automating with ansible

Ricardo Schmidt / ricardo.xmit@gmail.com

Automating with Ansible

Enjoy tonight!

+ +

Who Am I?

- - -

- define devops user

- user: name=Ricardo Schmidt

email=ricardo.xmit@gmail.com

accent=Brazilian

What we will use in this presentation

- Linux

- YAML

My examples use:

- Vagrant

- EC2/AWS

What’s Ansible?

• Open source tool, created +- 3 years ago by Michael DeHaan.

• Configuration Management + Application Deployment +

Provisioning + Orchestration.

• Written in Python.

• Competes with Puppet, Chef, Salt Stack.

Ansible is…

• Fast

• Clear

• Complete

• Secure

Fast

• Minimal Setup

• Manage 5 or 5000 nodes

• Short learning curve - It is easy to learn

Clear

• Developers

• System Administrators

• IT Management

Complete

configuration

management

deployment

orchestration provisioning

Secure

• Go Agentless!

• SSH transport

• No additional firewall rules

• No additional open ports

• Use your own user

• You can sudo

Dynamic Provisioning

• Ansible can manage your cloud.

Key Components of Ansible

• Inventory

• Modules/Tasks

• Ad-Hocs

• Plays

• Playbooks

Inventory

• Hosts and Groups

• Port and address

• Remote/sudo usernames

Inventory: Hosts

web1.example.com ansible_ssh_port=5555 ansible_ssh_host=192.168.1.50

Inventory Name SSH port Connection address

Inventory: Groups

[webservers]

web1.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.50

web2.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.51

web3.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.52

[database]

mysql1.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.54

mysql2.example.com ansible_ssh_port=22 ansible_ssh_host=192.168.1.55

Modules

• Bits of code copied to the target system.

• Modules avoid changes to the system unless a change

needs to be made.

• You can write your own modules.

Modules: Commonly Used

• apt/yum

• copy

• ec2

• file

• service

• git

• user

200+ Ansible

Modules

Tasks

Task is a declaration about the state of a system.

- name: install memcached

yum: name=memcached state=present

- name: Create database user with all database privileges

mysql_user: name=bob password=12345 priv=*.*:ALL

state=present

• Ad-Hoc

• Playbook

Ad-Hoc commands

$ ansible web-hosts -m file -a "path=/opt/cache state=directory"

$ ansible web-hosts -m yum -a "name=nginx state=present"

$ ansible web-hosts -m service -a "name=nginx enabled=yes state=started"

Playbook / Play

---

- name: This is Play 1

hosts: web-servers

remote_user: fred

sudo: yes

tasks:

- name: create user

user: name=ricardo

- name: install nginx

yum: name=nginx state=present

- name: This is Play 2

hosts: memcache-1

remote_user: root

tasks:

- name: install memcached

yum: name=memcached state=present

- name: start memcached

service: name=memcached state=started

- name: copy file ABC to somewhere

files: name=/etc/abc state=/etc/abc

Demo Time

• inventory

• ad-hoc commands

• playbook

Support to Windows

Starting in version 1.7, Ansible also contains support

for managing Windows machines. This uses native

powershell remoting, rather than SSH.

Ansible Galaxy

• Collection of 500 roles

• Community reviewed

• Great starting point

http://galaxy.ansible.com

What we didn’t talk…

• Variables

• Templates

• Roles

• Ansible-vault

• Ansible Tower

How should I start with Ansible?

ansible.com

docs.ansible.com

twitter: @ansible

Q&A

Thanks!

Looking for a new Job?

strut.ly is hiring! Talk to me!

Ricardo Schmidt - ricardo.xmit@gmail.com