A short introduction to A short introduction to Ansible Ansible The easiest way to: The easiest way to: orchestrate, deploy and manage orchestrate, deploy and manage T-DOSE 2012, Eindhoven T-DOSE 2012, Eindhoven Dag Wieërs, [email protected] Dag Wieërs, [email protected]

Booming project Booming project ● Started in February 2012 Started in February 2012 ● 100+ code contributors in 8 months 100+ code contributors in 8 months – ~30 contributors per month ! ~30 contributors per month ! ● Diverse userbase: Diverse userbase: – large dotcoms, hosting providers, universities, large dotcoms, hosting providers, universities, consultants, government agencies, banks consultants, government agencies, banks

Swiss army knife of automation Swiss army knife of automation Provisioning Provisioning+ + cobbler, RHN, vagrant cobbler, RHN, vagrant Application Application deployment deployment capistrano, fabric capistrano, fabric Configuration Configuration management management bcfg2, cfengine, chef, puppet bcfg2, cfengine, chef, puppet Parallel Parallel execution execution clones, func, pssh, shmux clones, func, pssh, shmux Orchestration Orchestration Very unique approach Very unique approach Provisioning Provisioning+ + cobbler, RHN, vagrant cobbler, RHN, vagrant Application Application deployment deployment capistrano, fabric capistrano, fabric Configuration Configuration management management bcfg2, cfengine, chef, puppet bcfg2, cfengine, chef, puppet Parallel Parallel execution execution clones, func, pssh, shmux clones, func, pssh, shmux Orchestration Orchestration Very unique approach Very unique approach

Compelling features Compelling features ● Uses SSH, no agent Uses SSH, no agent – Self-bootstrapping, no installation Self-bootstrapping, no installation – No extraneous PKI No extraneous PKI ● Complex orchestration made easy Complex orchestration made easy – Simple management language Simple management language – Multi-tier management Multi-tier management ● Core written in python Core written in python – Modules can be in any language, json-based Modules can be in any language, json-based – Configuration in YAML Configuration in YAML ● Get started in less than 10 minutes Get started in less than 10 minutes

Transport options Transport options paramiko paramiko Uses python SSH (easy to use, default) Uses python SSH (easy to use, default) ssh ssh Uses OpenSSH (incl. Kerberos) Uses OpenSSH (incl. Kerberos) local local Local connection mode Local connection mode pull pull Runs local, using git pull Runs local, using git pull fireball fireball Fast 0mq, daemon-based Fast 0mq, daemon-based paramiko paramiko Uses python SSH (easy to use, default) Uses python SSH (easy to use, default) ssh ssh Uses OpenSSH (incl. Kerberos) Uses OpenSSH (incl. Kerberos) local local Local connection mode Local connection mode pull pull Runs local, using git pull Runs local, using git pull fireball fireball Fast 0mq, daemon-based Fast 0mq, daemon-based

Terminology Terminology ● Inventory Inventory – flat file(s) or complex script – flat file(s) or complex script – Collection of groups, hosts, variables Collection of groups, hosts, variables ● Modules Modules – scripted in any language, using json – scripted in any language, using json – Offers specific functionality used in tasks Offers specific functionality used in tasks ● Plugins Plugins – python scripts – python scripts – Different types: callback, action, ... Different types: callback, action, ... ● Playbooks Playbooks – yaml description – yaml description – Collection of plays Collection of plays ● Collection of tasks (actions, notification handlers) Collection of tasks (actions, notification handlers)

