Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Ansible + Amazon AWS
Amazon AWS
● Started as flexible virtual machine provider with
pay per hour billing.
● Evolved to provide PaaS for all usu...
AWS architecture
● Regions
– On several places thru world
● Availability zones
– Region has several availability zones, is...
Security first
● IAM
– 2FA
– Ec2 roles
● Individual user for ansible
– Only the permissions that are needed (you do not
wa...
AWS architecture (networking)
● Virtual private cloud (VPC)
– Isolated internal network inside AWS
– You can define own VP...
AWS (LB, server instances)
● Elastic Load Balancer (ELB)
– Scalable load balancer, capable of http, https
(HTTP/2 not yet ...
AWS RDS
● Database as a server
● Supports MySQL, MSSQL, Postgres, …
● Can create HA instance of database thru 2
availabili...
Autoscaling group + Cloudformation
● Autoscaling ensures that you have servers
running. If some instance stop working, it ...
Ansible
● Easy to start
● Agentless
● Secure
● Data driven
● Idempotent
Key concepts
● Inventory
– List of managed computers, can be grouped.
– Default in /etc/ansible/hosts.
– May be dynamicall...
Key concepts (2)
● Variables
– Defined on multiple levels (host, group, inventory).
– Used for conditionals and in templat...
Key concepts (3)
● Task
– One task do one thing (usually it is module invocation).
● Play
– Set of tasks that run on group...
Gluing it together
● Ansible has plenty of AWS modules
– http://docs.ansible.com/ansible/list_of_cloud_modules.h
● Interna...
Thanks!
David Karban
david@karban.eu
www.karban.eu
https://twitter.com/davidkarban
https://github.com/davidkarban/
Adverti...
Upcoming SlideShare
Loading in …5
×

Ansible + Amazon AWS talk installfest.cz 2016

276 views

Published on

Ansible ans Amazon AWS services can cooperate nicely, here are the slides I used for talk: https://www.youtube.com/watch?list=PLub6xBWO8gV_Mr-UuxrHcfUbuGv5n_N5g&v=vPes2x5ToUk

Published in: Internet
  • Be the first to comment

  • Be the first to like this

Ansible + Amazon AWS talk installfest.cz 2016

  1. 1. Ansible + Amazon AWS
  2. 2. Amazon AWS ● Started as flexible virtual machine provider with pay per hour billing. ● Evolved to provide PaaS for all usual work loads. ● Performance/price ratio bigger, than for dedicated servers, but great flexibility and you can save your time (Time is money, friend!). ● Immutable architecture ready!
  3. 3. AWS architecture ● Regions – On several places thru world ● Availability zones – Region has several availability zones, isolated from each other ● NAT – Internal IP`s only – 1:1 nat if public IP enabled
  4. 4. Security first ● IAM – 2FA – Ec2 roles ● Individual user for ansible – Only the permissions that are needed (you do not want to be bitcoin miner) – Cost alert
  5. 5. AWS architecture (networking) ● Virtual private cloud (VPC) – Isolated internal network inside AWS – You can define own VPC for mysql instances, for app server instances, … – Can be connected thru VPN to your company internal network (paid service). ● Security groups – Firewall, by default nothing in, all out. – One server instance can have more atached security groups
  6. 6. AWS (LB, server instances) ● Elastic Load Balancer (ELB) – Scalable load balancer, capable of http, https (HTTP/2 not yet available :() – CNAME only, do not use IP address ● EC2 (Server instances) – Work with cattles, not pets – Predefined images (AMIs) – can be easily created by ansible
  7. 7. AWS RDS ● Database as a server ● Supports MySQL, MSSQL, Postgres, … ● Can create HA instance of database thru 2 availability zones in one region with automatic failover. ● Snapshots, auto upgrades (maintenance time schedulable).
  8. 8. Autoscaling group + Cloudformation ● Autoscaling ensures that you have servers running. If some instance stop working, it is automagically trashed and new one is spawned ● Cloudformation – Infrastructure as a code tool – You can describe your platform and magic will happen
  9. 9. Ansible ● Easy to start ● Agentless ● Secure ● Data driven ● Idempotent
  10. 10. Key concepts ● Inventory – List of managed computers, can be grouped. – Default in /etc/ansible/hosts. – May be dynamically generated. ● Module – Basic work units. – Plenty of them (hundreds) available. – Template, copy, user, ... – http://docs.ansible.com/ansible/list_of_all_modules.html
  11. 11. Key concepts (2) ● Variables – Defined on multiple levels (host, group, inventory). – Used for conditionals and in templates. ● Facts – Special variables taken from server (hostname, date and time, networking setup, …). – ansible -m setup localhost
  12. 12. Key concepts (3) ● Task – One task do one thing (usually it is module invocation). ● Play – Set of tasks that run on group of computers. ● Playbook – Bunch of plays in one file. ● Role – Encapsulate set of tasks, variables, templates, files together.
  13. 13. Gluing it together ● Ansible has plenty of AWS modules – http://docs.ansible.com/ansible/list_of_cloud_modules.h ● Internally it is using python boto library, can do anything, boto can. ● Dynamic inventory. ● Tags, tags everywhere!
  14. 14. Thanks! David Karban david@karban.eu www.karban.eu https://twitter.com/davidkarban https://github.com/davidkarban/ Advertisement: We are training ansible: www.ansible.cz

×