Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Ansible talk at Loadays 2014

Ton Kersten
April 05, 2014
Technology
0
340

Ansible talk at Loadays 2014

Ansible, why and how I use it.

Ton Kersten

April 05, 2014
Tweet

More Decks by Ton Kersten

See All by Ton Kersten
Building an Ansible AAP cluster - Design and implementation
tonk
0
57
ARA on RHEL7 - Welcome to Hell
tonk
0
590
Ansible in a dev, tst, acc and prod enviroment
tonk
0
560
Testing Ansible Roles with Molecule
tonk
2
640
Ansible Presentation @ iSense
tonk
1
180
Puppet Introduction @ iSense
tonk
0
120
Ansible at AT TechTrack
tonk
0
150
Ansible. Why and how I use it
tonk
3
1.4k
Puppet deployment, an introduction
tonk
2
440

Other Decks in Technology

See All in Technology
FaaS における Java 起動時間の比較 (AWS / Azure / GCP) #jjug_ccc #jjug_ccc_d
tacck
2
830
【Oracle Cloud ウェビナー】Oracle Databaseはクラウドに移行するべきか否か 全10ケースをご紹介 (2023年5月24日)
oracle4engineer
PRO
1
130
Exadata Database Cloud (Exadata Cloud Service) サービス技術詳細
oracle4engineer
PRO
0
29k
APIによるレガシーシステムの改善
techtekt
0
160
CloudWatchでバレる 「君、仕事中にyo〇tube観てたよね?」
kadogen_0527
1
310
LLMの普及による機械学習の民主化とMLPdMの重要性 / democratization-of-ml-and-importance-of-mlpdm-by-llm
yuya4
2
2.8k
IoTの振り返りと、IoTが産み出すデータ形式のおさらい【IoT-Tech Meetup】
soracom
PRO
0
830
何故、UseCaseは1メソッドなのか
okuzawats
2
390
OCI Data Integration技術情報 / ocidi_technical_jp
oracle4engineer
PRO
0
450
少しずつでも出来るようになりたいもの、なに? / What do you want to be able to do step by step?
banjun
PRO
1
210
GLOBIS データサイエンスチームのご紹介/ GLOBIS Data Science Team is hiring.
globis_gdp
0
1.9k
Virtual Threads - 導入の背景と、効果的な使い方 -
skrb
2
310

Featured

See All Featured
The Mythical Team-Month
searls
211
41k
Thoughts on Productivity
jonyablonski
52
2.9k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
7
1k
Making the Leap to Tech Lead
cromwellryan
118
7.8k
Designing Experiences People Love
moore
131
22k
VelocityConf: Rendering Performance Case Studies
addyosmani
317
22k
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
110
17k
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
0
1.5k
Why Our Code Smells
bkeepers
PRO
327
55k
Fashionably flexible responsive web design (full day workshop)
malarkey
395
64k
What’s in a name? Adding method to the madness
productmarketing
PRO
14
2.1k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
16
1.2k

Transcript

  1. Ansible
    Why and how I use it!
    Ton Kersten
    AT Computing
    Antwerp, Belgium

    View Slide

  2. Introduction Why How Recap Resources Questions?
    Agenda
    1 Introduction
    2 Why
    3 How
    4 Recap
    5 Resources
    6 Questions?
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 2 / 29

    View Slide

  3. Introduction Why How Recap Resources Questions?
    $ who am i
    UNIX/Linux consultant and Trainer @ AT Computing
    UNIX Nerd (started in 1986 with SunOS 3)
    Linux Geek (started in 1992 with 0.96α)
    Scripting nerd
    Free and Open Source Software enthusiast
    Programming
    Plain text aficionado
    Big fan of things that just work
    · · ·
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 3 / 29

    View Slide

  4. Introduction Why How Recap Resources Questions?
    Long ago
    Shell scripts
    SSH loops
    Parallel SSH
    Cluster SSH
    Screen synchronized windows
    tmux synchronized panes
    · · ·
    Things got out of control
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 4 / 29

    View Slide

  5. Introduction Why How Recap Resources Questions?
    Next
    CF Engine
    Puppet
    Chef
    Salt Stack
    Juju
    Capistrano
    Fabric
    · · ·
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 5 / 29

    View Slide

  6. Introduction Why How Recap Resources Questions?
    What I want
    Simple command
    [email protected] # ansible-playbook playbooks/vtun/main.yml
    PLAY [tunservers] ***************************************
    TASK: [install package vtun] ****************************
    TASK: [deploy vtun config] ******************************
    TASK: [ensure vtund is running] *************************
    NOTIFIED: [restart vtund] *******************************
    PLAY RECAP **********************************************
    tun1 : ok=1 changed=4 unreachable=0 failed=0
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 6 / 29

