This document provides an agenda and overview for a presentation on Ansible. The agenda includes introductions of Ansible, its architecture and concepts, deployment, and deploying a Symfony2 app with Ansible. Key points about Ansible are that it is a Python-powered IT automation tool that is simple, secure, and efficient. It uses SSH to manage nodes without agents. The document also discusses Ansible features, requirements, versions, and common modules.
2. About me
- Software Engineer at EPAM
- @co-organizer Lviv GDG
- @founder 2enota
Roman Rodomansky
itspoma@gmail.com
github.com/itspoma
skype: roman.rodomanskyy
linkedin.com/in/rodomansky
3. 1) Ansible overview
2) Ansible architecture and concepts
3) What is deploy?
4) Deploying Symfony2 app with Ansible
Agenda
4. - python-powered redically simple IT automation tool
- is optimized for easy automation, review, editing, &
auditability
- free, open source
- simply
- clear (anyone)
- fast (to learn, to setup)
- complete (modules)
- efficient (runs on OpenSSH)
- secure (without agents)
What is Ansible?
5. - configuration management
- application deployment
- multi-tier orchestration
- cloud provisioning
For what Ansible?
6. - agentless architecture
- management over SSH (no custom PKI-SSH-based, no
external databases, no daemons, does not leave
software installed)
- developer friendly (configuration as data, not code)
- batteries-included (usefull modules)
- dead simple
- release cycles are usually about two months long
Ansible features
10. - required Python 2.6
- or Python 2.5 (with additional paramiko, PyYAML,
python-jinja2 and httplib2 modules)
- Windows isn’t supported for the control machine
(starting with 1.8 will be fully support Windows)
- includes Red Hat, Debian, CentOS, OS X, any of the
BSDs, and so on
Control Machine Requirements
11. - Python 2.4 or later
- if Python 2.5, then with python-simplejson modules
- ansible_python_interpreter to point at your 2.x
Python
- starting in version 1.7, ansible contains support for
managing windows machines
Managed Node Requirements
12. - 1.9-dev “Dancing In the Street”
- 1.8 “You Really Got Me” Nov 26, 2014
- new Jinja2 filters, fixed a log of modules bugs, new
system, variables, new modules, docker support,
etc
- 1.7 “Summer Nights” Sep 24, 2014
Versions
16. - from git
- from os packages (recommend If you are
wishing to run the latest released version)
- from pip (recommended to use Python
package manager for other cases)
Install & Configure
23. ansible <host-pattern> [options]
vm$ cd demo1/
vm$ ansible all -m ping
vm$ ansible all -m setup
vm$ ansible all -a "grep -c processor /proc/cpuinfo"
vm$ ansible all -a "uptime"
vm$ ansible all -a "uptime" -f 10
Demo
53. 3) Running database migrations
- name: Run migrations
shell: cd {{project_root}}/releases/{{release}}
&& if $(grep doctrine-migrations-bundle composer.json);
then {{symfony2_project_php_path}} app/console
doctrine:migrations:migrate -n; fi
Symfony deployment
yet another система керування конфігураціями, для автоматизації ручної рутини
особливість - простота, при великій гнучкості
you can get started in minutes
located on github
any ручні роботи автоматизувати
it can configure systems
and deploy the applications
and orchestrate more advanced (просунутий) IT tasks:
such as continuous deployments
or zero downtime rolling updates
+докер -вагран
configurations are text
It reads like English
uses SSH to execute modules on remote machines without having to install any systems management software
comes with a large selection of modules for automating common tasks
modules can be written in any language -- if you would like to add extensions in bash, Python, Ruby, or even C, you are welcome to do so
Jira, Confluence, HipChat
from 2012, downloaded >1kk
top 10 python projects on github, new contributor added every ~1.3 days
7 commits to dev-branch every day
some for deploy, some for system tasks
fabric is a Python (2.5-2.7) library for application deployment or systems administration tasks over SSH
It provides a basic suite of operations, and uploading/downloading files
python syntax (from fabric.api import run)
capistrano: pre-post hooks (beforeX / afterX)
rollback
ant/phing
client, local-machine
requirements (вимога) for Ansible are extremely minimal (надзвичайно мінімальним)
ansible runs on a central computer
Python 2.5 + paramiko / PyYAML / python-jinja2 / httplib2
raw module do not need “python-simplejson” module more
1.9 = танці на вулиці // stable release
26 листопада 2014
24 вересня 2014
every 2 month release
перед тем, как переходити до техничних деталей
analogue: packagist, npmjs, rubygems.org
saas service => software as a service => пз як послуга
demo free
basic = 100$/month, up to 100 nodes, annual contract only
enterprise = 50$/host/per-year, 8x5 support
premium = 70$/host/per-year, 24x7 support
10 hosts = premium = 60$/per-month
from git == to get all the latest features (новейшие функции), keep up to date with the development
release cycles are usually about two months long
it's important to understand how Ansible is communicating with remote machines over SSH
by default => Ansible 1.3 try to use native OpenSSH when possible
as fallback => high-quality (высокое качество) Python implementation of OpenSSH called ‘paramiko’
In Ansible 1.2 and before - defalut is Paramiko
When speaking with remote machines, Ansible will by default assume (вважати) you are using SSH keys
local => when node == control machine
Inventory can be sourced from simple text files, the cloud, or configuration management databases
інвентар with hosts
describe infrastructure of your app servers
the things in brackets are group names, used for classifying systems, are controlling for what purpose
It is ok to put systems in more than one group, for instance a server could be both a webserver and a dbserver
pattern
діапазони
custom connection settings
group-vars / host-vars
default: /etc/ansible/
(!!!) ansible is NOT just about running commands, it also has powerful configuration management and deployment features
концепти, поняття
playbooks define configuration policy and orchestration workflows
YAML - зручний для читання людиною формат серіалізаціі даних, близький до мов розмітки
декларативность описания всего позволяет читать хорошо написанные плейбуки как английский текст
Модулей очень много, они есть на любой вкус и цвет
При помощи модулей мы можем развернуть машину в облаке
выполнить команду шела, управлять базами данных, создавать файлы и папки, копировать шаблоны, отправлять сообщения в очереди, управлять сетевой инфраструктурой, писать сообщения в чаты и много чего еще.
травень 2013 = 72, Жовтень = 175, лютий2015 = овер2000
over2000 modules on Galaxy
tags
Ansible подразумевает минимум два файла для начала работы — инвентарный файл, в который мы пишем список хостов и делим их по группам — inventory и файл задач — playbook
default: /etc/ansible/
Ansible is NOT just about running commands, it also has powerful configuration management and deployment features
best practice
feature from ansible 1.5
allows keeping encrypted data (in source control)
сховище
other things:
Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
time to implementation
Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
use with_install (cache:clear, assets:install, assets:dump)