SlideShare una empresa de Scribd logo

Go Faster with Ansible (PHP meetup)

Descargar como PPTX, PDF
Richard Donkin
Richard Donkin

(Click 2nd slide for video) Deploy PHP apps faster in 2017. This talk focuses on how PHP developers can use simple Ansible scripts to rapidly configure new dev and production servers from scratch, and deploy their apps. No more "snowflake servers"! This is a general introduction to DevOps essentials and Ansible, with a few extras for PHP developers, including some best practice tips and overview of two major Ansible-based PHP projects, Drupal-VM and Trellis (modern WordPress setup).

Tecnología
1 de 34
Go Faster with Ansible Richard Donkin @rdonkin
$ whoami • Richard Donkin • DevOps engineer / contractor • Ansible, Vagrant, Docker, Linux, AWS, databases, … • Experience of sys admin, DevOps, backend dev, architecture, startups, … @rdonkin linkedin.com/in/rdonkin
Goal: Faster Correct Setup Servers Apps Developers • Correct configuration • No snowflake servers • Dev, Test, Production
Infrastructure As Code
Infrastructure as Code Software processes for server configs: • Code review • Version control • Automated tests • Automated push to servers
What is Configuration Management? Code that Controls Config
What Ansible Does Configuration Management App Deployment • Basic, "Atomic", zero downtime, ... Orchestration • Sequence operations on servers, APIs, etc. • Harder with Configuration Management
Why Ansible? • Agentless & serverless • Simple • Sequential • Declarative tasks • “Ensure nginx installed” • Enables idempotence • Easy to learn • Scales to complex cloud orchestration
Quick Install Mac: brew install ansible Debian/Ubuntu: sudo apt-add-repository ppa:ansible/ansible sudo apt-get install -y ansible RHEL/CentOS: use EPEL, then: sudo yum –y install ansible Any Linux (latest Ansible, requires Python): sudo easy_install pip sudo pip install ansible
Hello PHPMailer Playbooks Tasks Idempotence
Key Concepts Playbook = series of tasks • Targets one server or thousands • Servers defined by Inventory Task = "ensure X is done" action Play = set of tasks in playbook
Running a Playbook (1)
Running a Playbook (2) Tasks will "skip" if state already OK (Idempotence)
Writing a Playbook Play – hosts to process, become == sudo Tasks - descriptive name - invoke module (apt) with parameters Play Task
The Secret Life of Tasks Each task runs SSH commands that • Upload a Module (e.g. apt) • Run module with task's parameters • Return JSON output
Inventory and Variables Group your servers and assign key parameters ("variables") [web] 10.0.1.51 10.0.1.52 [db] 10.0.1.61 [web:vars] ansible_port=2222 $ ansible-playbook -i prod apache.yml --limit web Run different Ansible code per group Recommended: • Inventory file per environment (or dynamic inventory) • Put vars in group_vars/mygroup/vars.yml
Apache Playbook (1) Vars = parameters for this playbook Can be in separate include files Or attach to hosts or host-groups in Inventory - e.g. Listening IP address should be in inventory
Apache Playbook (2) template task runs Jinja2 on local file and copies to server notify sends event to Handler - Each Handler runs just once, at end of whole playbook - Restart a service, notify Slack, ...
Apache Playbook (3) service task uses systemctl to enable start on boot - {{ apache_service }} instantiates var with Jinja2 Handler restarts apache at end if any task does a notify
Apache Playbook Playbooks Variables Handlers
Modules (1) Over 840 modules "in the box" - Git, yum, apt, compose, pear, pip, … - Copy files, template files - Edit files - Permissions, ownership, SELinux - Services – systemd, sysvinit, ... - Crontabs - MySQL, PostgreSQL, MongoDB, ...
Modules (2) More modules (AWS alone has 87) - Firewalls, routers, switches, ... - AWS, Google, Digital Ocean, ... - Docker, VMware, … - Fallback to shell, upload script, … Runs best on Linux/Unix including Mac Windows as a target only
Roles "Modularised playbooks" - Split playbook into folder per type of content - defaults folder for "parameter vars" - vars folder for "role vars" – hard to override - meta folder for role dependencies Vars Tasks Handlers Apache + PHP playbook Apache role PHP role
Roles Use Roles for everything! Skinny playbooks + modular roles Ideal playbook only calls roles, not tasks Typical roles: • mysql • apache • php, php-fpm • deploy-app "Wrapper roles" to invoke third party roles
Ansible Galaxy Hub for 1000s of roles: galaxy.ansible.com Discovery: Galaxy, GitHub, blogs, … Assess quality carefully Install the roles needed by project: ansible-galaxy install –r requirements.yml Pin the role to a version or Git commit
Testing Infra Code Basic testing: - Separate test playbook using Vagrant VM - Travis CI popular for open source - Smoke test at end of playbook: Test frameworks: - Test-Kitchen, ServerSpec, InSpec, testinfra - Run whole series of tests - easier diagnosis
One Liners Ad hoc command on single host, or group from inventory
Drupal VM Create a VM with one command: vagrant up Ansible: 37 roles, 630 tasks, 7,200 lines of code
Drupal VM Multiple Roles
Trellis: Modern WordPress Near Twelve Factor WordPress • Dev to Prod • PHP 7.1, A+ SSL, HTTP/2, WP-CLI, … • Example: rightsinfo.org Related roots.io projects: • Bedrock (WP boilerplate) • Sage (starter theme) • Some commercial add-ons Example project (blog post): • Install node, gulp, bower, Vagrant plugins • vagrant up • Some fixes required for Ansible 2.2
Resources Book: Ansible for DevOps by Jeff Geerling – regular updates Help: Stack Overflow, Ansible IRC + email lists Roles: • Geerlingguy roles – wide range – pragmatic & well maintained • Ansistrano: Deploying PHP apps demo (atomic model) Projects: • Drupal-VM – http://drupalvm.com • Trellis - https://roots.io/trellis/ - very complete WordPress setup • Use example project – requires node, bower & gulp Best practices: Ansible.com, blogs by Leucos and Nylas Podcasts: Arrested DevOps – general DevOps and Infra as Code
Thank You Richard Donkin @rdonkin linkedin.com/in/rdonkin
Traction – Google Trends, 5 years
Advanced: Write a Module Much more common to write a role Required for major new features: • New API • New package tool • New container format Most modules written in Python Any language works: PHP, C, Go, Perl, … Writing a module using PHP

