Roman R.

About me

- Software Engineer at EPAM

- @co-organizer Lviv GDG

- @founder 2enota

Roman Rodomansky

itspoma@gmail.com

github.com/itspoma

skype: roman.rodomanskyy

linkedin.com/in/rodomansky

1) Ansible overview

2) Ansible architecture and concepts

3) What is deploy?

4) Deploying Symfony2 app with Ansible

Agenda

- python-powered redically simple IT automation tool

- is optimized for easy automation, review, editing, &

auditability

- free, open source

- simply

- clear (anyone)

- fast (to learn, to setup)

- complete (modules)

- efficient (runs on OpenSSH)

- secure (without agents)

What is Ansible?

- configuration management

- application deployment

- multi-tier orchestration

- cloud provisioning

For what Ansible?

- agentless architecture

- management over SSH (no custom PKI-SSH-based, no

external databases, no daemons, does not leave

software installed)

- developer friendly (configuration as data, not code)

- batteries-included (usefull modules)

- dead simple

- release cycles are usually about two months long

Ansible features

Who uses Ansible?

Who uses Ansible?

20.01.2014

- fabric (python library)

- capistrano (capifony)

- puppet

- chef

- saltstack

- idephix, magellanes,

deployer, rocketeer (php)

Other tools

- required Python 2.6

- or Python 2.5 (with additional paramiko, PyYAML,

python-jinja2 and httplib2 modules)

- Windows isn’t supported for the control machine

(starting with 1.8 will be fully support Windows)

- includes Red Hat, Debian, CentOS, OS X, any of the

BSDs, and so on

Control Machine Requirements

- Python 2.4 or later

- if Python 2.5, then with python-simplejson modules

- ansible_python_interpreter to point at your 2.x

Python

- starting in version 1.7, ansible contains support for

managing windows machines

Managed Node Requirements

- 1.9-dev “Dancing In the Street”

- 1.8 “You Really Got Me” Nov 26, 2014

- new Jinja2 filters, fixed a log of modules bugs, new

system, variables, new modules, docker support,

etc

- 1.7 “Summer Nights” Sep 24, 2014

Versions

Ansible Galaxy

Ansible Tower

Ansible Tower

- from git

- from os packages (recommend If you are

wishing to run the latest released version)

- from pip (recommended to use Python

package manager for other cases)

Install & Configure

- Paramiko (python ssh module)

- SSH (OpenSSH)

- local

Connection types

Ansible architecture

[web]

webserver-1.example.com

webserver-2.example.com

[db]

dbserver-1.example.com

Host Inventory: Basics

[web]

webserver-[01:25].example.com

webserver-2.example.com

[db]

dbserver-[a:f].example.com

Host Inventory: Ranges

[all:children]

all-local

all-stage

[all-local:children]

web-local

db-local

[all-stage:children]

web-stage

db-stage

Host Inventory: child groups

[web-stage:children]

web-stage-testing

web-stage-production

[db-stage:children]

db-stage-testing

db-stage-production

[web-stage-testing]

testing-red

[web-stage-production]

production

[web-local]

vagrant

[db-local]

vagrant

non standart SSH-ports:

webserver-3.example.com:2222

SSH tunnel:

myhost ansible_ssh_port=5555

ansible_ssh_host=192.168.0.1

Host Inventory: More

ansible <host-pattern> [options]

vm$ cd demo1/

vm$ ansible all -m ping

vm$ ansible all -m setup

vm$ ansible all -a "grep -c processor /proc/cpuinfo"

vm$ ansible all -a "uptime"

