Vagrant + Ansible

Bbf9decfbfc2ab5b450ec503749ded28?s=47 Michael Heap
October 05, 2013

Vagrant + Ansible

Vagrant is a tool for automating the creation of virtual machines using either Virtualbox or VMware. Of course, automating the creation of a VM is only half of the battle – once you have one you need to configure it. That’s where Ansible comes in

Ansible is a third generation configuration tool (think Puppet or Chef, but easier), allowing you to install software and configure things as you need in an automated manor. Once we can spin up VM’s and provision them with software automatically, we add some form of predictability to our environments.

This talk introduces everyone to Vagrant and Ansible, and walks through creating an initial VM that installs PHP, Apache2 and configures an example website with a custom VirtualHost.

Bbf9decfbfc2ab5b450ec503749ded28?s=128

Michael Heap

October 05, 2013
Tweet

Transcript

  1. Vagrant and Ansible Michael Heap (@mheap) Developer at DataSift Presented

    at PHPNW13 Saturday, 5 October 13
  2. Vagrant? Saturday, 5 October 13

  3. Ansible? Saturday, 5 October 13

  4. Puppet / Chef? Saturday, 5 October 13

  5. Me! I’m Michael I’m @mheap Developer at... Saturday, 5 October

    13
  6. Saturday, 5 October 13

  7. Vagrant and Ansible Saturday, 5 October 13

  8. Vagrant Development environments made easy Saturday, 5 October 13

  9. Ansible Radically simple IT orchestration Saturday, 5 October 13

  10. Why do we need them? Saturday, 5 October 13

  11. “Works on my box” Saturday, 5 October 13

  12. “The server disk died” Saturday, 5 October 13

  13. Reproduction Saturday, 5 October 13

  14. Let’s develop something! Spin up virtual machine Deploy dependencies Start

    hacking Saturday, 5 October 13
  15. Get a machine This is where Vagrant comes in Saturday,

    5 October 13
  16. Installation You’ll need Virtualbox (https://www.virtualbox.org/) You’ll also need Vagrant (http://vagrantup.com/)

    Saturday, 5 October 13
  17. Get a Vagrant Box A box is a virtual machine

    image. There are official boxes available More at http://vagrantbox.es Saturday, 5 October 13
  18. Create a box vagrant box add [name] [url] Saturday, 5

    October 13
  19. Initialise a box mkdir vagrant-example cd vagrant-example vagrant init [name]

    Saturday, 5 October 13
  20. Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10"

    config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13
  21. Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10"

    config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13
  22. Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10"

    config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13
  23. Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10"

    config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13
  24. $ vagrant up This will boot up your machine. If

    it already exists, it’ll just boot. If it doesn’t, it’ll import your base box Saturday, 5 October 13
  25. $ vagrant ssh Log in to your new VM This

    uses INSECURE KEYS. Saturday, 5 October 13
  26. $ vagrant halt Stop your machine and free up resources

    Saturday, 5 October 13
  27. $ vagrant destroy Destroy your VM, including any changes you

    made. Next time you $ vagrant up, it’ll be a fresh box Saturday, 5 October 13
  28. That’s Vagrant Saturday, 5 October 13

  29. Now what? We have a machine, but it doesn’t actually

    do anything. Saturday, 5 October 13
  30. It needs provisioning That’s where Ansible comes in Saturday, 5

    October 13
  31. What is Ansible? “Radically simple IT orchestration.” What does that

    actually mean? Saturday, 5 October 13
  32. Demo Time! Install apache2, php, mysql and git Configure a

    virtualhost Clone a site from Github Visit it in Chrome Saturday, 5 October 13
  33. Installing Ansible Install from source, or from a package manager

    Use pip, apt or yum Saturday, 5 October 13
  34. Inventory files We need to tell Ansible what machines to

    run on Saturday, 5 October 13
  35. [web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October

    13
  36. [web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October

    13
  37. [web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October

    13
  38. Development [web] 192.168.33.10 192.168.33.11 [loadbalancers] 192.168.33.12 [db] 192.168.33.13 Saturday, 5

    October 13
  39. [web] web[1:10].example.com [loadbalancers] lb1.example.com lb2.example.com [db] db1.example.com Production Saturday, 5

    October 13
  40. [web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

  41. [web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

  42. [web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

  43. [web] 192.168.33.10 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key ansible_* Saturday, 5 October 13

  44. ansible-playbook Once you’ve told Ansible where to run, we need

    to tell it what to run Saturday, 5 October 13
  45. YAML files It’s worth mentioning that playbooks are just YAML

    files Saturday, 5 October 13
  46. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13
  47. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13
  48. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13
  49. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13
  50. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13
  51. --- - hosts: all sudo: true vars: - domain: demo.dev

    # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13
  52. Better playbooks Whilst that playbook works, it’s not very maintainable

    Saturday, 5 October 13
  53. Roles Ansible has a concept of roles. You can define

    roles e.g. “web” that installs Apache and PHP, and “db” that installs mysql and then apply them on demand. Saturday, 5 October 13
  54. Tags Tag sections of playbooks and run just those sections

    on demand Saturday, 5 October 13
  55. Parameterised includes Imagine you have a Wordpress playbook but want

    different database passwords for each of them. Saturday, 5 October 13
  56. Conditional actions When collecting facts with Facter or ohai, you

    can run actions conditionally. Saturday, 5 October 13
  57. Rolling Deploys You can set the maximum number of nodes

    to run on, and a maximum failure percentage. No need to take down your entire cluster with a bad deploy. Saturday, 5 October 13
  58. More! We’d be here all day if I listed all

    of the available features, so go read the docs. Saturday, 5 October 13
  59. Orchestration! You can do crazy things like take machines out

    of a load balancer pool, upgrade and add them again Saturday, 5 October 13
  60. Modules There’s lots of modules available (141 at time of

    writing!) Saturday, 5 October 13
  61. Packaging: apt, yum, pip, npm, gem Files: file, copy, template,

    lineinfile Cloud: ec2, linode, digital_ocean, s3, rds Notification: campfire, hipchat, irc, jabber, email DB: mysql_user, mongodb_user, postgresql_user Alerting: monit, nagios,pagerduty, pingdom CLI: command, shell (this is a small selection) Saturday, 5 October 13
  62. Write your own Use PHP if you want. Just because

    Ansible is Python, it doesn’t mean modules have to be. Saturday, 5 October 13
  63. ansible There’s a command line tool too! Saturday, 5 October

    13
  64. ansible all -m “module” -a “arg1=foo arg2=bar” Saturday, 5 October

    13
  65. ansible all -m “shell” -a “uname -r” Saturday, 5 October

    13
  66. ansible all -m “shell” -a “uname -r” 192.168.33.10 | success

    | rc=0 >> 3.2.0-23-generic Saturday, 5 October 13
  67. ansible all -m “lineinfile” -a “dest=/etc/selinux/config regexp=^SELINUX= line=SELINUX=disabled” Saturday, 5

    October 13
  68. Big wins It uses SSH as it’s PKI. There’s no

    daemon to run on a server. You choose when to run it, not a cron job. Saturday, 5 October 13
  69. ansible-pull If you want it though, you can emulate the

    “pull” functionality. Clones your playbooks, runs them locally. Infinitely* scaleable. * If your Git host can handle infinite clones Saturday, 5 October 13
  70. Running via Vagrant Vagrant has an Ansible provisioner module. Saturday,

    5 October 13
  71. Any questions? Saturday, 5 October 13

  72. Thanks! I’ve been @mheap, you’ve been awesome. Please leave feedback

    on Joind.in https://joind.in/9297 Saturday, 5 October 13