SlideShare a Scribd company logo

Configuration management I - Ansible + Packer

Xavier Serrat Bordas
Xavier Serrat Bordas

Training about what ansible is and what packer is. Also, how Ansible and Packer work together.

Software
1 of 64
Download to read offline
CONFIGURATION MANAGEMENT I 1@XSerrat
2@XSerrat
Ansible > Why do we need it? ● Easy way to configure / provision a machine ● Human-readable, it uses YAML files to define the infrastructure. ● Maintain our infrastructure definition in a version control system (GIT). ● We can use it as a documentation of our infrastructure. ● Have as similar as possible the development and production environments. 3@XSerrat
Ansible > Remote machine requirements ● SSH ● Python 4@XSerrat
Ansible > General overview 5@XSerrat Ansible Controller Machine ssh ssh ssh web 10.0.2.33 ubuntu web 10.0.2.34 ubuntu web 10.0.2.35 ubuntu Playbook web Inventory 10.0.2.33 10.0.2.34 10.0.2.35 ….
Ansible > Installation in the Controller Machine ● We only need Ansible in the controller machine (Jenkins in our case) ● Requirements: Python 2 (version 2.7) or Python 3 (versions 3.5 or higher) ● Windows is not supported for a controller machine :) ● Install on Ubuntu: ● Install on Mac: $ brew install ansible $ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo apt-add-repository --yes --update ppa:ansible/ansible $ sudo apt-get install ansible 6@XSerrat
Ansible > Directory Layout 7@XSerrat
Ansible > Directory Layout 8 inventories variables playbooks roles roles playbooks variables variables inventory inventory @XSerrat
Ansible > Playbook ● It is the entry point when we want to execute ansible ● It is like a script where you specify each task to configure a machine. ● It is written using YAML syntax. ● Each Playbook is composed of one or more “Plays” 9@XSerrat
Ansible > Playbook > Play ● A Play maps a group of hosts to some defined roles. Hosts are defined in a separate files called Inventories. ● A Role is a group of “tasks”. ● A Task is a call to an Ansible module 10@XSerrat
Ansible > Playbook > Example Playbook with one Play Playbook with two Plays P1 P2 playbook_1.yml playbook_2.yml 11@XSerrat
Ansible > Playbook > Execution ● To execute a playbook you need to type: ● Execute the playbook playbook_1.yml: $ ansible-playbook [options] playbook.yml [playbook2 ...] $ ansible-playbook -i inventories/production playbook_1.yml 12@XSerrat
Ansible > Modules (Task or Library plugins) ● Units of code we can use from the command line or in a playbook ● Simplify the readability and the way to execute actions on each task. ● Example: List of all modules: https://docs.ansible.com/ansible/latest/modules/list_of_all_modules.html List of modules by category: https://docs.ansible.com/ansible/latest/modules/modules_by_category.html 13@XSerrat
Ansible > Modules > template ● Ansible module used to define configuration file templates where we can use variables inside them. ● Templates are processed by the Jinja2 templating language (http://jinja.pocoo.org/docs/). template_example.html.j 2 14@XSerrat
Ansible > Modules > template ● Example of a task using this module: https://docs.ansible.com/ansible/latest/modules/template_module.html#template-module 15@XSerrat
Ansible > Handlers ● Run operations on change. ● Playbooks have a basic event system to respond when they detect a change in the remote machine. ● A change can be made by one or more modules. ● When a module of a task makes a change in the remote machine, we can notify about this change to execute some actions. ● “Notify” actions are triggered at the end of each block of tasks in a play. ● “Notify” actions will only be triggered once even if notified by multiple tasks. 16@XSerrat
Ansible > Handlers > Example New since Ansible 2.2 17@XSerrat
Ansible > Roles > Structure ● A way to load some variables, tasks, handlers and files to easy reusing tasks in multiple playbooks using roles. ● Possible directories in a role: ○ tasks: tasks to be executed in the role ○ handlers: handlers used in this role or outside this role ○ files: files can be deployed via this role ○ templates: templates can be deployed via this role ○ vars: variables of this role ○ defaults: default variables of this role (can be overridden by other variables). ○ meta: list of role dependencies for this role ● If a directory is used, it must have at least the main.yml 18@XSerrat
Ansible > Roles > Organizing tasks 19@XSerrat
Ansible > Roles > Using roles in a Playbook playbook.yml (original version) playbook.yml (since Ansible 2.4) 20@XSerrat
Ansible > Roles > Dependencies ● Defined in the meta/main.yml file. ● List of dependencies a role needs. ● Each role dependency will be executed before the main role. ● We can specify some variables for this role. 21@XSerrat
Ansible > Roles > Dependencies > Example *Note that the role wheel does not need allow_duplicates: true because each wheel has a different parameter (n). 22@XSerrat
Ansible > Ansible Galaxy ● Open source platform to find and use roles. See more: https://galaxy.ansible.com/ 23@XSerrat
Ansible > Ansible Galaxy > Install external roles ● If our project needs roles from Ansible Galaxy or another source, we can install each one using: $ ansible-galaxy install username.role_name Or installing all together using a requirements.yml file: $ ansible-galaxy install -r requirements.yml 24@XSerrat
● The requirements.yml file has the following aspect: Ansible > Ansible Galaxy > Install external roles requirements.yml 25@XSerrat
Ansible > Gather facts ● Collect data from remote machines to be used in playbooks. ● It is a call performed by Ansible at the very beginning. ● Data we can collect: ansible 127.0.0.1 -m setup _bootstrap_for_ansible.yml 26@XSerrat
Ansible > Inventories ● An inventory is the place where our systems are listed. ● Ansible can work with multiple systems at the same time. ● There’s a dynamic inventory to retrieve our remote machines when we need to provision them*. *More info about Dynamic inventories: https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html 27@XSerrat
Ansible > Inventories > Hosts and Groups ● We can define our hosts of the remote machines in inventory files. ● We can classify each host in different groups. INI format YAML format 28@XSerrat
Ansible > Inventories > Hosts and Groups ● By default, Ansible tries to connect via SSH using the standard port 22. If the remote machine uses another one, we need to specify it in the inventory file: badwolf.example.com:5309 ● We can define the connection type for each host using host variables*: *Variables defined in an inventory file using INI format will be always interpreted as STRING. 29@XSerrat
Ansible > Inventories > Hosts and Groups ● We can define variables per group: INI format YAML format 30@XSerrat
Ansible > Inventories > Hosts and Groups INI format YAML format Note: A child group variable will override a parent group variable. 31@XSerrat
Ansible > Inventories > Default Groups ● Every host is grouped in the default group all. ● A host without a specific group belongs to the group all and ungrouped. 32@XSerrat
Ansible > Variables ● A variable should start with a letter. It can contain letters, numbers and underscores. ● Definition and referencing of variables: ● Can be defined in: ○ Inventories (per host or group) and splitted in group_vars or host_vars files. ○ Playbooks ○ Roles foo: field1: one field2: two foo['field1'] foo.field1 https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html 33@XSerrat
Ansible > Variables > Inventories ● We can define variables directly in inventory files or in group_vars or host_vars files. Directory layouts 34@XSerrat
