Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Ansible talk at Loadays 2014
Search
Ton Kersten
April 05, 2014
Technology
0
430
Ansible talk at Loadays 2014
Ansible, why and how I use it.
Ton Kersten
April 05, 2014
Tweet
Share
More Decks by Ton Kersten
See All by Ton Kersten
Building an Ansible AAP cluster - Design and implementation
tonk
0
220
ARA on RHEL7 - Welcome to Hell
tonk
0
780
Ansible in a dev, tst, acc and prod enviroment
tonk
0
850
Testing Ansible Roles with Molecule
tonk
2
850
Ansible Presentation @ iSense
tonk
1
340
Puppet Introduction @ iSense
tonk
0
190
Ansible at AT TechTrack
tonk
0
270
Ansible. Why and how I use it
tonk
3
1.6k
Puppet deployment, an introduction
tonk
2
490
Other Decks in Technology
See All in Technology
[読書]AWSゲームブック〜GuardDuty魔神とインシデント対応の旅〜DevIO2025
cmusudakeisuke
0
200
激動の時代を爆速リチーミングで乗り越えろ
sansantech
PRO
1
120
Biz職でもDifyでできる! 「触らないAIワークフロー」を実現する方法
igarashikana
7
3.5k
AI時代の開発を加速する組織づくり - ブログでは書けなかったリアル
hiro8ma
2
320
ViteとTypeScriptのProject Referencesで 大規模モノレポのUIカタログのリリースサイクルを高速化する
shuta13
3
210
スタートアップの現場で実践しているテストマネジメント #jasst_kyushu
makky_tyuyan
0
140
マルチエージェントのチームビルディング_2025-10-25
shinoyamada
0
190
AIエージェントによる業務効率化への飽くなき挑戦-AWS上の実開発事例から学んだ効果、現実そしてギャップ-
nasuvitz
5
1.3k
[re:Inent2025事前勉強会(有志で開催)] re:Inventで見つけた人生をちょっと変えるコツ
sh_fk2
1
460
CNCFの視点で捉えるPlatform Engineering - 最新動向と展望 / Platform Engineering from the CNCF Perspective
hhiroshell
0
140
個人でデジタル庁の デザインシステムをVue.jsで 作っている話
nishiharatsubasa
3
5.1k
CREが作る自己解決サイクルSlackワークフローに組み込んだAIによる社内ヘルプデスク改革 #cre_meetup
bengo4com
0
350
Featured
See All Featured
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
46
2.5k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
140
34k
Balancing Empowerment & Direction
lara
5
700
Large-scale JavaScript Application Architecture
addyosmani
514
110k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
253
22k
Automating Front-end Workflow
addyosmani
1371
200k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
9
1k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
34
2.3k
Keith and Marios Guide to Fast Websites
keithpitt
411
23k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
285
14k
GraphQLの誤解/rethinking-graphql
sonatard
73
11k
The World Runs on Bad Software
bkeepers
PRO
72
11k
Transcript
Ansible Why and how I use it! Ton Kersten AT
Computing Antwerp, Belgium
Introduction Why How Recap Resources Questions? Agenda 1 Introduction 2
Why 3 How 4 Recap 5 Resources 6 Questions? tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 2 / 29
Introduction Why How Recap Resources Questions? $ who am i
UNIX/Linux consultant and Trainer @ AT Computing UNIX Nerd (started in 1986 with SunOS 3) Linux Geek (started in 1992 with 0.96α) Scripting nerd Free and Open Source Software enthusiast Programming Plain text aficionado Big fan of things that just work · · · tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 3 / 29
Introduction Why How Recap Resources Questions? Long ago Shell scripts
SSH loops Parallel SSH Cluster SSH Screen synchronized windows tmux synchronized panes · · · Things got out of control tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 4 / 29
Introduction Why How Recap Resources Questions? Next CF Engine Puppet
Chef Salt Stack Juju Capistrano Fabric · · · tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 5 / 29
Introduction Why How Recap Resources Questions? What I want Simple
command root@dns1 # ansible-playbook playbooks/vtun/main.yml PLAY [tunservers] *************************************** TASK: [install package vtun] **************************** TASK: [deploy vtun config] ****************************** TASK: [ensure vtund is running] ************************* NOTIFIED: [restart vtund] ******************************* PLAY RECAP ********************************************** tun1 : ok=1 changed=4 unreachable=0 failed=0 tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 6 / 29
Introduction Why How Recap Resources Questions? Why Ansible No master
server No more daemons No more agents No databases No separate PKI Uses standard SSH functionality Very, very powerful Configuration, deployment, ad-hoc, continuous delivery Simple configuration files Idempotent tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 7 / 29
Introduction Why How Recap Resources Questions? Easy From nothing to
