introduction to ansible
TRANSCRIPT
![Page 2: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/2.jpg)
WHAT IS ANSIBLE?Started in February 2012By Michael DeHaanMore than 600 ContributorsOrchestration Engine
Configuration ManagementApplication DeploymentContinuous Delivery
![Page 3: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/3.jpg)
ONLINE RESOURCES
![Page 4: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/4.jpg)
WEBSITE
![Page 5: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/5.jpg)
DOCUMENTATION
![Page 6: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/6.jpg)
MAILING LISTSansible-announceansible-projectansible-devel
![Page 7: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/7.jpg)
IRC#ANSIBLE
![Page 8: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/8.jpg)
GITHUBHTTPS://GITHUB.COM/ANSIBLE/ANSIBLE
![Page 9: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/9.jpg)
BENEFITS
![Page 10: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/10.jpg)
NO AGENT REQUIREDSSH
![Page 11: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/11.jpg)
EASY TO INSTALL# EPEL repoyum install ansible
# Available through a PPAapt-get install ansible
pip install ansible
![Page 12: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/12.jpg)
REQUIREMENTSControl machine: Python 2.6Managed node: Python 2.4python-simplejsonlibselinux-python
![Page 13: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/13.jpg)
YAML SYNTAX---- yum: name= state=installed with_items: - app_server - acme_software
- service: name=app_server state=running enabled=yes
- template: src=/opt/code/templates/foo.j2 dest=/etc/foo.conf notify: - restart app server
![Page 14: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/14.jpg)
SCALABLE
![Page 15: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/15.jpg)
CUSTOMIZABLE
![Page 16: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/16.jpg)
COMMANDSansibleansible-playbookansible-pullansible-docansible-galaxy
![Page 17: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/17.jpg)
MODULESRun on remote hostControl system resources, executing system commandsNotificationEasy to write new modules
![Page 18: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/18.jpg)
MODULESCloudCommandsDatabaseFilesInternalInventoryMessagingMonitoringNet InfrastructureNetworkNotificationPackagingSource ControlSystemUtilitiesWeb Infrastructure
![Page 19: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/19.jpg)
INVENTORYContains all the managed hostsCan contain variablesFlat file(s) or script (dynamic inventory)Can interact with your own CMDBMultiple inventory sources
![Page 20: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/20.jpg)
INVENTORYmail.example.com
[webservers]foo.example.combar.example.com
[dbservers]one.example.comtwo.example.comthree.example.com
[servers:children]webserversdbservers
![Page 21: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/21.jpg)
INVENTORYjumper ansible_ssh_port=5555 ansible_ssh_host=192.168.1.
[webservers]www[01:50].example.com
[webserver:vars]port=80
![Page 22: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/22.jpg)
ANSIBLEBasic tasksInformation from system(s)Execute one module
Usage: ansible host-pattern [options]
![Page 23: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/23.jpg)
ANSIBLEansible all -m ping -oansible demo -m setupansible foo.example.com -a “/usr/sbin/reboot”
ansible demo -m file -a "dest=/srv/foo/a.txt mode=600" -oansible demo-one -m yum -a "name=httpd state=installed"ansible demo-one -m service -a "name=httpd state=started"
![Page 24: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/24.jpg)
PLAYBOOKSExecution of tasksOne task is one moduleVariablesHandlersIdempotent
![Page 25: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/25.jpg)
ANSIBLE---- hosts: http remote_user: user sudo: yes vars: in_ports: - 80 tasks: - name: install httpd action: yum name=httpd state=latest
- name: copy httpd.conf action: template src=httpd.conf.j2 dest=/etc/httpd/conf/httpd.conf owner=root group=root mode=0644 seuser="system_u" setype="httpd_config_t" backup=yes notify: - restart httpd
![Page 26: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/26.jpg)
ROLESReusable list of tasksHas one goal (eg deploy apache)Reusable
---- hosts: demo gather_facts: False connection: local serial: 1 vars: in_ports: - 80 roles: - httpd - mysql - iptables
![Page 27: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/27.jpg)
TEMPLATESJinja2 templating engineUse of variables in filesLoops, Conditionals, Filters, ...
