Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Ansible: Orchestrate Your Infustrature Like Gustav Mahler

Ansible: Orchestrate Your Infustrature Like Gustav Mahler

Ansible allows you to turn your infrastructure administration into a codebase. Describing all the processes that are necessary for deploying a server with a set of provisioning scrips that can be stored in version control.

Myles Braithwaite will be giving an overview of deploy and configure your infrastructure with Ansible.

Myles Braithwaite

October 11, 2016
Tweet

More Decks by Myles Braithwaite

Other Decks in Technology

Transcript

  1. Ansible Orchestrate your infustrature like Gustav Mahler1 1 Gustav Mahler

    is the first result when you Google famous conductors. Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 1
  2. If a developer could say what they had to say

    in words they would not bother tyring to say it in code. — Gustav Mahler (paraphrasing) Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 2
  3. >>> import this The Zen of Python, by Tim Peters

    Beautiful is better than ugly. Explicit is better than implicit. Simple is better than complex. Complex is better than complicated. Flat is better than nested. Sparse is better than dense. Readability counts. Special cases aren't special enough to break the rules. Although practicality beats purity. Errors should never pass silently. Unless explicitly silenced. In the face of ambiguity, refuse the temptation to guess. There should be one-- and preferably only one --obvious way to do it. Although that way may not be obvious at first unless you're Dutch. Now is better than never. Although never is often better than *right* now. If the implementation is hard to explain, it's a bad idea. If the implementation is easy to explain, it may be a good idea. Namespaces are one honking great idea -- let's do more of those! >>> Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 6
  4. - hosts: all become: yes become_user: root tasks: - name:

    update apt cache apt: update_cache: yes - name: upgrade all safe packages apt: upgrade: safe Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 12
  5. tasks: - name: update apt cache apt: update_cache: yes -

    name: upgrade all safe packages apt: upgrade: safe Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 14
  6. First Ten Minutes on a Server Playbook2 A simple Ansible

    Playbook for setting up an Ubuntu server. 2 If you want to follow along the playbook is here: https://git.io/vPLE3. Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 15
  7. playbook.yml - name: create the user accounts user: name: "{{

    item.username }}" password: "{{ item.password }}" state: present shell: /bin/bash groups: sudo generate_ssh_key: yes with_items: - username: myles password: password - username: alex password: drowssap tags: users Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 17
  8. vars.yml users: - username: myles password: password atuhorized_key: ~/Downloads/myles-id_rsa.pub -

    username: alex password: drowssap public_keys: ~/Downloads/alex-id_rsa.pub Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 18
  9. - name: create the user accounts user: name: "{{ item.username

    }}" password: "{{ item.password }}" state: present shell: /bin/bash groups: sudo generate_ssh_key: yes with_items: - "{{ users }}" tags: users Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 19
  10. - name: disallow password authentication lineinfile: dest: /etc/ssh/sshd_config regexp: "^PasswordAuthentication"

    line: "PasswordAuthentication no" state: present notify: restart ssh tags: acl Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 21
  11. WordPress Server3 3 The source for this playbook is over

    here: https://git.io/vPLyL. Myles Braithwaite | mylesb.ca | [email protected] | @mylesb 25