ansible why ?
- 3. In the name of god
Biography :
My name is : yashar esmaildokht
I am Gnu/Linux Sys/net/sec Admin & Oracle Dba
my tel : 09141100257
my resume :http://www.nofa.ir/Resume-royaflash.aspx
website :
● http://unixmen.ir
● http://oraclegeek.ir
● http://webmom.ir
my nick name : royaflash
- 4. What is ansible
Ansible is an open-source automation engine
that automates cloud provisioning,
configuration management, and application
deployment.Once installed on a control node,
Ansible, which is an agentless architecture,
connects to a managed node through the
default OpenSSH connection type.
- 5. - python-powered redically simple IT automation tool
- is optimized for easy automation, review, editing, &
auditability
- free, open source
- simply
- clear (anyone)
- fast (to learn, to setup)
- complete (modules)
- efficient (runs on OpenSSH)
- secure (without agents)
- 9. - agentless architecture
- management over SSH (no custom PKI-SSH-based, no
external databases, no daemons, does not leave
software installed)
- developer friendly (configuration as data, not code)
- batteries-included (usefull modules)
- dead simple
- release cycles are usually about two months long
Ansible features
- 13. - fabric (python library)
- capistrano (capifony)
- puppet
- chef
- saltstack
-
- idephix, magellanes,
- deployer, rocketeer (php)
Other tools
- 14. - required Python 2.6
- or Python 2.5 (with additional paramiko, PyYAML,
python-jinja2 and httplib2 modules)
- Windows isn’t supported for the control machine
(starting with 1.8 will be fully support Windows)
- includes Red Hat, Debian, CentOS, OS X, any of the
BSDs, and so on
Control Machine Requirements
- 15. - Python 2.4 or later
- if Python 2.5, then with python-simplejson modules
- ansible_python_interpreter to point at your 2.x Python
- starting in version 1.7, ansible contains support for
managing windows machines
Managed Node Requirements
- 17. - 1.9-dev “Dancing In the Street”
- 1.8 “You Really Got Me” Nov 26, 2014
- new Jinja2 filters, fixed a log of modules bugs, new
system, variables, new modules, docker support, etc
- 1.7 “Summer Nights” Sep 24, 2014
Versions
- 21. - from git
- from os packages (recommend If you are
wishing to run the latest released version)
- from pip (recommended to use Python
package manager for other cases)
Install & Configure
- 28. ansible <host-pattern> [options]
vm$ cd demo1/
vm$ ansible all -m ping
vm$ ansible all -m setup
vm$ ansible all -a "grep -c processor /proc/cpuinfo"
vm$ ansible all -a "uptime"
vm$ ansible all -a "uptime" -f 10
Demo
- 34. - package management: yum, apt
- remove execution: command, shell
- service management: service
- file handling: copy, template
- scm: git, subversion
Modules examples
- 35. - monitoring: monit, nagios, haproxy, etc
- development: jenkins, drush, solr, scala,
maven, etc
- web: Varnish, apache, composer, tomcat,
symfony2, etc
- networking: tor, RabbitMQ, iptables, etc
- cloud: stash-docker, OpenStack, etc
Modules examples #2
- 39. - playbooks
- inventory (group vars, host vars)
- command line (ansible-playbook -e
“uservar=vagrant”)
- discovered variables (facts)
Variables
- 45. - project organization tool
- reusable components
- defined filesystem structure
- show: parameterized roles
Roles
- 49. App deploy strategies
- basic file transfer (via ftp/scp)
- using Source Control
- using Build Scripts and other Tools
- 51. Symfony deployment
$ git pull
$ php composer.phar install
$ php app/console doctrine:migration:migrate --no-iteraction
$ php app/console assets:install web --symlink
$ php app/console assets:dump --env=prod
$ php app/console cache:clear
- 54. 1)Upload your modified code
- name: Pull sources from the repository.
