Getting things done with Ansible
Jesse Keating
@iamjkeating
Ansible
what is it
Task execution engine
Remote and local tasks
Parallel and serial operation
Written in Python
Open Source
Ansible
what can it do
Orchestration
Configuration Management
Provisioning
Remediation
ad-hoc remote execution
Ansible
why Ansible
Easy to get started
install from system packages, pip, git
only requires python
no new communication system
Easy to use
create an inventory file or dynamic source
write some yaml
dev all the ops
Easy to extend
loadable extra modules
loadable plugins
custom inventory sources
Cow powers
Ansible
orchestration
Execute actions in a certain order
Use data from one execution in a later execution
Rolling app deploy example
- hosts: web
serial: 1
tasks:
- name: run webapps on 8082
docker: image=appv2 command="service nginx start" ports=8082:8080
state=present
- name: test local server
wait_for: port=8082
- name: insert new into load balancer
rax_clb_nodes: load_balancer_id=5 address={{ inventory_hostname }}
port=8082 condition=enabled type=primary
delegate_to: localhost
- name: remove old webapps version
rax_clb_nodes: load_balancer_id=5 address={{ inventory_hostname }}
port=8081 state=absent
delegate_to: localhost
- name: remove old webapps version
docker: image=appv1 state=absent
Ansible
config management
On-system configuration
packages
configuration files
users and groups
content
Webapp configure example
- hosts: localhost
tasks:
- name: install packages
yum: pkg={{ item }} state=present
with_items:
- nginx
- syslog-ng
- name: configure nginx
template: src=templates/nginx.conf.j2 dest=/etc/nginx/nginx.conf
- name: configure syslog-ng
copy: src=files/syslog-ng.conf dest=/etc/syslog-ng.conf
- name: enable services
service: name={{ item }} state=enabled
with_items:
- nginx
- syslog-ng
- name: get webapp content
git: dest=/srv/webapp/ version={{ version }} depth=1
repo="git://git.server/webapp.git"
Ansible
provisioning
Create infrastructure to manage
provision servers, networks, LBs in RAX, AWX, Openstack
launch docker containers
launch virtual instances with libvirt
Provisioning example
- hosts: localhost
tasks:
- name: launch web instances
os_server: name=web0{{ item }}.mydomain flavor=m1-large
image=webapp.mydomain key_name=provision state=present
wait=true
register: newnodes
with_sequence: 5
- name: add nodes to runtime inventory
add_host: name={{ item.instances[0].name }} group=webs
ansible_ssh_host={{ item.instances[0].openstack.accessIPv4 }}
with_items: newnodes.results
- hosts: webs
tasks:
- name: configure stuff....
Ansible
remediation
Self healing systems
react to monitoring alerts to run fixit playbooks
respond to traffic spikes and scale capacity
Ansible
ad-hoc remote execution
One-off actions
execute a single module
across a provided set of hosts in parallel
Shellshock example
$ ansible -i myinventory.py all-linux -m yum -a "name=bash state=latest" -f 500 -vv
Ansible
advantages
just enough abstraction
portable playbooks and custom modules
cheap to start but powerful
reduced toolbox
no managed infrastructure for your infrastructure management
Ansible
learn more
http://docs.ansible.com
#ansible on freenode IRC
ansible google groups
ansible meetups
Thanks
@iamjkeating
One More Thing
Getting things done with Ansible 2015
By Jesse Keating
Getting things done with Ansible 2015
Ansible, getting it done, updated for LFNW 2015
- 2,128