Tweet
Tweet

Slide 1

Slide 1 text

Srdjan Vranac // code4hire.com // @vranac

Slide 2

Slide 2 text

business owner, developer , consultant, mercenary, writing terrible code that performs exceptionally, wrangling ele PHP ants and Python s, obsessed with process automation , interested in continuous integration and delivery, clean code, testing, best practices and distributed systems

Slide 3

Slide 3 text

In the Beginning... Developers wrote code System Administrators deployed code

Slide 4

Slide 4 text

©2012-2013 MokonalovesMochi

Slide 5

Slide 5 text

...until one day...

Slide 6

Slide 6 text

I'll write code that tells computer how to set itself up #!bin/sh sudo apt-get update sudo apt-get -y install build-essential sudo apt-get install apache2 sudo a2enmon rewrite sudo a2enmod vhost_alias sudo tee /etc/apache2/sites-available/mysite <

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

Soooo.... What is the problem?

Slide 9

Slide 9 text

Idempotence (/ˌaɪdɨmˈpoʊtəns/ eye-dəm-poh-təns) "Idempotence is the property of certain operations in mathematics and computer science, that can be applied multiple times without changing the result beyond the initial application."

Slide 10

Slide 10 text

Not "Robust"

Slide 11

Slide 11 text

Everybody is rolling their own

Slide 12

Slide 12 text

Present

Slide 13

Slide 13 text

Automation should not require programming experience It MUST be easy We all have other stuff to do, don't we?

Slide 14

Slide 14 text

compréh

Slide 15

Slide 15 text

"I wrote Ansible because none of the existing tools fit my brain. I wanted a tool that I could not use for 6 months, come back later, and still remember how it worked." Michael DeHaan Ansible project founder

Slide 16

Slide 16 text

“An ansible is a fictional machine capable of instantaneous or superluminal communication”

Slide 17

Slide 17 text

What is it? IT Automation tool Push based (Pull possible) Agentless, no agent on the client, uses SSH Scalable No databases or daemons added after install No Root permissions required, sudo is available Supported package managers for RHEL, CentOS, Fedora, Debian or Ubuntu

Slide 18

Slide 18 text

Why use it? Consistent Predictable Repeatable Easy PERIOD

Slide 19

Slide 19 text

Requirements Python 2.7 (Python 2.5 + simplejson possible) Paramiko(ssh), PyYaml, Jinja2 SSHD Possible Module Dependencies

Slide 20

Slide 20 text

Installation? pip install ansible DONE

Slide 21

Slide 21 text

controller → remotes controller remote5 ssh remote4 ssh remote3 ssh remote2 ssh remote1 ssh

Slide 22

Slide 22 text

Inventory [localhost] 127.0.0.1 [webservers] www.example.com ntp=ntp1.pool.ntp.org web[10-23].example.com vagrant ansible_ssh_host=127.0.0.1 ansible_ssh_port=222 [dbservers] db.example.com [production:children] webservers dbservers

Slide 23

Slide 23 text

Dynamic Inventory Amazon EC2 Digital Ocean Linode Cobbler Google Compute Engine ...

Slide 24

Slide 24 text

Hello, World! $ ansible localhost -m ping localhost | success >> { "changed": false, "ping": "pong" }

Slide 25

Slide 25 text

Facts $ ansible localhost -m setup localhost | success >> { "ansible_facts": { "ansible_all_ipv4_addresses": [ "33.33.33.100", ], "ansible_architecture": "x86_64", "ansible_default_ipv4": { "address": "192.168.1.194", "gateway": "192.168.1.1", "interface": "eth0", "macaddress": "22:54:00:02:8e:0f", }, "ansible_distribution": "CentOS", "ansible_distribution_version": "6.2", ... } Plus ohai and facter if installed on remote

Slide 26

Slide 26 text

Modules accelerate acl, add_host, airbrake_deployment, alternatives, apache2_module, apt, apt_key, apt_repository, apt_rpm, arista_interface, arista_l2interface, arista_lag, arista_vlan, assemble, assert, async_status, at, authorized_key, azure, bigip_facts, bigip_monitor_http, bigip_monitor_tcp, bigip_node, bigip_pool, bigip_pool_member, boundary_meter, bzr, campfire, capabilities, cloudformation, command, composer, copy, cpanm, cron, datadog_event, debconf, debug, digital_ocean, digital_ocean_domain, digital_ocean_sshkey, django_manage, dnsimple, dnsmadeeasy, docker, docker_image, easy_install, ec2, ec2_ami, ec2_ami_search, ec2_asg, ec2_eip, ec2_elb, ec2_elb_lb, ec2_facts, ec2_group, ec2_key, ec2_lc, ec2_metric_alarm, ec2_scaling_policy, ec2_snapshot, ec2_tag, ec2_vol, ec2_vpc, ejabberd_user, elasticache, facter, fail, fetch, file, filesystem, fireball, firewalld, flowdock, gc_storage, gce, gce_lb, gce_net, gce_pd, gem, get_url, git, github_hooks, glance_image, group, group_by, grove, hg, hipchat, homebrew, homebrew_cask, homebrew_tap, hostname, htpasswd, include_vars, ini_file, irc, jabber, jboss, jira, kernel_blacklist, keystone_user, layman, librato_annotation, lineinfile, linode, lldp, locale_gen, logentries, lvg, lvol, macports, mail, modprobe, mongodb_user, monit, mount, mqtt, mysql_db, mysql_replication, mysql_user, mysql_variables, nagios, netscaler, newrelic_deployment, nexmo, nova_compute, nova_keypair, npm, ohai, open_iscsi, openbsd_pkg, openvswitch_bridge, openvswitch_port, opkg, osx_say, ovirt, pacman, pagerduty, pause, ping, pingdom, pip, pkgin, pkgng, pkgutil, portage, portinstall, postgresql_db, postgresql_privs, postgresql_user, quantum_floating_ip, quantum_floating_ip_associate, quantum_network, quantum_router, quantum_router_gateway, quantum_router_interface, quantum_subnet, rabbitmq_parameter, rabbitmq_plugin, rabbitmq_policy, rabbitmq_user, rabbitmq_vhost, raw, rax, rax_cbs, rax_cbs_attachments, rax_clb, rax_clb_nodes, rax_dns, rax_dns_record, rax_facts, rax_files, rax_files_objects, rax_identity, rax_keypair, rax_meta, rax_network, rax_queue, rax_scaling_group, rax_scaling_policy, rds, rds_param_group, rds_subnet_group, redhat_subscription, redis, replace, rhn_channel, rhn_register, riak, rollbar_deployment, route53, rpm_key, s3, script, seboolean, selinux, service, set_fact, setup, shell, slack, slurp, sns, stackdriver, stat, subversion, supervisorctl, svr4pkg, swdepot, synchronize, sysctl, template, twilio, typetalk, ufw, unarchive, uri, urpmi, user, virt, vsphere_guest, wait_for, win_feature, win_get_url, win_group, win_msi, win_ping, win_service, win_stat, win_user, xattr, yum, zfs, zypper, zypper_repository 230+ modules and growing

