Devops with ansible
-
Upload
edwin-cruz -
Category
Technology
-
view
160 -
download
3
Transcript of Devops with ansible
![Page 1: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/1.jpg)
Devops with AnsibleEdwin Cruz
Tuesday, March 10, 15
![Page 2: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/2.jpg)
What is Ansible?
• Simple IT automation engine
• Automates
• Cloud provisioning
• Configuration Management
• Application Deployment
• Intra-Service Orchestration, etc
Tuesday, March 10, 15
![Page 3: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/3.jpg)
Architecture
Ansible works by connecting to your nodes and pushing out small programs, called “Ansible Modules” to them. Ansible then executes these modules (over SSH by default), and removes them when finished.
Tuesday, March 10, 15
![Page 4: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/4.jpg)
Components
• Inventory Files
• Roles
• Playbooks
Tuesday, March 10, 15
![Page 5: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/5.jpg)
Inventory Files$ app.inv[webservers]www1.example.comwww2.example.com
[appservers]app1.example.comapp2.example.com
[memcached]memcached.example.com
[redis]redis.example.com
[dbservers]db0.example.com
Tuesday, March 10, 15
![Page 6: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/6.jpg)
Roles
• This is where all the automation happens
• Components
• Tasks
• Templates
• Variables
Tuesday, March 10, 15
![Page 7: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/7.jpg)
Rolesapp_config.yml- name: Install ruby_build dependencies sudo: true apt: pkg={{ item }} state=latest install_recommends=no with_items: - build-essential - git - libcurl4-openssl-dev - libpq-dev - libssl-dev - libxml2-dev - libxslt1-dev - zlib1g-dev- service: name=app_server state=running enabled=yes
- template: src=/opt/code/templates/foo.j2 dest=/etc/foo.conf notify: - restart app server
Tuesday, March 10, 15
![Page 8: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/8.jpg)
Templates
$ application.yml.j2
AWS_S3_BUCKET_NAME: {{staging[0]['aws_s3_bucket_name']}}AWS_ACCESS_KEY_ID: {{staging[0]['aws_access_key_id']}}AWS_SECRET_ACCESS_KEY: {{staging[0]['aws_secret_access_key']}}
REDIS_HOST: {{hostvars[groups['redis'][0]]['private_ip_address']}}MEMCACHE_SERVERS: {% for host in groups['memcached'] %}{{hostvars[host]['private_ip_address']}}:11211,{% endfor %}
HONEYBADGER_ENV: {{ honeybadger_env }}
IMAGES_CDN: {{ images_cdn }}
Tuesday, March 10, 15
![Page 9: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/9.jpg)
Templates
$ nginx/conf.d/default
upstream rails_app { {% for host in groups['appservers'] %} server {{ hostvars[host]['private_ip_address'] }}:8080; {% endfor %}}
server { root /home/{{ansible_env.USER}}/current/public;}
Tuesday, March 10, 15
![Page 10: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/10.jpg)
Variables
staging.yml
site_url: https://staging.example.comhoneybadger_env: stagingpuma_workers: 8images_cdn: example-cdn%d.global.ssl.fastly.netrails_env: staging
Tuesday, March 10, 15
![Page 11: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/11.jpg)
Playbooksbalancer.yml
- name: Load Balancers hosts: webserver gather_facts: true sudo: false user: deploy vars: rbenv_root: /home/{{ansible_env.USER}}/.rbenv version: 2.1.2
roles: - { role: common, deploy_user: deploy, deploy_group: deploy } - app - web
Tuesday, March 10, 15
![Page 12: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/12.jpg)
Playbooksbalancer.yml
- name: Load Balancers hosts: webserver gather_facts: true sudo: false user: deploy vars: rbenv_root: /home/{{ansible_env.USER}}/.rbenv version: 2.1.2
roles: - { role: common, deploy_user: deploy, deploy_group: deploy } - app - web
Tuesday, March 10, 15
![Page 13: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/13.jpg)
Now what?
brew install ansibleansible-playbook -i servers.inv balancer.ymlansible-playbook -i servers.inv appserver.ymlansible-playbook -i servers.inv fullstack.yml
Tuesday, March 10, 15
![Page 14: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/14.jpg)
Sensitive Information?
• Ansible Vault
• ansible-vault edit hosts/production/db.yml
• ansible-playbook -i servers.inv app.yml --ask-vault-pass
Tuesday, March 10, 15
![Page 15: Devops with ansible](https://reader036.fdocuments.in/reader036/viewer/2022071814/55a695841a28ab67148b468d/html5/thumbnails/15.jpg)
Thanks!
Tuesday, March 10, 15