    View Slide

  7. Introduction Why How Recap Resources Questions?
    Why Ansible
    No master server
    No more daemons
    No more agents
    No databases
    No separate PKI
    Uses standard SSH functionality
    Very, very powerful
    Configuration, deployment, ad-hoc, continuous
    delivery
    Simple configuration files
    Idempotent
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 7 / 29

    View Slide

  8. Introduction Why How Recap Resources Questions?
    Easy
    From nothing to production in a jiffy
    Python 2.6 + Paramiko, PyYAML, Jinja2 on master
    Python 2.4 + simplejson on nodes
    Can run in Python virtualenv
    Can run from git checkout
    Uses SSH for transport and login
    No root needed, can use sudo
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 8 / 29

    View Slide

  9. Introduction Why How Recap Resources Questions?
    Simple components (Commands)
    Commands
    ansible ⇒ The main Ansible command
    ansible-playbook ⇒ Command to run playbooks
    ansible-pull ⇒ The main Ansible pull command
    ansible-doc ⇒ Ansible documentation program
    ansible-galaxy ⇒ Command to interact with Galaxy
    ansible-vault ⇒ The Ansible password vault
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 9 / 29

    View Slide

  10. Introduction Why How Recap Resources Questions?
    Simple components (Modules)
    A lot of modules (220+ at this moment)
    Commands
    Files / templating
    Users
    Packages (yum, apt, zypper, …)
    Services
    Databases
    · · · (See: ansible-doc)
    Or, write your own
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 10 / 29

    View Slide

  11. Introduction Why How Recap Resources Questions?
    Easy install
    On all operating systems
    Create a Python virtualenv
    # pip install ansible
    On CentOS / RHEL / Scientific Linux
    Enable the EPEL repository
    # yum install ansible
    On Debian / Ubuntu
    Available in standard repository
    # apt-get install ansible
    From github (Bleeding edge)
    Install and configure git
    $ git clone http://github.com/ansible/ansible.git
    $ cd ansible
    $ sudo make install
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 11 / 29

    View Slide

  12. Introduction Why How Recap Resources Questions?
    How it works
    Module(s)
    Management
    node
    Node
    Node
    Node
    Playbooks
    or
    roles
    Hosts
    no daemons
    communication
    over SSH
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 12 / 29

    View Slide

  13. Introduction Why How Recap Resources Questions?
    My example network
    Management
    node
    and DNS
    Tunnel server
    Web server
    Web server
    dns1.example.net
    192.168.56.11/24
    web1.example.net
    192.168.56.12/24
    web2.example.net
    192.168.56.13/24
    tun1.example.net
    192.168.56.14/24
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 13 / 29

    View Slide

  14. Introduction Why How Recap Resources Questions?
    Inventory file
    # cat /etc/ansible/hosts
    dns1
    web1
    web2
    tun1
    [dnsservers]
    dns1
    [webservers]
    web1
    web2
    [tunservers]
    tun1
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 14 / 29

    View Slide

  15. Introduction Why How Recap Resources Questions?
    Site playbook
    # cat /etc/ansible/site.yml
    - hosts: all
    user: ansible
    sudo: true
    sudo_user: root
    roles:
    - common
    - sudo
    - include: playbooks/vtun/main.yml
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 15 / 29

    View Slide

  16. Introduction Why How Recap Resources Questions?
    Running Ansible
    General ansible command form:
    ansible -m -a
    # ansible all -m ping -o
    web2 | success >> {"changed": false, "ping": "pong"}
    tun1 | success >> {"changed": false, "ping": "pong"}
    web1 | success >> {"changed": false, "ping": "pong"}
    dns1 | success >> {"changed": false, "ping": "pong"}
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 16 / 29

    View Slide

  17. Introduction Why How Recap Resources Questions?
    Running a single command
    The command module is default
    # ansible webservers -a 'ls -l /etc/passwd'
    web2 | success | rc=0 >>
    -rw-r--r-- 1 root root 2302 Nov 25 13:20 /etc/passwd
    web1 | success | rc=0 >>
    -rw-r--r-- 1 root root 1906 Oct 26 19:31 /etc/passwd
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 17 / 29

    View Slide

  18. Introduction Why How Recap Resources Questions?
    Installing a package
    # ansible tunservers -m yum -a name=vtun
    tun1 | success >> {
    "changed": false,
    "msg": "",
    "rc": 0,
    "results": [
    "vtun-3.0.2-1.el6.rf.x86_64 providing
    vtun is already installed"
    ]
    }
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 18 / 29

    View Slide

  19. Introduction Why How Recap Resources Questions?
    Playbooks
    Written in YAML
    Recipes of desired state, for which hosts
    Can use variables
    Can contain handlers
    When a state changes, take configured action
    Can be re-used
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 19 / 29

