Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Ansible 實戰:top down 觀點

16,811 views

Published on

在 Modern Web 2015時,我曾以 Bottom-up 角度介紹 Ansible 這把瑞士刀等級的組態管理及IT自動化系統。這次我將改以 Top-down 任務導向角度,探討部署管理、模組化、一般化、組態測試等實務議題。

建議聽眾先參閱 http://bit.ly/practical-ansible 所載內容。

Published in: Software
  • Hello! Get Your Professional Job-Winning Resume Here - Check our website! https://vk.cc/818RFv
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Ansible 實戰:top down 觀點

  1. 1. Practical Ansible: A Top-down Introduction 
 Architect @ Gogolook
  2. 2. 3 --no-provision
  3. 3. 4
  4. 4. 5
  5. 5. 6 Modern Web 2015 Bottom-up Ansible IT 
 
 Top-down ”
  6. 6. 7 Modern Web 2015 Bottom-up Ansible IT 
 
 Top-down ”
  7. 7. 8
  8. 8. 9 ☛ https://github.com/ansible/ansible
  9. 9. 9 ☛ https://github.com/ansible/ansible
  10. 10. 9 ☛ https://github.com/ansible/ansible
  11. 11. 10 VPC CloudFront ELB API servers MongoDB
  12. 12. 11
  13. 13. 11
  14. 14. 12 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  15. 15. 13 ad-hoc commands inventory playbook - push playbook - pull
  16. 16. 13 ad-hoc commands inventory playbook - push playbook - pull roles selective execution
  17. 17. 13 ad-hoc commands inventory playbook - push playbook - pull roles selective execution
  18. 18. 13 ad-hoc commands inventory playbook - push playbook - pull roles selective execution Capistrano-style zero-downtime blue-green rolling upgrade
  19. 19. 13 ad-hoc commands inventory playbook - push playbook - pull roles selective execution Capistrano-style zero-downtime blue-green rolling upgrade
  20. 20. roles selective execution Capistrano-style zero-downtime blue-green rolling upgrade 14 ad-hoc commands inventory playbook - push playbook - pull
  21. 21. 15
  22. 22. 16 control machine managed node
  23. 23. 16 control machine managed node Python ≥ 2.5
  24. 24. 16 control machine managed node Python ≥ 2.5 SSH
  25. 25. 16 control machine managed node Python ≥ 2.5 SSH Ansible:
 pip install ansible yum install ansible apt-get install ansible brew install ansible
  26. 26. 16 control machine managed node Python ≥ 2.5Python ≥ 2.6/2.7 SSH Ansible:
 pip install ansible yum install ansible apt-get install ansible brew install ansible
  27. 27. 17 control machine managed node SSH SSH SSH host1 host2 host3
  28. 28. 17 control machine managed node SSH SSH SSH host1 host2 host3 inventory file host1 host2 ansible_ssh_host=10.0.0.10 host3 ansible_ssh_port=2222
  29. 29. 18 inventory file lb ansible_ssh_host=10.0.0.10 app1 ansible_ssh_host=10.0.0.20 app2 ansible_ssh_host=10.0.0.21 app3 ansible_ssh_host=10.0.0.22 db ansible_ssh_host=10.0.0.30
  30. 30. 19 ansible --inventory-file=hosts-vagrant --user=vagrant --ask-pass 
 all -a hostname inventory file
  31. 31. 19 ansible --inventory-file=hosts-vagrant --user=vagrant --ask-pass 
 all -a hostname inventory file user account
  32. 32. 19 ansible --inventory-file=hosts-vagrant --user=vagrant --ask-pass 
 all -a hostname inventory file apply to “all” hosts in the inventory file user account
  33. 33. 19 ansible --inventory-file=hosts-vagrant --user=vagrant --ask-pass 
 all -a hostname inventory file ad-hoc command apply to “all” hosts in the inventory file user account
  34. 34. 20 inventory filedefault: • /etc/ansible/hosts • /usr/local/etc/ansible/hosts
  35. 35. 20 inventory file cp hosts-vagrant /usr/local/etc/ansible/hosts ansible --user=vagrant --ask-pass 
 all -a hostname default: • /etc/ansible/hosts • /usr/local/etc/ansible/hosts
  36. 36. 21 ansible --user=vagrant --ask-pass 
 all -m setup host information
  37. 37. 22
  38. 38. 22
  39. 39. 23
  40. 40. 24 ansible --user=vagrant --ask-pass 
 lb -m yum -a "name=openssh" apply to the “lb” host in the inventory file lb 10.0.0.10 CentOS 7.1
  41. 41. 24 ansible --user=vagrant --ask-pass 
 lb -m yum -a "name=openssh" apply to the “lb” host in the inventory file invoke Ansible module “yum” lb 10.0.0.10 CentOS 7.1
  42. 42. 24 ansible --user=vagrant --ask-pass 
 lb -m yum -a "name=openssh" apply to the “lb” host in the inventory file invoke Ansible module “yum” inspect package status lb 10.0.0.10 CentOS 7.1
