Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif...
Transcript of Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif...
![Page 1: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/1.jpg)
AnsibleStefan AntonowiczUmass Amherst
![Page 2: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/2.jpg)
Who Am I?• Stefan Antonowicz – Manager of Systems & Programming @ Umass Amherst
• https://www.linkedin.com/in/sjantonowicz
![Page 3: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/3.jpg)
What are we doing?• High level overview of Ansible
• Setting up really basic playbooks (and running them)
• Talking over some more advanced concepts
• Silently judging the presenter
![Page 4: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/4.jpg)
What is Ansible?
• Set of tools to automate your infrastructure
• Allows you to manage configurations
• Allows you to orchestrate your deployments
![Page 5: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/5.jpg)
• Version history, testing, static analysis
• Highly duplicable, make changes everywhere
• Smaller debug surface area
• Idempotence, abstraction, and encapsulation
• Cross platform, templating, and variables
But ... Why?
![Page 6: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/6.jpg)
Pregame• Ansible installed on MACOSX
• Install Xcode if you haven’t already
• sudo easy_install pip
• sudo easy_install ansible –quiet• Need to create /etc/ansible directory
• Spun up Ubuntu 14.04 instance on AWS• Allow access on port 80
• Setup SSH keys
• Install ansible on image : sudo apt‐get install ansible
![Page 7: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/7.jpg)
Building Blocks : Inventory
Inventory
![Page 8: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/8.jpg)
Building Blocks : Inventory
• List of systems in your infrastructure
• What you want Ansible to act on
• Can be generated dynamically
![Page 9: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/9.jpg)
Building Blocks : Modules
Inventory Modules
![Page 10: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/10.jpg)
Building Blocks : Modules
• Ansible ships with a module library
• Good for running ad-hoc commands
• 1,137 module at last check• nginx, apache2, apt, yum, digital ocean, AWS, JunOS,
NetApp, OpenStack, and many others
• Extensible - you can write your own if you’d like!
![Page 11: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/11.jpg)
Building Blocks : Tasks
Tasks
Inventory Modules
![Page 12: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/12.jpg)
Building Blocks : Tasks
• Run ad-hoc commands against inventory
• Default module is the command module
![Page 13: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/13.jpg)
Building Blocks : Plays and Playbooks
Playbooks
Plays
Tasks
Inventory Modules
![Page 14: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/14.jpg)
Building Blocks : Plays and Playbooks
• Easily extensible
• Safer – harder to fat-finger an execution
• Version control and teamwork
![Page 15: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/15.jpg)
And? …
• Let’s run some playbooks!
![Page 16: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/16.jpg)
Building Blocks : Roles
Roles
Playbooks
Plays
Tasks
Inventory Modules
![Page 17: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/17.jpg)
Building Blocks : Roles
• A way to organize your playbooks
• What if I need different playbooks for teams?
• Encapsulates areas of concern• Load variables, tasks, and handlers
![Page 18: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/18.jpg)
ansible‐galaxy
• Website of external roles other people have contributed
• Similar to Puppet Forge, Chef Supermarket
• Use ansible-galaxy to create your own roles
![Page 19: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/19.jpg)
Templates
• Use the template module
• Use Jinja2 syntax http://jinja.pocoo.org/docs/2.9/
• Allows for variable substitution and logic
![Page 20: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/20.jpg)
NameVirtualHost *:80
{% for vhost in apache_vhosts %}<VirtualHost *:80>ServerName {{ vhost.servername }}DocumentRoot {{ vhost.documentroot }}
{% if vhost.serveradmin is defined %}ServerAdmin {{ vhost.serveradmin }}
{% endif %}<Directory "{{ vhost.documentroot }}">AllowOverride AllOptions -Indexes FollowSymLinksOrder allow,denyAllow from all
</Directory></VirtualHost>
{% endfor %}
![Page 21: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/21.jpg)
ansible‐vault
• Encrypts sensitive data
• Allows sensitive data to be distributed / checked in
• You’ll need to distribute the secret with your team
![Page 22: Ansible - University of Massachusetts Lowell · • Ansible installed on MACOSX • Install Xcodeif you haven’t already • sudoeasy_installpip • sudoeasy_installansible –quiet](https://reader030.fdocuments.in/reader030/viewer/2022040610/5ed1186c5b230076a5009a28/html5/thumbnails/22.jpg)
Thanks!
• http://docs.ansible.com/ansible/intro.html
• https://galaxy.ansible.com/