13

7. Vagrant and Ansible Saturday, 5 October 13

8. Vagrant Development environments made easy Saturday, 5 October 13

9. Ansible Radically simple IT orchestration Saturday, 5 October 13

10. Why do we need them? Saturday, 5 October 13

11. “Works on my box” Saturday, 5 October 13

12. “The server disk died” Saturday, 5 October 13

13. Reproduction Saturday, 5 October 13

14. Let’s develop something! Spin up virtual machine Deploy dependencies Start

    hacking Saturday, 5 October 13

15. Get a machine This is where Vagrant comes in Saturday,

    5 October 13

16. Installation You’ll need Virtualbox (https://www.virtualbox.org/) You’ll also need Vagrant (http://vagrantup.com/)

    Saturday, 5 October 13

17. Get a Vagrant Box A box is a virtual machine

    image. There are official boxes available More at http://vagrantbox.es Saturday, 5 October 13

18. Create a box vagrant box add [name] [url] Saturday, 5

    October 13

19. Initialise a box mkdir vagrant-example cd vagrant-example vagrant init [name]

    Saturday, 5 October 13

20. Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10"

    config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13

21. Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10"

    config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13

22. Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10"

    config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13

23. Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10"

    config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13

24. $ vagrant up This will boot up your machine. If

    it already exists, it’ll just boot. If it doesn’t, it’ll import your base box Saturday, 5 October 13

25. $ vagrant ssh Log in to your new VM This

    uses INSECURE KEYS. Saturday, 5 October 13

26. $ vagrant halt Stop your machine and free up resources

    Saturday, 5 October 13

27. $ vagrant destroy Destroy your VM, including any changes you

    made. Next time you $ vagrant up, it’ll be a fresh box Saturday, 5 October 13

28. That’s Vagrant Saturday, 5 October 13

29. Now what? We have a machine, but it doesn’t actually

    do anything. Saturday, 5 October 13

30. It needs provisioning That’s where Ansible comes in Saturday, 5

    October 13

31. What is Ansible? “Radically simple IT orchestration.” What does that

    actually mean? Saturday, 5 October 13

32. Demo Time! Install apache2, php, mysql and git Configure a

    virtualhost Clone a site from Github Visit it in Chrome Saturday, 5 October 13

33. Installing Ansible Install from source, or from a package manager

    Use pip, apt or yum Saturday, 5 October 13

34. Inventory files We need to tell Ansible what machines to

    run on Saturday, 5 October 13

35. [web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October

    13

36. [web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October

    13

37. [web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October

    13

38. Development [web] 192.168.33.10 192.168.33.11 [loadbalancers] 192.168.33.12 [db] 192.168.33.13 Saturday, 5

    October 13

39. [web] web[1:10].example.com [loadbalancers] lb1.example.com lb2.example.com [db] db1.example.com Production Saturday, 5

    October 13

40. [web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

41. [web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

42. [web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

43. [web] 192.168.33.10 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key ansible_* Saturday, 5 October 13

44. ansible-playbook Once you’ve told Ansible where to run, we need

    to tell it what to run Saturday, 5 October 13

45. YAML files It’s worth mentioning that playbooks are just YAML

    files Saturday, 5 October 13

46. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13

47. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13

48. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13

49. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13

50. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13

51. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13

52. Better playbooks Whilst that playbook works, it’s not very maintainable

    Saturday, 5 October 13

53. Roles Ansible has a concept of roles. You can define

    roles e.g. “web” that installs Apache and PHP, and “db” that installs mysql and then apply them on demand. Saturday, 5 October 13

54. Tags Tag sections of playbooks and run just those sections

    on demand Saturday, 5 October 13

55. Parameterised includes Imagine you have a Wordpress playbook but want

    different database passwords for each of them. Saturday, 5 October 13

56. Conditional actions When collecting facts with Facter or ohai, you

    can run actions conditionally. Saturday, 5 October 13

57. Rolling Deploys You can set the maximum number of nodes

    to run on, and a maximum failure percentage. No need to take down your entire cluster with a bad deploy. Saturday, 5 October 13

58. More! We’d be here all day if I listed all

    of the available features, so go read the docs. Saturday, 5 October 13

59. Orchestration! You can do crazy things like take machines out

    of a load balancer pool, upgrade and add them again Saturday, 5 October 13

60. Modules There’s lots of modules available (141 at time of

    writing!) Saturday, 5 October 13

61. Packaging: apt, yum, pip, npm, gem Files: file, copy, template,

    lineinfile Cloud: ec2, linode, digital_ocean, s3, rds Notification: campfire, hipchat, irc, jabber, email DB: mysql_user, mongodb_user, postgresql_user Alerting: monit, nagios,pagerduty, pingdom CLI: command, shell (this is a small selection) Saturday, 5 October 13

62. Write your own Use PHP if you want. Just because

    Ansible is Python, it doesn’t mean modules have to be. Saturday, 5 October 13

63. ansible There’s a command line tool too! Saturday, 5 October

    13

64. ansible all -m “module” -a “arg1=foo arg2=bar” Saturday, 5 October

    13

65. ansible all -m “shell” -a “uname -r” Saturday, 5 October

    13

66. ansible all -m “shell” -a “uname -r” 192.168.33.10 | success

    | rc=0 >> 3.2.0-23-generic Saturday, 5 October 13

67. ansible all -m “lineinfile” -a “dest=/etc/selinux/config regexp=^SELINUX= line=SELINUX=disabled” Saturday, 5

    October 13

68. Big wins It uses SSH as it’s PKI. There’s no

    daemon to run on a server. You choose when to run it, not a cron job. Saturday, 5 October 13

69. ansible-pull If you want it though, you can emulate the

    “pull” functionality. Clones your playbooks, runs them locally. Infinitely* scaleable. * If your Git host can handle infinite clones Saturday, 5 October 13

70. Running via Vagrant Vagrant has an Ansible provisioner module. Saturday,

    5 October 13

71. Any questions? Saturday, 5 October 13

72. Thanks! I’ve been @mheap, you’ve been awesome. Please leave feedback

    on Joind.in https://joind.in/9297 Saturday, 5 October 13