Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
OpenStack Vancouver Summit
Learn you some Ansible for Great Good!
Juergen Brendel (@brendelconsult) , David Lapsley (@devl...
Unified test and deployment
environments
Dev, Test, Deploy
Dev, Test, Deploy
Why didn't we
catch this bug
in testing?
Dev, Test, Deploy
Why didn't we
catch this bug
in testing?
We can't
reproduce the
issues.
Dev, Test, Deploy
Why didn't we
catch this bug
in testing?
We can't
reproduce the
issues.
I don't have
access to our
test ...
Dev, Test, Deploy
Why didn't we
catch this bug
in testing?
How do I setup
my
development
environment?
We can't
reproduce t...
Dev, Test, Deploy
Why didn't we
catch this bug
in testing?
How do I setup
my
development
environment?
We can't
reproduce t...
Dev, Test, Deploy
Why didn't we
catch this bug
in testing?
How do I setup
my
development
environment?
We can't
reproduce t...
Summary
• Configuration management background
• Ansible introduction
• Rise of APIs
• Unified test and deployment environments
• D...
Configuration Management
Tools
Overview
Configuring servers
How do you configure a server?
Arcane
magic
Configuring servers
How do you configure a server?
Arcane
magic
Configuring servers
How do you configure a server?
Manual
instructions
Arcane
magic
Configuring servers
How do you configure a server?
Manual
instructions
Scripts
Arcane
magic
Configuring servers
How do you configure a server?
Manual
instructions
Scripts
CM tools
Arcane
magic
Configuring servers
How do you configure a server?
Manual
instructions
Scripts
CM tools
Automation!
CM Tools
Describe the desired state
Ensure all
system packages
are updated.
CM Tools
Describe the desired state
Ensure all
system packages
are updated.
CM Tools
Describe the desired state
Ensure package
“apache” is
installed.
Ensure all
system packages
are updated.
CM Tools
Describe the desired state
Ensure that user
“xyz” exists.
Ensure package
...
Ensure all
system packages
are updated.
CM Tools
Describe the desired state
Ensure that user
“xyz” exists.
Ensure package
...
Ensure all
system packages
are updated.
CM Tools
Describe the desired state
Ensure that user
“xyz” exists.
Ensure package
...
Ensure all
system packages
are updated.
CM Tools
Describe the desired state
Ensure that user
“xyz” exists.
Ensure package
...
Configuration Management
Tools
Varieties
Puppet (2005)
“powerful, feature-rich, enterprise-y”
Chef (2009)
CM Tools variety
Puppet (2005)
“powerful, feature-rich, enterprise-y”
Chef (2009)
Salt (2011)
“simple, fast, good for most things”
Ansible ...
Puppet (2005)
“powerful, feature-rich, enterprise-y”
Chef (2009)
Salt (2011)
“simple, fast, good for most things”
Ansible ...
Ansible Overview
• “Orchestration engine” for CM and deployment
• Written in Python
• Uses YAML
• “Playbooks”
• Config specs or explicit co...
• Key Points:
• No central configuration server
• No key management
• No agent to install on target machine
• Explicit ord...
• Key Points:
• No central configuration server
• No key management
• No agent to install on target machine
• Explicit ord...
Ansible architecture
Server 1
Server 2
Server 3
Server 4
Server 5
Your laptop
Ansible Overview
Modules
Modules
Hundreds of them. They know how to do stuff…
Command
Shell
Script
Modules
Hundreds of them. They know how to do stuff…
Command
Shell
Script
Copy
Sync
Templates
Line ops
Modules
Hundreds of them. They know how to do stuff…
Command
Shell
Script
Copy
Sync
Templates
Line ops
Install packages
Us...
Modules
Hundreds of them. They know how to do stuff…
Command
Shell
Script
Copy
Sync
Templates
Line ops
Install packages
Us...
Modules
Hundreds of them. They know how to do stuff…
Command
Shell
Script
Copy
Sync
Templates
Line ops
Install packages
Us...
Ansible Overview
How does it
work?
How does it work?
Laptop
How does it work?
Python Module
“Install Apache”
Laptop
run playbook
How does it work?
Python Module
“Install Apache”
Run ModuleLaptop
ssh
How does it work?
Python Module
“Install Apache”
Run Module
(then delete)
Run ModuleLaptop
ssh
How does it work?
Python Module
“Install Apache”
Run Module
(then delete)
Run ModuleLaptop
return results