Ansible > Variables > Inventories ● For a host named example.com we can define some variables related to the host in a specific file: ● The file is located on host_vars/example.com or host_vars/example.com.yml . ● We can also organize variables in different files. Following the previous example: host_vars/example.com/php.yml ● For a group of hosts or a group of groups we use the same logic as hosts but using another main folder: group_vars/ 35@XSerrat
Ansible > Variables > How ansible use them ● When a playbook is executed, Ansible maps at level of host. ● Ansible merge all variables needed to provision each host. ● The order to merge variables is: a. all group (is the parent of all other groups) b. Parent group c. Child group d. Host ● When two groups are in the same level, the order is alphabetical, but we can define which is the priority of each group in order to be merged in a different order using the variable ansible_group_priority which is 1 the default value: Example: https://github.com/xserrat/company-infrastructure/tree/variables-merging-order 36@XSerrat
Ansible > Variables > Playbooks ● We can define variables in a specific play in different ways: ○ Specifying the variable and the value: ○ Specifying a variables file where variables are defined and assigned to a value: ○ Specifying variables to be prompted when executing the playbook: 37@XSerrat
Ansible > Variables > Roles ● Three ways to define variables in roles: ○ my_role/defaults/main.yml : default variables of our role ○ my_role/vars/main.yml : variables of our role ○ my_role/meta/main.yml : variables for role dependencies 38@XSerrat
Ansible > Variables > Usage in a playbook ● Conditionals https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html 39@XSerrat
Ansible > Variables > Usage in a playbook ● Loops https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html 40@XSerrat
Ansible > Variables > Main Prioritization 1. command line values (eg “-u user”) 2. role defaults 3. inventory file or script group vars 4. inventory group_vars/all 5. playbook group_vars/all 6. inventory group_vars/* 7. playbook group_vars/* 8. inventory file or script host vars 9. inventory host_vars/* 10. playbook host_vars/* 11. host facts / cached set_facts 12. play vars 13. play vars_prompt 14. play vars_files 15. role vars (defined in role/vars/main.yml) 16. block vars (only for tasks in block) 17. task vars (only for the task) 18. include_vars 19. set_facts / registered vars 20. role (and include_role) params 21. include params 22. extra vars (always win precedence) 41 PRIO https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable @XSerrat
Ansible > Tags ● We can tag tasks using tags. They allow us to execute only specific tasks who have those tags. playbook.yml $ ansible-playbook -i production playbook.yml --tags ntp *We only re-configure ntp service to the group webservers. 42@XSerrat
Ansible > Extras > Dynamic Inventory ● We can use external inventories that execute some calls to the host provider to find out hosts and then use them in a playbook. 43 https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html#inventory-script-example-aws-ec2 @XSerrat
Ansible > Extras > Ad-Hoc Commands ● We use when we need to do something really quickly and we don’t want to save for later. ● Execute a command in a multiple remote machines. ○ Example: Copy a file to some hosts (webservers) $ ansible webservers -m copy -a "src=/etc/hosts dest=/tmp/hosts" 44@XSerrat
Ansible > Extras > Ansible Container ● Configure and run docker containers using playbooks rather than using a Dockerfile. https://docs.ansible.com/ansible-container/ 45@XSerrat
Ansible > Extras > IDE plugins ● PhpStorm: Plugin called YAML/Ansible support that allows you to navigate through roles and variables using CMD/CTRL + CLICK! https://github.com/vermut/intellij-ansible ● Visual studio code: Plugin with autocompletion and other features. https://marketplace.visualstudio.com/items?itemName=vscoss.vscode-ansible 46@XSerrat
Ansible > Extras > Best practices ● Ansible provides a list of best practices when creating our playbooks: https://docs.ansible.com/ansible/2.7/user_guide/playbooks_best_practices.html 47@XSerrat
Ansible > More examples Ansible examples: https://github.com/ansible/ansible-examples ● Building a LAMP: https://github.com/ansible/ansible-examples/tree/master/lamp_simple 48@XSerrat
49@XSerrat
Packer > Why do we need it? ● Easy way to automate the creation of any type of machine image. ● Easy to share images for testing or deployment. ● Keep development, staging and production as similar as possible. ● Some advantages: ○ Super fast infrastructure deployment: Launch provisioned and configured machines in seconds. ○ Multi-provider portability: Create and use images in different environments and providers. ■ In production using AWS or/and Google Cloud. ■ In development using Docker ○ Greater testability: We can launch a machine using the image we have built to test if it works. Then we can ensure that the new machines launched from that image work properly. 50@XSerrat
Packer > General overview ● Packer uses “Templates” which are JSON files where we define how our images have to be created. ● A template has three basic components: ○ Provisioners: Responsible to configure the image (install packages, deploy app code...) ○ Builders: Responsible for creating machines and generating images from them. ○ Post-processors: Responsible for executing an action after the image is built (e.g. Upload image to a registry). 51@XSerrat
Packer > General overview > Workflow Create machine Provision machine Stop machine Generate image from stopped machine Upload generated image POST-PROCESSOR (OPTIONAL)BUILDER PROVISIONER BUILDER 52@XSerrat
Packer > Builders ● They are responsible for creating machines and generating images from them. ● We can use existing builders or create a new one. Available builders: https://www.packer.io/docs/builders/index.html 53@XSerrat
Packer > Builders > Amazon EC2 AMI Builder ● It is the builder to be used if we want to create an AWS AMI. 54 Create an AMI using a custom AMI Create an AMI using an AWS AMI @XSerrat
Packer > Builders > Amazon EC2 AMI Builder ● Using an AWS AMI as a source_ami is the same as access to the aws marketplace and looking for the AMI we want to use: 55@XSerrat
Packer > Provisioners ● They are responsible for configure the booted image using a third-party tool. ● Typical configurations: ○ Install packages ○ Create users ○ Deploy the application code 56@XSerrat
Packer > Provisioners > Ansible Remote ● Ansible Remote is a provisioner that uses ansible playbooks to provision the booted machine. ● Ansible Remote configures the booted machine using SSH, so no ansible packages needed in the booted machine. If you want to execute Ansible in the booted machine you can use the Ansible Local provisioner. 57@XSerrat
Packer > Post-Processors ● They are responsible for execute some actions when the image is built. ● Example of usage: Upload the image to a registry. 58@XSerrat
Packer > ami_template.json 59@XSerrat
Packer > Installation ● Install on Ubuntu https://www.packer.io/intro/getting-started/install.html#precompiled-binaries ● Install on Mac $ brew install packer 60@XSerrat
Packer > Template execution $ packer build ami_template.json 61@XSerrat
Packer > Best practices ● Hashicorp provides a Github repository to show a good way to define our configuration management project: https://github.com/hashicorp/best-practices 62@XSerrat
DEMO > Build Amazon AMI with PHP installed 63 $ packer build -var-file=packer/amazon/credentials.json -var-file=packer/amazon/variables.json packer/amazon/ubuntu/frontend/base_ami.json https://github.com/xserrat/company-infrastructure @XSerrat
Next steps > Ansible + Packer + Terraform 64@XSerrat