No content

Plethora of modules... Plethora of modules... Action Action assemble, command, copy, fetch, get_url, ping, assemble, command, copy, fetch, get_url, ping, raw, script, shell, slurp, template raw, script, shell, slurp, template Management Management authorized_keys, cron, file, group, ini_file, lineinfile, authorized_keys, cron, file, group, ini_file, lineinfile, lvol, mount, seboolean, selinux, service, user, virt lvol, mount, seboolean, selinux, service, user, virt Deployment Deployment easy_install, git, mysql_db, mysql_user, nagios, easy_install, git, mysql_db, mysql_user, nagios, pip, postgresql_db, postgresql_user, subversion pip, postgresql_db, postgresql_user, subversion Distribution Distribution apt, apt_repository, yum apt, apt_repository, yum Workflow Workflow debug, fail, mail, pause, wait_for debug, fail, mail, pause, wait_for Inventory Inventory facter, hpilo_facts, network_facts, ohai, setup, facter, hpilo_facts, network_facts, ohai, setup, virt_facts, vsphere_facts virt_facts, vsphere_facts Provisioning Provisioning ec2_create, hpilo_boot, virt_boot, virt_create, ec2_create, hpilo_boot, virt_boot, virt_create, vsphere_boot, vsphere_boot, Action Action assemble, command, copy, fetch, get_url, ping, assemble, command, copy, fetch, get_url, ping, raw, script, shell, slurp, template raw, script, shell, slurp, template Management Management authorized_keys, cron, file, group, ini_file, lineinfile, authorized_keys, cron, file, group, ini_file, lineinfile, lvol, mount, seboolean, selinux, service, user, virt lvol, mount, seboolean, selinux, service, user, virt Deployment Deployment easy_install, git, mysql_db, mysql_user, nagios, easy_install, git, mysql_db, mysql_user, nagios, pip, postgresql_db, postgresql_user, subversion pip, postgresql_db, postgresql_user, subversion Distribution Distribution apt, apt_repository, yum apt, apt_repository, yum Workflow Workflow debug, fail, mail, pause, wait_for debug, fail, mail, pause, wait_for Inventory Inventory facter, hpilo_facts, network_facts, ohai, setup, facter, hpilo_facts, network_facts, ohai, setup, virt_facts, vsphere_facts virt_facts, vsphere_facts Provisioning Provisioning ec2_create, hpilo_boot, virt_boot, virt_create, ec2_create, hpilo_boot, virt_boot, virt_create, vsphere_boot, vsphere_boot,

Simple inventory example Simple inventory example ● /etc/ansible/hosts /etc/ansible/hosts [webservers] [webservers] narf.example.com narf.example.com poyk.example.com poyk.example.com egad.example.com egad.example.com [dbservers] [dbservers] troz.example.com troz.example.com fjord.example.com fjord.example.com zort.example.com zort.example.com

Parallel execution Parallel execution ansible ansible 'www*' 'www*' -m -m ping ping ansible ansible cluster-nodes cluster-nodes -a -a 'ntpq -p' 'ntpq -p' ansible ansible all all -m -m user user -a -a 'name=sauron 'name=sauron state=absent' state=absent' ansible ansible 'www*' 'www*' -m -m yum yum -a -a 'name=foo state=latest' 'name=foo state=latest' --forks 50 --forks 50

Idempotent resource model Idempotent resource model ● Example 1: Example 1: service service module module – started → started → start if not already running start if not already running – stopped stopped → stop if running → stop if running – restarted restarted → restart, regardless → restart, regardless ● Example 2: Example 2: yum yum module module – present → present → install if not installed install if not installed – absent → absent → remove if installed remove if installed – latest → latest → update if not at latest version update if not at latest version – *name=version *name=version → install a specific version → install a specific version

Playbooks Playbooks ● Implement a process / workflow Implement a process / workflow – Various mechanisms help to relate tasks, Various mechanisms help to relate tasks, escalate issues, build logic escalate issues, build logic – Used for provisioning, system configuration, Used for provisioning, system configuration, application deployment, systems management application deployment, systems management ● Release engineering / Rolling updates Release engineering / Rolling updates ● Reuse or replay individual pieces Reuse or replay individual pieces

Playbook example Playbook example – – hosts: all hosts: all user: root user: root vars: vars: http_port: 80 http_port: 80 max_clients: 200 max_clients: 200 tasks: tasks: – action: yum name=$item state=installed – action: yum name=$item state=installed with_items: with_items: – httpd – httpd – foo-app – foo-app – action: template src=templates/httpd.j2 dest=/etc/httpd.conf – action: template src=templates/httpd.j2 dest=/etc/httpd.conf notify: notify: – restart apache – restart apache handlers: handlers: – name: restart apache – name: restart apache action: service name=apache state=restarted action: service name=apache state=restarted

Future development Future development ● Enhancements to workflows Enhancements to workflows – Better conditional evaluations ( Better conditional evaluations (when: when:) ) – Improvements to inventories (multi-source) Improvements to inventories (multi-source) ● More performance improvements More performance improvements ● Continuous module development Continuous module development – Improved module platform support Improved module platform support – Growing set of provisioning modules Growing set of provisioning modules ● New REST interface and GUI New REST interface and GUI

Join in on the fun ! Join in on the fun ! ● Learn more at: Learn more at: ansible.cc ansible.cc ● Find us at GitHub: Find us at GitHub: github.com/ansible/ansible github.com/ansible/ansible ● Discuss on the Ansible mailing list: Discuss on the Ansible mailing list: groups.google.com/group/ansible-project groups.google.com/group/ansible-project

Thank you for listening ! Thank you for listening !