vm$ ansible all -a "uptime" -f 10

Demo

- playbooks

- plays

- tasks and handlers

- modules

- variables

Ansible concepts

playbooks contains plays

plays contains tasks

tasks contains modules

handels can be triggered by tasks,

and will run at the end, once

Playbooks

a tasks calls a module,

and may have parameters

Tasks

Modules

May 2013 - 72, October 2014 - 175,

February 2015 - 1933 modules on Galaxy

Modules list

- package management: yum, apt

- remove execution: command, shell

- service management: service

- file handling: copy, template

- scm: git, subversion

Modules examples

- monitoring: monit, nagios, haproxy, etc

- development: jenkins, drush, solr, scala,

maven, etc

- web: Varnish, apache, composer, tomcat,

symfony2, etc

- networking: tor, RabbitMQ, iptables, etc

- cloud: stash-docker, OpenStack, etc

Modules examples #2

Module: copy and template

Module: apt and yum

Simple playbook

- playbooks

- inventory (group vars, host vars)

- command line (ansible-playbook -e

“uservar=vagrant”)

- discovered variables (facts)

Variables

Ansible Directory Structure

ls demo2-*/

ls demo3-*/

Demo

Variables

Facts

- discovered variables about systems

- ansible -m setup <hostname>

Using facts

Variables (example of group-var)

Variables (example of host-vars)

- project organization tool

- reusable components

- defined filesystem structure

- show: parameterized roles

Roles

Roles

- failed_when

- changed_when

- until

- ignore_errors

- {{ lookup(‘file’, ‘test.pub’) }}

- etc

Advanced playbook features

Usage: ansible-vault

[create|decrypt|edit|encrypt|rekey|view] [--help]

[options] file_name

Ansible vault

App deploy strategies

- basic file transfer (via ftp/scp)

- using Source Control

- using Build Scripts and other Tools

http://symfony.com/doc/current/cookbook/deployment/tools.html

1) Upload your modified code

2) Update your vendor dependencies (composer)

3) Running database migrations

4) Updated assetic assets

5) Clearing your cache

6) Other things

Symfony deployment

Symfony deployment

$ git pull

$ php composer.phar install

$ php app/console doctrine:migration:migrate --no-iteraction

$ php app/console assets:install web --symlink

$ php app/console assets:dump --env=prod

$ php app/console cache:clear

Directory structure

1) Upload your modified code

- name: Pull sources from the repository.

git: repo={{repo}} dest={{dest}} version={{branch}}

when: project_deploy_strategy == “git”

module “synchronize” for rsync

Symfony deployment

2) Update your vendor dependencies (composer)

- name: Install composer

get_url: url=https://getcomposer.org/composer.phar

dest={{project_root}}/composer.phar mode=0755 validate_certs=no

- name: Run composer install

shell: cd {{project_root}}/releases/{{release}} && {{path}}

{{project_root}}/composer.phar install {{project_composer_opts}}

Symfony deployment

3) Running database migrations

- name: Run migrations

shell: cd {{project_root}}/releases/{{release}}

&& if $(grep doctrine-migrations-bundle composer.json);

then {{symfony2_project_php_path}} app/console

doctrine:migrations:migrate -n; fi

Symfony deployment

4) Updated assetic assets

- name: Dump assets

shell: cd {{project_root}}/releases/{{release}} &&

{{symfony2_project_php_path}} app/console

assetic:dump --env={{symfony2_project_env}}

{{symfony2_project_console_opts}}

Symfony deployment

5) Clearing your cache

- name: Clear cache

shell: cd {{project_root}}/releases/{{release}} &&

{{symfony2_project_php_path}} app/console

cache:clear --env={{symfony2_project_env}}

Symfony deployment

less than 50 lines of “code”

less than 10 tasks

less than 5 variables

Complicated?

Easy way

https://galaxy.ansible.com/list#/roles/639

https://github.com/servergrove/ansible-symfony2

active release: "A-OK" ➙ failure deploying "APP" ➙

rollback ➙ active release: "A-OK"

active release: "A-OK" ➙ deploying "BORKED" ➙ fail

Deployment rollback

https://github.com/itspoma/epam-symfony2-ansible

https://galaxy.ansible.com/

Roman R.

Resources

Thanks!

- name: questions?

copy: src=audience

desc=narrator