Recommended

Kubernetes Security with Calico and Open Policy Agent
Kubernetes Security with Calico and Open Policy AgentKubernetes Security with Calico and Open Policy Agent
Kubernetes Security with Calico and Open Policy AgentCloudOps2005
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overviewGabriel Carro
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesMichal Cwienczek
 
Building infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowBuilding infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowAnton Babenko
 
Terraform
TerraformTerraform
TerraformPhil Wilkins
 
Kubernetes
KubernetesKubernetes
Kuberneteserialc_w
 
Final terraform
Final terraformFinal terraform
Final terraformGourav Varma
 
Terraform Best Practices - DevOps Unicorns 2019
Terraform Best Practices - DevOps Unicorns 2019Terraform Best Practices - DevOps Unicorns 2019
Terraform Best Practices - DevOps Unicorns 2019Anton Babenko
 

Recommended

Kubernetes Security with Calico and Open Policy Agent
Kubernetes Security with Calico and Open Policy AgentKubernetes Security with Calico and Open Policy Agent
Kubernetes Security with Calico and Open Policy AgentCloudOps2005
 
Kubernetes a comprehensive overview
Kubernetes a comprehensive overviewKubernetes a comprehensive overview
Kubernetes a comprehensive overviewGabriel Carro
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesMichal Cwienczek
 
Building infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowBuilding infrastructure as code using Terraform - DevOps Krakow
Building infrastructure as code using Terraform - DevOps KrakowAnton Babenko
 
