An introduction to
Ansible
Jake Clarkson
@jabclab
Talk overview
- What is server automation?
- Ansible introduction
- Ansible topology + "real life" examples
- Next steps with Ansible
What is server automation?
- Creation of servers (+ load balancers, DNS etc.)
- Provisioning of servers
- Automation of deployments
Server automation: why?
Server automation: why?
- Cloud becomes easier to use as it was intended
- servers as horizontally scalable resources (e.g. Rackspace autoscale)
- Less reliance on / coupling with specific cloud provider
- Infrastructure in code
- consistency across environments much easier
- fringe cases easy to forget
- much easier to deploy to many environments
- less reliance on one person
- facilitates automation, more people can release
- easier to get new starters up and running
- Disaster recovery
- As developers in startups we wear multiple hats
- DevOps: automate all the things
- Make our lives easier, make managing servers less complex
Ansible
- Open source (https://github.com/ansible/ansible)
- Written in Python
- modules can be written in any language that can return JSON
- YAML configuration files
- lots of small files but easy to maintain
- Uses an agentless, SSH-based, model
- Manages full code lifecycle
- "Batteries included"
- modules are included out of the box
- Only requires one CLI invocation
- No Windows (for control box)
- Encryption capabilities out the box: easy to manage
- Idempotent: f(x) = f(f(x))
- get a box into a desired state
Ansible in its own words
- Have a dead simple setup process and a minimal learning curve
- Be super fast & parallel by default
- Require no server or client daemons; use existing SSHd
- Use a language that is both machine and human friendly
- Focus on security and easy auditability/review/rewriting of content
- Manage remote machines instantly, without bootstrapping
- Allow module development in any dynamic language, not just Python
- Be usable as non-root
- Be the easiest IT automation system to use, ever.
https://github.com/ansible/ansible#design-principles
Other solutions
http://en.wikipedia.org/wiki/Comparison_of_open-source_configuration_management_software
Ansible: getting started
Installing:
(sudo) pip install ansible [--upgrade]
Can install via apt, yum, pkg, Homebrew in addition to from source
Ansible: structure
- Inventory file = definition of your architecture
- Static / dynamic supported
- Playbooks
- Roles
- Tasks
- Handlers
- Variables
- Files
- Templates
- Meta
Real-life setup
- Ansible "control box"
- Gateway to cloud (or dedicated) infrastructure
- Single point of 'public' SSH security management
- Cloud servers are built from image which, e.g. ansible@ansiblecontrol.$your_domain, can connect to
Ansible for workflow consistency
- Ansible can manage environments from:
- dev -> staging -> pre-production -> production
- Ansible can be configured per environment (via variables/choice of playbook/inventory)
Ansible: further reading / meta
- Ansible Tower
- Front end to Ansible
- Manage team privs etc.
- RESTful API
- Audit, scheduled jobs etc.
- Fairly expensive ($5,000 p/a for enterprise support 50 nodes)
- Ansible Galaxy
- out-the-box Ansible roles
- don't have to reinvent the wheel each time
- still relatively new so not too mature
- installed via simple CLI
Ansible community
Documentation
http://docs.ansible.com/index.html
GitHub
https://github.com/ansible/ansible
IRC
#ansible
Resources
http://www.ansible.com/resources
Google Group
https://groups.google.com/forum/#!forum/ansible-project
Ansible
By Jake Clarkson