Let's automate stuff with Ansible

Let’s automate stuff with Ansible DrupalCamp Vienna 2015 https://www.dropbox.com/s/wmsqf8xg74bevy6/53H.jpg @Sgoettschkes

It started with bare metal ...

… and then the cloud happened

“99 servers in the cloud, 99 servers Take one down,
tear it apart, 98 servers in the cloud” Unknown

Ansible

Installation pip, brew, apt or From source (It’s just Python!)

Inventory $ cat hosts [webservers] 127.0.0.101 ansible_ssh_port=2222 127.0.0.102 ansible_ssh_user=admin [dbservers]
127.0.0.103 ansible_sudo=true

Ad-Hoc commands $ ansible all -m ping 127.0.0.101 | success
>> { "changed": false, "ping": "pong" } 127.0.0.102 | success >> { "changed": false, "ping": "pong" }

Ad-Hoc commands $ ansible all -m copy -a "src=/etc/hosts dest=/tmp/hosts"
$ # or $ ansible all -m command -a "echo $TERM"

Tasks $ cat tasks.yml --- - name: update apt cache
apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar

Modules $ cat tasks.yml --- - name: update apt cache

Tasks $ cat tasks.yml --- - name: update apt cache

Tasks $ cat tasks.yml --- - name: install packages apt:
pkg={{ item }} state=latest with_items: - emacs - vim

Tasks $ cat tasks.yml --- - name: install packages apt:
pkg={{ item }} state=latest with_items: - emacs - vim when: ansible_os_family == “Debian”

Modules - apt, homebrew, pacman, … - and pip, gem,
npm, composer, … - copy, file, template, … - PostgreSQL, MySQL, MongoDB, redis, … - git, hg, bzr, subversion, ... - Monitoring, Network, Cloud, ...

Handlers $ cat handlers.yml - name: reload nginx service: name=nginx
state=reloaded - name: restart nginx service: name=nginx state=restarted

Handlers $ cat tasks.yml --- - name: install nginx apt:
pkg=nginx state=latest notify: restart nginx

Templates $ cat templates/nginx.conf.j2 user {{ nginx_user }}; worker_processes {{
nginx_worker_processes }}; pid /var/run/nginx.pid;

Variables $ cat templates/nginx.conf.j2 user {{ nginx_user }}; worker_processes {{
nginx_worker_processes }}; pid /var/run/nginx.pid;

Facts $ cat group_vars/webservers.yml nginx_user: www-data nginx_worker_processes: "{{ ansible_processor_cores *
ansible_processor_count }}"

Roles • Grouping tasks • Separated • e.g. nginx, python,
nodejs, mongodb, ...

Putting it all together https://www.dropbox.com/s/en9t0dmeanbi2du/188H.jpg

Folder structure $ ls -a . . .. dbservers.yml environments
.git .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml

Inventory files $ ls -a . . .. dbservers.yml environments

Inventory files $ cat environments/staging/inventory 127.0.0.101 ansible_ssh_user=deploy ansible_sudo=true [webservers] 127.0.0.101
[dbservers] 127.0.0.101

Group vars $ cat environments/staging/group_vars/all.yml --- env: staging domain_www: staging.example.com
domain_static: static.staging.example.com

Group vars $ ls -a . . .. dbservers.yml environments

Group vars $ cat group_vars/all.yml --- apt_packages: - acl -
curl - git - tmux - vim

site.yml $ ls -a . . .. dbservers.yml environments .git
.gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml

site.yml $ cat site.yml --- - hosts: all roles: -
apt - iptables - locale - include: webservers.yml - include: dbservers.yml

webservers.yml $ ls -a . . .. dbservers.yml environments .git

webservers.yml $ cat webservers.yml --- - hosts: webservers roles: -
nginx - php

roles $ ls -a . . .. dbservers.yml environments .git

roles $ ls -a . . .. dbservers.yml environments .git
.gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml $ ls roles apt iptables locale nginx php

roles . .. dbservers.yml environments .git .gitignore group_vars host_vars README.md
requirements.yml roles site.yml webservers.yml $ ls roles apt iptables locale nginx php $ ls roles/php/ defaults LICENSE meta README.md tasks templates

Roles $ ls roles apt iptables locale nginx php $
ls roles/php/ defaults LICENSE meta README.md tasks templates $ ls roles/php/tasks main.yml php.yml

Roles $ cat roles/php/tasks/main.yml --- - include: php.yml tags=php

Roles $ cat roles/php/tasks/php.yml --- - name: install php packages
apt: default_release={{ php_default_release }} pkg={{ item }} state=latest with_items: - php5-cli - php5-common

Roles - name: configure cli php.ini ini_file: dest=/etc/php5/cli/php.ini option={{ item.key
}} section={{ item.section }} value={{ item.value }} with_items: php_config_cli

Roles $ cat roles/php/defaults/main.yml --- php_default_release: stable php_config_cli: - {
section: date, key: date.timezone, value: UTC } - { section: PHP, key: memory_limit, value: “{{ (ansible_memtotal_mb / 100) * 50}}M” }

Let’s go $ ansible-playbook -i environment/staging/inventory site.yml $ ansible-playbook -i
environment/staging/inventory \ webservers.yml $ ansible-playbook -i environment/staging/inventory \ -t php site.yml

Let’s go TASK: [apt | install nginx] ok: [127.0.0.101] TASK:
[php | install php packages] changed: [127.0.0.101] => (item=php5-cli,php5-common) TASK: [locale | copy localtime template] skipped: [127.0.0.101]

There is more! http://publicdomainarchive.com/wp-content/uploads/2015/03/public-domain-images-free-stock-photos-autumn.jpg

Ansible 2.0 “Ansible 2 is coming, and it’s going to
be awesome!” James Cammarata (Director of Ansible Core Engineering)

IT Automation https://www.dropbox.com/s/x8b4iqm82di9abr/186H.jpg

https://www.dropbox.com/s/6z5aiwa8l09g2pa/86H.jpg

Let's automate stuff with Ansible

Let's automate stuff with Ansible

More Decks by Sebastian

Other Decks in Programming

Featured

Transcript