production in a jiffy Python 2.6 + Paramiko, PyYAML, Jinja2 on master Python 2.4 + simplejson on nodes Can run in Python virtualenv Can run from git checkout Uses SSH for transport and login No root needed, can use sudo tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 8 / 29
Introduction Why How Recap Resources Questions? Simple components (Commands) Commands
ansible ⇒ The main Ansible command ansible-playbook ⇒ Command to run playbooks ansible-pull ⇒ The main Ansible pull command ansible-doc ⇒ Ansible documentation program ansible-galaxy ⇒ Command to interact with Galaxy ansible-vault ⇒ The Ansible password vault tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 9 / 29
Introduction Why How Recap Resources Questions? Simple components (Modules) A
lot of modules (220+ at this moment) Commands Files / templating Users Packages (yum, apt, zypper, …) Services Databases · · · (See: ansible-doc) Or, write your own tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 10 / 29
Introduction Why How Recap Resources Questions? Easy install On all
operating systems Create a Python virtualenv # pip install ansible On CentOS / RHEL / Scientific Linux Enable the EPEL repository # yum install ansible On Debian / Ubuntu Available in standard repository # apt-get install ansible From github (Bleeding edge) Install and configure git $ git clone http://github.com/ansible/ansible.git $ cd ansible $ sudo make install tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 11 / 29
Introduction Why How Recap Resources Questions? How it works Module(s)
Management node Node Node Node Playbooks or roles Hosts no daemons communication over SSH tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 12 / 29
Introduction Why How Recap Resources Questions? My example network Management
node and DNS Tunnel server Web server Web server dns1.example.net 192.168.56.11/24 web1.example.net 192.168.56.12/24 web2.example.net 192.168.56.13/24 tun1.example.net 192.168.56.14/24 tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 13 / 29
Introduction Why How Recap Resources Questions? Inventory file # cat
/etc/ansible/hosts dns1 web1 web2 tun1 [dnsservers] dns1 [webservers] web1 web2 [tunservers] tun1 tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 14 / 29
Introduction Why How Recap Resources Questions? Site playbook # cat
/etc/ansible/site.yml - hosts: all user: ansible sudo: true sudo_user: root roles: - common - sudo - include: playbooks/vtun/main.yml tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 15 / 29
Introduction Why How Recap Resources Questions? Running Ansible General ansible
command form: ansible <hosts> -m <module> -a <params> <options> # ansible all -m ping -o web2 | success >> {"changed": false, "ping": "pong"} tun1 | success >> {"changed": false, "ping": "pong"} web1 | success >> {"changed": false, "ping": "pong"} dns1 | success >> {"changed": false, "ping": "pong"} tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 16 / 29
Introduction Why How Recap Resources Questions? Running a single command
The command module is default # ansible webservers -a 'ls -l /etc/passwd' web2 | success | rc=0 >> -rw-r--r-- 1 root root 2302 Nov 25 13:20 /etc/passwd web1 | success | rc=0 >> -rw-r--r-- 1 root root 1906 Oct 26 19:31 /etc/passwd tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 17 / 29
Introduction Why How Recap Resources Questions? Installing a package #
ansible tunservers -m yum -a name=vtun tun1 | success >> { "changed": false, "msg": "", "rc": 0, "results": [ "vtun-3.0.2-1.el6.rf.x86_64 providing vtun is already installed" ] } tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 18 / 29
Introduction Why How Recap Resources Questions? Playbooks Written in YAML
Recipes of desired state, for which hosts Can use variables Can contain handlers When a state changes, take configured action Can be re-used tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 19 / 29
Introduction Why How Recap Resources Questions? Simple playbook # cat
/etc/ansible/playbooks/vtun/main.yml - hosts: tunservers tasks: - name: install package vtun yum: pkg=vtun state=present - name: deploy vtun config template: src=vtund.conf.j2 dest=/etc/vtund.conf owner=root group=root mode=0400 notify: - restart vtund - name: ensure vtund is running service: name=vtund state=started enabled=yes handlers: - name: restart vtund service: name=vtund state=restarted tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 20 / 29