Ansible Overview
Details
Inventory and groups
Define hosts, organized in groups
Inventory and groups
Define hosts, organized in groups
 by function
 by location
 by hosting provider
 ...
[europe]
server1.somehoster.co.uk
server2.otherhoster.de
[north-america]
host-a.serverhost.com
host-b.serverhost.com
[fron...
Adhoc commands
Single commands, applied to groups
Adhoc commands
Single commands, applied to groups
$ ansible -i hosts europe –a “uname -a”
$ ansible -i hosts frontend -a “...
• Tell Ansible what to do
Playbooks
---
- hosts: frontend
sudo: yes
tasks:
- name: Update the system
apt: pkg=nginx state=latest
- name: Create the user accou...
• Provide input to Ansible templates
Variables
---
- hosts: all
sudo: yes
vars:
username: appuser
tasks:
- name: Create the user account
user: >
name={{ username }}
shel...
• Simple layout for arranging Ansible playbooks, variables,
templates, metadata, etc.
Simple Project Layout
/
my_hosts
group_vars/
all
frontend
backend
europe
north-america
site.yml
• Best practices layout for arranging Ansible playbooks,
variables, templates, metadata, etc.
• Better suited for larger p...
/
ansible.cfg
deploy_hosts
staging_hosts
group_vars/
all
frontend
backend
europe
north-america
host_vars/
server1.somehost...
Playbooks with roles
---
- hosts: frontend
sudo: yes
roles:
- common
- web
The rise and rise of APIs
The rise and rise of APIs
APIs
The rise and rise of APIs
APIs
Local
The rise and rise of APIs
APIs
Local Infrastructure
The rise and rise of APIs
APIs
Local Infrastructure Services
The rise and rise of APIs
APIs
Local Infrastructure Services
Ansible 'cloud' modules
Public cloud
 OpenStack
 Amazon AWS
 Google Compute
 Azure
 Digital Ocean
 Linode
Private cl...
Example: AWS Modules
EC2 / infrastructure
• Instances
• Images
• VPCs
• Load balancers
Services
• S3
• Route 53
• Database...
• Create instances via AWS and OpenStack
Example: Create instances
- name: Booting EC2 guests
ec2:
key_name: my-key
group: my-security-group
instance_type: t2.micro
image: ami-120abc90
regi...
- name: Booting OpenStack guests
nova_compute:
state: present
login_username: "{{ openstack_username }}"
login_password: "...
• Add hosts to inventory
Example: Create instances
- local_action:
module: ec2
key_name: my-key
group: my-security-group
instance_type: t2.micro
image: ami-120abc90
region: ...
Unified test and deployment
environments
Vagrant
 Use Vagrant to spin-up VMs
 local (VirtualBox, VMware, etc.)
 cloud (EC2)
 Use Ansible as 'provisioner'
 Make an inv...
• Tells vagrant which VMs to construct
• How to construct them:
• RAM
• Virtual CPUs
• Network interfaces (public, private...
Vagrant.configure(2) do |config|
config.vm.box = "saucy64"
config.vm.box_url = "http://cloud-
images.ubuntu.com/vagrant/.....
• Specifies which VMs/Groups Ansible should run against
Inventory: Vagrant Hosts
[vagrant]
vagrant_host
ansible_ssh_host=192.168.1.2
[frontend-hosts]
vagrant_host
[applayer-hosts]
vagrant_host
[backend-h...
Vars: group_vars/vagrant
Variables that only apply to Vagrant instances
---
ansible_ssh_user: vagrant
Create and configure VMs
$ vagrant up
...
$ vagrant provision
Unified test and deployment
environments
Cattle, not
pets!
Desired development/deployment workflow
- Local unit tests
- Local provisioning with Vagrant + Ansible
- Integration tests...
Desired development/deployment workflow
- Create/update cloud
staging servers with
Ansible
- Provision servers with
Ansibl...
Desired development/deployment workflow
- Create/update cloud production
servers with Ansible
- Provision servers with Ans...
Demo
Dev Environment
Cacher (apt/pip)
MCP MHV1 MHV2
Ansible
Git cache
• Same Ansible playbooks can be used to provision
application locally or in the cloud
Key Takeaways
• Same Ansible playbooks can be used to provision
application locally or in the cloud
• With cloud APIs and Ansible module...
References
• Questions: jbrendel@cisco.com, dlapsley@cisco.com
• Ansible playbooks: http://bit.ly/devstack-ansible
• Ansible docs: ht...
@brendelconsult, @devlaps
Thank You
Learn you some Ansible for great good!
Upcoming SlideShare
Loading in …5
×