Recomendados

Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)
Richard Donkin
 
Ansible Case Studies
Ansible Case StudiesAnsible Case Studies
Ansible Case Studies
Greg DeKoenigsberg
 
How Ansible Makes Automation Easy
How Ansible Makes Automation EasyHow Ansible Makes Automation Easy
How Ansible Makes Automation Easy
Peter Sankauskas
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Keith Resar
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
Simplilearn
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
Suresh Kumar
 
Network Automation with Ansible
Network Automation with AnsibleNetwork Automation with Ansible
Network Automation with Ansible
Anas
 
Monitor-Driven Development Using Ansible
Monitor-Driven Development Using AnsibleMonitor-Driven Development Using Ansible
Monitor-Driven Development Using Ansible
Itamar Hassin
 

Recomendados

Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)Go Faster with Ansible (AWS meetup)
Go Faster with Ansible (AWS meetup)
Richard Donkin
 
Ansible Case Studies
Ansible Case StudiesAnsible Case Studies
Ansible Case Studies
Greg DeKoenigsberg
 
How Ansible Makes Automation Easy
How Ansible Makes Automation EasyHow Ansible Makes Automation Easy
How Ansible Makes Automation Easy
Peter Sankauskas
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Keith Resar
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
Simplilearn
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
Suresh Kumar
 
Network Automation with Ansible
Network Automation with AnsibleNetwork Automation with Ansible
Network Automation with Ansible
Anas
 
Monitor-Driven Development Using Ansible
Monitor-Driven Development Using AnsibleMonitor-Driven Development Using Ansible
Monitor-Driven Development Using Ansible
Itamar Hassin
 
