How Ansible Makes Automation Easy

8,608 views

Published on

Talk for Gluecon 2014 - DevOps track.

Published in: Internet, Technology

How Ansible Makes Automation Easy

  1. 1. @pas256 @Answers4AWS How Ansible Makes Automation Easy Gluecon: May 2014 ! ! Peter Sankauskas Founder, Answers for AWS
  2. 2. @pas256 @Answers4AWS • Engineer • Founder of Answers for AWS • Wrote the EC2 inventory plugin for Ansible • Run the Advanced AWS meetup in SF • Won a NetflixOSS Cloud Prize for my Ansible playbooks About Me
  3. 3. @pas256 @Answers4AWS ! ! Beautiful, flexible shell scripts What is Ansible?
  4. 4. @pas256 @Answers4AWS • Installation and configuration of services • Code deployment • Provisioning • Image creation What can you automate?
  5. 5. @pas256 @Answers4AWS • Easy to read, write and share playbooks • Thousands of modules * • Great documentation • Support Why is it easy? * 2015 projection
  6. 6. @pas256 @Answers4AWS
  7. 7. @pas256 @Answers4AWS ! ! ! - name: Install Apache web server
 apt: pkg=apache2 state=latest
 What does this do?
  8. 8. @pas256 @Answers4AWS ! ! ! - name: Install Apache web server
 apt: pkg=apache2 state=latest
 What does this do? Documentation Arguments Module
  9. 9. @pas256 @Answers4AWS - name: Install Apache web server with PHP
 apt: pkg={{ item }} state=latest
 with_items:
 - apache2
 - php5
 - libapache2-mod-php5
 - php-apc
 !
  10. 10. @pas256 @Answers4AWS - name: Install Apache web server with PHP (apt version)
 apt: pkg={{ item }} state=latest
 with_items:
 - apache2
 - php5
 - libapache2-mod-php5
 - php-apc
 when: ansible_distribution == ‘Ubuntu'" ! ! - name: Install Apache web server with PHP (yum version)
 yum: pkg={{ item }} state=latest
 with_items:
 - httpd24
 - php55
 - php55-pecl-apc
 when: ansible_distribution == 'Amazon'
  11. 11. @pas256 @Answers4AWS - name: Copy website configuration
 copy: src=site.conf 
 dest=/etc/apache2/sites-available/site.conf 
 owner=root
 group=root
 mode=0755
 notify: restart apache
 tags: config A little more complex
  12. 12. @pas256 @Answers4AWS • Contains one or more “plays” • Written in YAML • Declare configuration • YAML is not code • Executed in the order it is written • No dependency graph Playbooks
  13. 13. @pas256 @Answers4AWS • apt/yum/pip • Add/Remove packages • command/shell • Execute any shell command (with or without environment) • copy • Copy a file from source to destination on host
 
