Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Let's automate stuff with Ansible

Sebastian
October 15, 2015

Let's automate stuff with Ansible

With ansible, orchestrating machines is getting easy. Defining how a host should look like in yaml, you are able to set it up with just one command. While this is certainly useful for production systems, ansible can be used to quickly set up new testing machines, development environments (e.g. inside a virtual machine) or even your localhost.

Within this talk, we'll go into the world of DevOps, seeing what it's like to control many servers without ever manually logging into them. In the beginning the ansible architecture will be explained briefly. We'll look into how a small ansible setup looks like and what can be achieved with ansible. The talk will also provide information on the difference to other configuration management tools like chef and puppet. Best practice examples will conclude the talk.

Sebastian

October 15, 2015
Tweet

More Decks by Sebastian

Other Decks in Technology

Transcript

  1. “99 servers in the cloud, 99 servers Take one down,

    tear it apart, 98 servers in the cloud” Unknown
  2. Ad-Hoc commands $ ansible all -m ping 127.0.0.101 | success

    >> { "changed": false, "ping": "pong" } 127.0.0.102 | success >> { "changed": false, "ping": "pong" }
  3. Ad-Hoc commands $ ansible all -m copy -a "src=/etc/hosts dest=/tmp/hosts"

    $ # or $ ansible all -m command -a "echo $TERM"
  4. Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  5. Modules $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  6. Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  7. Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  8. Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  9. Tasks $ cat tasks.yml --- - name: update apt cache

    apt: update_cache=yes - name: install vim apt: pkg=vim state=latest - name: install composer shell: curl -sS https://getcomposer.org/installer | php chdir=/usr/local/src creates=/usr/local/src/composer.phar
  10. Tasks $ cat tasks.yml --- - name: install packages apt:

    pkg={{ item }} state=latest with_items: - emacs - vim
  11. Tasks $ cat tasks.yml --- - name: install packages apt:

    pkg={{ item }} state=latest with_items: - emacs - vim when: ansible_os_family == “Debian”
  12. Modules - apt, homebrew, pacman, … - and pip, gem,

    npm, composer, … - copy, file, template, … - PostgreSQL, MySQL, MongoDB, redis, … - git, hg, bzr, subversion, ... - Monitoring, Network, Cloud, ...
  13. Handlers $ cat handlers.yml - name: reload nginx service: name=nginx

    state=reloaded - name: restart nginx service: name=nginx state=restarted
  14. Handlers $ cat handlers.yml - name: reload nginx service: name=nginx

    state=reloaded - name: restart nginx service: name=nginx state=restarted
  15. Handlers $ cat tasks.yml --- - name: install nginx apt:

    pkg=nginx state=latest notify: restart nginx
  16. Folder structure $ ls -a . . .. dbservers.yml environments

    .git .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  17. Inventory files $ ls -a . . .. dbservers.yml environments

    .git .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  18. Group vars $ ls -a . . .. dbservers.yml environments

    .git .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  19. site.yml $ ls -a . . .. dbservers.yml environments .git

    .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  20. site.yml $ cat site.yml --- - hosts: all roles: -

    apt - iptables - locale - include: webservers.yml - include: dbservers.yml
  21. webservers.yml $ ls -a . . .. dbservers.yml environments .git

    .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  22. roles $ ls -a . . .. dbservers.yml environments .git

    .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml
  23. roles $ ls -a . . .. dbservers.yml environments .git

    .gitignore group_vars host_vars README.md requirements.yml roles site.yml webservers.yml $ ls roles apt iptables locale nginx php
  24. roles . .. dbservers.yml environments .git .gitignore group_vars host_vars README.md

    requirements.yml roles site.yml webservers.yml $ ls roles apt iptables locale nginx php $ ls roles/php/ defaults LICENSE meta README.md tasks templates
  25. Roles $ ls roles apt iptables locale nginx php $

    ls roles/php/ defaults LICENSE meta README.md tasks templates $ ls roles/php/tasks main.yml php.yml
  26. Roles $ cat roles/php/tasks/php.yml --- - name: install php packages

    apt: default_release={{ php_default_release }} pkg={{ item }} state=latest with_items: - php5-cli - php5-common
  27. Roles - name: configure cli php.ini ini_file: dest=/etc/php5/cli/php.ini option={{ item.key

    }} section={{ item.section }} value={{ item.value }} with_items: php_config_cli
  28. Roles $ cat roles/php/defaults/main.yml --- php_default_release: stable php_config_cli: - {

    section: date, key: date.timezone, value: UTC } - { section: PHP, key: memory_limit, value: “{{ (ansible_memtotal_mb / 100) * 50}}M” }
  29. Let’s go $ ansible-playbook -i environment/staging/inventory site.yml $ ansible-playbook -i

    environment/staging/inventory \ webservers.yml $ ansible-playbook -i environment/staging/inventory \ -t apt site.yml
  30. Let’s go TASK: [apt | install nginx] ok: [127.0.0.101] TASK:

    [php | install php packages] changed: [127.0.0.101] => (item=php5-cli,php5-common) TASK: [locale | copy localtime template] skipped: [127.0.0.101]
  31. Ansible 2.0 “Ansible 2 is coming, and it’s going to

    be awesome!” James Cammarata (Director of Ansible Core Engineering)