Network automation (NetDevOps) with Ansible
Network automation (NetDevOps) with AnsibleNetwork automation (NetDevOps) with Ansible
Network automation (NetDevOps) with Ansible
Bangladesh Network Operators Group
 
Getting started with Ansible
Getting started with AnsibleGetting started with Ansible
Getting started with Ansible
Ivan Serdyuk
 
Ansible and AWS
Ansible and AWSAnsible and AWS
Ansible and AWS
Peter Sankauskas
 
Ansible intro
Ansible introAnsible intro
Ansible intro
Marcelo Quintiliano da Silva
 
Docker ansible-make-chef-puppet-unnecessary-minnihan
Docker ansible-make-chef-puppet-unnecessary-minnihanDocker ansible-make-chef-puppet-unnecessary-minnihan
Docker ansible-make-chef-puppet-unnecessary-minnihan
jbminn
 
Ansible - A 'crowd' introduction
Ansible - A 'crowd' introductionAnsible - A 'crowd' introduction
Ansible - A 'crowd' introduction
Manuel de la Peña Peña
 
Managing Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with AnsibleManaging Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with Ansible
fmaccioni
 
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
rmcleay
 
docker build with Ansible
docker build with Ansibledocker build with Ansible
docker build with Ansible
Bas Meijer
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction
Robert Reiz
 
DevOps, A brief introduction to Vagrant & Ansible
DevOps, A brief introduction to Vagrant & AnsibleDevOps, A brief introduction to Vagrant & Ansible
DevOps, A brief introduction to Vagrant & Ansible
Arnaud LEMAIRE
 
DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!
Jeff Geerling
 
Ansible new paradigms for orchestration
Ansible new paradigms for orchestrationAnsible new paradigms for orchestration
Ansible new paradigms for orchestration
Paolo Tonin
 
Learn you some Ansible for great good!
Learn you some Ansible for great good!Learn you some Ansible for great good!
Learn you some Ansible for great good!
David Lapsley
 
Infrastructure Automation with Chef & Ansible
Infrastructure Automation with Chef & AnsibleInfrastructure Automation with Chef & Ansible
Infrastructure Automation with Chef & Ansible
wajrcs
 
Automated Deployments with Ansible
Automated Deployments with AnsibleAutomated Deployments with Ansible
Automated Deployments with Ansible
Martin Etmajer
 
Ansible module development 101
Ansible module development 101Ansible module development 101
Ansible module development 101
yfauser
 
Automation with Ansible and Containers
Automation with Ansible and ContainersAutomation with Ansible and Containers
Automation with Ansible and Containers
Rodolfo Carvalho
 
Deploying PHP Applications with Ansible
Deploying PHP Applications with AnsibleDeploying PHP Applications with Ansible
Deploying PHP Applications with Ansible
Orestes Carracedo
 
Ansible: How to Get More Sleep and Require Less Coffee
Ansible: How to Get More Sleep and Require Less CoffeeAnsible: How to Get More Sleep and Require Less Coffee
Ansible: How to Get More Sleep and Require Less Coffee
Sarah Z
 
DevOps with Ansible
DevOps with AnsibleDevOps with Ansible
DevOps with Ansible
Swapnil Jain
 
Integrating Web Apps with Canvas - Salesforce1 World Tour
Integrating Web Apps with Canvas - Salesforce1 World TourIntegrating Web Apps with Canvas - Salesforce1 World Tour
Integrating Web Apps with Canvas - Salesforce1 World Tour
Richard Donkin
 

Más contenido relacionado

La actualidad más candente

Docker ansible-make-chef-puppet-unnecessary-minnihan
Docker ansible-make-chef-puppet-unnecessary-minnihanDocker ansible-make-chef-puppet-unnecessary-minnihan
Docker ansible-make-chef-puppet-unnecessary-minnihan
jbminn
 
DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!
Jeff Geerling
 

La actualidad más candente (20)

