Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Vagrant + Ansible

Michael Heap
October 05, 2013

Vagrant + Ansible

Vagrant is a tool for automating the creation of virtual machines using either Virtualbox or VMware. Of course, automating the creation of a VM is only half of the battle – once you have one you need to configure it. That’s where Ansible comes in

Ansible is a third generation configuration tool (think Puppet or Chef, but easier), allowing you to install software and configure things as you need in an automated manor. Once we can spin up VM’s and provision them with software automatically, we add some form of predictability to our environments.

This talk introduces everyone to Vagrant and Ansible, and walks through creating an initial VM that installs PHP, Apache2 and configures an example website with a custom VirtualHost.

Michael Heap

October 05, 2013
Tweet

More Decks by Michael Heap

Other Decks in Technology

Transcript

  1. Vagrant and Ansible
    Michael Heap (@mheap)
    Developer at DataSift
    Presented at PHPNW13
    Saturday, 5 October 13

    View Slide

  2. Vagrant?
    Saturday, 5 October 13

    View Slide

  3. Ansible?
    Saturday, 5 October 13

    View Slide

  4. Puppet / Chef?
    Saturday, 5 October 13

    View Slide

  5. Me!
    I’m Michael
    I’m @mheap
    Developer at...
    Saturday, 5 October 13

    View Slide

  6. Saturday, 5 October 13

    View Slide

  7. Vagrant and Ansible
    Saturday, 5 October 13

    View Slide

  8. Vagrant
    Development environments made easy
    Saturday, 5 October 13

    View Slide

  9. Ansible
    Radically simple IT orchestration
    Saturday, 5 October 13

    View Slide

  10. Why do we need them?
    Saturday, 5 October 13

    View Slide

  11. “Works on my box”
    Saturday, 5 October 13

    View Slide

  12. “The server disk died”
    Saturday, 5 October 13

    View Slide

  13. Reproduction
    Saturday, 5 October 13

    View Slide

  14. Let’s develop something!
    Spin up virtual machine
    Deploy dependencies
    Start hacking
    Saturday, 5 October 13

    View Slide

  15. Get a machine
    This is where Vagrant comes in
    Saturday, 5 October 13

    View Slide

  16. Installation
    You’ll need Virtualbox (https://www.virtualbox.org/)
    You’ll also need Vagrant (http://vagrantup.com/)
    Saturday, 5 October 13

    View Slide

  17. Get a Vagrant Box
    A box is a virtual machine image.
    There are official boxes available
    More at http://vagrantbox.es
    Saturday, 5 October 13

    View Slide

  18. Create a box
    vagrant box add [name] [url]
    Saturday, 5 October 13

    View Slide

  19. Initialise a box
    mkdir vagrant-example
    cd vagrant-example
    vagrant init [name]
    Saturday, 5 October 13

    View Slide

  20. Vagrant.configure(2) do |config|
    config.vm.box = "precise64"
    config.vm.network :private_network, ip: "192.168.33.10"
    config.vm.provider :virtualbox do |vb|
    vb.customize ["modifyvm", :id, "--memory", "1024"]
    end
    end
    Saturday, 5 October 13

    View Slide

  21. Vagrant.configure(2) do |config|
    config.vm.box = "precise64"
    config.vm.network :private_network, ip: "192.168.33.10"
    config.vm.provider :virtualbox do |vb|
    vb.customize ["modifyvm", :id, "--memory", "1024"]
    end
    end
    Saturday, 5 October 13

    View Slide

  22. Vagrant.configure(2) do |config|
    config.vm.box = "precise64"
    config.vm.network :private_network, ip: "192.168.33.10"
    config.vm.provider :virtualbox do |vb|
    vb.customize ["modifyvm", :id, "--memory", "1024"]
    end
    end
    Saturday, 5 October 13

    View Slide

  23. Vagrant.configure(2) do |config|
    config.vm.box = "precise64"
    config.vm.network :private_network, ip: "192.168.33.10"
    config.vm.provider :virtualbox do |vb|
    vb.customize ["modifyvm", :id, "--memory", "1024"]
    end
    end
    Saturday, 5 October 13

    View Slide

  24. $ vagrant up
    This will boot up your machine.
    If it already exists, it’ll just boot.
    If it doesn’t, it’ll import your base box
    Saturday, 5 October 13

    View Slide

  25. $ vagrant ssh
    Log in to your new VM
    This uses INSECURE KEYS.
    Saturday, 5 October 13

    View Slide

  26. $ vagrant halt
    Stop your machine and free up resources
    Saturday, 5 October 13

    View Slide

  27. $ vagrant destroy
    Destroy your VM, including any changes you made.
    Next time you $ vagrant up, it’ll be a fresh box
    Saturday, 5 October 13