 • file • Create directories, symlinks, change permissions • service • Start/Stop/Enable services • template • Same as copy, but with variable substitutions in file Modules
  14. 14. @pas256 @Answers4AWS accelerate acl add_host airbrake_deployment alternatives apache2_module apt apt_key apt_repository apt_rpm arista_interface arista_l2interface arista_lag arista_vlan assemble assert async_status async_wrapper at authorized_key bigip_facts bigip_monitor_http bigip_monitor_tcp bigip_node bigip_pool bigip_pool_member boundary_meter bzr campfire capabilities cloudformation command composer copy cpanm cron datadog_event debconf debug digital_ocean digital_ocean_domain digital_ocean_sshkey django_manage dnsimple dnsmadeeasy docker docker_image easy_install ec2 ec2_ami ec2_ami_search ec2_asg ec2_eip ec2_elb ec2_elb_lb ec2_facts ec2_group ec2_key ec2_lc ec2_metric_alarm ec2_scaling_policy ec2_snapshot ec2_tag ec2_vol ec2_vpc ejabberd_user elasticache facter fail fetch file filesystem fireball firewalld flowdock gc_storage gce gce_lb gce_net gce_pd gem get_url git github_hooks glance_image group group_by grove hg hipchat homebrew homebrew_cask homebrew_tap hostname htpasswd include_vars ini_file irc jabber jboss jira kernel_blacklist keystone_user layman librato_annotation lineinfile linode lldp locale_gen logentries lvg lvol macports mail modprobe mongodb_user monit mount mqtt mysql_db
  15. 15. @pas256 @Answers4AWS mysql_replication mysql_user mysql_variables nagios netscaler newrelic_deployment nexmo nova_compute nova_keypair npm ohai open_iscsi openbsd_pkg openvswitch_bridge openvswitch_port opkg osx_say ovirt pacman pagerduty pause ping pingdom pip pkgin pkgng pkgutil portage portinstall postgresql_db postgresql_privs postgresql_user quantum_floating_ip quantum_floating_ip_ associate quantum_network quantum_router quantum_router_gate way quantum_router_inter face quantum_subnet rabbitmq_parameter rabbitmq_plugin rabbitmq_policy rabbitmq_user rabbitmq_vhost raw rax rax_cbs rax_cbs_attachments rax_clb rax_clb_nodes rax_dns rax_dns_record rax_facts rax_files rax_files_objects rax_identity rax_keypair rax_network rax_queue rds rds_param_group rds_subnet_group redhat_subscription redis replace rhn_channel rhn_register riak rollbar_deployment route53 rpm_key s3 script seboolean selinux service set_fact setup shell slack slurp sns stackdriver stat subversion supervisorctl svr4pkg swdepot synchronize sysctl template twilio typetalk ufw unarchive uri urpmi user virt vsphere_guest wait_for xattr yum zfs zypper zypper_repository
  16. 16. @pas256 @Answers4AWS • Reuse a set of tasks, files, variables and templates • Ansible Galaxy for being social • Web • Database • System • more… Roles
  17. 17. @pas256 @Answers4AWS Documentation http://docs.ansible.com/ Slides http://www.slideshare.net/pas256/code-mash Video http://answersforaws.com/episodes/2-ansible-and-aws/ Introduction to Ansible
  18. 18. @pas256 @Answers4AWS ✓ Installation and configuration of services • Code deployment • Provisioning • Image creation What can you automate?
  19. 19. @pas256 @Answers4AWS - name: Get code from GitHub for branch {{ branch }}
 git: repo=git@github.com:company/website.git
 dest=/var/www/website
 version={{ branch }}
 accept_hostkey=yes" " - name: Copy database.yml from S3 to rails
 s3: bucket=company-devops object=database.yml 
 dest=/var/www/website/config/database.yml mode=get" ! - name: Bundle install
 shell: chdir=/var/www/website bundle install 
 --without development test" ! - name: Precompile assets with rake
 shell: chdir=/var/www/website RAILS_ENV={{ env }} 
 bundle exec rake assets:precompile Code deployment
  20. 20. @pas256 @Answers4AWS • Create security group • Launch instance • Create load balancer • Register instance with load balancer Provisioning
  21. 21. @pas256 @Answers4AWS Don’t do this
  22. 22. @pas256 @Answers4AWS • Use CloudFormation • Dependency management • Delete for free • Ultimate combination • python + boto + troposphere Don’t do this on AWS
  23. 23. @pas256 @Answers4AWS - local_action:
 module: gce
 name: test-instance
 zone: us-central1-a
 machine_type: n1-standard-1
 image: debian-7 Provisioning on GCE is fine
  24. 24. @pas256 @Answers4AWS ✓ Installation and configuration of services ✓ Code deployment ✓ Provisioning • Image creation What can you automate?
  25. 25. @pas256 @Answers4AWS • Run in local mode • Do not start services • Use Ansible provisioner for • aminator • packer • Use Bakery4AWS (apply for beta access) Image creation
  26. 26. @pas256 @Answers4AWS Flexible playbooks
  27. 27. @pas256 @Answers4AWS Same playbook can: • Run on a single instance Flexible playbooks Ansible Playbook Laptop
  28. 28. @pas256 @Answers4AWS Same playbook can: • Run on a single instance • Run on multiple instances Flexible playbooks Ansible Playbook Laptop
  29. 29. @pas256 @Answers4AWS Same playbook can: • Run on a single instance • Run on multiple instances • Run against multiple OSes Flexible playbooks Ansible Playbook Laptop
  30. 30. @pas256 @Answers4AWS Same playbook can: • Run on a single instance • Run on multiple instances • Run against multiple OSes • Run in local mode to create image Flexible playbooks Ansible Playbook Laptop Packer/Aminator
  31. 31. @pas256 @Answers4AWS Four things to consider to write highly flexible playbooks • Header • Common variables • Services • Handlers How?
  32. 32. @pas256 @Answers4AWS ---
 - name: My Playbook
 hosts: all
 sudo: True
 roles:
 - role1
 - role2
 vars_files:
 - vars/common.yml
 - vars/{{ ansible_distribution }}.yml Playbook header
  33. 33. @pas256 @Answers4AWS ---
 ami_build: ami is defined and ami 
 not_ami_build: ami is not defined or not ami Common Variables File
  34. 34. @pas256 @Answers4AWS - name: Enable Apache HTTP Web Server service
 service: name=httpd enabled=yes" ! - name: Starting Apache HTTP Web Server service
 service: name=httpd state=started
 when: not_ami_build" ! - name: Stopping Apache HTTP Web Server service
 service: name=httpd state=stopped
 when: ami_build Services
  35. 35. @pas256 @Answers4AWS ---
 - name: restart apache
 service: name=httpd state=restarted
 when: not_ami_build Handlers
  36. 36. @pas256 @Answers4AWS • Against Ubuntu web servers ansible-playbook myplaybook.yml -u ubuntu 
 -l web" • Against Amazon Linux web servers ansible-playbook myplaybook.yml -u ec2-user 
 -l web" • Build an AMI ansible-playbook myplaybook.yml -u ubuntu 
 -e “ami=True” -c local -i “127.0.0.1,” Execution
  37. 37. @pas256 @Answers4AWS ! Questions?
 Play Stump the Presenter ! Slides available online: • http://bit.ly/gluecon-ansible Thank you

×