Network automation (NetDevOps) with Ansible
Network automation (NetDevOps) with AnsibleNetwork automation (NetDevOps) with Ansible
Network automation (NetDevOps) with Ansible
 
Getting started with Ansible
Getting started with AnsibleGetting started with Ansible
Getting started with Ansible
 
Ansible and AWS
Ansible and AWSAnsible and AWS
Ansible and AWS
 
Ansible intro
Ansible introAnsible intro
Ansible intro
 
Docker ansible-make-chef-puppet-unnecessary-minnihan
Docker ansible-make-chef-puppet-unnecessary-minnihanDocker ansible-make-chef-puppet-unnecessary-minnihan
Docker ansible-make-chef-puppet-unnecessary-minnihan
 
Ansible - A 'crowd' introduction
Ansible - A 'crowd' introductionAnsible - A 'crowd' introduction
Ansible - A 'crowd' introduction
 
Managing Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with AnsibleManaging Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with Ansible
 
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'
 
docker build with Ansible
docker build with Ansibledocker build with Ansible
docker build with Ansible
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction
 
DevOps, A brief introduction to Vagrant & Ansible
DevOps, A brief introduction to Vagrant & AnsibleDevOps, A brief introduction to Vagrant & Ansible
DevOps, A brief introduction to Vagrant & Ansible
 
DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!
 
Ansible new paradigms for orchestration
Ansible new paradigms for orchestrationAnsible new paradigms for orchestration
Ansible new paradigms for orchestration
 
Learn you some Ansible for great good!
Learn you some Ansible for great good!Learn you some Ansible for great good!
Learn you some Ansible for great good!
 
Infrastructure Automation with Chef & Ansible
Infrastructure Automation with Chef & AnsibleInfrastructure Automation with Chef & Ansible
Infrastructure Automation with Chef & Ansible
 
Automated Deployments with Ansible
Automated Deployments with AnsibleAutomated Deployments with Ansible
Automated Deployments with Ansible
 
Ansible module development 101
Ansible module development 101Ansible module development 101
Ansible module development 101
 
Automation with Ansible and Containers
Automation with Ansible and ContainersAutomation with Ansible and Containers
Automation with Ansible and Containers
 
Deploying PHP Applications with Ansible
Deploying PHP Applications with AnsibleDeploying PHP Applications with Ansible
Deploying PHP Applications with Ansible
 
Ansible: How to Get More Sleep and Require Less Coffee
Ansible: How to Get More Sleep and Require Less CoffeeAnsible: How to Get More Sleep and Require Less Coffee
Ansible: How to Get More Sleep and Require Less Coffee
 

Destacado

The User Experience Brief
The User Experience BriefThe User Experience Brief
The User Experience Brief
John Yesko
 
How to build a great coding culture
How to build a great coding cultureHow to build a great coding culture
How to build a great coding culture
Mark Halvorson
 
DocSend Fundraising Research: What we Learned from 200 Startups Who Raised $360M
DocSend Fundraising Research: What we Learned from 200 Startups Who Raised $360MDocSend Fundraising Research: What we Learned from 200 Startups Who Raised $360M
DocSend Fundraising Research: What we Learned from 200 Startups Who Raised $360M
DocSend
 

Destacado (18)

DevOps with Ansible
DevOps with AnsibleDevOps with Ansible
DevOps with Ansible
 
Integrating Web Apps with Canvas - Salesforce1 World Tour
Integrating Web Apps with Canvas - Salesforce1 World TourIntegrating Web Apps with Canvas - Salesforce1 World Tour
Integrating Web Apps with Canvas - Salesforce1 World Tour
 
Ansible 101
Ansible 101Ansible 101
Ansible 101
 
Wiad17
Wiad17Wiad17
Wiad17
 
Ansible
AnsibleAnsible
Ansible
 
Druid realtime indexing
Druid realtime indexingDruid realtime indexing
Druid realtime indexing
 
Near Real Time Indexing Kafka Messages into Apache Blur: Presented by Dibyend...
Near Real Time Indexing Kafka Messages into Apache Blur: Presented by Dibyend...Near Real Time Indexing Kafka Messages into Apache Blur: Presented by Dibyend...
Near Real Time Indexing Kafka Messages into Apache Blur: Presented by Dibyend...
 