Terraform
TerraformTerraform
TerraformPhil Wilkins
 
Kubernetes
KubernetesKubernetes
Kuberneteserialc_w
 
Final terraform
Final terraformFinal terraform
Final terraformGourav Varma
 
Terraform Best Practices - DevOps Unicorns 2019
Terraform Best Practices - DevOps Unicorns 2019Terraform Best Practices - DevOps Unicorns 2019
Terraform Best Practices - DevOps Unicorns 2019Anton Babenko
 
Terraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeTerraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeMartin Schütte
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
Introduction to helm
Introduction to helmIntroduction to helm
Introduction to helmJeeva Chelladhurai
 
Terraform
TerraformTerraform
TerraformPathum Fernando ☁
 
Terraform on Azure
Terraform on AzureTerraform on Azure
Terraform on AzureJulien Corioland
 
Terraform Introduction
Terraform IntroductionTerraform Introduction
Terraform Introductionsoniasnowfrog
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRishabh Indoria
 
Configuration management II - Terraform
Configuration management II - TerraformConfiguration management II - Terraform
Configuration management II - TerraformXavier Serrat Bordas
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ..."Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ...Anton Babenko
 
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...James Anderson
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes BasicsEueung Mulyana
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftKubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftDevOps.com
 
Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Krishna-Kumar
 
Rancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveRancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveLINE Corporation
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfWeaveworks
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with KubernetesEastBanc Tachnologies
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on TrainingMehmet Ali Aydın
 
Openshift argo cd_v1_2
Openshift argo cd_v1_2Openshift argo cd_v1_2
Openshift argo cd_v1_2RastinKenarsari
 
Managing PostgreSQL with Ansible - FOSDEM PGDay 2016
Managing PostgreSQL with Ansible - FOSDEM PGDay 2016Managing PostgreSQL with Ansible - FOSDEM PGDay 2016
Managing PostgreSQL with Ansible - FOSDEM PGDay 2016Gulcin Yildirim Jelinek
 
Automating with ansible (Part A)
Automating with ansible (Part A)Automating with ansible (Part A)
Automating with ansible (Part A)iman darabi
 

More Related Content

What's hot

Terraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeTerraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeMartin Schütte
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes VMware Tanzu
 
Terraform Introduction
Terraform IntroductionTerraform Introduction
Terraform Introductionsoniasnowfrog
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetesRishabh Indoria
 
Configuration management II - Terraform
Configuration management II - TerraformConfiguration management II - Terraform
Configuration management II - TerraformXavier Serrat Bordas
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ..."Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ...Anton Babenko
 
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...James Anderson
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Edureka!
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftKubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftDevOps.com
 
Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Krishna-Kumar
 
Rancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveRancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveLINE Corporation
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfWeaveworks
 

What's hot (20)

Terraform -- Infrastructure as Code
Terraform -- Infrastructure as CodeTerraform -- Infrastructure as Code
Terraform -- Infrastructure as Code
 
Getting Started with Kubernetes
Getting Started with Kubernetes Getting Started with Kubernetes
Getting Started with Kubernetes
 
Introduction to helm
Introduction to helmIntroduction to helm
Introduction to helm
 
Terraform
TerraformTerraform
Terraform
 
Terraform on Azure
Terraform on AzureTerraform on Azure
Terraform on Azure
 
Terraform Introduction
Terraform IntroductionTerraform Introduction
Terraform Introduction
 
Introduction to kubernetes
Introduction to kubernetesIntroduction to kubernetes
Introduction to kubernetes
 
Configuration management II - Terraform
Configuration management II - TerraformConfiguration management II - Terraform
Configuration management II - Terraform
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ..."Continuously delivering infrastructure using Terraform and Packer" training ...
"Continuously delivering infrastructure using Terraform and Packer" training ...
 
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...
GDG Cloud Southlake #8 Steve Cravens: Infrastructure as-Code (IaC) in 2022: ...
 
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
Kubernetes Architecture | Understanding Kubernetes Components | Kubernetes Tu...
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes Workshop
 
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShiftKubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
Kubernetes 101 - an Introduction to Containers, Kubernetes, and OpenShift
 
Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!Kubernetes Application Deployment with Helm - A beginner Guide!
Kubernetes Application Deployment with Helm - A beginner Guide!
 
Rancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep DiveRancher 2.0 Technical Deep Dive
Rancher 2.0 Technical Deep Dive
 
Intro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdfIntro to GitOps & Flux.pdf
Intro to GitOps & Flux.pdf
 
DevOps with Kubernetes
DevOps with KubernetesDevOps with Kubernetes
DevOps with Kubernetes
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
 
Openshift argo cd_v1_2
Openshift argo cd_v1_2Openshift argo cd_v1_2
Openshift argo cd_v1_2
 

Similar to Configuration management I - Ansible + Packer

Managing PostgreSQL with Ansible - FOSDEM PGDay 2016
Managing PostgreSQL with Ansible - FOSDEM PGDay 2016Managing PostgreSQL with Ansible - FOSDEM PGDay 2016
Managing PostgreSQL with Ansible - FOSDEM PGDay 2016Gulcin Yildirim Jelinek
 
