ansible it orchestration server automation

#servertraining

twitter.com/servermanageditwww.servermanaged.it

AnsibleAnsibleIT OrchestrationIT Orchestration

andandAutomationAutomation

#servertraining


whoamiwhoamiValentino GagliardiValentino Gagliardi

Agile SysadminAgile SysadminLinux IT ConsultantLinux IT ConsultantAnsible fanaticAnsible fanaticI like DevOpsI like DevOps

Twitter: twitter.com/valentinogagTwitter: twitter.com/valentinogagEmail: [email protected]: [email protected]

#servertraining


AgendaAgenda- Why Ansible?- Why Ansible?- Benefits- Benefits- Key concepts- Key concepts- Advanced concepts- Advanced concepts- Best practices- Best practices

#servertraining


Why Ansible?Why Ansible?As a System Administrator As a System Administrator

I'm tired of writing Ruby I'm tired of writing Ruby code to define the state of code to define the state of

a system.a system.

#servertraining


Why Ansible?Why Ansible?As a System Administrator As a System Administrator

I'm tired of deploying I'm tired of deploying hundreds of agents on hundreds of agents on

multiple hosts.multiple hosts.

#servertraining


Why Ansible?Why Ansible?I'm not lazy but Chef and I'm not lazy but Chef and

Puppet aren't exactly what Puppet aren't exactly what I want. Less is more, I want I want. Less is more, I want

less do to more.less do to more.

#servertraining


Why Ansible?Why Ansible?Configuration Configuration

Management: It's not about Management: It's not about laziness, it's about how to laziness, it's about how to

increase productivity.increase productivity.

#servertraining


Why Ansible?Why Ansible?Michael DeHaanMichael DeHaan

comes to the rescuecomes to the rescue

#servertraining


Why Ansible?Why Ansible?““Ansible...Ansible...

No more scripting. No No more scripting. No custom code. No agents custom code. No agents

required.”required.”

#servertraining


BenefitsBenefits- No agents (native SSH)- No agents (native SSH)- Language agnostic- Language agnostic- Community is growing- Community is growing

#servertraining


Benefits: no agentsBenefits: no agentsAnsible does not require Ansible does not require

agents on remote hosts. It agents on remote hosts. It use native SSH.use native SSH.

#servertraining


Benefits: no codingBenefits: no codingAnsible does not require Ansible does not require coding skills. No more coding skills. No more

Ruby. Playbooks are plain Ruby. Playbooks are plain YAML.YAML.

#servertraining


Key conceptsKey concepts- Inventory- Inventory- Playbooks- Playbooks- Modules- Modules

#servertraining


InventoryInventoryInventory: a list of target Inventory: a list of target hosts usually located inhosts usually located in

/etc/ansible/hosts/etc/ansible/hosts

#servertraining


[webservers][webservers]webserver1.example.comwebserver1.example.comwebserver2.example.comwebserver2.example.com[dbservers][dbservers]dbserver1.example.comdbserver1.example.comdbserver2.example.comdbserver2.example.com

InventoryInventory/etc/ansible/hosts/etc/ansible/hosts

#servertraining


Ad-Hocs commandsAd-Hocs commandsLet's reboot all servers.Let's reboot all servers.

# ansible all -a “reboot”

#servertraining


Ad-Hocs commandsAd-Hocs commandsLet's reboot webservers.Let's reboot webservers.

# ansible webservers -a “reboot”

#servertraining


PlaybooksPlaybooksPlaybook: define the state Playbook: define the state of one or more systems. of one or more systems.

Define tasks that must be Define tasks that must be executed.executed.

#servertraining


PlaybooksPlaybooks

#servertraining


ModulesModules““can control system can control system

resources, like services, resources, like services, packages, or files, or packages, or files, or

handle executing system handle executing system commands.”commands.”

