More Related Content Similar to Getting Started with Ansible (20) Getting Started with Ansible2. Who Am I?
Ops at Prevoty
Former SRE @Twitter and Sys Adm at
Eucalyptus
4. Ansible is an IT automation tool. It can
configure systems, deploy software,
and orchestrate more advanced IT
tasks such as continuous deployments
or zero downtime rolling updates.
http://docs.ansible.com/
16. 1. Setup nginx repo
2. Install nginx
3. Configure vhost
4. Copy over the site files
27. Inventory: Dynamic
Builds a JSON inventory of hosts
Provided: AWS, GCE, Azure,
OpenStack, VMWare, Rackspace,
Linode, Digital Ocean, Cobbler,
Vagrant, Fleet, Consul, ...
29. Run an ad-hoc task
$ ansible -i <inventory>
> -m <module>
> -a <args>
> <hosts_identifier>
31. But what if I want to run
a command often or
multiple commands?
33. ---
- hosts: tag_service_web_server
vars:
- local_dir: “/myapp”
- dest_dir: “/var/www”
tasks:
- name: Install nginx
yum: name=nginx.x86_64 state=present
- name: Start nginx
service: name=nginx state=started
- name: Copy over the app
copy: src={{ local_dir }} dest={{ dest_dir }}
recursive=yes owner=nginx mode=0644
directory_mode=yes
36. ---
- hosts: tag_service_web_server
vars:
- local_dir: “/myapp”
- dest_dir: “/var/www”
tasks:
- name: Install nginx
yum: name=nginx.x86_64 state=present
- name: Start nginx
service: name=nginx state=started
- name: Copy over the app
copy: src={{ local_dir }} dest={{ dest_dir }}
recursive=yes owner=nginx mode=0644
directory_mode=yes
39. ---
- hosts: tag_service_web_server
vars:
- local_dir: “/myapp”
- dest_dir: “/var/www”
tasks:
- name: Install nginx
yum: name=nginx.x86_64 state=present
- name: Start nginx
service: name=nginx state=started
- name: Copy over the app
copy: src={{ local_dir }} dest={{ dest_dir }}
recursive=yes owner=nginx mode=0644
directory_mode=yes
40. Vars
Allows you to dynamically change values
Can be used in playbooks and templates
Different types of variables for different
workloads
41. Vars: Runtime
You can add variables from the CLI at runtime
Runtime variables take precedence
$ ansible-playbook -i <inventory>
> -e key1=value1 playbook.yml
42. 3 types of vars
Standard:
my_str: “my string”
my_num: 1
my_float: 1.234923409
my_bool: false*
* booleans also allow “yes” and “no”
43. 3 types of vars
Lists:
a_list: [‘one’, ‘two’, ‘three’]
another: [1, 2, 3]
44. 3 types of vars
Hashes (Dictionaries):
a_hash: { “key”: “value”, }
hashing_it_up: { “such”: “wow”,
“chosen”: 1, }
45. 3 types of vars
Combining them together
my_var: “Here”
complex: [
{ “key”: “value”, },
{ “key”: “blah”, },
{ “key”: my_var },
]
46. Jinja templating for vars
Use “{{ <var> }}” to access variables
{{ my_var }}
{{ my_list[0] }}
{{ my_hash[“key”] }}
48. ---
- hosts: tag_service_web_server
vars:
- local_dir: “/myapp”
- dest_dir: “/var/www”
tasks:
- name: Install nginx
yum: name=nginx.x86_64 state=present
- name: Start nginx
service: name=nginx state=started
- name: Copy over the app
copy: src={{ local_dir }} dest={{ dest_dir }}
recursive=yes owner=nginx mode=0644
directory_mode=yes
49. Tasks
Uses modules to complete tasks
100s of prebuilt modules
Examples: template, copy, yum, apt, pip, ec2,
elb, docker
Can use custom modules in tasks too
57. Loops
- name: Install nginx
yum: name=nginx.x86_64 state=latest
- name: Install php5
yum: name=php5.x86_64 state=latest
- name: Install Laravel
yum: name=php5-laravel.x86_64 state=latest
58. Loops
- name: Install packages
yum: name={{ item }} state=latest
with_items:
- nginx.x86_64
- php5.x86_64
- php5-laravel.x86_64
59. Loops
- name: Install packages
yum: name={{ item.name }} state={{ item.ver }}
with_items:
- { “name”: ”nginx.x86_64”, “ver”: ”latest” }
- { “name”: ”php5.x86_64”, “ver”: ”5.4-1” }
- { “name”: ”php5-laravel.x86_64”, ver”: ”5.4-123-1” }
64. Conditionals
- name: Install nginx (RH)
yum: name=nginx.x86_64 state=latest
when: ansible_os_family == “RedHat”
- name: Install nginx (Deb)
apt: name=nginx state=latest
when: ansible_os_family == “Debian”
68. Variables Files
Site / Groups:
Best practice to place in a group_vars
dir
group_vars/all for site vars
group_vars/<group_name> for groups
70. Variables Files: webserver
index_page: index.html
domains: [
‘example.com’,
‘www.example.com’
]
server_names: “{{ domains|join(‘ ‘) }}”
vhost_root_dir: “/usr/local/www/{{ domains[0] }}
/htdocs”
71. Variables Files
- hosts: webservers
vars_files:
- group_vars/all
- group_vars/webservers
tasks:
- name: Install nginx
yum: name=nginx state=latest
73. Roles
Used as a way to organize playbooks
Allows for portability and reuse
83. Roles: tasks/main.yml
---
- include: redhat.yml
when: ansible_os_family == “RedHat”
- include: debian.yml
when: ansible_os_family == “Debian"
- name: Copy over the nginx.conf template
template: src=nginx.conf dest=/etc/nginx/nginx.conf
notify: restart nginx
84. Roles: handlers/main.yml
---
- include: redhat.yml
when: ansible_os_family == “RedHat”
- include: debian.yml
when: ansible_os_family == “Debian”
- name: start nginx
service: name=nginx state=started
- name: restart nginx
service: name=nginx state=restarted
89. Secrets
Builtin support for using AES256
encrypted variables files
Files kept in group_vars files for easy
access
Pass in password at execution