Automating with ansible (Part A)
Automating with ansible (Part A)Automating with ansible (Part A)
Automating with ansible (Part A)iman darabi
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to AnsibleCoreStack
 
Automation and Ansible
Automation and AnsibleAutomation and Ansible
Automation and Ansiblejtyr
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansibleOmid Vahdaty
 
Automating with ansible (part a)
Automating with ansible (part a)Automating with ansible (part a)
Automating with ansible (part a)iman darabi
 
Development of Ansible modules
Development of Ansible modulesDevelopment of Ansible modules
Development of Ansible modulesjtyr
 
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017Jumping Bean
 
ansible : Infrastructure automation,idempotent and more
ansible : Infrastructure automation,idempotent and moreansible : Infrastructure automation,idempotent and more
ansible : Infrastructure automation,idempotent and moreSabarinath Gnanasekar
 
Intro to-ansible-sep7-meetup
Intro to-ansible-sep7-meetupIntro to-ansible-sep7-meetup
Intro to-ansible-sep7-meetupRamesh Godishela
 
Dal caos all’automazione di sistemi e infrastrutture IT con Ansible
Dal caos all’automazione di sistemi e infrastrutture IT con AnsibleDal caos all’automazione di sistemi e infrastrutture IT con Ansible
Dal caos all’automazione di sistemi e infrastrutture IT con AnsibleCommit University
 
Best practices for ansible
Best practices for ansibleBest practices for ansible
Best practices for ansibleGeorge Shuklin
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansibleMukul Malhotra
 
Ansible is Our Wishbone(Automate DBA Tasks With Ansible)
Ansible is Our Wishbone(Automate DBA Tasks With Ansible)Ansible is Our Wishbone(Automate DBA Tasks With Ansible)
Ansible is Our Wishbone(Automate DBA Tasks With Ansible)M Malai
 
Ansible is Our Wishbone
Ansible is Our WishboneAnsible is Our Wishbone
Ansible is Our WishboneMydbops
 
Introduction to Ansible - Peter Halligan
Introduction to Ansible - Peter HalliganIntroduction to Ansible - Peter Halligan
Introduction to Ansible - Peter HalliganCorkOpenTech
 
Introduction to Ansible - (dev ops for people who hate devops)
Introduction to Ansible - (dev ops for people who hate devops)Introduction to Ansible - (dev ops for people who hate devops)
Introduction to Ansible - (dev ops for people who hate devops)Jude A. Goonawardena
 

Similar to Configuration management I - Ansible + Packer (20)

Managing PostgreSQL with Ansible - FOSDEM PGDay 2016
Managing PostgreSQL with Ansible - FOSDEM PGDay 2016Managing PostgreSQL with Ansible - FOSDEM PGDay 2016
Managing PostgreSQL with Ansible - FOSDEM PGDay 2016
 
Automating with ansible (Part A)
Automating with ansible (Part A)Automating with ansible (Part A)
Automating with ansible (Part A)
 
Introduction to Ansible
Introduction to AnsibleIntroduction to Ansible
Introduction to Ansible
 
Automation and Ansible
Automation and AnsibleAutomation and Ansible
Automation and Ansible
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
 
Ansible intro
Ansible introAnsible intro
Ansible intro
 
Installing AtoM with Ansible
Installing AtoM with AnsibleInstalling AtoM with Ansible
Installing AtoM with Ansible
 
Automating with ansible (part a)
Automating with ansible (part a)Automating with ansible (part a)
Automating with ansible (part a)
 
Development of Ansible modules
Development of Ansible modulesDevelopment of Ansible modules
Development of Ansible modules
 
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
DevOpsDaysCPT Ansible Infrastrucutre as Code 2017
 
ansible : Infrastructure automation,idempotent and more
ansible : Infrastructure automation,idempotent and moreansible : Infrastructure automation,idempotent and more
ansible : Infrastructure automation,idempotent and more
 
Intro to-ansible-sep7-meetup
Intro to-ansible-sep7-meetupIntro to-ansible-sep7-meetup
Intro to-ansible-sep7-meetup
 
Dal caos all’automazione di sistemi e infrastrutture IT con Ansible
Dal caos all’automazione di sistemi e infrastrutture IT con AnsibleDal caos all’automazione di sistemi e infrastrutture IT con Ansible
Dal caos all’automazione di sistemi e infrastrutture IT con Ansible
 
Best practices for ansible
Best practices for ansibleBest practices for ansible
Best practices for ansible
 
Introduction to ansible
Introduction to ansibleIntroduction to ansible
Introduction to ansible
 
Ansible is Our Wishbone(Automate DBA Tasks With Ansible)
Ansible is Our Wishbone(Automate DBA Tasks With Ansible)Ansible is Our Wishbone(Automate DBA Tasks With Ansible)
Ansible is Our Wishbone(Automate DBA Tasks With Ansible)
 
Ansible is Our Wishbone
Ansible is Our WishboneAnsible is Our Wishbone
Ansible is Our Wishbone
 
Introduction to Ansible - Peter Halligan
Introduction to Ansible - Peter HalliganIntroduction to Ansible - Peter Halligan
Introduction to Ansible - Peter Halligan
 
Ansible - Introduction
Ansible - IntroductionAnsible - Introduction
Ansible - Introduction
 