#servertraining


ModulesModulesAnsible modules are the Ansible modules are the

equivalent of Puppet equivalent of Puppet resources, but Ansible resources, but Ansible modules can do more.modules can do more.

#servertraining


ModulesModulesSome examples.Some examples.

Template module.Template module. - name: Copy Munin Conf

template: src=munin-node.conf.j2 dest=/etc/munin/munin-node.conf owner=root group=root mode=0644

#servertraining


ModulesModulesSome examples.Some examples.

Yum module.Yum module. - name: Install OpenJDK

yum: name=java-1.7.0-openjdk state=present

#servertraining


Advanced ConceptsAdvanced Concepts- Conditionals- Conditionals- Loops- Loops- Variables- Variables- Roles- Roles

#servertraining


ConditionalsConditionalsAnsible can handle Ansible can handle

conditional execution.conditional execution. - name: restart mysql service: name=mysqld state=restarted when: ansible_os_family == "RedHat"

#servertraining


LoopsLoopsAnsible can handle loops.Ansible can handle loops.

- name: add several users user: name={{ item }} state=present groups=wheel with_items: - testuser1 - testuser2

#servertraining


VariablesVariablesAnsible have variables as Ansible have variables as

well. Variables can be well. Variables can be defined in playbooks...defined in playbooks...

#servertraining


VariablesVariables……then you can reference then you can reference

variables: variables: - on the command line- on the command line- in a task- in a task– – in a templatein a template

#servertraining


VariablesVariablesOn the command line:On the command line:

$ ansible-playbook site.yml --extra-vars="usname=example domain=example.org"

#servertraining


VariablesVariablesIn a task:In a task:

- name: Create Vhost User user: name={{ usname }} state=present

#servertraining


VariablesVariablesIn a template:In a template:

server {listen 80;

server_name www.{{ domain }}; root /home/{{ usname }}/public_html; index index.html index.php; access_log /home/{{ usname }}/logs/access.log; error_log /home/{{ usname }}/logs/error.log warn;…...............

#servertraining


RolesRolesA feature of Ansible for A feature of Ansible for

encouraging reuse of code encouraging reuse of code and best practices.and best practices.

#servertraining


RolesRolesAdvanced playbook.Advanced playbook.

#servertraining


RolesRolesroles/

mysql/tasks/templates/handlers/

nginx/tasks/templates/handlers/

#servertraining


RolesRoles

Playbook

Role Nginx

Role Php

Role Mysql

server1

server2

#servertraining


Best practicesBest practicesWrite Write small taskssmall tasks. Each . Each task must do one thing task must do one thing

(when possible).(when possible).

#servertraining


Best practicesBest practicesWhen you handle files with When you handle files with

assembleassemble, , copycopy, , lineinfilelineinfile use always use always backup=yesbackup=yesThis can save your life.This can save your life.

#servertraining


Best practicesBest practicesAlways use Always use – name:– name:

attribute in your tasks. This attribute in your tasks. This increase the readability of increase the readability of

your code.your code.

#servertraining


Best practicesBest practicesIf you can use versioning If you can use versioning

for your Playbooks.for your Playbooks.

#servertraining


Best practicesBest practicesAnsible docs is your friend.Ansible docs is your friend.

www.ansibleworks.com/docs/www.ansibleworks.com/docs/

#servertraining


Ansible all the things!Ansible all the things!Find me on...Find me on...

LinkedIn: linkedin.com/in/valentinogagliardiLinkedIn: linkedin.com/in/valentinogagliardiTwitter: twitter.com/valentinogagTwitter: twitter.com/valentinogagGoogle+: plus.google.com/+ValentinoGagliardiGoogle+: plus.google.com/+ValentinoGagliardiGitHub: https://github.com/valentinogagliardiGitHub: https://github.com/valentinogagliardi

ansible it orchestration server automation

Technology

servermanagedit

servermanagedit

servermanagedit

servermanagedit

servermanagedit

native ssh

system administrator

hocs commands