< Proxy balancer://{{ balancer_name }}>{% for host in groups['demo-web'] %} BalancerMember http://{{ hostvars[host].ansible_eth1.ipv4.address }}{% endfor %} Order allow,deny Allow from all< /Proxy>
![Page 28: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/28.jpg)
ANSIBLE-PLAYBOOKExecute a playbookSet-up a whole environment / host(s)
Usage: ansible-playbook playbook.yml -i inventory -l limit to host / group
![Page 29: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/29.jpg)
EXTRA FEATURES
![Page 30: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/30.jpg)
ACCELERATED MODE---- hosts: all accelerate: true # default port is 5099 accelerate_port: 10000
![Page 31: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/31.jpg)
ASYNCHRONOUS ACTIONS AND POLLING---- hosts: all remote_user: root tasks: - name: simulate long running op (15 sec), wait for up to 45, poll every 5 command: /bin/sleep 15 async: 45 poll: 5
![Page 32: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/32.jpg)
CHECK MODEUsage: ansible-playbook foo.yml --check
---tasks:
- name: this task is run even in check mode command: /something/to/run --even-in-check-mode always_run: yes
Usage: ansible-playbook foo.yml --check --diff --limit foo.example.com
![Page 33: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/33.jpg)
ROLLING UPDATES---- name: test play hosts: webservers serial: 3
MAX FAILURE PERCENTAGE---- hosts: webservers max_fail_percentage: 30 serial: 10
![Page 34: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/34.jpg)
DELEGATION---- hosts: webservers serial: 5
tasks: - name: take out of load balancer pool command: /usr/bin/take_out_of_pool {{ inventory_hostname }} delegate_to: loadbalancer.example.com
- name: actual steps would go here yum: name=acme-web-stack state=latest
- name: add back to load balancer pool command: /usr/bin/add_back_to_pool {{ inventory_hostname }} delegate_to: loadbalancer.example.com
![Page 35: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/35.jpg)
LOCAL ACTIONS/PLAYBOOKS---# ... tasks: - name: recursively copy files from management server to target local_action: command rsync -a /path/to/files {{ inventory_hostname }}:/path/to/target/
Usage: ansible-playbook playbook.yml --connection=local
---- hosts: demo connection: local
![Page 36: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/36.jpg)
ERROR HANDLING / OVERRIDING OUTPUT---- name: this will not be counted as a failure command: /bin/false ignore_errors: yes
- name: this command prints FAILED when it fails command: /usr/bin/example-command -x -y -z register: command_result failed_when: "'FAILED' in command_result.stderr"
- shell: /usr/bin/billybass --mode="take me to the river" register: bass_result changed_when: "bass_result.rc != 2"
![Page 37: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/37.jpg)
LOOKUPS---- hosts: all
tasks:
- debug: msg="{{ lookup('env','HOME') }} is an environment variable"
- debug: msg="{{ item }} is a line from the result of this command" with_lines: - cat /etc/motd
- debug: msg="{{ lookup('pipe','date') }} is the raw result of running this command"
- debug: msg="{{ lookup('redis_kv', 'redis://localhost:6379,somekey') }} is value in Redis for somekey"
- debug: msg="{{ lookup('dnstxt', 'example.com') }} is a DNS TXT record for example.com"
- debug: msg="{{ lookup('template', './some_template.j2') }} is a value from evaluation of this template"
![Page 38: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/38.jpg)
PROMPTS---- hosts: all remote_user: root vars: from: "camelot" vars_prompt: name: "what is your name?" quest: "what is your quest?"
vars_prompt: - name: "release_version" prompt: "Product release version" default: "1.0"
![Page 39: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/39.jpg)
TAGS---tasks:
- yum: name={{ item }} state=installed with_items: - httpd - memcached tags: - packages
- template: src=templates/src.j2 dest=/etc/foo.conf tags: - configuration
Usage: ansible-playbook example.yml --tags "configuration,packages"
---roles: - { role: webserver, port: 5000, tags: [ 'web', 'foo' ] }
---- include: foo.yml tags=web,foo
![Page 40: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/40.jpg)
BEST PRACTICESproduction # inventory file for production serversstage # inventory file for stage environment
group_vars/ group1 # here we assign variables to particular groups group2 # ""host_vars/ hostname1 # if systems need specific variables, put them here hostname2 # ""
site.yml # master playbookwebservers.yml # playbook for webserver tierdbservers.yml # playbook for dbserver tier
roles/ common/ # this hierarchy represents a "role" tasks/ # main.yml # <-- tasks file can include smaller files if warranted handlers/ # main.yml # <-- handlers file templates/ # <-- files for use with the template resource ntp.conf.j2 # <------- templates end in .j2 files/ # bar.txt # <-- files for use with the copy resource foo.sh # <-- script files for use with the script resource vars/ # main.yml # <-- variables associated with this role
![Page 41: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/41.jpg)
ANSIBLE-PULLHost gets Ansible configuration
GitSVNNFS...
Runs the playbook on itselfNo central machine neededEnforcing of configuration
Usage: ansible-pull [options] playbook.yml
![Page 42: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/42.jpg)
ANSIBLE-DOCView documentation of modules
Usage: ansible-doc yum -M module_path
![Page 43: Introduction to Ansible](https://reader033.vdocument.in/reader033/viewer/2022052307/554f7405b4c9058a148b54d8/html5/thumbnails/43.jpg)
ANSIBLE-GALAXYDownload roleshttp://galaxy.ansible.com
Usage: ansible-galaxy install bennojoy.nginx