Ansible is a radically simple IT automation engine that is clear, fast, complete, efficient, and secure. It can be used for configuration management and infrastructure orchestration, deployments and builds, and provisioning for Vagrant. Ansible uses YAML files and templates to define automation tasks and plays. It provides advantages over shell scripts such as organization, reusability, and parallelization.
Report
Share
Report
Share
1 of 47
Download to read offline
More Related Content
Ansible is the simplest way to automate. SymfonyCafe, 2015
1. Ansible is the
simplest way to
automate.
Alexander Schedrov aka sanchiz
Team Lead, FFW
Symfony Cafe Kyiv, May 2015
2. Alexander Schedrov
aka sanchiz
Team Lead, FFW (ex ProPeople)
I love Open Source
I'm contributor to Open Source
That’s why I’m here
Ukraine, Kyiv
3. How it was earlier
Developers wrote code
SysAdmins deployed code and
configure servers
6. Ansible
• Clear - Ansible uses a simple syntax (YAML).
• Fast - Fast to learn and fast to set up.
• Complete - You have everything you need in one
complete package.
• Efficient - No extra software on your servers. Extensible
with modules on any programming language.
• Secure - Ansible uses SSH and requires no extra open
ports or daemons
13. Our approach
• Configuration management as part of project
• Deployments and builds should be automated
• We should test each feature before merging into
master
• Everything that may be automated - should be
automated
15. How do we generate builds
• GitHub Pull Requests to inject new features to
master branch
• Jenkins triggers ansible script within repo
• Ansible playbook download database from
production
• Ansible playbook apply changes to database
23. # Install the PGP key
gpg --keyserver keyserver.ubuntu.com --recv-keys 561F9B9CAC40B2F7
gpg --armor --export 561F9B9CAC40B2F7 | apt-key add -
# Install https support for apt
apt-get install apt-transport-https -y
# Add the passenger apt repository
echo "deb https://oss-binaries.phusionpassenger.com/apt/passenger
raring main" > /etc/apt/sources.list.d/passenger.list
chown root: /etc/apt/sources.list.d/passenger.list
chmod 600 /etc/apt/sources.list.d/passenger.list
# Update the apt cache so we can use the new repo
apt-get update
# Install nginx
apt-get install nginx-full passenger -y
# Set up passenger in the nginx configuration
sed -i "s/# passenger_root/passenger_root/" /etc/nginx/nginx.conf
sed -i "s/# passenger_ruby/passenger_ruby/" /etc/nginx/nginx.conf
# Start nginx
service nginx restart
Shell script
24. ---
- hosts: all
tasks:
- name: Ensure the PGP key is installed
apt_key: id=AC40B2F7 state=present url="http://keyserver.ubuntu.com/
pks/lookup?op=get&fingerprint=on&search=0x561F9B9CAC40B2F7"
- name: Ensure https support for apt is installed
apt: pkg=apt-transport-https state=present
- name: Ensure the passenger apt repository is added
apt_repository: state=present repo='deb https://oss-
binaries.phusionpassenger.com/apt/passenger raring main'
- name: Ensure nginx is installed
apt: pkg=nginx-full state=present
- name: Ensure passenger is installed
apt: pkg=passenger state=present update_cache=yes
- name: Ensure the nginx configuration file is set
copy: src=/app/config/nginx.conf dest=/etc/nginx/nginx.conf
- name: Ensure nginx is running
service: name=nginx state=started
Ansible script
25. Why do we love Ansible
• It perfectly fit into our infrastructure
• It has a lot of modules and roles
• Can easily be executed on multiple servers
• Popular system
• It supports simple templates
33. ---
- hosts: all
# Get facts about hosts(OS, user and so on)
gather_facts: no
remote_user: root
vars_prompt:
# Variables that need should be entered
vars:
# List of variables
var_files:
# List of files with variables
roles:
# List of roles that should be included
pre_tasks:
# List of pre-tasks
tasks:
# List of main tasks
post_tasks:
# List of post-tasks
handlers:
# List of handlers
35. Inventory
# Group name
[localhost]
# Hosts in group
127.0.0.1
# Group name
[mysql_group]
# Hosts in group
mysqlserver.com
192.168.1.1
# Group vars
[mysql_group:vars]
ansible_ssh_user=root
ansible_ssh_port=2222
/etc/ansible/hosts or ./hosts
Requirements: connection by ssh without password.
45. # Install role systemwide
ansible-galaxy install sanchiz.jenkins
# List all availabel roles systemwide
ansible-galaxy list
# Remove role systemwide
ansible-galaxy remove sanchiz.jenkins
# Init new ansible role in current dir
ansible-galaxy init