    View Slide

  20. Introduction Why How Recap Resources Questions?
    Simple playbook
    # cat /etc/ansible/playbooks/vtun/main.yml
    - hosts: tunservers
    tasks:
    - name: install package vtun
    yum: pkg=vtun state=present
    - name: deploy vtun config
    template: src=vtund.conf.j2
    dest=/etc/vtund.conf
    owner=root group=root mode=0400
    notify:
    - restart vtund
    - name: ensure vtund is running
    service: name=vtund state=started enabled=yes
    handlers:
    - name: restart vtund
    service: name=vtund state=restarted
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 20 / 29

    View Slide

  21. Introduction Why How Recap Resources Questions?
    Playbook run
    # ansible-playbook playbooks/vtun/main.yml
    PLAY [tunservers] ***************************************
    TASK: [install package vtun] ****************************
    ok: [tun1]
    TASK: [deploy vtun config] ******************************
    ok: [tun1]
    TASK: [ensure vtund is running] *************************
    ok: [tun1]
    NOTIFIED: [restart vtund] *******************************
    changed: [tun1]
    PLAY RECAP **********************************************
    tun1 : ok=1 changed=4 unreachable=0 failed=0
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 21 / 29

    View Slide

  22. Introduction Why How Recap Resources Questions?
    Templates
    Ansible uses the Jinja2 templating engine
    Variable substitution
    Loops
    Comments
    Conditionals
    Filters
    Ansible facts are available
    Puppet Facter facts are available (if installed)
    Chefs Ohai facts are available (if installed)
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 22 / 29

    View Slide

  23. Introduction Why How Recap Resources Questions?
    Templates
    # cat playbooks/vtun/vtund.conf.j2
    # Ansible information:
    # Filedate : {{ ansible_managed }}
    # Hostname : {{ ansible_hostname }}
    tunnel {
    passwd {{ secretpassword }};
    type tun; # IP tunnel
    proto tcp; # UDP protocol
    device tun1; # Use this device
    up {
    # Connection is Up
    ifconfig "%% {{ srvaddr }} pointopoint {{ clntaddr }}";
    };
    }
    # (c) 2012-{{ ansible_date_time.year }} by {{ name }}
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 23 / 29

    View Slide

  24. Introduction Why How Recap Resources Questions?
    Roles
    Playbooks grow large and unreadable
    Standard way of writing things
    Can easily be shared with others (Through Galaxy)
    Ansible role directory structuur
    thisrole.............................................................Top of the role
    files..................................................................Role files
    handlers.........................................................Role handlers
    main.yml............................................Role handlers start
    tasks..................................................................Role tasks
    main.yml............................................Role starting point
    templates.......................................................Role templates
    vars..............................................................Role variables
    main.yml...........................................Role variables start
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 24 / 29

    View Slide

  25. Introduction Why How Recap Resources Questions?
    Roles in playbooks
    Using roles in playbooks
    - hosts: all
    roles:
    - common
    - users
    - sudo
    - hosts: webservers
    roles:
    - nginx
    - hosts: tunservers
    roles:
    - vtun
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 25 / 29

    View Slide

  26. Introduction Why How Recap Resources Questions?
    Recap
    Entire Ansible configuration is in a git repo
    Use sudo for root commands
    Configure authorized_keys for connections
    Run ansible script every hour
    Log playbook runs to /var/log/ansible.log
    Use Ansible callbacks to give feedback
    Use roles as much as possible
    Make roles generic
    Define variables for site configuration
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 26 / 29

    View Slide

  27. Introduction Why How Recap Resources Questions?
    Resources
    Website: http://www.ansible.com
    Documentation: http://docs.ansible.com
    IRC on Freenode: #ansible
    Twitter: ansible
    Reddit: http://www.reddit.com/r/ansible
    Google Group: https://groups.google.com
    Weekly newsletter: http://devopsu.com
    Checkout and study the source from github
    · · ·
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 27 / 29

    View Slide

  28. Introduction Why How Recap Resources Questions?
    Please!!!!
    Contribute to Ansible code
    Contribute to Ansible documentation
    Use roles from Galaxy
    Share roles on Galaxy
    Spread the Ansible word. . .
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 28 / 29

    View Slide

  29. Introduction Why How Recap Resources Questions?
    Questions?
    Questions??
    Contact me
    [email protected]
    http://www.atcomputing.nl
    https://github.com/tonk
    https://speakerdeck.com/tonk
    @TonKersten on Twitter
    TKersten on IRC
    Created with
    L
    A
    TEX Beamer
    Vim
    Vim Snippets
    The Gimp
    Evince
    tk-atc-ans-v1.3
    Ton Kersten © 2014 - AT Computing 29 / 29

    View Slide