Learn you some Ansible for great good!

1,556 views

Published on

Ansible is a Configuration Management System that is very simple to use, because of its straightforward and robust model for managing automation and it’s low barrier to entry for ease of use in both development and production.

During OpenStack development, Ansible can be used in conjunction with Vagrant and Devstack to manage complex, multi-node development environments with relative ease.

In this presentation, Juergen Brendel and David Lapsley review Ansible and provide some sample playbooks to get developers up and running quickly. They also describes how to use Ansible, Vagrant, Devstack, and OpenStack to accelerate OpenStack development cycles.

Published in: Internet

Learn you some Ansible for great good!

  1. 1. OpenStack Vancouver Summit Learn you some Ansible for Great Good! Juergen Brendel (@brendelconsult) , David Lapsley (@devlaps) May 21, 2015
  2. 2. Unified test and deployment environments
  3. 3. Dev, Test, Deploy
  4. 4. Dev, Test, Deploy Why didn't we catch this bug in testing?
  5. 5. Dev, Test, Deploy Why didn't we catch this bug in testing? We can't reproduce the issues.
  6. 6. Dev, Test, Deploy Why didn't we catch this bug in testing? We can't reproduce the issues. I don't have access to our test server.
  7. 7. Dev, Test, Deploy Why didn't we catch this bug in testing? How do I setup my development environment? We can't reproduce the issues. I don't have access to our test server.
  8. 8. Dev, Test, Deploy Why didn't we catch this bug in testing? How do I setup my development environment? We can't reproduce the issues. I don't have access to our test server. “It works for me...” (shrug)
  9. 9. Dev, Test, Deploy Why didn't we catch this bug in testing? How do I setup my development environment? We can't reproduce the issues. I don't have access to our test server. “It works for me...” (shrug)Wouldn't this be nice instead? Single command: Dev environment created Single command: Test environment created
  10. 10. Summary
  11. 11. • Configuration management background • Ansible introduction • Rise of APIs • Unified test and deployment environments • Demonstration
  12. 12. Configuration Management Tools Overview
  13. 13. Configuring servers How do you configure a server?
  14. 14. Arcane magic Configuring servers How do you configure a server?
  15. 15. Arcane magic Configuring servers How do you configure a server? Manual instructions
  16. 16. Arcane magic Configuring servers How do you configure a server? Manual instructions Scripts
  17. 17. Arcane magic Configuring servers How do you configure a server? Manual instructions Scripts CM tools
  18. 18. Arcane magic Configuring servers How do you configure a server? Manual instructions Scripts CM tools Automation!
  19. 19. CM Tools Describe the desired state
  20. 20. Ensure all system packages are updated. CM Tools Describe the desired state
  21. 21. Ensure all system packages are updated. CM Tools Describe the desired state Ensure package “apache” is installed.
  22. 22. Ensure all system packages are updated. CM Tools Describe the desired state Ensure that user “xyz” exists. Ensure package “apache” is installed.
  23. 23. Ensure all system packages are updated. CM Tools Describe the desired state Ensure that user “xyz” exists. Ensure package “apache” is installed. Have latest sources: Clone repo, update if it exists already.
  24. 24. Ensure all system packages are updated. CM Tools Describe the desired state Ensure that user “xyz” exists. Ensure package “apache” is installed. Have latest sources: Clone repo, update if it exists already. Ensure package “postgres” v9.1 is installed.
  25. 25. Ensure all system packages are updated. CM Tools Describe the desired state Ensure that user “xyz” exists. Ensure package “apache” is installed. Have latest sources: Clone repo, update if it exists already. Ensure package “postgres” v9.1 is installed. Ensure DB “app_data” exists with password “****”.
  26. 26. Configuration Management Tools Varieties
  27. 27. Puppet (2005) “powerful, feature-rich, enterprise-y” Chef (2009) CM Tools variety
  28. 28. Puppet (2005) “powerful, feature-rich, enterprise-y” Chef (2009) Salt (2011) “simple, fast, good for most things” Ansible (2012) CM Tools variety