git: repo={{repo}} dest={{dest}} version={{branch}}
when: project_deploy_strategy == “git”
module “synchronize” for rsync
Symfony deployment
- 55. 2) Update your vendor dependencies (composer)
- name: Install composer
get_url: url=https://getcomposer.org/composer.phar
dest={{project_root}}/composer.phar mode=0755 validate_certs=no
- name: Run composer install
shell: cd {{project_root}}/releases/{{release}} && {{path}}
{{project_root}}/composer.phar install {{project_composer_opts}}
Symfony deployment
- 56. 3) Running database migrations
- name: Run migrations
shell: cd {{project_root}}/releases/{{release}}
&& if $(grep doctrine-migrations-bundle composer.json);
then {{symfony2_project_php_path}} app/console
doctrine:migrations:migrate -n; fi
Symfony deployment
- 57. 4) Updated assetic assets
- name: Dump assets
shell: cd {{project_root}}/releases/{{release}} &&
{{symfony2_project_php_path}} app/console
assetic:dump --env={{symfony2_project_env}}
{{symfony2_project_console_opts}}
Symfony deployment
- 58. 5) Clearing your cache
- name: Clear cache
shell: cd {{project_root}}/releases/{{release}} &&
{{symfony2_project_php_path}} app/console
cache:clear --env={{symfony2_project_env}}
Symfony deployment
- 60. active release: "A-OK" failure deploying "APP"➙ ➙
rollback active release: "A-OK"➙
active release: "A-OK" deploying "BORKED" fail➙ ➙
Deployment rollback
Editor's Notes
- yet another система керування конфігураціями, для автоматизації ручної рутини
особливість - простота, при великій гнучкості
you can get started in minutes
located on github
any ручні роботи автоматизувати
- it can configure systems
and deploy the applications
and orchestrate more advanced (просунутий) IT tasks:
such as continuous deployments
or zero downtime rolling updates
+докер -вагран
- configurations are text
It reads like English
uses SSH to execute modules on remote machines without having to install any systems management software
comes with a large selection of modules for automating common tasks
modules can be written in any language -- if you would like to add extensions in bash, Python, Ruby, or even C, you are welcome to do so
- Jira, Confluence, HipChat
from 2012, downloaded &gt;1kk
- top 10 python projects on github, new contributor added every ~1.3 days
7 commits to dev-branch every day
- some for deploy, some for system tasks
fabric is a Python (2.5-2.7) library for application deployment or systems administration tasks over SSH
It provides a basic suite of operations, and uploading/downloading files
python syntax (from fabric.api import run)
capistrano: pre-post hooks (beforeX / afterX)
rollback
ant/phing
- client, local-machine
requirements (вимога) for Ansible are extremely minimal (надзвичайно мінімальним)
ansible runs on a central computer
Python 2.5 + paramiko / PyYAML / python-jinja2 / httplib2
- raw module do not need “python-simplejson” module more
- 1.9 = танці на вулиці // stable release
26 листопада 2014
24 вересня 2014
every 2 month release
- перед тем, как переходити до техничних деталей
analogue: packagist, npmjs, rubygems.org
- saas service =&gt; software as a service =&gt; пз як послуга
- demo free
basic = 100$/month, up to 100 nodes, annual contract only
enterprise = 50$/host/per-year, 8x5 support
premium = 70$/host/per-year, 24x7 support
10 hosts = premium = 60$/per-month
- from git == to get all the latest features (новейшие функции), keep up to date with the development
release cycles are usually about two months long
- it&apos;s important to understand how Ansible is communicating with remote machines over SSH
by default =&gt; Ansible 1.3 try to use native OpenSSH when possible
as fallback =&gt; high-quality (высокое качество) Python implementation of OpenSSH called ‘paramiko’
In Ansible 1.2 and before - defalut is Paramiko
When speaking with remote machines, Ansible will by default assume (вважати) you are using SSH keys
local =&gt; when node == control machine
- Inventory can be sourced from simple text files, the cloud, or configuration management databases
- інвентар with hosts
describe infrastructure of your app servers
the things in brackets are group names, used for classifying systems, are controlling for what purpose
It is ok to put systems in more than one group, for instance a server could be both a webserver and a dbserver
- pattern
діапазони
- custom connection settings
group-vars / host-vars
- default: /etc/ansible/
(!!!) ansible is NOT just about running commands, it also has powerful configuration management and deployment features
- концепти, поняття
- playbooks define configuration policy and orchestration workflows
YAML - зручний для читання людиною формат серіалізаціі даних, близький до мов розмітки
декларативность описания всего позволяет читать хорошо написанные плейбуки как английский текст
- Модулей очень много, они есть на любой вкус и цвет
При помощи модулей мы можем развернуть машину в облаке
выполнить команду шела, управлять базами данных, создавать файлы и папки, копировать шаблоны, отправлять сообщения в очереди, управлять сетевой инфр��структурой, писать сообщения в чаты и много чего еще.
травень 2013 = 72, Жовтень = 175, лютий2015 = овер2000
- over2000 modules on Galaxy
- tags
- best practice
- feature from ansible 1.5
allows keeping encrypted data (in source control)
сховище
- other things:
Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
- time to implementation
- Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
- Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
- Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
- Tagging a particular version of your code
Running any tests
Removal of any unnecessary files
Clearing of external cache systems
cron tasks
- use with_install (cache:clear, assets:install, assets:dump)