OpenChain AI Study Group - Europe and Asia Recap - 2024-04-11 - Full Recording
Ansible - Crash course
1. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Brown bag - Crash course
Automation makes IT better
@soldasimo
simonesoldateschi
2. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Agenda
● Presentation (20’)
o The basics
o Playbooks
o Sharing code
● Q&A (5’)
● Quiz (5’)
3. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
The basics
Installation on management host:
$ pip install ansible
That’s it!
4. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
The basics
Installing agent on
managed hosts:
5. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
The basics
Can be as simple as:
mail.example.com
or:
10.1.157.183
Create an inventory file
6. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
The basics
Is host alive?
$ ansible -i ~/etc/hosts all -m ping
Ansible - Quickstart
ss-dfw-00 | success >> {
"changed": false,
"ping": "pong"
}
7. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
The basics
Tons of servers to run commands on?
$ ansible -i ~/etc/hosts all -m shell -a 'df -h'
Ansible - Quickstart
ss-dfw-00 | success | rc=0 >>
Filesystem Size Used Avail Use% Mounted on
rootfs 20G 1.6G 18G 9% /
udev 10M 0 10M 0% /dev
...
8. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
A few facts about Ansible
9. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
A few facts about Ansible
● open-source
● free-software (GPL v3)
● written in Python
● agent-less
● push model ← K.I.S.S.
● commercial version
...OK, SSH is an agent ;)
● enterprise support, SLA, …
19. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Modules
What can modules do?
● run commands
● transfer files
● install packages
● manage daemons
● manage users and groups
● gather facts
● deploy software with SCM
● manage DBs (MySQL,
PostgreSQL, MongoDB,
Redis, …)
● manage Cloud devices
See:
http://docs.ansible.com/modules_by_category.html
20. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Desired State
Go live!
21. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Desired state
Write code to tell the computer
how to set up itself!
22. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Agenda
● Presentation (20’)
o The basics
o Playbooks
o Sharing code
● Q&A (5’)
● Quiz (5’)
23. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks
● Contain one or more plays
● Written in YAML
○ declarative config
○ not code
● Executed in the order it is
written (aka Imperative)
24. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks
---
- name: deploy web server
user: foouser
sudo: True
hosts: all
tasks:
- name: install apache
apt: pkg=apache2-mpm-prefork state=latest
25. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks
---
- name: deploy web server
user: foouser
sudo: True
hosts: all
tasks:
- name: install apache
apt: pkg=apache2-mpm-prefork state=latest
26. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks
---
- name: deploy web server
user: foouser
sudo: True
hosts: all
tasks:
- name: install apache
apt: pkg=apache2-mpm-prefork state=latest
Inventory
27. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks
---
- name: deploy web server
user: foouser
sudo: True
hosts: all
tasks:
- name: install apache
apt: pkg=apache2-mpm-prefork state=latest
28. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks
---
- name: deploy web server
user: foouser
sudo: True
hosts: all
tasks:
- name: install apache
apt: pkg=apache2-mpm-prefork state=latest
Documentation
Arguments
Module
42. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks - Deploy LAMP
roles
common
db
web
lamp_simple
---
# This playbook deploys the whole application stack in this
site.
- name: apply common configuration to all nodes
hosts: all
user: root
roles:
- common
- name: configure and deploy the webservers and application
code
hosts: webservers
user: root
roles:
- web
- name: deploy MySQL and configure the databases
hosts: dbservers
user: root
roles:
- db
43. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks - Deploy LAMP
roles
common
db
web
lamp_simple
---
# This playbook deploys the whole application stack in this
site.
- name: apply common configuration to all nodes
hosts: all
user: root
roles:
- common
- name: configure and deploy the webservers and application
code
hosts: webservers
user: root
roles:
- web
- name: deploy MySQL and configure the databases
hosts: dbservers
user: root
roles:
- db
44. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks - Deploy LAMP
roles
common
db
web
lamp_simple
---
# This playbook deploys the whole application stack in this
site.
- name: apply common configuration to all nodes
hosts: all
user: root
roles:
- common
- name: configure and deploy the webservers and application
code
hosts: webservers
user: root
roles:
- web
- name: deploy MySQL and configure the databases
hosts: dbservers
user: root
roles:
- db
45. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks - Deploy LAMP
common
tasks
db
tasks
web
tasks
playbooks
46. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks - Deploy LAMP
common
tasks
---
# This playbook contains common plays that will be run on all nodes.
- name: Install ntp
yum: name=ntp state=present
tags: ntp
- name: Configure ntp file
template: src=ntp.conf.j2 dest=/etc/ntp.conf
tags: ntp
notify: restart ntp
…
47. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Playbooks - Deploy LAMP
db
tasks
---
# This playbook will install mysql
# and create db user and give permissions.
- name: Install Mysql package
yum: name={{ item }} state=installed
with_items:
- mysql-server
- MySQL-python
- libselinux-python
- libsemanage-python
…
49. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Best practices - Directory layout
site.yml # master playbook
webservers.yml # playbook for webserver tier
dbservers.yml # playbook for dbserver tier
roles/
common/ # this hierarchy represents a "role"
tasks/ #
main.yml # <-- tasks file can include smaller files if warranted
handlers/ #
main.yml # <-- handlers file
templates/ # <-- files for use with the template resource
ntp.conf.j2 # <------- templates end in .j2
files/ #
bar.txt # <-- files for use with the copy resource
foo.sh # <-- script files for use with the script resource
vars/ #
main.yml # <-- variables associated with this role
webtier/ # same kind of structure as "common" was above, done for the webtier role
monitoring/ # ""
fooapp/ # ""
50. RACKSPACE® HOSTING | WWW.RACKSPACE.COMsimone.soldateschi@rackspace.co.uk
Agenda
● Presentation (20’)
o The basics
o Playbooks
o Sharing code
● Q&A (5’)
● Quiz (5’)
In fact Ansible is agent-less.OK, OK, SSH is an agent ;)
The inventory file references hosts to be managed. It might contain credentials and key-value pairs.
ansible is the swiss-army-knife
The inventory file references hosts to be managed. It might contain credentials and key-value pairs.
You have many servers to manage
The inventory file references hosts to be managed. It might contain credentials and key-value pairs.
The inventory file references hosts to be managed. It might contain credentials and key-value pairs.
The inventory file references hosts to be managed. It might contain credentials and key-value pairs.‘-f10’ tells Ansible to fork 10 times, aka manage 10 servers in parallel
The inventory file references hosts to be managed. It might contain credentials and key-value pairs.‘-f10’ tells Ansible to fork 10 times, aka manage 10 servers in parallel
foo.example.com is both a web server and a database server
www01.example.com … www10.example.com are web serversdb-a.example.com … db-f.example.com are database servers
Let’s install Apache HTTP server using a playbook
Let’s install Apache HTTP server using a playbook
all refers to all the host defined within the inventory fileIt could be any group-name.
Let’s install Apache HTTP server using a playbook
Let’s install Apache HTTP server using a playbook
Let’s install Apache HTTP server using a playbook
Let’s install Apache HTTP server using a playbook
Let’s install Apache HTTP server using a playbook
Let’s install Apache HTTP server, using the same playbook, on Debian and Red-Hat based distros.
Let’s install Apache HTTP server, using the same playbook, on Debian and Red-Hat based distros.
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks
It’s possible to achieve the same result including sub-playbooks