Building and deploying PHP applications with Phing
Building and deploying PHP applications with PhingBuilding and deploying PHP applications with Phing
Building and deploying PHP applications with Phing
 
The User Experience Brief
The User Experience BriefThe User Experience Brief
The User Experience Brief
 
User Experience: A Lean UX Process
User Experience: A Lean UX ProcessUser Experience: A Lean UX Process
User Experience: A Lean UX Process
 
2014 UX/UI trends for mobile solutions
2014 UX/UI trends for mobile solutions2014 UX/UI trends for mobile solutions
2014 UX/UI trends for mobile solutions
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
Holy Crap! You Can Get Fired For Social Media Posts?
Holy Crap! You Can Get Fired For Social Media Posts?Holy Crap! You Can Get Fired For Social Media Posts?
Holy Crap! You Can Get Fired For Social Media Posts?
 
How to build a great coding culture
How to build a great coding cultureHow to build a great coding culture
How to build a great coding culture
 
Final venture outlook 2016
Final venture outlook 2016Final venture outlook 2016
Final venture outlook 2016
 
SpringOwl's 99 Page Presentation On How To Best Turnaround Yahoo!
SpringOwl's 99 Page Presentation On How To Best Turnaround Yahoo!SpringOwl's 99 Page Presentation On How To Best Turnaround Yahoo!
SpringOwl's 99 Page Presentation On How To Best Turnaround Yahoo!
 
DocSend Fundraising Research: What we Learned from 200 Startups Who Raised $360M
DocSend Fundraising Research: What we Learned from 200 Startups Who Raised $360MDocSend Fundraising Research: What we Learned from 200 Startups Who Raised $360M
DocSend Fundraising Research: What we Learned from 200 Startups Who Raised $360M
 
Ansible tips & tricks
Ansible tips & tricksAnsible tips & tricks
Ansible tips & tricks
 

Similar a Go Faster with Ansible (PHP meetup)

Similar a Go Faster with Ansible (PHP meetup) (20)

Ansible 101 - Presentation at Ansible STL Meetup
Ansible 101 - Presentation at Ansible STL MeetupAnsible 101 - Presentation at Ansible STL Meetup
Ansible 101 - Presentation at Ansible STL Meetup
 
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
 
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
 
Ansible on aws - Pop-up Loft Tel Aviv
Ansible on aws - Pop-up Loft Tel AvivAnsible on aws - Pop-up Loft Tel Aviv
Ansible on aws - Pop-up Loft Tel Aviv
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale EnvironmentsCobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale Environments
 
Cobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale EnvironmentsCobbler, Func and Puppet: Tools for Large Scale Environments
Cobbler, Func and Puppet: Tools for Large Scale Environments
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
 
Ansible Tutorial.pdf
Ansible Tutorial.pdfAnsible Tutorial.pdf
Ansible Tutorial.pdf
 
Ansible Devops North East - slides
Ansible Devops North East - slides Ansible Devops North East - slides
Ansible Devops North East - slides
 
A tour of Ansible
A tour of AnsibleA tour of Ansible
A tour of Ansible
 
DrupalCon Los Angeles - Continuous Integration Toolbox
DrupalCon Los Angeles - Continuous Integration ToolboxDrupalCon Los Angeles - Continuous Integration Toolbox
DrupalCon Los Angeles - Continuous Integration Toolbox
 
RTP NPUG: Ansible Intro and Integration with ACI
RTP NPUG: Ansible Intro and Integration with ACIRTP NPUG: Ansible Intro and Integration with ACI
RTP NPUG: Ansible Intro and Integration with ACI
 
InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017InSpec For DevOpsDays Amsterdam 2017
InSpec For DevOpsDays Amsterdam 2017
 
Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment Docker - Demo on PHP Application deployment
Docker - Demo on PHP Application deployment
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015
 