Introduction to Ansible - (dev ops for people who hate devops)
Introduction to Ansible - (dev ops for people who hate devops)Introduction to Ansible - (dev ops for people who hate devops)
Introduction to Ansible - (dev ops for people who hate devops)
 

Recently uploaded

Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....ShaimaaMohamedGalal
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfCionsystems
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 

Recently uploaded (20)

Clustering techniques data mining book ....
Clustering techniques data mining book ....Clustering techniques data mining book ....
Clustering techniques data mining book ....
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Active Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdfActive Directory Penetration Testing, cionsystems.com.pdf
Active Directory Penetration Testing, cionsystems.com.pdf
 
why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 

Configuration management I - Ansible + Packer

  • 3. Ansible > Why do we need it? ● Easy way to configure / provision a machine ● Human-readable, it uses YAML files to define the infrastructure. ● Maintain our infrastructure definition in a version control system (GIT). ● We can use it as a documentation of our infrastructure. ● Have as similar as possible the development and production environments. 3@XSerrat
  • 4. Ansible > Remote machine requirements ● SSH ● Python 4@XSerrat
  • 5. Ansible > General overview 5@XSerrat Ansible Controller Machine ssh ssh ssh web 10.0.2.33 ubuntu web 10.0.2.34 ubuntu web 10.0.2.35 ubuntu Playbook web Inventory 10.0.2.33 10.0.2.34 10.0.2.35 ….
  • 6. Ansible > Installation in the Controller Machine ● We only need Ansible in the controller machine (Jenkins in our case) ● Requirements: Python 2 (version 2.7) or Python 3 (versions 3.5 or higher) ● Windows is not supported for a controller machine :) ● Install on Ubuntu: ● Install on Mac: $ brew install ansible $ sudo apt-get update $ sudo apt-get install software-properties-common $ sudo apt-add-repository --yes --update ppa:ansible/ansible $ sudo apt-get install ansible 6@XSerrat
  • 7. Ansible > Directory Layout 7@XSerrat
  • 8. Ansible > Directory Layout 8 inventories variables playbooks roles roles playbooks variables variables inventory inventory @XSerrat
  • 9. Ansible > Playbook ● It is the entry point when we want to execute ansible ● It is like a script where you specify each task to configure a machine. ● It is written using YAML syntax. ● Each Playbook is composed of one or more “Plays” 9@XSerrat
  • 10. Ansible > Playbook > Play ● A Play maps a group of hosts to some defined roles. Hosts are defined in a separate files called Inventories. ● A Role is a group of “tasks”. ● A Task is a call to an Ansible module 10@XSerrat
  • 11. Ansible > Playbook > Example Playbook with one Play Playbook with two Plays P1 P2 playbook_1.yml playbook_2.yml 11@XSerrat
  • 12. Ansible > Playbook > Execution ● To execute a playbook you need to type: ● Execute the playbook playbook_1.yml: $ ansible-playbook [options] playbook.yml [playbook2 ...] $ ansible-playbook -i inventories/production playbook_1.yml 12@XSerrat
  • 13. Ansible > Modules (Task or Library plugins) ● Units of code we can use from the command line or in a playbook ● Simplify the readability and the way to execute actions on each task. ● Example: List of all modules: https://docs.ansible.com/ansible/latest/modules/list_of_all_modules.html List of modules by category: https://docs.ansible.com/ansible/latest/modules/modules_by_category.html 13@XSerrat
  • 14. Ansible > Modules > template ● Ansible module used to define configuration file templates where we can use variables inside them. ● Templates are processed by the Jinja2 templating language (http://jinja.pocoo.org/docs/). template_example.html.j 2 14@XSerrat
  • 15. Ansible > Modules > template ● Example of a task using this module: https://docs.ansible.com/ansible/latest/modules/template_module.html#template-module 15@XSerrat
  • 16. Ansible > Handlers ● Run operations on change. ● Playbooks have a basic event system to respond when they detect a change in the remote machine. ● A change can be made by one or more modules. ● When a module of a task makes a change in the remote machine, we can notify about this change to execute some actions. ● “Notify” actions are triggered at the end of each block of tasks in a play. ● “Notify” actions will only be triggered once even if notified by multiple tasks. 16@XSerrat
  • 17. Ansible > Handlers > Example New since Ansible 2.2 17@XSerrat
  • 18. Ansible > Roles > Structure ● A way to load some variables, tasks, handlers and files to easy reusing tasks in multiple playbooks using roles. ● Possible directories in a role: ○ tasks: tasks to be executed in the role ○ handlers: handlers used in this role or outside this role ○ files: files can be deployed via this role ○ templates: templates can be deployed via this role ○ vars: variables of this role ○ defaults: default variables of this role (can be overridden by other variables). ○ meta: list of role dependencies for this role ● If a directory is used, it must have at least the main.yml 18@XSerrat
  • 19. Ansible > Roles > Organizing tasks 19@XSerrat
  • 20. Ansible > Roles > Using roles in a Playbook playbook.yml (original version) playbook.yml (since Ansible 2.4) 20@XSerrat
  • 21. Ansible > Roles > Dependencies ● Defined in the meta/main.yml file. ● List of dependencies a role needs. ● Each role dependency will be executed before the main role. ● We can specify some variables for this role. 21@XSerrat
