Vagrant + Ansible - Speaker Deck

Vagrant + Ansible

by Michael Heap

Slide 1

Slide 1 text

Vagrant and Ansible Michael Heap (@mheap) Developer at DataSift Presented at PHPNW13 Saturday, 5 October 13

Slide 2

Slide 2 text

Vagrant? Saturday, 5 October 13

Slide 3

Slide 3 text

Ansible? Saturday, 5 October 13

Slide 4

Slide 4 text

Puppet / Chef? Saturday, 5 October 13

Slide 5

Slide 5 text

Me! I’m Michael I’m @mheap Developer at... Saturday, 5 October 13

Slide 6

Slide 6 text

Saturday, 5 October 13

Slide 7

Slide 7 text

Vagrant and Ansible Saturday, 5 October 13

Slide 8

Slide 8 text

Vagrant Development environments made easy Saturday, 5 October 13

Slide 9

Slide 9 text

Ansible Radically simple IT orchestration Saturday, 5 October 13

Slide 10

Slide 10 text

Why do we need them? Saturday, 5 October 13

Slide 11

Slide 11 text

“Works on my box” Saturday, 5 October 13

Slide 12

Slide 12 text

“The server disk died” Saturday, 5 October 13

Slide 13

Slide 13 text

Reproduction Saturday, 5 October 13

Slide 14

Slide 14 text

Let’s develop something! Spin up virtual machine Deploy dependencies Start hacking Saturday, 5 October 13

Slide 15

Slide 15 text

Get a machine This is where Vagrant comes in Saturday, 5 October 13

Slide 16

Slide 16 text

Installation You’ll need Virtualbox (https://www.virtualbox.org/) You’ll also need Vagrant (http://vagrantup.com/) Saturday, 5 October 13

Slide 17

Slide 17 text

Get a Vagrant Box A box is a virtual machine image. There are official boxes available More at http://vagrantbox.es Saturday, 5 October 13

Slide 18

Slide 18 text

Create a box vagrant box add [name] [url] Saturday, 5 October 13

Slide 19

Slide 19 text

Initialise a box mkdir vagrant-example cd vagrant-example vagrant init [name] Saturday, 5 October 13

Slide 20

Slide 20 text

Vagrant.configure(2) do |config| config.vm.box = "precise64" config.vm.network :private_network, ip: "192.168.33.10" config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end Saturday, 5 October 13

Slide 21

Slide 21 text

Slide 22

Slide 22 text

Slide 23

Slide 23 text

Slide 24

Slide 24 text

$ vagrant up This will boot up your machine. If it already exists, it’ll just boot. If it doesn’t, it’ll import your base box Saturday, 5 October 13

Slide 25

Slide 25 text

$ vagrant ssh Log in to your new VM This uses INSECURE KEYS. Saturday, 5 October 13

Slide 26

Slide 26 text

$ vagrant halt Stop your machine and free up resources Saturday, 5 October 13

Slide 27

Slide 27 text

$ vagrant destroy Destroy your VM, including any changes you made. Next time you $ vagrant up, it’ll be a fresh box Saturday, 5 October 13

Slide 28

Slide 28 text

That’s Vagrant Saturday, 5 October 13

Slide 29

Slide 29 text

Now what? We have a machine, but it doesn’t actually do anything. Saturday, 5 October 13

Slide 30

Slide 30 text

It needs provisioning That’s where Ansible comes in Saturday, 5 October 13

Slide 31

Slide 31 text

What is Ansible? “Radically simple IT orchestration.” What does that actually mean? Saturday, 5 October 13

Slide 32

Slide 32 text

Demo Time! Install apache2, php, mysql and git Configure a virtualhost Clone a site from Github Visit it in Chrome Saturday, 5 October 13

Slide 33

Slide 33 text

Installing Ansible Install from source, or from a package manager Use pip, apt or yum Saturday, 5 October 13

Slide 34

Slide 34 text

Inventory files We need to tell Ansible what machines to run on Saturday, 5 October 13

Slide 35

Slide 35 text

[web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October 13

Slide 36

Slide 36 text

[web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October 13

Slide 37

Slide 37 text

[web] web1.example.com web2.example.com [loadbalancers] lb1.example.com [db] db1.example.com Saturday, 5 October 13

Slide 38

Slide 38 text

Development [web] 192.168.33.10 192.168.33.11 [loadbalancers] 192.168.33.12 [db] 192.168.33.13 Saturday, 5 October 13

Slide 39

Slide 39 text

[web] web[1:10].example.com [loadbalancers] lb1.example.com lb2.example.com [db] db1.example.com Production Saturday, 5 October 13

