3. • Open source project started by Michael DeHaan (Red Hat, Puppet) in
Feb. 2012
• Automation Engine written in Python
• Used as: config mgmt tool, orchestration tool, app deploy tool
• Similar tool to Chef, Puppet (but better!)
BASICS
4. TECHNICALLY SPEAKING,
• Python 2.7 internals
• Dependencies: Python
• Push based (can do pull too)
• Built for the cloud - connects to servers using SSH keys (Powershell too)
• Idempotent – run as many times as you wish!
• Human readable syntax: YAML
• No central server or special software on servers == AGENTLESS!
• Works with modules which can be written in any language (batteries
included)
7. DESIGN PRINCIPLES
1. Simply Clear
Automation for Dev, Ops (anyone!)
2. Simply Fast
Minimal learning curve (automate fast!)
3. Simply Powerful
Several tools in one & batteries included
4. Simply Efficient
No complex setup – no agents
5. Simply Secure
Reduced footprint– uses standard SSH
8. END THE DRUDGERY!
• Package installs & updates
• Vulnerability patches
• Software deployments
• Server provisioning
• Config file consistency
• ProTip: Use Ansible to make life easier and enable you to work on the
things you want to work on.
9. SHOW ME DATA
• 6th most starred Python project on GitHub (10k stars)
• Over 1000 contributing developers on GitHub
• Ansible Inc. – in house dev team
• Received $6M in VC funding
11. MORE REASONS TO USE ANSIBLE
• Fastest 0 to 60 time in the market– no speed bumps to slow you down
• No new ports that need to be opened in your firewall
• No server certificates needed
• No master servers, no HA – don’t need to “manage the managers”
• Excellent documentation with useful examples
• There is probably already a core module for your use case:
Cloud DB Mon. Web System
EC2 MySQL Zabbix HAproxy Yum/Apt
Google PostgreSQL Pager Duty Apache Cron
Dig Ocean Redis Nagios Git Mount
VMware Riak Pingdom Docker SELinux
13. BASIC TERMINOLOGY
• Inventory: what servers to connect to
• Facts: system info discovered
• Modules: abstract tasks for different uses
• Tasks: run an action from a module with specified arguments
• Plays: what tasks to run on what hosts
• Playbooks: a list of plays
• Roles: organize by server function/type
14. ANSIBLE CONFIG
• Rule #1: Don’t turn off cowsay!
• Control whether password is required
• Set how many parallel processes to use (default 5)
• Set Ansible log path
• Set private key file for SSH key auth
• Use custom SSH arguments as default
• Set defaults for remote user, remote SSH port, SSH timeout
15. INVENTORY
• Inventory file is in INI format
• Can specify custom port or SSH user alongside host
• Sample:
16. AD HOC MODE
• Run tasks outside of playbooks
• Run on full or partial inventory
• Can use modules with ad-hoc tasks (use –m)
17. PLAYBOOKS
• A list of plays run against specified hosts
• Put them in version control!
• Can run on one host at a time or all servers in parallel
• YAML syntax
• Can use variables
• Can use file templates (jinja2)
• Can specify only certain tasks to run based on tags
21. HOW WE STARTED
• Real world use case – deploys were being done with manual, interactive
shell scripts by multiple teams!
• Dev team would handle first part and inform Ops when tar file was ready
for deployment
• Ops (me) would have to run a few shell scripts and cross my fingers
• Deployments were a pain point for the company
• Ansible to the rescue!
22. HOW WE FIXED DEPLOYMENTS
• Goal: Make deployments simpler and more stable
• Ansible workflow :
• Pull source code from Stash directly (using ro SSH key)
• Use composer module to pull in dependencies
• Create packaged tar file with code and dependencies
• Copy file to dev | test | prod and unpack tar file in webroot
• Apply proper file permissions
• Other tasks based on playbook logic that checks server/env/app
• Gracefully restart Apache
• Add comment to JIRA ticket informing team of successful deploy and
assign ticket to PM
• POST deployment to New Relic using API
23. ANSIBLE TOWER
• Paid product w/ support by Ansible Inc
• Web based GUI
• Manage nodes, schedule jobs
• Auditing
• REST API
24. WRAP UP
• Free Preview of Ansible Up and Running by Lorin Hochstein
http://www.ansible.com/ansible-book
• Excellent docs at http://docs.ansible.com