Ansible: Automation made simple

Transcript

1. An By Steve Teo 1 Ansible Automation made simple

2. Agenda Why, What, How Ansible

3. Agenda Why, What, How Ansible Key Concepts

4. Agenda Why, What, How Ansible Key Concepts Code and Demo

5. Why Ansible? As the ‘environment’ guy, I rather drink coffee

   than change 42 expiring passwords manually

6. Why Ansible? As the ‘environment’ guy, I need a way

   of standardizing every environment to reduce environment complexity

7. Why Ansible? As the ‘deployment’ guy, I need a way

   of automating deployments across multiple environments in a reliable, repeatable fashion

8. Why Ansible? As the ‘automation’ guy, I need an automation

   solution which works in a severely restricted environment

9. Into the Past

10. What is Ansible? Simple, Powerful open-source automation engine Written in

    Python Competes with Chef, Puppet, Salt Stack Since 2012 by Michael Deehan

11. What is Ansible? Ad-hoc Task Execution Configuration management Application Deployment

    Multi-Node Orchestration Cloud Provisioning

12. Open-Source github.com/ansible/ansible 968+ Contributors 9503+ ★

13. Low Barrier to Entry Operates over SSH Agentless => Low

    Footprint Control Machine: > Python 2.6 Managed Nodes: > Python 2.4 No Database

14. Master and Minions

15. How do I install it? From Source git clone git://github.com/ansible/ansible.git

    –recursive cd ./ansible source ./hacking/env-setup Package Managers sudo pip install ansible brew install ansible sudo yum install ansible Easiest Offline Non-Root Installation pip local + virtualenvwrapper + ansible => portable tarball
16. None

17. Key Concepts

18. Ansible Architecture Credits: http://terry.im/wiki/terry/Ansible.html

19. Playbooks Recipe book, consists of ‘plays’ => Mapping between tasks

    and hosts Declared in English and YAML => Say what, not how Executed in the order it was written => No dependency graph

20. Eg. Change Password

21. Eg. Install Packages

22. Inventory List of hosts in your ‘inventory’ in INI style

    Can be grouped together, groups of groups too

23. Task Structure arguments module documentation variable loop

24. Modules Ansible is battery packed Ships with over 250 modules,

    split into core and extras http://docs.ansible.com/modules.html Modules are idempotent, avoids a whole set of problems abs(abs(x)) ≡ abs(x)

25. Module Idempotence

26. Frequently Used Modules Packages apt, yum, homebrew, pkg Command Execution

    command, shell System cron, service, supervisor File operations copy, template, file, fetch synchronize, unarchive User Management user, group Network get_url

27. Windows Modules? Powered by PowerShell Remoting win_chocolatey Installs packages using

    chocolatey win_feature Installs and uninstalls Windows Features win_get_url Fetches a file from a given URL win_group Add and remove local groups win_msi Installs and uninstalls Windows MSI files win_ping A windows version of the classic ping module win_service Manages Windows services win_stat returns information about a Windows file win_updates Lists / Installs windows updates win_user Manages local Windows user accounts

28. Variables Can be defined in inventory => all, group, host

    level Can be defined inlined Can be defined from included files and roles Can have defaults in roles Can be overridden at the command line level Referenced in tasks or templates

29. Roles Organizational abstraction which separate tasks from the hosts that

    it needs to run on DRY, Can be reused and redistributed Convention over configuration approach Global Repository => https://galaxy.ansible.com/
30. None

31. Map Hosts to Roles

32. The Command Line ansible ansible-doc ansible-galaxy ansible-playbook ansible-pull ansible-vault

33. Code & Demo

34. Other Key Concepts

35. Multiple Environments ├── │ └── ├── │ ├── │ │

    ├── │ │ ├── │ │ └── │ └── ├── │ ├── │ │ ├── │ │ ├── │ │ └── │ └──

36. Multiple Environments –

37. Role Dependencies http://docs.ansible.com/playbooks_roles.html #role-dependencies

38. Rolling Deployment http://docs.ansible.com/playbooks_delegation.html

39. Cloud Provisioning Provisioning modules Amazon Azure Digital Ocean Docker Google

    Linode OpenStack Rackspace VMWare http://docs.ansible.com/list_of_cloud_modules.html

40. Cloud Provisioning Inventory is never static Inventories can be specified

    as a script, manifest generated only at run-time http://docs.ansible.com/intro_dy namic_inventory.html

41. Best Practices http://docs.ansible.com/playbooks_best_pra ctices.html https://www.reinteractive.net/posts/167- ansible-real-life-good-practices http://rosstuck.com/multistage- environments-with-ansible/ http://goodcode.io/blog/ansible-tips/

42. Ansible Tower

43. Ansible Tower Mission Control Dashboard Role Based Access Control Push

    Button Job Runs Job Scheduling Audit Trail Free only up to 10 Nodes
44. None
45. None

46. Thank You Any Questions? M: Steve Teo E: [email protected] T:

    @kelltainer