Introduction Why How Recap Resources Questions? Playbook run # ansible-playbook
playbooks/vtun/main.yml PLAY [tunservers] *************************************** TASK: [install package vtun] **************************** ok: [tun1] TASK: [deploy vtun config] ****************************** ok: [tun1] TASK: [ensure vtund is running] ************************* ok: [tun1] NOTIFIED: [restart vtund] ******************************* changed: [tun1] PLAY RECAP ********************************************** tun1 : ok=1 changed=4 unreachable=0 failed=0 tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 21 / 29
Introduction Why How Recap Resources Questions? Templates Ansible uses the
Jinja2 templating engine Variable substitution Loops Comments Conditionals Filters Ansible facts are available Puppet Facter facts are available (if installed) Chefs Ohai facts are available (if installed) tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 22 / 29
Introduction Why How Recap Resources Questions? Templates # cat playbooks/vtun/vtund.conf.j2
# Ansible information: # Filedate : {{ ansible_managed }} # Hostname : {{ ansible_hostname }} tunnel { passwd {{ secretpassword }}; type tun; # IP tunnel proto tcp; # UDP protocol device tun1; # Use this device up { # Connection is Up ifconfig "%% {{ srvaddr }} pointopoint {{ clntaddr }}"; }; } # (c) 2012-{{ ansible_date_time.year }} by {{ name }} tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 23 / 29
Introduction Why How Recap Resources Questions? Roles Playbooks grow large
and unreadable Standard way of writing things Can easily be shared with others (Through Galaxy) Ansible role directory structuur thisrole.............................................................Top of the role files..................................................................Role files handlers.........................................................Role handlers main.yml............................................Role handlers start tasks..................................................................Role tasks main.yml............................................Role starting point templates.......................................................Role templates vars..............................................................Role variables main.yml...........................................Role variables start tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 24 / 29
Introduction Why How Recap Resources Questions? Roles in playbooks Using
roles in playbooks - hosts: all roles: - common - users - sudo - hosts: webservers roles: - nginx - hosts: tunservers roles: - vtun tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 25 / 29
Introduction Why How Recap Resources Questions? Recap Entire Ansible configuration
is in a git repo Use sudo for root commands Configure authorized_keys for connections Run ansible script every hour Log playbook runs to /var/log/ansible.log Use Ansible callbacks to give feedback Use roles as much as possible Make roles generic Define variables for site configuration tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 26 / 29
Introduction Why How Recap Resources Questions? Resources Website: http://www.ansible.com Documentation:
http://docs.ansible.com IRC on Freenode: #ansible Twitter: ansible Reddit: http://www.reddit.com/r/ansible Google Group: https://groups.google.com Weekly newsletter: http://devopsu.com Checkout and study the source from github · · · tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 27 / 29
Introduction Why How Recap Resources Questions? Please!!!! Contribute to Ansible
code Contribute to Ansible documentation Use roles from Galaxy Share roles on Galaxy Spread the Ansible word. . . tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 28 / 29
Introduction Why How Recap Resources Questions? Questions? Questions?? Contact me
[email protected]
http://www.atcomputing.nl https://github.com/tonk https://speakerdeck.com/tonk @TonKersten on Twitter TKersten on IRC Created with L A TEX Beamer Vim Vim Snippets The Gimp Evince tk-atc-ans-v1.3 Ton Kersten © 2014 - AT Computing 29 / 29