Slide 40

Slide 40 text

[web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

Slide 41

Slide 41 text

[web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

Slide 42

Slide 42 text

[web] s1.a.com ansible_connection=ssh ansible_ssh_user=bob ansible_* Saturday, 5 October 13

Slide 43

Slide 43 text

[web] 192.168.33.10 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key ansible_* Saturday, 5 October 13

Slide 44

Slide 44 text

ansible-playbook Once you’ve told Ansible where to run, we need to tell it what to run Saturday, 5 October 13

Slide 45

Slide 45 text

YAML files It’s worth mentioning that playbooks are just YAML files Saturday, 5 October 13

Slide 46

Slide 46 text

--- - hosts: all sudo: true vars: - domain: demo.dev # Some packages omitted tasks: - name: Install apache apt: name=apache2 state=installed - name: create vhost template: src=templates/demo dest=/etc/apache2/sites-enabled/demo notify: - restart apache - name: clone repo git: repo=https://github.com/mheap/demo.git dest=/var/www/demo handlers: - name: restart apache service: name=apache2 state=restarted Saturday, 5 October 13

Slide 47

Slide 47 text

Slide 48

Slide 48 text

Slide 49

Slide 49 text

Slide 50

Slide 50 text

Slide 51

Slide 51 text

Slide 52

Slide 52 text

Better playbooks Whilst that playbook works, it’s not very maintainable Saturday, 5 October 13

Slide 53

Slide 53 text

Roles Ansible has a concept of roles. You can define roles e.g. “web” that installs Apache and PHP, and “db” that installs mysql and then apply them on demand. Saturday, 5 October 13

Slide 54

Slide 54 text

Tags Tag sections of playbooks and run just those sections on demand Saturday, 5 October 13

Slide 55

Slide 55 text

Parameterised includes Imagine you have a Wordpress playbook but want different database passwords for each of them. Saturday, 5 October 13

Slide 56

Slide 56 text

Conditional actions When collecting facts with Facter or ohai, you can run actions conditionally. Saturday, 5 October 13

Slide 57

Slide 57 text

Rolling Deploys You can set the maximum number of nodes to run on, and a maximum failure percentage. No need to take down your entire cluster with a bad deploy. Saturday, 5 October 13

Slide 58

Slide 58 text

More! We’d be here all day if I listed all of the available features, so go read the docs. Saturday, 5 October 13

Slide 59

Slide 59 text

Orchestration! You can do crazy things like take machines out of a load balancer pool, upgrade and add them again Saturday, 5 October 13

Slide 60

Slide 60 text

Modules There’s lots of modules available (141 at time of writing!) Saturday, 5 October 13

Slide 61

Slide 61 text

Packaging: apt, yum, pip, npm, gem Files: file, copy, template, lineinfile Cloud: ec2, linode, digital_ocean, s3, rds Notiﬁcation: campfire, hipchat, irc, jabber, email DB: mysql_user, mongodb_user, postgresql_user Alerting: monit, nagios,pagerduty, pingdom CLI: command, shell (this is a small selection) Saturday, 5 October 13

Slide 62

Slide 62 text

Write your own Use PHP if you want. Just because Ansible is Python, it doesn’t mean modules have to be. Saturday, 5 October 13

Slide 63

Slide 63 text

ansible There’s a command line tool too! Saturday, 5 October 13

Slide 64

Slide 64 text

ansible all -m “module” -a “arg1=foo arg2=bar” Saturday, 5 October 13

Slide 65

Slide 65 text

ansible all -m “shell” -a “uname -r” Saturday, 5 October 13

Slide 66

Slide 66 text

ansible all -m “shell” -a “uname -r” 192.168.33.10 | success | rc=0 >> 3.2.0-23-generic Saturday, 5 October 13

Slide 67

Slide 67 text

ansible all -m “lineinfile” -a “dest=/etc/selinux/config regexp=^SELINUX= line=SELINUX=disabled” Saturday, 5 October 13

Slide 68

Slide 68 text

Big wins It uses SSH as it’s PKI. There’s no daemon to run on a server. You choose when to run it, not a cron job. Saturday, 5 October 13

Slide 69

Slide 69 text

ansible-pull If you want it though, you can emulate the “pull” functionality. Clones your playbooks, runs them locally. Infinitely* scaleable. * If your Git host can handle infinite clones Saturday, 5 October 13

Slide 70

Slide 70 text

Running via Vagrant Vagrant has an Ansible provisioner module. Saturday, 5 October 13

Slide 71

Slide 71 text

Any questions? Saturday, 5 October 13

Slide 72

Slide 72 text

Thanks! I’ve been @mheap, you’ve been awesome. Please leave feedback on Joind.in https://joind.in/9297 Saturday, 5 October 13