Configuration & Deployment with PyCarolinas - October 21st, 2012 - Chapel Hill Michael DeHaan Sunday, October 21, 12

michael.dehaan@gmail.com • Writing systems management software since 2000. • IBM. Adaptec. Red Hat. Puppet Labs. rPath. • Python since 2004. • Previous projects: • cobbler.github.com (PXE, virt, pkg mirroring) • fedorahosted.org/func (predecessor to Ansible) Sunday, October 21, 12

UNIX PHILOSOPHY Sunday, October 21, 12

Project History • Started Feb, 2012 -- just 8 months ago • nearing 700 followers on github • 100+ code contributors in 8 months • ~30 contributors per month! • Diverse userbase: large .coms, hosting providers, universities, consultants, government agencies Sunday, October 21, 12

Many Tools In One Deployment Fabric, Capistrano Config Puppet, Chef, bcfg2 Parallel Execution Func, clones, pssh Orchestration very unique approaches Sunday, October 21, 12

Desirable Traits • Config & Deployment over SSH • No Extraneous PKI • Self-Bootstrapping • No Extra Daemons, No Server, Nothing To Install On Client Machines • Multi-Tier Management • Dead Simple Management Language Sunday, October 21, 12

Transport Options paramiko Python SSH (easy to use) ssh uses OpenSSH (Kerberos!) local suitable for use on cron pull local mode + periodic git pulls fireball Ephemeral 0mq daemon Sunday, October 21, 12

Architecture Sunday, October 21, 12

[webservers] narf.example.com poyk.example.com egad.example.com [dbservers] troz.example.com fjord.example.com zort.example.com /etc/ansible/hosts Sunday, October 21, 12

Sample of Core Modules... pip selinux git yum apt user service copy template file nagios virt ini_file mysql postgresql Sunday, October 21, 12

ansible ‘www*’ -m ping Parallel Task Execution Sunday, October 21, 12

ansible labmachines -a ‘/bin/foo --args 1234’ Sunday, October 21, 12

ansible all -m user ‘name=sauron state=absent’ Sunday, October 21, 12

ansible ‘www*’ -m yum -a “name=foo state=latest’ --forks 50 Sunday, October 21, 12

started start if not running stopped stop if running restarted restart, regardless Idempotent Resource Model example: service Sunday, October 21, 12

absent remove if installed present install if not installed *name=version install a specific version latest update if not at latest version Idempotent Resource Model example: yum Sunday, October 21, 12

Playbooks • OS Configuration • App Deployment • Release Engineering / Rolling Updates • Setup Dev Environments (ex: Vagrant) • Cowsay Integration (if installed) Sunday, October 21, 12

- hosts: all user: root vars: http_port: 80 max_clients: 200 tasks: - yum: name=$item state=installed with_items: - httpd - fooapp - template: src=templates/httpd.j2 dest=/etc/httpd.conf notify: - restart apache handlers: - name: restart apache service: name=apache state=restarted Playbook Example Sunday, October 21, 12

Python API Sunday, October 21, 12

import ansible.runner import sys results = ansible.runner.Runner( pattern='webservers', forks=10, module_name=‘command’, module_args='/usr/bin/uptime' ).run() Task Execution Sunday, October 21, 12

pb = ansible.playbook.PlayBook( playbook=playbook, host_list=options.inventory, forks=options.forks, remote_pass=sshpass, callbacks=playbook_cb, runner_callbacks=runner_cb, stats=stats, only_tags=only_tags, subset=options.subset, ) " " results = pb.run() Launching Playbooks Sunday, October 21, 12

def main(): module = AnsibleModule( argument_spec = dict( state=dict(default='present', choices=['present', 'absent']), name=dict(required=True), ... ) ) module.exit_json(**result) Modules (Any Language), but Python++ Sunday, October 21, 12

Extensible Via Plugins • callbacks (Python) • server side module code (Python) • data sources (Python) • inventory sources (any language) Sunday, October 21, 12

class CallbackModule(object): """ makes Ansible much more exciting on OS X. """ def on_any(self, *args, **kwargs): pass def runner_on_failed(self, host, res, ignore_errors=False): say("Failure on host %s" % host, FAILED_VOICE) def runner_on_ok(self, host, res): say("pew", LASER_VOICE) def runner_on_error(self, host, msg): pass def runner_on_skipped(self, host, item=None): say("pew", LASER_VOICE) Example: OS X Sound Effects Callback Plugin Sunday, October 21, 12

Some Modules We Use • multiprocessing • paramiko • subprocess (exec openssh) • pyzmq, keyczar (‘fireball mode’) • Jinja2 • JSON, YAML Sunday, October 21, 12

C’mon Dave, Gimme A Break • 0.9 “Dreams” - current devel • 0.8 “Cathedral” - 10/2012 • 0.7 “Panama” - 9/2012 • 0.6 “Cabo” - 8/2012 • 0.5 “Amsterdam” - 7/2012 • 0.4 “Unchained” - 5/2012 • 0.3 “Baluchitherium” - 4/2012 Sunday, October 21, 12

Upcoming Features • Language syntax upgrades (‘when’) • Further performance upgrades • Improved module platform support • Continued module upgrades/additions • new REST interface (Flask+Riak?) Sunday, October 21, 12

http://ansible.cc Sunday, October 21, 12

Links • http://ansible.cc • http://github.com/ansible/ansible • @laserllama • michael.dehaan@gmail.com Sunday, October 21, 12