OpenStack Summit 2013 Hong Kong - OpenStack and Windows
OpenStack Summit 2013 Hong Kong - OpenStack and WindowsOpenStack Summit 2013 Hong Kong - OpenStack and Windows
OpenStack Summit 2013 Hong Kong - OpenStack and Windows
 
MoldCamp - multidimentional testing workflow. CIBox.
MoldCamp - multidimentional testing workflow. CIBox.MoldCamp - multidimentional testing workflow. CIBox.
MoldCamp - multidimentional testing workflow. CIBox.
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
 
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
Gianluca Varisco - DevOoops (Increase awareness around DevOps infra security)
 
CIbox - OpenSource solution for making your #devops better
CIbox - OpenSource solution for making your #devops betterCIbox - OpenSource solution for making your #devops better
CIbox - OpenSource solution for making your #devops better
 

Último

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 

Último (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 

Go Faster with Ansible (PHP meetup)

  • 1. Go Faster with Ansible Richard Donkin @rdonkin
  • 2. $ whoami • Richard Donkin • DevOps engineer / contractor • Ansible, Vagrant, Docker, Linux, AWS, databases, … • Experience of sys admin, DevOps, backend dev, architecture, startups, … @rdonkin linkedin.com/in/rdonkin
  • 3. Goal: Faster Correct Setup Servers Apps Developers • Correct configuration • No snowflake servers • Dev, Test, Production
  • 5. Infrastructure as Code Software processes for server configs: • Code review • Version control • Automated tests • Automated push to servers
  • 6. What is Configuration Management? Code that Controls Config
  • 7. What Ansible Does Configuration Management App Deployment • Basic, "Atomic", zero downtime, ... Orchestration • Sequence operations on servers, APIs, etc. • Harder with Configuration Management
  • 8. Why Ansible? • Agentless & serverless • Simple • Sequential • Declarative tasks • “Ensure nginx installed” • Enables idempotence • Easy to learn • Scales to complex cloud orchestration
  • 9. Quick Install Mac: brew install ansible Debian/Ubuntu: sudo apt-add-repository ppa:ansible/ansible sudo apt-get install -y ansible RHEL/CentOS: use EPEL, then: sudo yum –y install ansible Any Linux (latest Ansible, requires Python): sudo easy_install pip sudo pip install ansible
  • 11. Key Concepts Playbook = series of tasks • Targets one server or thousands • Servers defined by Inventory Task = "ensure X is done" action Play = set of tasks in playbook
  • 13. Running a Playbook (2) Tasks will "skip" if state already OK (Idempotence)
  • 14. Writing a Playbook Play – hosts to process, become == sudo Tasks - descriptive name - invoke module (apt) with parameters Play Task
  • 15. The Secret Life of Tasks Each task runs SSH commands that • Upload a Module (e.g. apt) • Run module with task's parameters • Return JSON output
  • 16. Inventory and Variables Group your servers and assign key parameters ("variables") [web] 10.0.1.51 10.0.1.52 [db] 10.0.1.61 [web:vars] ansible_port=2222 $ ansible-playbook -i prod apache.yml --limit web Run different Ansible code per group Recommended: • Inventory file per environment (or dynamic inventory) • Put vars in group_vars/mygroup/vars.yml
  • 17. Apache Playbook (1) Vars = parameters for this playbook Can be in separate include files Or attach to hosts or host-groups in Inventory - e.g. Listening IP address should be in inventory