Slide 27

Slide 27 text

Ad-Hoc commands $ ansible webservers -m copy -a 'src=resolv.conf dest=/etc/resolv.conf' www.example.com | success >> { "changed": true, "dest": "/etc/resolv.conf", "group": "adm", "md5sum": "c6fce6e28c46be0512eaf3b7cfdb66d7", "mode": "0644", "owner": "ubuntu", "path": "resolv.conf", "src": "/home/ubuntu/.ansible/tmp/ansible-322091977449/resolv.conf", "state": "file" }

Slide 28

Slide 28 text

Playbooks YAML Files Decleratively define your OS/App configuration Collection of tasks using modules Each group of tasks is a play

Slide 29

Slide 29 text

Tasks --- # tasks/foo.yml # This is a task - name: Placeholder foo command: /bin/foo # This is another task - name: Placeholder bar command: /bin/bar

Slide 30

Slide 30 text

Tasks --- - name: Install Apache apt: name=apache2 state=present update_cache=yes environment: env when: ansible_os_family == "Debian" tags: [packages] - name: enable the rewrite module apache2_module: state=present name=rewrite - name: ensure Apache service is up action: service name=apache2 state=started tags: [apache2] - name: make sure that there is no default website file: path={{ APACHE_SITES_ENABLED_CONFIG_PATH }}/000-default.conf state=ab sent notify: - reload Apache tags: [apache2]

Slide 31

Slide 31 text

Variables From inventory In playbooks From host_vars/ files From group_vars/ files

Slide 32

Slide 32 text

Variables --- - hosts: localhost vars: - greeting: Hello tasks: - command: echo "{{greeting}}, {{inventory_hostname}}"

Slide 33

Slide 33 text

Variables

Slide 34

Slide 34 text

Variables host_vars/default --- PROJECT_ROOT: "/var/www" APACHE_SITES_ENABLED_CONFIG_PATH: "/etc/apache2/sites-enabled" APACHE_SITES_AVAILABLE_CONFIG_PATH: "/etc/apache2/sites-available" IP_ADDRESS: "*" PORT: "80" HOST: "something" HOST_ALIAS: "alias"

Slide 35

Slide 35 text

{{ templates }} #{{ ansible_managed }} {% if HOST %} ServerName {{ HOST }} {% endif %} {% if HOST_ALIAS %} ServerAlias {{ HOST_ALIAS }} {% endif %} DocumentRoot {{ PROJECT_ROOT }}/web DirectoryIndex index.php # Enabled for Dev environment # LogLevel debug ...

Slide 36

Slide 36 text

{{ templates }} #Ansible managed: /Users/vranac/dev/playground-ansible/vagrant-ansible-php/ro les/apache/templates/site.conf.j2 modified on 2014-06-19 10:38:31 by vranac o n vurunica ServerName something ServerAlias alias DocumentRoot /var/www/web DirectoryIndex index.php # Enabled for Dev environment # LogLevel debug ...

Slide 37

Slide 37 text

No content

Slide 38

Slide 38 text

Roles

Slide 39

Slide 39 text

Roles roles/ nginx/ files/ handlers/main.yml meta/main.yml tasks/main.yml templates/ vars/main.yml

Slide 40

Slide 40 text

Roles --- - hosts: all roles: - nginx - mysql - { role: app, dir: '/etc/app', ntp: 'n1.example.org' } - { role: special, when: "ansible_os_family == 'RedHat'" } tasks: ...

Slide 41

Slide 41 text

Roles ... - { role: app, dir: '/etc/app', ntp: 'n1.example.org' } - { role: special, when: "ansible_os_family == 'RedHat'" } ...

Slide 42

Slide 42 text

Ansible Galaxy http://galaxy.ansible.com/ ansible-galaxy

Slide 43

Slide 43 text

Asynchronous Actions and Polling --- - hosts: all tasks: - name: simulate long running op (15 sec), wait for up to 45 sec, poll ever y 5 sec command: /bin/sleep 15 async: 45 poll: 5

Slide 44

Slide 44 text

Check Mode (“Dry Run”) Running a task in check mode --check Showing Differences with --diff

Slide 45

Slide 45 text

Compare to X https://devopsu.com/books/taste-test-grid.html

Slide 46

Slide 46 text

No content

Slide 47

Slide 47 text

The End Thank You! Questions?