    View Slide

  28. That’s Vagrant
    Saturday, 5 October 13

    View Slide

  29. Now what?
    We have a machine, but it doesn’t actually
    do anything.
    Saturday, 5 October 13

    View Slide

  30. It needs provisioning
    That’s where Ansible comes in
    Saturday, 5 October 13

    View Slide

  31. What is Ansible?
    “Radically simple IT orchestration.”
    What does that actually mean?
    Saturday, 5 October 13

    View Slide

  32. Demo Time!
    Install apache2, php, mysql and git
    Configure a virtualhost
    Clone a site from Github
    Visit it in Chrome
    Saturday, 5 October 13

    View Slide

  33. Installing Ansible
    Install from source, or from a package manager
    Use pip, apt or yum
    Saturday, 5 October 13

    View Slide

  34. Inventory files
    We need to tell Ansible what machines to run on
    Saturday, 5 October 13

    View Slide

  35. [web]
    web1.example.com
    web2.example.com
    [loadbalancers]
    lb1.example.com
    [db]
    db1.example.com
    Saturday, 5 October 13

    View Slide

  36. [web]
    web1.example.com
    web2.example.com
    [loadbalancers]
    lb1.example.com
    [db]
    db1.example.com
    Saturday, 5 October 13

    View Slide

  37. [web]
    web1.example.com
    web2.example.com
    [loadbalancers]
    lb1.example.com
    [db]
    db1.example.com
    Saturday, 5 October 13

    View Slide

  38. Development
    [web]
    192.168.33.10
    192.168.33.11
    [loadbalancers]
    192.168.33.12
    [db]
    192.168.33.13
    Saturday, 5 October 13

    View Slide

  39. [web]
    web[1:10].example.com
    [loadbalancers]
    lb1.example.com
    lb2.example.com
    [db]
    db1.example.com
    Production
    Saturday, 5 October 13

    View Slide

  40. [web]
    s1.a.com ansible_connection=ssh ansible_ssh_user=bob
    ansible_*
    Saturday, 5 October 13

    View Slide

  41. [web]
    s1.a.com ansible_connection=ssh ansible_ssh_user=bob
    ansible_*
    Saturday, 5 October 13

    View Slide

  42. [web]
    s1.a.com ansible_connection=ssh ansible_ssh_user=bob
    ansible_*
    Saturday, 5 October 13

    View Slide

  43. [web]
    192.168.33.10 ansible_ssh_user=vagrant
    ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
    ansible_*
    Saturday, 5 October 13

    View Slide

  44. ansible-playbook
    Once you’ve told Ansible where to run, we need
    to tell it what to run
    Saturday, 5 October 13

    View Slide

  45. YAML files
    It’s worth mentioning that playbooks are just YAML
    files
    Saturday, 5 October 13

    View Slide

  46. ---
    - hosts: all
    sudo: true
    vars:
    - domain: demo.dev
    # Some packages omitted
    tasks:
    - name: Install apache
    apt: name=apache2 state=installed
    - name: create vhost
    template: src=templates/demo dest=/etc/apache2/sites-enabled/demo
    notify:
    - restart apache
    - name: clone repo
    git: repo=https://github.com/mheap/demo.git dest=/var/www/demo
    handlers:
    - name: restart apache
    service: name=apache2 state=restarted
    Saturday, 5 October 13

    View Slide

  47. ---
    - hosts: all
    sudo: true
    vars:
    - domain: demo.dev
    # Some packages omitted
    tasks:
    - name: Install apache
    apt: name=apache2 state=installed
    - name: create vhost
    template: src=templates/demo dest=/etc/apache2/sites-enabled/demo
    notify:
    - restart apache
    - name: clone repo
    git: repo=https://github.com/mheap/demo.git dest=/var/www/demo
    handlers:
    - name: restart apache
    service: name=apache2 state=restarted
    Saturday, 5 October 13

    View Slide

  48. ---
    - hosts: all
    sudo: true
    vars:
    - domain: demo.dev
    # Some packages omitted
    tasks:
    - name: Install apache
    apt: name=apache2 state=installed
    - name: create vhost
    template: src=templates/demo dest=/etc/apache2/sites-enabled/demo
    notify:
    - restart apache
    - name: clone repo
    git: repo=https://github.com/mheap/demo.git dest=/var/www/demo
    handlers:
    - name: restart apache
    service: name=apache2 state=restarted
    Saturday, 5 October 13

    View Slide

  49. ---
    - hosts: all
    sudo: true
    vars:
    - domain: demo.dev
    # Some packages omitted
    tasks:
    - name: Install apache
    apt: name=apache2 state=installed
    - name: create vhost
    template: src=templates/demo dest=/etc/apache2/sites-enabled/demo
    notify:
    - restart apache
    - name: clone repo
    git: repo=https://github.com/mheap/demo.git dest=/var/www/demo
    handlers:
    - name: restart apache
    service: name=apache2 state=restarted
    Saturday, 5 October 13

