Deployments automatisieren und testen mit Ansible und ServerSpec

Transcript

1. Deployments automatisieren und testen mit Ansible und Serverspec @spanneberg Continuous

   Lifecycle 2015

2. Worum geht's ? → Vorstellung und Motivation → Intro Ansible

   → Intro Serverspec → Demo 2

3. Vorstellung 3 • Java Dev turned Automation Junkie • CI/CD/Automation

   seit ~2007 → Ant → Maven → Gradle → Bash → Jenkins → Puppet → Ansible → … • @codecentric München

4. Motivation – Warum eigentlich Automatisierung? Steigende Komplexität in modernen Softwareprojekten:

   • Monolith → Microservices • Vertikale Teams • Polyglot Programming • Polyglot Persistence 4

5. Motivation – Realität? 5 https://twitter.com/bitfield/status/444178302761451521

6. Motivation – Realität! 6 http://memegenerator.net/instance/22605665

7. Motivation – Also! 7 Say manual deployment one more time!

8. Intro Ansible 8

9. Intro Ansible • “Automation for everyone. Deploy apps. Manage systems.

   Crush complexity.” • Agentless → Push über SSH • YAML (na ja ...) 9

10. Intro Ansible - Überblick 10 … • Inventory aller managed

    Hosts auf dem Ansible Host • Zugriff über Plays oder Ad-Hoc- Commands

11. Intro Ansible - Inventory 11 mail.example.com aws_host ansible_ssh_private_key_file=aws.pem ansible_user=ubuntu [webservers]

    foo.example.com bar.example.com [dbservers] one.example.com two.example.com three.example.com:10022 [web_and_db:children] webservers dbservers • Liste aller gemanagten Hosts • Feingranulare Anpassung von Usern/Ports/... über Variablen möglich • Host und Group Vars möglich • Dynamic Inventories

12. Intro Ansible - Playbooks 12 ­­­ ­ hosts: webservers vars:

    http_port: 80 max_clients: 200 remote_user: root tasks: ­ name: ensure apache is at the latest version yum: name=httpd state=latest ­ name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf notify: ­ restart apache ­ name: ensure apache is running (and enable it at boot) service: name=httpd state=started enabled=yes handlers: ­ name: restart apache service: name=httpd state=restarted • 1 Play für alle Webserver • Mehrere Plays in einem Playbook möglich • Variablen/Handler/etc. Können direkt im Play definiert werden

13. Intro Ansible – Modules 13 ­­­ tasks: ­ name: ensure

    apache is at the latest version yum: name=httpd state=latest ­ name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf ­ name: ensure apache is running (and enable it at boot) service: name=httpd state=started enabled=yes • Ansible kommt aktuell mit Core (170) und Extra (272) Modules • Core z.B. apt_repository, cron, fetch, mysql_db, raw, git, subversion, docker, ec2, s3, ... • Extra z.B. bigip_pool, bigip_pool_member, consul, haproxy, iptables, jboss, jira, vmware_host, … • Eigene Module in jeder Sprache implementierbar

14. Intro Ansible – Modules 14 ­­­ tasks: ­ name: ensure

    apache is at the latest version yum: name=httpd state=latest ­ name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf ­ name: ensure apache is running (and enable it at boot) service: name=httpd state=started enabled=yes • Ansible kommt aktuell mit Core (170) und Extra (272) Modules • Core z.B. apt_repository, cron, fetch, mysql_db, raw, git, subversion, docker, ec2, s3, ... • Extra z.B. bigip_pool, bigip_pool_member, consul, haproxy, iptables, jboss, jira, vmware_host, … • Eigene Module in jeder Sprache implementierbar

15. Intro Ansible – Variables und Facts 15 ­­­ ­ name:

    stat remote application file stat: path={{ application_path }}/demo­app.jar register: remote_app_file ­ name: stat local application file stat: path=../deployment/demo­app­{{demo_app_version}}.jar sudo: false delegate_to: localhost register: local_app_file $ ansible localhost ­m setup Inventory, Playbooks, Role Defaults, Host Vars, Group Vars, Vault

16. Intro Ansible – Roles 16 roles/ common/ tasks/ main.yml handlers/

    main.yml templates/ ntp.conf.j2 files/ vars/ main.yml defaults/ main.yml meta/ main.yml • Kapselung und Wiederverwendung von Code • Variablen-Defaults • Abhängigkeiten ­ hosts: web_nodes roles: ­ web_common ­ demo_app

17. Intro Serverspec 17

18. Intro Serverspec • “RSpec test for your servers” • Lokal,

    SSH, WinRM, Docker API • Tests pro Host oder Abbildung von Rollen • Ruby ;) 18

19. Intro Serverspec – Getting started 19 $ serverspec­init Select OS

    type: 1) UN*X 2) Windows Select number: 1 Select a backend type: 1) SSH 2) Exec (local) Select number: 1 Vagrant instance y/n: n Input target host name: www.example.jp + spec/ + spec/www.example.jp/ + spec/www.example.jp/sample_spec.rb + spec/spec_helper.rb + Rakefile + .rspec

20. Intro Serverspec – Testcase 20 require 'spec_helper' describe user('app') do

    it { should exist } it { should have_login_shell '/usr/sbin/nologin' } end describe service('demo­app') do it { should be_running } end describe port(8080) do it { should be_listening } end

21. Intro Serverspec – Verfügbare Resourcen 21

22. Demo Time :) 22

23. Demo - Überblick 23 • Setup aller Komponenten und Deployment

    via Ansible • Serverspec-Test für demo-app Loadbalancer (lb) Loadbalancer (lb) Application node (node1) Application node (node2) Application node (node3)

24. Danke! 24 • Demo-Code unter github.com/spanneberg/ ansible-serverspec-demo • Feedback: [email protected]

    • Twitter: @spanneberg @codecentric