Let's automate stuff with Ansible

Db6218c1b56d64e775eb79ea4f2889dd?s=47 Sebastian
November 27, 2015

Let's automate stuff with Ansible

With ansible, orchestrating machines is getting easy. Defining how a host should look like in yaml, you are able to set it up with just one command. While this is certainly useful for production systems, ansible can be used to quickly set up new testing machines, development environments (e.g. inside a virtual machine) or even your localhost.

Within this talk, we'll go into the world of DevOps, seeing what it's like to control many servers without ever manually logging into them. In the beginning the ansible architecture will be explained briefly. We'll look into how a small ansible setup looks like and what can be achieved with ansible. The talk will also provide information on the difference to other configuration management tools like chef and puppet. Best practice examples will conclude the talk.

Db6218c1b56d64e775eb79ea4f2889dd?s=128

Sebastian

November 27, 2015
Tweet

Transcript

  1. 4.

    “99 servers in the cloud, 99 servers Take one down,

    tear it apart, 98 servers in the cloud” Unknown
  2. 5.
  3. 6.
  4. 7.
  5. 8.
  6. 12.

    Ad-Hoc commands $ ansible all -m ping 127.0.0.101 | success

    >> { "changed": false, "ping": "pong" } 127.0.0.102 | success >> { "changed": false, "ping": "pong" }
  7. 13.

    Ad-Hoc commands $ ansible all -m copy -a "src=/etc/hosts dest=/tmp/hosts"

    $ # or $ ansible all -m command -a "echo $TERM"
  8. 14.
  9. 15.

    Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  10. 16.

    Modules $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  11. 17.

    Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  12. 18.

    Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  13. 19.

    Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  14. 20.

    Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  15. 21.

    Tasks $ cat tasks.yml --- - name: install packages apt:

    pkg={{ item }} state=latest with_items: - emacs - vim
  16. 22.

    Tasks $ cat tasks.yml --- - name: install packages apt:

    pkg={{ item }} state=latest with_items: - emacs - vim when: ansible_os_family == “Debian”
  17. 23.

    Modules - apt, homebrew, pacman, … - and pip, gem,

    npm, composer, … - copy, file, template, … - PostgreSQL, MySQL, MongoDB, redis, … - git, hg, bzr, subversion, ... - Monitoring, Network, Cloud, ...
  18. 24.

    Handlers $ cat handlers.yml - name: reload nginx service: name=nginx

    state=reloaded - name: restart nginx service: name=nginx state=restarted
  19. 25.

    Handlers $ cat handlers.yml - name: reload nginx service: name=nginx

    state=reloaded - name: restart nginx service: name=nginx state=restarted
  20. 26.

    Handlers $ cat tasks.yml --- - name: install nginx apt:

    pkg=nginx state=latest notify: restart nginx
  21. 27.
  22. 28.
  23. 32.

    Folder structure $ ls -a . . .. dbservers.yml environments

    .git .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  24. 33.

    Inventory files $ ls -a . . .. dbservers.yml environments

    .git .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  25. 36.

    Group vars $ ls -a . . .. dbservers.yml environments

    .git .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  26. 38.

    site.yml $ ls -a . . .. dbservers.yml environments .git

    .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  27. 39.

    site.yml $ cat site.yml --- - hosts: all roles: -

    apt - iptables - locale - include: webservers.yml - include: dbservers.yml
  28. 40.

    webservers.yml $ ls -a . . .. dbservers.yml environments .git

    .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  29. 42.

    roles $ ls -a . . .. dbservers.yml environments .git

    .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  30. 43.

    roles $ ls -a . . .. dbservers.yml environments .git

    .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml $ ls roles apt iptables locale nginx php
  31. 44.

    roles . .. dbservers.yml environments .git .gitignore group_vars host_vars README.md

    requirements.yml roles site.yml webservers.yml $ ls roles apt iptables locale nginx php $ ls roles/php/ defaults LICENSE meta README.md tasks templates
  32. 45.

    Roles $ ls roles apt iptables locale nginx php $

    ls roles/php/ defaults LICENSE meta README.md tasks templates $ ls roles/php/tasks main.yml php.yml
  33. 47.

    Roles $ cat roles/php/tasks/php.yml --- - name: install php packages

    apt: default_release={{ php_default_release }} pkg={{ item }} state=latest with_items: - php5-cli - php5-common
  34. 48.

    Roles - name: configure cli php.ini ini_file: dest=/etc/php5/cli/php.ini option={{ item.key

    }} section={{ item.section }} value={{ item.value }} with_items: php_config_cli
  35. 49.

    Roles $ cat roles/php/defaults/main.yml --- php_default_release: stable php_config_cli: - {

    section: date, key: date.timezone, value: UTC } - { section: PHP, key: memory_limit, value: “{{ (ansible_memtotal_mb / 100) * 50}}M” }
  36. 50.

    Let’s go $ ansible-playbook -i environment/staging/inventory site.yml $ ansible-playbook -i

    environment/staging/inventory \ webservers.yml $ ansible-playbook -i environment/staging/inventory \ -t php site.yml
  37. 51.

    Let’s go TASK: [apt | install nginx] ok: [127.0.0.101] TASK:

    [php | install php packages] changed: [127.0.0.101] => (item=php5-cli,php5-common) TASK: [locale | copy localtime template] skipped: [127.0.0.101]
  38. 53.

    Ansible 2.0 “Ansible 2 is coming, and it’s going to

    be awesome!” James Cammarata (Director of Ansible Core Engineering)