    View Slide

  50. ---
    - hosts: all
    sudo: true
    vars:
    - domain: demo.dev
    # Some packages omitted
    tasks:
    - name: Install apache
    apt: name=apache2 state=installed
    - name: create vhost
    template: src=templates/demo dest=/etc/apache2/sites-enabled/demo
    notify:
    - restart apache
    - name: clone repo
    git: repo=https://github.com/mheap/demo.git dest=/var/www/demo
    handlers:
    - name: restart apache
    service: name=apache2 state=restarted
    Saturday, 5 October 13

    View Slide

  51. ---
    - hosts: all
    sudo: true
    vars:
    - domain: demo.dev
    # Some packages omitted
    tasks:
    - name: Install apache
    apt: name=apache2 state=installed
    - name: create vhost
    template: src=templates/demo dest=/etc/apache2/sites-enabled/demo
    notify:
    - restart apache
    - name: clone repo
    git: repo=https://github.com/mheap/demo.git dest=/var/www/demo
    handlers:
    - name: restart apache
    service: name=apache2 state=restarted
    Saturday, 5 October 13

    View Slide

  52. Better playbooks
    Whilst that playbook works, it’s not very
    maintainable
    Saturday, 5 October 13

    View Slide

  53. Roles
    Ansible has a concept of roles.
    You can define roles e.g. “web” that installs
    Apache and PHP, and “db” that installs mysql and
    then apply them on demand.
    Saturday, 5 October 13

    View Slide

  54. Tags
    Tag sections of playbooks and run just those
    sections on demand
    Saturday, 5 October 13

    View Slide

  55. Parameterised includes
    Imagine you have a Wordpress playbook but want
    different database passwords for each of them.
    Saturday, 5 October 13

    View Slide

  56. Conditional actions
    When collecting facts with Facter or ohai, you can
    run actions conditionally.
    Saturday, 5 October 13

    View Slide

  57. Rolling Deploys
    You can set the maximum number of nodes to run
    on, and a maximum failure percentage.
    No need to take down your entire cluster with a
    bad deploy.
    Saturday, 5 October 13

    View Slide

  58. More!
    We’d be here all day if I listed all of the available
    features, so go read the docs.
    Saturday, 5 October 13

    View Slide

  59. Orchestration!
    You can do crazy things like take machines out of a
    load balancer pool, upgrade and add them again
    Saturday, 5 October 13

    View Slide

  60. Modules
    There’s lots of modules available
    (141 at time of writing!)
    Saturday, 5 October 13

    View Slide

  61. Packaging: apt, yum, pip, npm, gem
    Files: file, copy, template, lineinfile
    Cloud: ec2, linode, digital_ocean, s3, rds
    Notification: campfire, hipchat, irc, jabber, email
    DB: mysql_user, mongodb_user, postgresql_user
    Alerting: monit, nagios,pagerduty, pingdom
    CLI: command, shell
    (this is a small selection)
    Saturday, 5 October 13

    View Slide

  62. Write your own
    Use PHP if you want.
    Just because Ansible is Python, it doesn’t mean
    modules have to be.
    Saturday, 5 October 13

    View Slide

  63. ansible
    There’s a command line tool too!
    Saturday, 5 October 13

    View Slide

  64. ansible all -m “module” -a “arg1=foo arg2=bar”
    Saturday, 5 October 13

    View Slide

  65. ansible all -m “shell” -a “uname -r”
    Saturday, 5 October 13

    View Slide

  66. ansible all -m “shell” -a “uname -r”
    192.168.33.10 | success | rc=0 >>
    3.2.0-23-generic
    Saturday, 5 October 13

    View Slide

  67. ansible all -m “lineinfile” -a “dest=/etc/selinux/config
    regexp=^SELINUX= line=SELINUX=disabled”
    Saturday, 5 October 13

    View Slide

  68. Big wins
    It uses SSH as it’s PKI.
    There’s no daemon to run on a server.
    You choose when to run it, not a cron job.
    Saturday, 5 October 13

    View Slide

  69. ansible-pull
    If you want it though, you can emulate the “pull”
    functionality.
    Clones your playbooks, runs them locally.
    Infinitely* scaleable.
    * If your Git host can handle infinite clones
    Saturday, 5 October 13

    View Slide

  70. Running via Vagrant
    Vagrant has an Ansible provisioner module.
    Saturday, 5 October 13

    View Slide

  71. Any questions?
    Saturday, 5 October 13

    View Slide

  72. Thanks!
    I’ve been @mheap, you’ve been awesome.
    Please leave feedback on Joind.in
    https://joind.in/9297
    Saturday, 5 October 13

    View Slide