  • 18. Apache Playbook (2) template task runs Jinja2 on local file and copies to server notify sends event to Handler - Each Handler runs just once, at end of whole playbook - Restart a service, notify Slack, ...
  • 19. Apache Playbook (3) service task uses systemctl to enable start on boot - {{ apache_service }} instantiates var with Jinja2 Handler restarts apache at end if any task does a notify
  • 21. Modules (1) Over 840 modules "in the box" - Git, yum, apt, compose, pear, pip, … - Copy files, template files - Edit files - Permissions, ownership, SELinux - Services – systemd, sysvinit, ... - Crontabs - MySQL, PostgreSQL, MongoDB, ...
  • 22. Modules (2) More modules (AWS alone has 87) - Firewalls, routers, switches, ... - AWS, Google, Digital Ocean, ... - Docker, VMware, … - Fallback to shell, upload script, … Runs best on Linux/Unix including Mac Windows as a target only
  • 23. Roles "Modularised playbooks" - Split playbook into folder per type of content - defaults folder for "parameter vars" - vars folder for "role vars" – hard to override - meta folder for role dependencies Vars Tasks Handlers Apache + PHP playbook Apache role PHP role
  • 24. Roles Use Roles for everything! Skinny playbooks + modular roles Ideal playbook only calls roles, not tasks Typical roles: • mysql • apache • php, php-fpm • deploy-app "Wrapper roles" to invoke third party roles
  • 25. Ansible Galaxy Hub for 1000s of roles: galaxy.ansible.com Discovery: Galaxy, GitHub, blogs, … Assess quality carefully Install the roles needed by project: ansible-galaxy install –r requirements.yml Pin the role to a version or Git commit
  • 26. Testing Infra Code Basic testing: - Separate test playbook using Vagrant VM - Travis CI popular for open source - Smoke test at end of playbook: Test frameworks: - Test-Kitchen, ServerSpec, InSpec, testinfra - Run whole series of tests - easier diagnosis
  • 27. One Liners Ad hoc command on single host, or group from inventory
  • 28. Drupal VM Create a VM with one command: vagrant up Ansible: 37 roles, 630 tasks, 7,200 lines of code
  • 30. Trellis: Modern WordPress Near Twelve Factor WordPress • Dev to Prod • PHP 7.1, A+ SSL, HTTP/2, WP-CLI, … • Example: rightsinfo.org Related roots.io projects: • Bedrock (WP boilerplate) • Sage (starter theme) • Some commercial add-ons Example project (blog post): • Install node, gulp, bower, Vagrant plugins • vagrant up • Some fixes required for Ansible 2.2
  • 31. Resources Book: Ansible for DevOps by Jeff Geerling – regular updates Help: Stack Overflow, Ansible IRC + email lists Roles: • Geerlingguy roles – wide range – pragmatic & well maintained • Ansistrano: Deploying PHP apps demo (atomic model) Projects: • Drupal-VM – http://drupalvm.com • Trellis - https://roots.io/trellis/ - very complete WordPress setup • Use example project – requires node, bower & gulp Best practices: Ansible.com, blogs by Leucos and Nylas Podcasts: Arrested DevOps – general DevOps and Infra as Code
  • 33. Traction – Google Trends, 5 years
  • 34. Advanced: Write a Module Much more common to write a role Required for major new features: • New API • New package tool • New container format Most modules written in Python Any language works: PHP, C, Go, Perl, … Writing a module using PHP

