#servertraining
twitter.com/servermanageditwww.servermanaged.it
AnsibleAnsibleIT OrchestrationIT Orchestration
andandAutomationAutomation
#servertraining
twitter.com/servermanageditwww.servermanaged.it
whoamiwhoamiValentino GagliardiValentino Gagliardi
Agile SysadminAgile SysadminLinux IT ConsultantLinux IT ConsultantAnsible fanaticAnsible fanaticI like DevOpsI like DevOps
Twitter: twitter.com/valentinogagTwitter: twitter.com/valentinogagEmail: [email protected]: [email protected]
#servertraining
twitter.com/servermanageditwww.servermanaged.it
AgendaAgenda- Why Ansible?- Why Ansible?- Benefits- Benefits- Key concepts- Key concepts- Advanced concepts- Advanced concepts- Best practices- Best practices
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Why Ansible?Why Ansible?As a System Administrator As a System Administrator
I'm tired of writing Ruby I'm tired of writing Ruby code to define the state of code to define the state of
a system.a system.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Why Ansible?Why Ansible?As a System Administrator As a System Administrator
I'm tired of deploying I'm tired of deploying hundreds of agents on hundreds of agents on
multiple hosts.multiple hosts.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Why Ansible?Why Ansible?I'm not lazy but Chef and I'm not lazy but Chef and
Puppet aren't exactly what Puppet aren't exactly what I want. Less is more, I want I want. Less is more, I want
less do to more.less do to more.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Why Ansible?Why Ansible?Configuration Configuration
Management: It's not about Management: It's not about laziness, it's about how to laziness, it's about how to
increase productivity.increase productivity.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Why Ansible?Why Ansible?Michael DeHaanMichael DeHaan
comes to the rescuecomes to the rescue
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Why Ansible?Why Ansible?““Ansible...Ansible...
No more scripting. No No more scripting. No custom code. No agents custom code. No agents
required.”required.”
#servertraining
twitter.com/servermanageditwww.servermanaged.it
BenefitsBenefits- No agents (native SSH)- No agents (native SSH)- Language agnostic- Language agnostic- Community is growing- Community is growing
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Benefits: no agentsBenefits: no agentsAnsible does not require Ansible does not require
agents on remote hosts. It agents on remote hosts. It use native SSH.use native SSH.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Benefits: no codingBenefits: no codingAnsible does not require Ansible does not require coding skills. No more coding skills. No more
Ruby. Playbooks are plain Ruby. Playbooks are plain YAML.YAML.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Key conceptsKey concepts- Inventory- Inventory- Playbooks- Playbooks- Modules- Modules
#servertraining
twitter.com/servermanageditwww.servermanaged.it
InventoryInventoryInventory: a list of target Inventory: a list of target hosts usually located inhosts usually located in
/etc/ansible/hosts/etc/ansible/hosts
#servertraining
twitter.com/servermanageditwww.servermanaged.it
[webservers][webservers]webserver1.example.comwebserver1.example.comwebserver2.example.comwebserver2.example.com[dbservers][dbservers]dbserver1.example.comdbserver1.example.comdbserver2.example.comdbserver2.example.com
InventoryInventory/etc/ansible/hosts/etc/ansible/hosts
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Ad-Hocs commandsAd-Hocs commandsLet's reboot all servers.Let's reboot all servers.
# ansible all -a “reboot”
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Ad-Hocs commandsAd-Hocs commandsLet's reboot webservers.Let's reboot webservers.
# ansible webservers -a “reboot”
#servertraining
twitter.com/servermanageditwww.servermanaged.it
PlaybooksPlaybooksPlaybook: define the state Playbook: define the state of one or more systems. of one or more systems.
Define tasks that must be Define tasks that must be executed.executed.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
PlaybooksPlaybooks
#servertraining
twitter.com/servermanageditwww.servermanaged.it
ModulesModules““can control system can control system
resources, like services, resources, like services, packages, or files, or packages, or files, or
handle executing system handle executing system commands.”commands.”
#servertraining
twitter.com/servermanageditwww.servermanaged.it
ModulesModulesAnsible modules are the Ansible modules are the
equivalent of Puppet equivalent of Puppet resources, but Ansible resources, but Ansible modules can do more.modules can do more.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
ModulesModulesSome examples.Some examples.