  43. 43. 25 ansible --user=vagrant --ask-pass --become 
 lb -m yum -a "name=openssh state=latest" install or update latest package lb 10.0.0.10 CentOS 7.1
  44. 44. 25 ansible --user=vagrant --ask-pass --become 
 lb -m yum -a "name=openssh state=latest" install or update latest package become “sudo” privilege lb 10.0.0.10 CentOS 7.1
  45. 45. 26 ansible --user=vagrant --ask-pass --become 
 lb:db -m yum -a "name=openssh state=latest" apply to the “lb” and “db” hosts in the inventory file lb 10.0.0.10 db 10.0.0.30 CentOS 7.1 CentOS 7.1
  46. 46. 27 ansible --user=vagrant --ask-pass --become 
 'app*' -m apt -a "name=openssh-server state=latest" apply to the “app*” hosts in the inventory file app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 Ubuntu 14.04
  47. 47. 27 ansible --user=vagrant --ask-pass --become 
 'app*' -m apt -a "name=openssh-server state=latest" apply to the “app*” hosts in the inventory file app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 Ubuntu 14.04 invoke Ansible module “apt”
  48. 48. 28
  49. 49. [lbservers] lb ansible_ssh_host=10.0.0.10 [appservers] app1 ansible_ssh_host=10.0.0.20 app2 ansible_ssh_host=10.0.0.21 app3 ansible_ssh_host=10.0.0.22 [dbservers] db ansible_ssh_host=10.0.0.30 29 inventory file
  50. 50. 30 “push” mode
  51. 51. 31 control machine managed node SSH SSH SSH host1 host2 host3 inventory file
  52. 52. 31 control machine managed node SSH SSH SSH host1 host2 host3 playbook inventory file
  53. 53. 31 control machine managed node SSH SSH SSH host1 host2 host3 playbook inventory file
  54. 54. 32 playbook - hosts: lbservers:dbservers tasks: - name: update openssh yum: name=openssh state=latest - hosts: appservers tasks: - name: update openssh apt: name=openssh-server state=latest
  55. 55. 33 ansible-playbook --user=vagrant --ask-pass --become 
 openssh.yml apply Ansible playbook “openssh.yml” to all hosts in the inventory
  56. 56. 34
  57. 57. How about the “pull” mode? 35
  58. 58. 36 managed node host1 host2 playbook ❶
  59. 59. 36 managed node host1 host2 playbook • git pull … • sftp … • rsync … • wget … • … ❶
  60. 60. 36 managed node host1 host2 playbook • git pull … • sftp … • rsync … • wget … • … ❶ ansible-playbook --connection=local 
 playbook.yml apply locally ❷
  61. 61. 37 managed node host1 host2 playbook ❶ ansible-pull --url=xxxx
  62. 62. 37 managed node host1 host2 playbook ❶ ansible-pull --url=xxxx ❷
  63. 63. 37 managed node host1 host2 playbook ❶ ansible-pull --url=xxxx ❷ apply locally ❸
  64. 64. Capistrano-style zero-downtime blue-green rolling upgrade ad-hoc commands inventory playbook - push playbook - pull 38 roles selective execution
  65. 65. 39 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  66. 66. 40
  67. 67. 41 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04 timezone ntp All nodes will need these…
  68. 68. 42 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04 haproxy
  69. 69. 43 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04 repo-epel redis
  70. 70. 44 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04 nodejs git project_deploy
  71. 71. 45 playbook - hosts: all tasks: ... - hosts: lbservers tasks: ... - hosts: appservers tasks: ... - hosts: dbservers tasks: ... timezone, ntp haproxy repo-epel, redis nodejs, git, project_deploy
  72. 72. 46 ansible galaxy [pic] is your friend…
  73. 73. 46 ansible galaxy [pic] is your friend… Ansible Galaxy is your friend…
  74. 74. 47 playbook - hosts: all tasks: ... lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  75. 75. 47 playbook - hosts: all tasks: ... lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  76. 76. 47 playbook - hosts: all tasks: ... roles: - yatesr.timezone - geerlingguy.ntp lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  77. 77. 47 playbook - hosts: all tasks: ... roles: - yatesr.timezone - geerlingguy.ntp vars: timezone: Asia/Taipei ntp_timezone: Asia/Taipei lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  78. 78. 48 playbook - hosts: appservers roles: - williamyeh.nodejs - geerlingguy.git - project_deploy lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  79. 79. 48 playbook - hosts: appservers roles: - williamyeh.nodejs - geerlingguy.git - project_deploy vars: project_git_repo: "https://github.com/..." project_version: "master" project_has_npm: true lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  80. 80. 49