  • 22. Ansible > Roles > Dependencies > Example *Note that the role wheel does not need allow_duplicates: true because each wheel has a different parameter (n). 22@XSerrat
  • 23. Ansible > Ansible Galaxy ● Open source platform to find and use roles. See more: https://galaxy.ansible.com/ 23@XSerrat
  • 24. Ansible > Ansible Galaxy > Install external roles ● If our project needs roles from Ansible Galaxy or another source, we can install each one using: $ ansible-galaxy install username.role_name Or installing all together using a requirements.yml file: $ ansible-galaxy install -r requirements.yml 24@XSerrat
  • 25. ● The requirements.yml file has the following aspect: Ansible > Ansible Galaxy > Install external roles requirements.yml 25@XSerrat
  • 26. Ansible > Gather facts ● Collect data from remote machines to be used in playbooks. ● It is a call performed by Ansible at the very beginning. ● Data we can collect: ansible 127.0.0.1 -m setup _bootstrap_for_ansible.yml 26@XSerrat
  • 27. Ansible > Inventories ● An inventory is the place where our systems are listed. ● Ansible can work with multiple systems at the same time. ● There’s a dynamic inventory to retrieve our remote machines when we need to provision them*. *More info about Dynamic inventories: https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html 27@XSerrat
  • 28. Ansible > Inventories > Hosts and Groups ● We can define our hosts of the remote machines in inventory files. ● We can classify each host in different groups. INI format YAML format 28@XSerrat
  • 29. Ansible > Inventories > Hosts and Groups ● By default, Ansible tries to connect via SSH using the standard port 22. If the remote machine uses another one, we need to specify it in the inventory file: badwolf.example.com:5309 ● We can define the connection type for each host using host variables*: *Variables defined in an inventory file using INI format will be always interpreted as STRING. 29@XSerrat
  • 30. Ansible > Inventories > Hosts and Groups ● We can define variables per group: INI format YAML format 30@XSerrat
  • 31. Ansible > Inventories > Hosts and Groups INI format YAML format Note: A child group variable will override a parent group variable. 31@XSerrat
  • 32. Ansible > Inventories > Default Groups ● Every host is grouped in the default group all. ● A host without a specific group belongs to the group all and ungrouped. 32@XSerrat
  • 33. Ansible > Variables ● A variable should start with a letter. It can contain letters, numbers and underscores. ● Definition and referencing of variables: ● Can be defined in: ○ Inventories (per host or group) and splitted in group_vars or host_vars files. ○ Playbooks ○ Roles foo: field1: one field2: two foo['field1'] foo.field1 https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html 33@XSerrat
  • 34. Ansible > Variables > Inventories ● We can define variables directly in inventory files or in group_vars or host_vars files. Directory layouts 34@XSerrat
  • 35. Ansible > Variables > Inventories ● For a host named example.com we can define some variables related to the host in a specific file: ● The file is located on host_vars/example.com or host_vars/example.com.yml . ● We can also organize variables in different files. Following the previous example: host_vars/example.com/php.yml ● For a group of hosts or a group of groups we use the same logic as hosts but using another main folder: group_vars/ 35@XSerrat
  • 36. Ansible > Variables > How ansible use them ● When a playbook is executed, Ansible maps at level of host. ● Ansible merge all variables needed to provision each host. ● The order to merge variables is: a. all group (is the parent of all other groups) b. Parent group c. Child group d. Host ● When two groups are in the same level, the order is alphabetical, but we can define which is the priority of each group in order to be merged in a different order using the variable ansible_group_priority which is 1 the default value: Example: https://github.com/xserrat/company-infrastructure/tree/variables-merging-order 36@XSerrat
  • 37. Ansible > Variables > Playbooks ● We can define variables in a specific play in different ways: ○ Specifying the variable and the value: ○ Specifying a variables file where variables are defined and assigned to a value: ○ Specifying variables to be prompted when executing the playbook: 37@XSerrat
  • 38. Ansible > Variables > Roles ● Three ways to define variables in roles: ○ my_role/defaults/main.yml : default variables of our role ○ my_role/vars/main.yml : variables of our role ○ my_role/meta/main.yml : variables for role dependencies 38@XSerrat
  • 39. Ansible > Variables > Usage in a playbook ● Conditionals https://docs.ansible.com/ansible/latest/user_guide/playbooks_conditionals.html 39@XSerrat
  • 40. Ansible > Variables > Usage in a playbook ● Loops https://docs.ansible.com/ansible/latest/user_guide/playbooks_loops.html 40@XSerrat
  • 41. Ansible > Variables > Main Prioritization 1. command line values (eg “-u user”) 2. role defaults 3. inventory file or script group vars 4. inventory group_vars/all 5. playbook group_vars/all 6. inventory group_vars/* 7. playbook group_vars/* 8. inventory file or script host vars 9. inventory host_vars/* 10. playbook host_vars/* 11. host facts / cached set_facts 12. play vars 13. play vars_prompt 14. play vars_files 15. role vars (defined in role/vars/main.yml) 16. block vars (only for tasks in block) 17. task vars (only for the task) 18. include_vars 19. set_facts / registered vars 20. role (and include_role) params 21. include params 22. extra vars (always win precedence) 41 PRIO https://docs.ansible.com/ansible/latest/user_guide/playbooks_variables.html#variable-precedence-where-should-i-put-a-variable @XSerrat