Template module.Template module. - name: Copy Munin Conf
template: src=munin-node.conf.j2 dest=/etc/munin/munin-node.conf owner=root group=root mode=0644
#servertraining
twitter.com/servermanageditwww.servermanaged.it
ModulesModulesSome examples.Some examples.
Yum module.Yum module. - name: Install OpenJDK
yum: name=java-1.7.0-openjdk state=present
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Advanced ConceptsAdvanced Concepts- Conditionals- Conditionals- Loops- Loops- Variables- Variables- Roles- Roles
#servertraining
twitter.com/servermanageditwww.servermanaged.it
ConditionalsConditionalsAnsible can handle Ansible can handle
conditional execution.conditional execution. - name: restart mysql service: name=mysqld state=restarted when: ansible_os_family == "RedHat"
#servertraining
twitter.com/servermanageditwww.servermanaged.it
LoopsLoopsAnsible can handle loops.Ansible can handle loops.
- name: add several users user: name={{ item }} state=present groups=wheel with_items: - testuser1 - testuser2
#servertraining
twitter.com/servermanageditwww.servermanaged.it
VariablesVariablesAnsible have variables as Ansible have variables as
well. Variables can be well. Variables can be defined in playbooks...defined in playbooks...
#servertraining
twitter.com/servermanageditwww.servermanaged.it
VariablesVariables……then you can reference then you can reference
variables: variables: - on the command line- on the command line- in a task- in a task– – in a templatein a template
#servertraining
twitter.com/servermanageditwww.servermanaged.it
VariablesVariablesOn the command line:On the command line:
$ ansible-playbook site.yml --extra-vars="usname=example domain=example.org"
#servertraining
twitter.com/servermanageditwww.servermanaged.it
VariablesVariablesIn a task:In a task:
- name: Create Vhost User user: name={{ usname }} state=present
#servertraining
twitter.com/servermanageditwww.servermanaged.it
VariablesVariablesIn a template:In a template:
server {listen 80;
server_name www.{{ domain }}; root /home/{{ usname }}/public_html; index index.html index.php; access_log /home/{{ usname }}/logs/access.log; error_log /home/{{ usname }}/logs/error.log warn;…...............
#servertraining
twitter.com/servermanageditwww.servermanaged.it
RolesRolesA feature of Ansible for A feature of Ansible for
encouraging reuse of code encouraging reuse of code and best practices.and best practices.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
RolesRolesAdvanced playbook.Advanced playbook.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
RolesRolesroles/
mysql/tasks/templates/handlers/
nginx/tasks/templates/handlers/
#servertraining
twitter.com/servermanageditwww.servermanaged.it
RolesRoles
Playbook
Role Nginx
Role Php
Role Mysql
server1
server2
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Best practicesBest practicesWrite Write small taskssmall tasks. Each . Each task must do one thing task must do one thing
(when possible).(when possible).
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Best practicesBest practicesWhen you handle files with When you handle files with
assembleassemble, , copycopy, , lineinfilelineinfile use always use always backup=yesbackup=yesThis can save your life.This can save your life.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Best practicesBest practicesAlways use Always use – name:– name:
attribute in your tasks. This attribute in your tasks. This increase the readability of increase the readability of
your code.your code.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Best practicesBest practicesIf you can use versioning If you can use versioning
for your Playbooks.for your Playbooks.
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Best practicesBest practicesAnsible docs is your friend.Ansible docs is your friend.
www.ansibleworks.com/docs/www.ansibleworks.com/docs/
#servertraining
twitter.com/servermanageditwww.servermanaged.it
Ansible all the things!Ansible all the things!Find me on...Find me on...
LinkedIn: linkedin.com/in/valentinogagliardiLinkedIn: linkedin.com/in/valentinogagliardiTwitter: twitter.com/valentinogagTwitter: twitter.com/valentinogagGoogle+: plus.google.com/+ValentinoGagliardiGoogle+: plus.google.com/+ValentinoGagliardiGitHub: https://github.com/valentinogagliardiGitHub: https://github.com/valentinogagliardi