Ansible: Orchestrate your Infrastructure
-
Upload
jeremy-coates -
Category
Technology
-
view
2.931 -
download
4
description
Transcript of Ansible: Orchestrate your Infrastructure
@magma_digital
Orchestrate your Infrastructure
Magma Digital Ltd
Jeremy Coates
@magma_digital
Who am I?๏ Jeremy Coates, MD at Magma Digital Ltd
๏ Founder of PHPNW
๏ Manchester Digital Association Council Member
๏ @phpcodemonkey
๏ linkedin.com/in/jeremycoates
@magma_digital
What isAnsible?
SALT CHEFPUPPET Ansible
@magma_digital
Whyuse it? Predictable
Consistent
Repeatable
Known state
Easy
@magma_digital
Install:Controller๏ Only install on controller machine
๏ Requires: Python 2.6+, Paramiko (ssh), PyYAML, Jinja2
๏ RedHat: yum install ansible
๏ Debian: apt-get install ansible
๏ OS X: brew install ansible
๏ All: pip install ansible or from source
@magma_digital
Install:Remotes๏ Nothing much!
๏ SSH server
๏ Python 2.4+ and simplejson module
๏ Or just Python 2.6+
๏ Essentially any *nix distro in last decade
@magma_digital
First 10 minutes๏ Command line usage:
• ansible -i hosts -m ping all
• ansible webserver -m setup
• ansible -i /path/to/hosts -m <module> [options e.g -vvvv] <host pattern>
• Default checks /etc/ansible/hosts
• -- check && -- diff
@magma_digital
Inventory: Hosts[webservers]web ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
web2 ansible_ssh_host=127.0.0.1 ansible_ssh_port=2201 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
[dbservers]db ansible_ssh_host=127.0.0.1 ansible_ssh_port=2202 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
@magma_digital
Inventory:Dynamic hosts๏ Plugin scripts for:
• Amazon EC2
• Digital Ocean
• Linode
• Vagrant
• + others
๏ Or create your own CMDB (Configuration Management DB)
@magma_digital
Playbooks๏ Commandline doesn’t scale: Playbooks do
๏ Playbooks are YAML
๏ ansible-playbook -i hosts playbook.yml
@magma_digital
Sample Playbook
--- - hosts: localhost user: root vars: motd_warning: 'WARNING: Use by ACME Employees ONLY' tasks: - name: setup a MOTD copy: dest=/etc/motd content={{ motd_warning }}
@magma_digital
Playbooks๏ Language of playbooks relatively familiar to devs
๏ Targets - groups of tasks / vars etc.
๏ Vars - nice and obvious!
๏ Tasks - actions using modules / vars
๏ Includes - re-usable components
@magma_digital
Playbooks Speed๏ Playbooks default to 5 forks
• -- forks <N> to vary this
๏ async: <seconds> for long running processes
๏ poll: <seconds> check the progress
๏ Tags: target sections of play books
๏ Roles: convention to enable reuse of playbooks
@magma_digital
Playbooks…๏ Looping: with_items:, with_fileglob:
๏ Conditional processing: when: ansible_os_family == ‘RedHat’
๏ Task Delegation: delegate_to: <host> or local_action: shorthand
๏ Vars: hostvars, groups, inventory*, environment
@magma_digital
Playbook Templates
๏ Jinja2 template engine. Has access to any ansible facts (vars)
๏ Comments: {# a comment #}
๏ If/else: {% if 'authorativenames' in group_names %} {% else %} {% endif %}
๏ Loops: {% for ip in ansible_all_ipv4_addresses %} {% end for %}
@magma_digital
Modules๏ Over 100 modules already exist
• Swiss army knife of machine management: ansible-doc
๏ Write own modules in any language, including PHP (json_encode)
๏ Module output key=value or JSON
@magma_digital
Ansible-pull๏ Runs on the machine to be configured
๏ Larger deployments (auto-scaling server farms etc.)
๏ Auto-update when repo changes
๏ Requires cron
@magma_digital
SHARE REUSEENHANCE
@magma_digital
Related?๏ ansible-vault - encryption for sensitive yaml files
๏ Ansible Guru - support subscription ($99/month)
๏ Ansible Tower (AWX) - commercial version
• Web console, REST API
• 50 machines from $2500/year (depending on support level needed)
๏ Vagrant - Ansible provisioner module
@magma_digital
ResourcesWebsite: ansible.com Documentation: docs.ansible.comTwitter: @ansibleIRC: #ansible (freenode)
Google Group: ansible-project Reddit: reddit.com/r/ansibleAnsible Weekly Newsletter: devopsu.comAnsible Configuration Management: (Daniel Hall: Packt Publishing Nov ’13 ISBN 978-1-78328-081-0)
@magma_digital
๏ Jeremy Coates, MD at Magma Digital Ltd
๏ Founder of PHPNW
๏ Manchester Digital Association Council Member
๏ @phpcodemonkey
๏ linkedin.com/in/jeremycoates
http://bit.ly/orchestrate_infrastructure
Simply Orchestrate https://joind.in/11296