  29. 29. Puppet (2005) “powerful, feature-rich, enterprise-y” Chef (2009) Salt (2011) “simple, fast, good for most things” Ansible (2012) Fabric (2011) “not really CMS tools” Scripts CM Tools variety
  30. 30. Ansible Overview
  31. 31. • “Orchestration engine” for CM and deployment • Written in Python • Uses YAML • “Playbooks” • Config specs or explicit commands Ansible overview
  32. 32. • Key Points: • No central configuration server • No key management • No agent to install on target machine • Explicit order Ansible simplicity
  33. 33. • Key Points: • No central configuration server • No key management • No agent to install on target machine • Explicit order • Requirements: • Need SSH access (with key or password) • Need Python installed on target machine Ansible simplicity
  34. 34. Ansible architecture Server 1 Server 2 Server 3 Server 4 Server 5 Your laptop
  35. 35. Ansible Overview Modules
  36. 36. Modules Hundreds of them. They know how to do stuff… Command Shell Script
  37. 37. Modules Hundreds of them. They know how to do stuff… Command Shell Script Copy Sync Templates Line ops
  38. 38. Modules Hundreds of them. They know how to do stuff… Command Shell Script Copy Sync Templates Line ops Install packages Users and groups Networking Services
  39. 39. Modules Hundreds of them. They know how to do stuff… Command Shell Script Copy Sync Templates Line ops Install packages Users and groups Networking Services Repositories Message queues Monitoring Notification
  40. 40. Modules Hundreds of them. They know how to do stuff… Command Shell Script Copy Sync Templates Line ops Install packages Users and groups Networking Services Repositories Message queues Monitoring Notification Web servers Database servers Cloud infra
  41. 41. Ansible Overview How does it work?
  42. 42. How does it work? Laptop
  43. 43. How does it work? Python Module “Install Apache” Laptop run playbook
  44. 44. How does it work? Python Module “Install Apache” Run ModuleLaptop ssh
  45. 45. How does it work? Python Module “Install Apache” Run Module (then delete) Run ModuleLaptop ssh
  46. 46. How does it work? Python Module “Install Apache” Run Module (then delete) Run ModuleLaptop return results
  47. 47. Ansible Overview Details
  48. 48. Inventory and groups Define hosts, organized in groups
  49. 49. Inventory and groups Define hosts, organized in groups  by function  by location  by hosting provider  ...
  50. 50. [europe] server1.somehoster.co.uk server2.otherhoster.de [north-america] host-a.serverhost.com host-b.serverhost.com [frontend] server1.somehoster.co.uk host-b.serverhost.com [backend] server2.otherhoster.de host-a.serverhost.com
  51. 51. Adhoc commands Single commands, applied to groups
  52. 52. Adhoc commands Single commands, applied to groups $ ansible -i hosts europe –a “uname -a” $ ansible -i hosts frontend -a “/sbin/reboot” -f 3
  53. 53. • Tell Ansible what to do Playbooks
  54. 54. --- - hosts: frontend sudo: yes tasks: - name: Update the system apt: pkg=nginx state=latest - name: Create the user account user: name=appuser shell=/bin/bash state=present - name: Copy files to remote user's home copy: > src=files/names.txt dst=/home/appuser owner=appuser mode=0644
  55. 55. • Provide input to Ansible templates Variables
  56. 56. --- - hosts: all sudo: yes vars: username: appuser tasks: - name: Create the user account user: > name={{ username }} shell=/bin/bash state=present
  57. 57. • Simple layout for arranging Ansible playbooks, variables, templates, metadata, etc. Simple Project Layout
  58. 58. / my_hosts group_vars/ all frontend backend europe north-america site.yml
  59. 59. • Best practices layout for arranging Ansible playbooks, variables, templates, metadata, etc. • Better suited for larger projects • More extensible Best Practice Project Layout
  60. 60. / ansible.cfg deploy_hosts staging_hosts group_vars/ all frontend backend europe north-america host_vars/ server1.somehoster.co.uk host-b.serverhost.com site.yml roles/ common/ tasks/ main.yml handlers/ main.yml templates/ sshd_config.j2 files/ my_script.sh vars/ main.yml web/ ... db/ ...
  61. 61. Playbooks with roles --- - hosts: frontend sudo: yes roles: - common - web
  62. 62. The rise and rise of APIs
  63. 63. The rise and rise of APIs APIs
  64. 64. The rise and rise of APIs APIs Local