  81. 81. 50 ansible-playbook --user=vagrant --ask-pass --become --limit=appservers playbook.yml apply to all “appservers” hosts in the inventory lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  82. 82. 51 playbook - hosts: appservers roles: - williamyeh.nodejs - geerlingguy.git - project_deploy vars: project_git_repo: "https://github.com/..." project_version: "master" project_has_npm: true lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  83. 83. 51 playbook - hosts: appservers roles: - williamyeh.nodejs - geerlingguy.git - project_deploy vars: project_git_repo: "https://github.com/..." project_version: "master" project_has_npm: true lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  84. 84. 51 playbook - hosts: appservers roles: - williamyeh.nodejs - geerlingguy.git - project_deploy vars: project_git_repo: "https://github.com/..." project_version: "master" project_has_npm: true - { role: project_deploy, tags: ['deploy'] } lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  85. 85. 52 ansible-playbook --user=vagrant --ask-pass --become 
 --tags=deploy playbook.yml apply only the roles/tasks with a “deploy” tag to all hosts in the inventory lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  86. 86. ad-hoc commands inventory playbook - push playbook - pull roles selective execution 53 Capistrano-style zero-downtime blue-green rolling upgrade
  87. 87. 54
  88. 88. 54
  89. 89. 55
  90. 90. 56 https://galaxy.ansible.com/list#/roles/732
  91. 91. 57
  92. 92. 57 Deploy software projects (Capistrano-like)
  93. 93. 58 git source
  94. 94. 58 git source older build
  95. 95. 58 git source older build newer build
  96. 96. 58 git source older build newer build current active build
  97. 97. 59
  98. 98. 60 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  99. 99. 60 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04 shutdown this on purpose!
  100. 100. 60 lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04 shutdown this on purpose! visible downtime?
  101. 101. 61
  102. 102. 62 playbook - hosts: appservers roles: - williamyeh.nodejs - geerlingguy.git vars: project_git_repo: "https://github.com/..." project_version: "master" project_has_npm: true - { role: project_deploy, tags: ['deploy'] } lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  103. 103. 63 ansible-playbook --user=vagrant --ask-pass --become --extra-vars='project_version=green' 
 --limit=app1 --tags=deploy playbook.yml apply only the roles/tasks with a “deploy” tag lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04 apply to the “app1” host
  104. 104. 63 ansible-playbook --user=vagrant --ask-pass --become --extra-vars='project_version=green' 
 --limit=app1 --tags=deploy playbook.yml apply only the roles/tasks with a “deploy” tag lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04 apply to the “app1” host checkout “green” branch
  105. 105. 64
  106. 106. 65 playbook - hosts: appservers serial: 1 roles: - williamyeh.nodejs - geerlingguy.git - { role: project_deploy, tags: ['deploy'] } vars: project_git_repo: "https://github.com/..." project_version: "master" project_has_npm: true lb 10.0.0.10 app1 10.0.0.20 app2 10.0.0.21 app3 10.0.0.22 db 10.0.0.30 CentOS 7.1 CentOS 7.1Ubuntu 14.04
  107. 107. ad-hoc commands inventory playbook - push playbook - pull roles selective execution Capistrano-style zero-downtime blue-green rolling upgrade 66
  108. 108. 67
  109. 109. • 67
  110. 110. • • 67
  111. 111. • • • 67
  112. 112. 68
  113. 113. 69
  114. 114. 70 ☛ https://github.com/ansible/ansible
  115. 115. 70 ☛ https://github.com/ansible/ansible
  116. 116. 70 ☛ https://github.com/ansible/ansible
  117. 117. 71 ad-hoc commands inventory playbook - push playbook - pull roles selective execution Capistrano-style zero-downtime blue-green rolling upgrade
  118. 118. 72

×