Ansible: Orchestrate your Infrastructure


Published on

The associated video is available:

Software configuration management tools are gaining ground everywhere. We've all probably at least heard of puppet, chef or salt by now, however there's a new rising star: Ansible. In this talk we'll learn about the way ansible approaches configuration management, software deployment, remote execution and other general IT tasks. We'll examine how to get up and running in a moment and how easy it is to manage multiple concurrent servers in parallel without needing additional daemons or bootstrapping! The talk will cover differences to puppet, chef etc and examine how to customise and extend Ansible with our favourite language.

Join us for this talk and you'll see why this award winning Python project has relevance for PHP and your work life through getting your servers under control.

This is a new talk about a relatively new configuration management system that is less complex to work with than puppet, chef, salt etc. but requires nothing extra on the machines being managed.

Published in: Technology

Ansible: Orchestrate your Infrastructure

  1. 1. @magma_digital Orchestrate your Infrastructure Magma Digital Ltd Jeremy Coates
  2. 2. @magma_digital Who am I?๏ Jeremy Coates, MD at Magma Digital Ltd ๏ Founder of PHPNW ๏ Manchester Digital Association Council Member ๏ @phpcodemonkey ๏
  3. 3. @magma_digital What is Ansible? SALT CHEFPUPPET Ansible
  4. 4. @magma_digital Why use it?
  5. 5. @magma_digital Install:Controller ๏ Only install on controller machine ๏ Requires: Python 2.6+, Paramiko (ssh), PyYAML, Jinja2 ๏ RedHat: yum install ansible ๏ Debian: apt-get install ansible ๏ OS X: brew install ansible ๏ All: pip install ansible or from source
  6. 6. @magma_digital Install:Remotes ๏ Nothing much! ๏ SSH server ๏ Python 2.4+ and simplejson module ๏ Or just Python 2.6+ ๏ Essentially any *nix distro in last decade
  7. 7. @magma_digital First 10 minutes ๏ Command line usage: • ansible -i hosts -m ping all • ansible webserver -m setup • ansible -i /path/to/hosts -m <module> [options e.g -vvvv] <host pattern> • Default checks /etc/ansible/hosts • -- check && -- diff
  8. 8. @magma_digital Inventory: Hosts [webservers] web ansible_ssh_host= ansible_ssh_port=2222 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key web2 ansible_ssh_host= ansible_ssh_port=2201 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key [dbservers] db ansible_ssh_host= ansible_ssh_port=2202 ansible_ssh_user=vagrant ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
  9. 9. @magma_digital Inventory:Dynamic hosts ๏ Plugin scripts for: • Amazon EC2 • Digital Ocean • Linode • Vagrant • + others ๏ Or create your own CMDB (Configuration Management DB)
  10. 10. @magma_digital Playbooks๏ Commandline doesn’t scale: Playbooks do ๏ Playbooks are YAML ๏ ansible-playbook -i hosts playbook.yml
  11. 11. @magma_digital Sample Playbook --- - hosts: localhost user: root vars: motd_warning: 'WARNING: Use by ACME Employees ONLY' tasks: - name: setup a MOTD copy: dest=/etc/motd content={{ motd_warning }}
  12. 12. @magma_digital Playbooks๏ Language of playbooks relatively familiar to devs ๏ Targets - groups of tasks / vars etc. ๏ Vars - nice and obvious! ๏ Tasks - actions using modules / vars ๏ Includes - re-usable components
  13. 13. @magma_digital Playbooks Speed ๏ Playbooks default to 5 forks • -- forks <N> to vary this ๏ async: <seconds> for long running processes ๏ poll: <seconds> check the progress ๏ Tags: target sections of play books ๏ Roles: convention to enable reuse of playbooks
  14. 14. @magma_digital Playbooks…๏ Looping: with_items:, with_fileglob: ๏ Conditional processing: when: ansible_os_family == ‘RedHat’ ๏ Task Delegation: delegate_to: <host> or local_action: shorthand ๏ Vars: hostvars, groups, inventory*, environment
  15. 15. @magma_digital Playbook Templates ๏ Jinja2 template engine. Has access to any ansible facts (vars) ๏ Comments: {# a comment #} ๏ If/else: {% if 'authorativenames' in group_names %} {% else %} {% endif %} ๏ Loops: {% for ip in ansible_all_ipv4_addresses %} {% end for %}
  16. 16. @magma_digital Modules๏ Over 100 modules already exist • Swiss army knife of machine management: ansible-doc ๏ Write own modules in any language, including PHP (json_encode) ๏ Module output key=value or JSON
  17. 17. @magma_digital Ansible-pull ๏ Runs on the machine to be configured ๏ Larger deployments (auto-scaling server farms etc.) ๏ Auto-update when repo changes ๏ Requires cron
  18. 18. @magma_digital SHARE REUSEENHANCE
  19. 19. @magma_digital Related?๏ ansible-vault - encryption for sensitive yaml files ๏ Ansible Guru - support subscription ($99/month) ๏ Ansible Tower (AWX) - commercial version • Web console, REST API • 50 machines from $2500/year (depending on support level needed) ๏ Vagrant - Ansible provisioner module
  20. 20. @magma_digital ResourcesWebsite: Documentation: Twitter: @ansible IRC: #ansible (freenode) Google Group: ansible-project Reddit: Ansible Weekly Newsletter: Ansible Configuration Management: (Daniel Hall: Packt Publishing Nov ’13 ISBN 978-1-78328-081-0)
  21. 21. @magma_digital ๏ Jeremy Coates, MD at Magma Digital Ltd ๏ Founder of PHPNW ๏ Manchester Digital Association Council Member ๏ @phpcodemonkey ๏ Simply Orchestrate