  65. 65. The rise and rise of APIs APIs Local Infrastructure
  66. 66. The rise and rise of APIs APIs Local Infrastructure Services
  67. 67. The rise and rise of APIs APIs Local Infrastructure Services
  68. 68. Ansible 'cloud' modules Public cloud  OpenStack  Amazon AWS  Google Compute  Azure  Digital Ocean  Linode Private cloud • OpenStack • Eucalyptus • Vsphere • Docker • libvirt
  69. 69. Example: AWS Modules EC2 / infrastructure • Instances • Images • VPCs • Load balancers Services • S3 • Route 53 • Databases • Cache
  70. 70. • Create instances via AWS and OpenStack Example: Create instances
  71. 71. - name: Booting EC2 guests ec2: key_name: my-key group: my-security-group instance_type: t2.micro image: ami-120abc90 region: us-east-1 count: 1 register: ec2results
  72. 72. - name: Booting OpenStack guests nova_compute: state: present login_username: "{{ openstack_username }}" login_password: "{{ openstack_password }}" login_tenant_name: "{{ openstack_tenantname }}" name: "{{ cluster_id }}-{{ item }}" image_id: "{{ openstack_image_id }}" key_name: "{{ openstack_keyname }}" wait_for: 60 flavor_id: "{{ openstack_flavor_id }}" nics: - net-id: "{{ openstack_internal_net_id }}” register: openstack_guests
  73. 73. • Add hosts to inventory Example: Create instances
  74. 74. - local_action: module: ec2 key_name: my-key group: my-security-group instance_type: t2.micro image: ami-120abc90 region: us-east-1 count: 3 register: ec2results - local_action: module: add_host hostname: {{ item.public_ip }} groupname: my-server-group with_items: ec2results.instances
  75. 75. Unified test and deployment environments Vagrant
  76. 76.  Use Vagrant to spin-up VMs  local (VirtualBox, VMware, etc.)  cloud (EC2)  Use Ansible as 'provisioner'  Make an inventory file with just your VM  Point at same playbook as before Vagrant
  77. 77. • Tells vagrant which VMs to construct • How to construct them: • RAM • Virtual CPUs • Network interfaces (public, private, static, nat’d) Vagrant config: Vagrantfile
  78. 78. Vagrant.configure(2) do |config| config.vm.box = "saucy64" config.vm.box_url = "http://cloud- images.ubuntu.com/vagrant/..." config.vm.host_name = "myapp-test" config.vm.network "private_network", ip: "192.168.1.2” config.vm.provision "ansible" do |ansible| ansible.playbook = "site.yml" #ansible.verbose = "vvvv" ansible.inventory_path = "vagrant_hosts" ansible.host_key_checking= false end end
  79. 79. • Specifies which VMs/Groups Ansible should run against Inventory: Vagrant Hosts
  80. 80. [vagrant] vagrant_host ansible_ssh_host=192.168.1.2 [frontend-hosts] vagrant_host [applayer-hosts] vagrant_host [backend-hosts] vagrant_host [db-access:children] applayer-hosts backend-hosts [appserver-access:children] frontend-hosts applayer-hosts
  81. 81. Vars: group_vars/vagrant Variables that only apply to Vagrant instances --- ansible_ssh_user: vagrant
  82. 82. Create and configure VMs $ vagrant up ... $ vagrant provision
  83. 83. Unified test and deployment environments Cattle, not pets!
  84. 84. Desired development/deployment workflow - Local unit tests - Local provisioning with Vagrant + Ansible - Integration tests Local dev and testing
  85. 85. Desired development/deployment workflow - Create/update cloud staging servers with Ansible - Provision servers with Ansible Local dev and testing Cloud testing
  86. 86. Desired development/deployment workflow - Create/update cloud production servers with Ansible - Provision servers with Ansible Local dev and testing Cloud testing Cloud deployment
  87. 87. Demo
  88. 88. Dev Environment Cacher (apt/pip) MCP MHV1 MHV2 Ansible Git cache
  89. 89. • Same Ansible playbooks can be used to provision application locally or in the cloud Key Takeaways
  90. 90. • Same Ansible playbooks can be used to provision application locally or in the cloud • With cloud APIs and Ansible modules (OpenStack, AWS, Rackspace, …) playbooks can also be used to provision infrastructure Key Takeaways
  91. 91. References
  92. 92. • Questions: jbrendel@cisco.com, dlapsley@cisco.com • Ansible playbooks: http://bit.ly/devstack-ansible • Ansible docs: http://docs.ansible.com/ • Ansible source: https://github.com/ansible/ansible • Vagrant: http://www.vagrantup.com/ • Example project: http://bit.ly/ansible-devstack
  93. 93. @brendelconsult, @devlaps Thank You

×