Getting things done with Ansible

Jesse Keating

@iamjkeating

Ansible

what is it

Task execution engine

Remote and local tasks

Parallel and serial operation

Written in Python

Open Source

Ansible

what can it do

Orchestration

Configuration Management

Provisioning

Remediation

ad-hoc remote execution

Ansible

why Ansible

Easy to get started

install from system packages, pip, git

only requires python

no new communication system

Easy to use

create an inventory file or dynamic source

write some yaml

dev all the ops

Easy to extend

loadable extra modules

loadable plugins

custom inventory sources

Cow powers

Ansible

orchestration

Execute actions in a certain order

Use data from one execution in a later execution

Rolling app deploy example

- hosts: web
  serial: 1
  tasks:
    - name: run webapps on 8082
      docker: image=appv2 command="service nginx start" ports=8082:8080
              state=present

    - name: test local server
      wait_for: port=8082

    - name: insert new into load balancer
      rax_clb_nodes: load_balancer_id=5 address={{ inventory_hostname }}
                     port=8082 condition=enabled type=primary
      delegate_to: localhost

    - name: remove old webapps version
      rax_clb_nodes: load_balancer_id=5 address={{ inventory_hostname }}
                     port=8081 state=absent
      delegate_to: localhost

    - name: remove old webapps version
      docker: image=appv1 state=absent

Ansible

config management

On-system configuration

packages

configuration files

users and groups

content

Webapp configure example

- hosts: localhost
  tasks:
    - name: install packages
      yum: pkg={{ item }} state=present
      with_items:
        - nginx
        - syslog-ng

    - name: configure nginx
      template: src=templates/nginx.conf.j2 dest=/etc/nginx/nginx.conf

    - name: configure syslog-ng
      copy: src=files/syslog-ng.conf dest=/etc/syslog-ng.conf

    - name: enable services
      service: name={{ item }} state=enabled
      with_items:
        - nginx
        - syslog-ng

    - name: get webapp content
      git: dest=/srv/webapp/ version={{ version }} depth=1
           repo="git://git.server/webapp.git"

Ansible

provisioning

Create infrastructure to manage

provision servers, networks, LBs in RAX, AWX, Openstack

launch docker containers

launch virtual instances with libvirt

Provisioning example

- hosts: localhost
  tasks:
    - name: launch web instances
      os_server: name=web0{{ item }}.mydomain flavor=m1-large
                 image=webapp.mydomain key_name=provision state=present
                 wait=true
      register: newnodes
      with_sequence: 5

    - name: add nodes to runtime inventory
      add_host: name={{ item.instances[0].name }} group=webs
                ansible_ssh_host={{ item.instances[0].openstack.accessIPv4 }}
      with_items: newnodes.results

- hosts: webs
  tasks:
    - name: configure stuff....

Ansible

remediation

Self healing systems

react to monitoring alerts to run fixit playbooks

respond to traffic spikes and scale capacity

Ansible

ad-hoc remote execution

One-off actions

execute a single module

across a provided set of hosts in parallel

Shellshock example

$ ansible -i myinventory.py all-linux -m yum -a "name=bash state=latest" -f 500 -vv

Ansible

advantages

just enough abstraction

portable playbooks and custom modules

cheap to start but powerful

reduced toolbox

no managed infrastructure for your infrastructure management

Ansible

learn more

http://docs.ansible.com

#ansible on freenode IRC

ansible google groups

ansible meetups

Thanks

@iamjkeating

One More Thing

Made with Slides.com