Automating with Ansible

  • View
    136

  • Download
    0

Embed Size (px)

Transcript

Ricardo Schmidt / ricardo.xmit@gmail.com

Automating with AnsibleEnjoy tonight!

+

+Who Am I?- - -

- define devops user- user: name=Ricardo Schmidt email=ricardo.xmit@gmail.com accent=Brazilian

What we will use in this presentation- Linux- YAML

My examples use:- Vagrant- EC2/AWS

Whats Ansible?Open source tool, created +- 3 years ago by Michael DeHaan.

Configuration Management + Application Deployment + Provisioning + Orchestration.

Written in Python.

Competes with Puppet, Chef, Salt Stack.Ansible isFast

Clear

Complete

SecureFast Minimal Setup

Manage 5 or 5000 nodes

Short learning curve - It is easy to learnClearDevelopers

System Administrators

IT ManagementIt's easy to write, read, maintain, and evolveCompleteconfiguration management

deploymentorchestrationprovisioning- Provisioning - Create a new node (for example an EC2 node), bootstrap it and then do the configuration management you want to.

- Configuration management involves modifying servers from a state A to a desired state B (Install packages, make sure services are running, create users, etc).

- Orchestration is when you combine multiple automation tasks for a specific purpose, where the result of the event A can be used in the event B (deploy a web application stack, network, firewalls).

SecureGo Agentless!SSH transportNo additional firewall rulesNo additional open portsUse your own userYou can sudo

Dynamic ProvisioningAnsible can manage your cloud.

Key Components of AnsibleInventoryModules/TasksAd-HocsPlaysPlaybooks

InventoryHosts and GroupsPort and addressRemote/sudo usernamesInventory: Hostsweb1.example.com ansible_ssh_port=5555 ansible_ssh_host=192.168.1.50Inventory NameSSH portConnection addressInventory: Groups[webservers]web1.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.50web2.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.51web3.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.52

[database]mysql1.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.54mysql2.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.55ModulesBits of code copied to the target system.

Modules avoid changes to the system unless a change needs to be made.

You can write your own modules.Modules: Commonly Usedapt/yumcopyec2fileservicegituser200+ Ansible ModulesTasksTask is a declaration about the state of a system.

- name: install memcached yum: name=memcached state=present

- name: Create database user with all database privileges mysql_user: name=bob password=12345 priv=*.*:ALL state=presentAd-Hoc

PlaybookAd-Hoc commands$ ansible web-hosts -m file -a "path=/opt/cache state=directory"

$ ansible web-hosts -m yum -a "name=nginx state=present"

$ ansible web-hosts -m service -a "name=nginx enabled=yes state=started"Playbook / Play---- name: This is Play 1 hosts: web-servers remote_user: fred sudo: yes

tasks: - name: create user user: name=ricardo

- name: install nginx yum: name=nginx state=present

- name: This is Play 2 hosts: memcache-1 remote_user: root tasks: - name: install memcached yum: name=memcached state=present

- name: start memcached service: name=memcached state=started

- name: copy file ABC to somewhere files: name=/etc/abc state=/etc/abc

Demo Timeinventoryad-hoc commandsplaybookSupport to WindowsStarting in version 1.7, Ansible also contains support for managing Windows machines. This uses native powershell remoting, rather than SSH.Ansible GalaxyCollection of 500 rolesCommunity reviewedGreat starting point

http://galaxy.ansible.com

Presenter 2What we didnt talkVariablesTemplatesRolesAnsible-vaultAnsible TowerHow should I start with Ansible?ansible.com

docs.ansible.com

twitter: @ansibleQ&AThanks!

Looking for a new Job? strut.ly is hiring! Talk to me!

Ricardo Schmidt - ricardo.xmit@gmail.com