Introduction to Ansible
$ whoami
Lorenzo Fontana
Software Engineer / DevOps at Facile.it
http://engineering.facile.it
What is Ansible
Flexible agentless IT Automation tool that let's you automate everything in all your systems
Batteries included
Agentless
No remote agents needed, Ansible delivers all modules to remote systems and execute tasks as needed and clean up themeselves when complete.
Automate everything
- Provisioning
- Configuration management
- Application deployment
- Intra-service orchestration
Batteries included
- Thousands of modules
- Thousands of roles
- Well written and extensive documentation
- Support
Why Ansible
- Idempotent
- I don't need servers to manage my servers
- Leverages existing auth
- Only python needed
- No programming skills required
- Easy to adopt
- Extensible via modules
- Everything is a YAML file
Tasks
What does this do?
- name: Install gcc
dnf: name=gcc state=latest
- name: Install cmake
dnf: name=cmake state=latest
Tasks combine an action (a module and its arguments) with a name, and optionally some other keywords
Yep, dnf is a module
Using a loop
- name: Install build dependencies
dnf: name={{item}} state=latest
with_items:
- automake
- gcc-c++
- libtool
- pkgconfig
- unzip
- gcc
- make
- cmakewith_items is one of those other keywords
Other modules
- name: Clone Neovim repository (nightly)
git: repo=https://github.com/neovim/neovim.git
dest=/tmp/neovim-checkout
version=nightly
depth=1
- name: make deps
command: make deps
args:
chdir: /tmp/neovim-checkout
Handlers
When something happen, do something
Handlers are tasks that do not run unless they are notified
- name: template configuration file
template: src=nginx.conf dest=/usr/local/nginx/nginx.conf
notify:
- restart nginx
handlers:
- name: restart nginx
service: name=nginx state=restarted
Roles
Roles are unit of organization in Ansible. They contains tasks, handlers, templates, variables etc..
- Break up configuration into repeatable chunks
- Clean structure (next slide)
- Share them on Ansible Galaxy
- Reusable and recyclable
How a role looks like
roles/
nginx/
tasks/
main.yml
handlers/
main.yml
templates/
nginx.conf
mysite.conf
files/
bar.txt
foo.sh
vars/
main.yml
defaults/
main.yml
Playbooks
A playbooks is a list of plays, a play is a mapping between a set of hosts and the tasks which run on those hosts to define the role that those systems will perform
All in one playbook
---
- hosts: webservers
vars:
http_port: 80
remote_user: root
tasks:
- name: ensure nginx is at the latest version
yum: name=nginx state=latest
- name: write the nginx config file
template: src=nginx.conf dest=/usr/local/nginx/nginx.conf
notify:
- restart nginx
- name: ensure nginx is running (and enable it at boot)
service: name=nginx state=started enabled=yes
handlers:
- name: restart nginx
service: name=nginx state=restarted
Not very reusable/extensible
Playbook using roles
---
- hosts: webservers
vars:
http_port: 80
roles:
- nginx
- php-fpm
- hosts: dbservers
roles:
- mysql
How to run a playbook?
ansible-playbook myplaybook.yml -vvvvAd-hoc command
Do something really quick, but don't want to save for later
Run an aribrary command on all matching hosts
$ ansible dbservers -m command -a "whoami"
db02 | success | rc=0 >>
fntlnz
db01 | success | rc=0 >>
fntlnz
db03 | success | rc=0 >>
fntlnz
Ping all matching hosts
$ ansible dbservers -m ping
db02 | success >> {
"changed": false,
"ping": "pong"
}
db03 | success >> {
"changed": false,
"ping": "pong"
}
db01 | success >> {
"changed": false,
"ping": "pong"
}
Questions?
Ideas for next meetups?
- Writing modules
- Ansible + docker
- Orchestration on AWS
- Application deployment
- Dynamic inventories