Notas del editor

  1. Photo credit: https://www.flickr.com/photos/automobileitalia/16675249764/
  2. Go Faster without creating new problems... "Faster" really means more iterations per day / week Servers created much faster, without manual work Apps deployed automatically, without mistakes or omissions Deveopers on-boarded very fast, without manual installs This means: Configuration must be correct, even when moving faster Avoid snowflake servers (every one is different in detailed config) scale across dev, test, staging, production
  3. Server config problem? Code a fix
  4. Some people like the definition that CM is "Executable Documentation" and it's true that CM replaces server documentation. However, the more complex CM setups are definitely software not just documentation. Competition: Your memory! Shell scripts …
  5. Capistrano style "atomic symlink" deployment involves having a single symbolic link called "current" pointing to the release that's live. Deployment means pushing the new files into a new release directory, then atomically switching the link. See Ansistrano, which enables this Capistrano model using Ansible, enabling customisation for more complex models as required. There is also f500.project-deploy, which is less powerful e.g. no before/after hooks. Rocketeer is a PHP tool that does the same thing. Fabric is a Python tool that can do anything on servers, often used for simpler deployments – requires Python coding and is lower level than Ansistrano Although Ansible can do both CM and App deployment, you normally want quite separate server configuration management and app deployment scripts (Playbooks). - "CM is a process, deployment is an event"
  6. – agentless - only requires SSH & Python on server simple but powerful sequential model for tasks Declarative tasks easy to learn compared to Puppet/Chef/Salt - explicit ordering visible in code, unlike Puppet/Salt easy orchestration e.g. easy to remove servers from LB during upgrade, and rollback if X% fail: Remove server from load balancer Deploy app & reboot Restore to load balancer
  7. Upgrades are easy with the "Any Linux" method – just do "pip install --upgrade ansible" For Windows, use a Linux VM on VirtualBox – Ubuntu is probably easiest option. Or Windows 10's "bash shell" option may work fine.
  8. Setup task = get server info (OS, hardware) – built in, can disable with "gather_facts: no" at top of play
  9. Parameters – single line or indented YAML The single line format (e.g. update_cache=yes) is unique to Ansible, and not part of YAML The indented format (e.g. "apt:") is YAML YAML is equivalent to JSON, using indentation. Use the "-" syntax to create a list – each new item is a list entry (equivalent to a PHP array with integer index values) Use the "foo: bar" syntax to create a key-value pair within a dictionary (equivalent to a PHP array with string index values)
  10. Originally known as "hosts file" – term still used in Ansible error messages Default is /etc/ansible/hosts but that's not very useful in most cases where you have different projects, environments, etc. Getting the right inventory structure, and locating variables in right place, is a key decision in Ansible projects. Generally, try to have variables in as few places as possible, e.g.: role defaults, role vars, host group vars, and use wrapper roles (mentioned later) to encapsulate vars you need for roles. Some people prefer a "group + environment" naming scheme, or moving each inventory file to a separate directory – this enables vars that are specific to combination of
  11. - This is a simplified extract from a real-world Ansible project, the Drupal-VM role "geerlingguy.apache", combining various elements into a single playbook.
  12. Can also target network switches and routers that don't have Python, using modules that don't require Python on the target device. If you use Windows, you would need a Linux VM to actually run Ansible, targetting Windows servers. Ansible's Windows support is still evolving and less complete than on Linux/Unix.
  13. Roles are more reusable if they focus on a single logical service, or a related set of config – e.g. Apache, PHP and PHP-FPM are more re-usable if written as separate roles. Files are searched for within the current role, avoiding complex relative paths in many cases
  14. Look for steady development, several contributors, many commits, discussion on GitHub Always pin the role – this avoids surprises when your project changes "Vendoring" the role can help i.e. install into a "vendor/roles" folder in your project – be sure to adjust your ansible.cfg's role_path Galaxy is not that easy to browse/search, and most of the action is on GitHub I usually install directly from GitHub using Ansible Galaxy as a discovery and installation tool only.
  15. Goal: Test-driven infrastructure ServerSpec and InSpec provide English-like BDD testing using a DSL based on Ruby Testinfra provides simple unit tests using Python Just as with app testing, infra testing frameworks are generally more powerful than using Ansible to test itself – e.g. you can easily run just a few tests RoleSpec specifically tests Ansible roles – the others focus more on the outputs of the roles
  16. Try these as well: ansible web -m setup -a 'filter=ansible_all_ip* ansible devbox -m setup -a 'filter=ansible_mem*'
  17. Fully open source
  18. Requires node, bower and gulp and some Vagrant plugins Should work with Ansible 2.0.2.0 as specified in the docs (run "pip install --upgrade ansible==2.0.2.0" as long as you're already using the "pip install ansible" method to install Ansible). Some fixes needed for Ansible 2.2 (mailhog and logrotate roles, php-fpm pool from wordpress-setup role, and composer role) Trellis clone gives you trellis tree (ansible), then Bedrock clone gives you WP site tree, and Sage clone populates WP theme inside that Includes Nginx "micro caching" for 5 sec to Reddit-proof your site
  19. - can't really track "Chef" searches as Google Trends doesn't offer a software classification of term.