  • 42. Ansible > Tags ● We can tag tasks using tags. They allow us to execute only specific tasks who have those tags. playbook.yml $ ansible-playbook -i production playbook.yml --tags ntp *We only re-configure ntp service to the group webservers. 42@XSerrat
  • 43. Ansible > Extras > Dynamic Inventory ● We can use external inventories that execute some calls to the host provider to find out hosts and then use them in a playbook. 43 https://docs.ansible.com/ansible/latest/user_guide/intro_dynamic_inventory.html#inventory-script-example-aws-ec2 @XSerrat
  • 44. Ansible > Extras > Ad-Hoc Commands ● We use when we need to do something really quickly and we don’t want to save for later. ● Execute a command in a multiple remote machines. ○ Example: Copy a file to some hosts (webservers) $ ansible webservers -m copy -a "src=/etc/hosts dest=/tmp/hosts" 44@XSerrat
  • 45. Ansible > Extras > Ansible Container ● Configure and run docker containers using playbooks rather than using a Dockerfile. https://docs.ansible.com/ansible-container/ 45@XSerrat
  • 46. Ansible > Extras > IDE plugins ● PhpStorm: Plugin called YAML/Ansible support that allows you to navigate through roles and variables using CMD/CTRL + CLICK! https://github.com/vermut/intellij-ansible ● Visual studio code: Plugin with autocompletion and other features. https://marketplace.visualstudio.com/items?itemName=vscoss.vscode-ansible 46@XSerrat
  • 47. Ansible > Extras > Best practices ● Ansible provides a list of best practices when creating our playbooks: https://docs.ansible.com/ansible/2.7/user_guide/playbooks_best_practices.html 47@XSerrat
  • 48. Ansible > More examples Ansible examples: https://github.com/ansible/ansible-examples ● Building a LAMP: https://github.com/ansible/ansible-examples/tree/master/lamp_simple 48@XSerrat
  • 50. Packer > Why do we need it? ● Easy way to automate the creation of any type of machine image. ● Easy to share images for testing or deployment. ● Keep development, staging and production as similar as possible. ● Some advantages: ○ Super fast infrastructure deployment: Launch provisioned and configured machines in seconds. ○ Multi-provider portability: Create and use images in different environments and providers. ■ In production using AWS or/and Google Cloud. ■ In development using Docker ○ Greater testability: We can launch a machine using the image we have built to test if it works. Then we can ensure that the new machines launched from that image work properly. 50@XSerrat
  • 51. Packer > General overview ● Packer uses “Templates” which are JSON files where we define how our images have to be created. ● A template has three basic components: ○ Provisioners: Responsible to configure the image (install packages, deploy app code...) ○ Builders: Responsible for creating machines and generating images from them. ○ Post-processors: Responsible for executing an action after the image is built (e.g. Upload image to a registry). 51@XSerrat
  • 52. Packer > General overview > Workflow Create machine Provision machine Stop machine Generate image from stopped machine Upload generated image POST-PROCESSOR (OPTIONAL)BUILDER PROVISIONER BUILDER 52@XSerrat
  • 53. Packer > Builders ● They are responsible for creating machines and generating images from them. ● We can use existing builders or create a new one. Available builders: https://www.packer.io/docs/builders/index.html 53@XSerrat
  • 54. Packer > Builders > Amazon EC2 AMI Builder ● It is the builder to be used if we want to create an AWS AMI. 54 Create an AMI using a custom AMI Create an AMI using an AWS AMI @XSerrat
  • 55. Packer > Builders > Amazon EC2 AMI Builder ● Using an AWS AMI as a source_ami is the same as access to the aws marketplace and looking for the AMI we want to use: 55@XSerrat
  • 56. Packer > Provisioners ● They are responsible for configure the booted image using a third-party tool. ● Typical configurations: ○ Install packages ○ Create users ○ Deploy the application code 56@XSerrat
  • 57. Packer > Provisioners > Ansible Remote ● Ansible Remote is a provisioner that uses ansible playbooks to provision the booted machine. ● Ansible Remote configures the booted machine using SSH, so no ansible packages needed in the booted machine. If you want to execute Ansible in the booted machine you can use the Ansible Local provisioner. 57@XSerrat
  • 58. Packer > Post-Processors ● They are responsible for execute some actions when the image is built. ● Example of usage: Upload the image to a registry. 58@XSerrat
  • 60. Packer > Installation ● Install on Ubuntu https://www.packer.io/intro/getting-started/install.html#precompiled-binaries ● Install on Mac $ brew install packer 60@XSerrat
  • 61. Packer > Template execution $ packer build ami_template.json 61@XSerrat
  • 62. Packer > Best practices ● Hashicorp provides a Github repository to show a good way to define our configuration management project: https://github.com/hashicorp/best-practices 62@XSerrat
  • 63. DEMO > Build Amazon AMI with PHP installed 63 $ packer build -var-file=packer/amazon/credentials.json -var-file=packer/amazon/variables.json packer/amazon/ubuntu/frontend/base_ami.json https://github.com/xserrat/company-infrastructure @XSerrat
  • 64. Next steps > Ansible + Packer + Terraform 64@XSerrat