Successfully reported this slideshow.

Provisioning using Ansible in AWS


Published on

Basic Ansible concepts, Ansible components - Playbooks, Modules, Inventory, Ansible Tower and Galaxy. Provisioning Using Ansible in AWS.

Published in: Technology

Provisioning using Ansible in AWS

  1. 1. Provisioning using Ansible in AWS Discuss Docker, Chef, Puppet, Ansible, SaltStack March 18, 2014
  2. 2. WHO AM I? Aater Suleman Geek, Architect, Developer, Ops, DevOps … Co-founder & CEO Flux7 Labs Part-time UT Austin Professor Flux7 Labs: AWS and DevOps Solutions ■ Web ■ Big data ■ HPC in/aatersuleman @FutureChips Flux7Labs @Flux7Labs
  3. 3. What is Ansible? IT automation tool Advanced tasks such as continuous deployments or zero downtime rolling updates Features: ● Simple ● Agentless: no agent on the client, uses SSH ● Scalable
  4. 4. No Databases or daemons are added after installation Root permissions are not required OS package manager for Red Hat Enterprise Linux (TM), CentOS, Fedora, Debian, or Ubuntu pip install for MacOS Installation
  5. 5. $ git clone git:// $ cd ./ansible $ source ./hacking/env-setup Installation from source To install from source $ sudo pip install paramiko PyYAML jinja2 httplib2 Install Python Modules
  6. 6. ● Ansible’s inventory file has the list of all managed host names one line per host ● Files are organized as hosts and groups. ● A set of hosts can be under a group name. ● A host can be in more than one group ● Dynamic Inventory to pull files from dynamic sources or clouds Ansible’s Inventory $ echo "" > ~/ansible_hosts $ export ANSIBLE_HOSTS=~/ansible_hosts
  7. 7. Inventory Example The format for /etc/ansible/hosts is in INI format and is as follows: webserver1 webserver2 dbserver1 [webserver] webserver1 webserver2 [dbserver] dbserver1
  8. 8. Patterns: Pattern refers to the way we decide to manage hosts Example: ● How to communicate with hosts ● Which hosts need a particular config management Patterns ansible <pattern_goes_here> -m <module_name> -a <arguments> Basic Structure:
  9. 9. 192.168.1.* Example: Address Specific host or set of hosts by name webservers webservers:dbservers Example: Address one or more groups webservers webservers:dbservers Example: Address one or more groups Pattern Examples
  10. 10. Basic Commands ansible -m ping -i hosts all Ping all hosts: Example Inventory: /etc/ansible/hosts webserver1 webserver2 dbserver1 [webserver] webserver1 webserver2 [dbserver] dbserver1 ansible webserver1 -m command -a whoami Who am I:
  11. 11. Policy for a remote system or a set of steps for a general IT process Language for Ansible’s configuration, deployment and orchestration Human readable Playbooks
  12. 12. Playbook Example --- # possibly saved as tasks/foo.yml - name: placeholder foo command: /bin/foo - name: placeholder bar command: /bin/bar Simple playbook template: ansible-playbook playbook.yml -f 10 Execute a playbook: Using a parallelism level of 10
  13. 13. Playbook Example --- - hosts: webservers remote_user: root tasks: - name: test connection ping: remote_user: yourname Defining remote users per task tasks: - name: make sure apache is running service: name=httpd state=running Simple task definition
  14. 14. Modules control system resources - services, packages, files, system commands, etc. In module directories that can be executed directly or through playbooks. Language independent -- Return JSON format data Idempotent - avoids change to system unless needed Modules
  15. 15. Module Examples # Example action to start service httpd, if not running - service: name=httpd state=started # Example action to start service foo, based on running process /usr/bin/foo - service: name=foo pattern=/usr/bin/foo state=started Service Module: Controls service on remote hosts # Update repositories cache and install "foo" package - apt: pkg=foo update_cache=yes # Update all packages to the latest version - apt: upgrade=dist apt Module : Manages apt packages
  16. 16. Module Examples $ ansible all -m user -a "name=foo password=<crypted password here>" $ ansible all -m user -a "name=foo state=absent" User Module: Manages user accounts # Basic provisioning example - local_action: module: ec2 key_name: mykey instance_type: c1.medium image: ami-40603AD1 wait: yes group: webserver count: 3 ec2 Module: create, terminate, start or stop an instance in ec2, return instanceid
  17. 17. Hub of all automation tasks Web-based solution Controls access Manages Inventory Supports autoscaling topologies through provisioning callbacks Ansible Tower
  18. 18. Provisioning Using Ansible in AWS
  19. 19. Python Module: Boto 2.5 or higher Basic Requirements $ yum install python-boto Add localhost to inventory [local] localhost - hosts: localhost connection: local gather_facts: False Pattern used in playbooks for provisioning Install this python module on the execution host:
  20. 20. ● ec2 module allows provisioning of EC2 instances ● Provisioning will be against Ansible master server in a play that operates on localhost ● Specify access and secret key using ENV variables to provide authentication to AWS related modules Provisioning in AWS # ansible localhost -m ec2 -a "image=ami-6e649707 instance_type=m1.large keypair=mykey group=webservers wait=yes" -c local Example of provisioning a number of instances in ad-hoc mode
  21. 21. tasks: - name: Provision a set of instances ec2: > keypair={{mykeypair}} group={{security_group}} instance_type={{instance_type}} image={{image}} wait=true count={{number}} register: ec2 Translates in play as follows: Registering allows dynamic creation of a host group for the new instances Provisioning in AWS
  22. 22. - name: Add all instance public IPs to host group add_host: hostname={{ item.public_ip }} groupname=ec2hosts with_items: ec2.instances Registering allows configuration actions on the hosts in a subsequent task: Include the configuration as a task include or a role rather than inline inclusion Provisioning in AWS
  23. 23. # ./ --refresh-cache Advanced Usage of Ansible in AWS Host Inventory: Use of ec2 inventory plugin when you need to talk to a node again. Schedule a regular refresh of the inventory cache using: Tags: Helps manage groups dynamically without maintaining a separate inventory Pull Configuration: Using ansible-pull - which checks out a repo of configuration instructions from git Autoscaling using Ansible Tower: By using a simple curl script
  24. 24. Questions?