GETTING STARTED Getting Started Getting Started to Success Session 1.
Getting Started with Ansible
-
Upload
ahamilton55 -
Category
Technology
-
view
88 -
download
1
Transcript of Getting Started with Ansible
Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.
http://docs.ansible.com/
ExtensibleLarge community
Lots of prebuilt modules (100s)
Easy to build custom modules
Modules are “Polygot”
Installation: Packages$ pip install ansible
# yum install ansible
# aptitude install ansible
$ brew install ansible
Installation: Source$ git clone \ > https://github.com/ansible/ansible
$ source ansible/hacking/env-setup
Inventory: Static[my_hosts]host1.example.comhost2.example.com
[webservers]www1.example.comwww2.example.com
[dbs]db1.example.comdb2.example.com
Inventory: DynamicBuilds a JSON inventory of hosts
Provided: AWS, GCE, Azure, OpenStack, VMWare, Rackspace, Linode, Digital Ocean, Cobbler, Vagrant, Fleet, Consul, ...
---- hosts: tag_service_web_server
vars:- local_dir: “/myapp”- dest_dir: “/var/www”
tasks:- name: Install nginx
yum: name=nginx.x86_64 state=present
- name: Start nginxservice: name=nginx state=started
- name: Copy over the appcopy: src={{ local_dir }} dest={{ dest_dir }}
recursive=yes owner=nginx mode=0644directory_mode=yes
---- hosts: tag_service_web_server
vars:- local_dir: “/myapp”- dest_dir: “/var/www”
tasks:- name: Install nginx
yum: name=nginx.x86_64 state=present
- name: Start nginxservice: name=nginx state=started
- name: Copy over the appcopy: src={{ local_dir }} dest={{ dest_dir }}
recursive=yes owner=nginx mode=0644directory_mode=yes
---- hosts: tag_service_web_server
vars:- local_dir: “/myapp”- dest_dir: “/var/www”
tasks:- name: Install nginx
yum: name=nginx.x86_64 state=present
- name: Start nginxservice: name=nginx state=started
- name: Copy over the appcopy: src={{ local_dir }} dest={{ dest_dir }}
recursive=yes owner=nginx mode=0644directory_mode=yes
VarsAllows you to dynamically change values
Can be used in playbooks and templates
Different types of variables for different workloads
Vars: RuntimeYou can add variables from the CLI at runtime
Runtime variables take precedence
$ ansible-playbook -i <inventory> \> -e key1=value1 playbook.yml
3 types of varsStandard:
my_str: “my string”my_num: 1my_float: 1.234923409my_bool: false*
* booleans also allow “yes” and “no”
3 types of varsHashes (Dictionaries):
a_hash: { “key”: “value”, }hashing_it_up: { “such”: “wow”,
“chosen”: 1, }
3 types of varsCombining them together
my_var: “Here”complex: [
{ “key”: “value”, },{ “key”: “blah”, },{ “key”: my_var },
]
Jinja templating for varsUse “{{ <var> }}” to access variables
{{ my_var }}{{ my_list[0] }}{{ my_hash[“key”] }}
---- hosts: tag_service_web_server
vars:- local_dir: “/myapp”- dest_dir: “/var/www”
tasks:- name: Install nginx
yum: name=nginx.x86_64 state=present
- name: Start nginxservice: name=nginx state=started
- name: Copy over the appcopy: src={{ local_dir }} dest={{ dest_dir }}
recursive=yes owner=nginx mode=0644directory_mode=yes
TasksUses modules to complete tasks
100s of prebuilt modules
Examples: template, copy, yum, apt, pip, ec2, elb, docker
Can use custom modules in tasks too
Loops- name: Install nginx
yum: name=nginx.x86_64 state=latest
- name: Install php5yum: name=php5.x86_64 state=latest
- name: Install Laravelyum: name=php5-laravel.x86_64 state=latest
Loops- name: Install packages
yum: name={{ item }} state=latestwith_items:- nginx.x86_64- php5.x86_64- php5-laravel.x86_64
Loops- name: Install packages
yum: name={{ item.name }} state={{ item.ver }}with_items:- { “name”: ”nginx.x86_64”, “ver”: ”latest” }- { “name”: ”php5.x86_64”, “ver”: ”5.4-1” }- { “name”: ”php5-laravel.x86_64”, ver”: ”5.4-123-1” }
Conditionals- name: Install nginx
yum: name=nginx.x86_64 state=latest
But what if we want to also use a Deb based distro?
Conditionals- name: Install nginx (RH)
yum: name=nginx.x86_64 state=latestwhen: ansible_os_family == “RedHat”
- name: Install nginx (Deb)apt: name=nginx state=latestwhen: ansible_os_family == “Debian”
Variables FilesJust files full of variables…
Makes using a large number of variables easier
Cleans up your playbooks
Variables FilesSite / Groups:
Best practice to place in a group_vars dir
group_vars/all for site varsgroup_vars/<group_name> for groups
Variables Files: webserverindex_page: index.htmldomains: [
‘example.com’,‘www.example.com’
]server_names: “{{ domains|join(‘ ‘) }}”vhost_root_dir: “/usr/local/www/{{ domains[0] }}/htdocs”
Variables Files- hosts: webservers
vars_files:- group_vars/all- group_vars/webserverstasks:- name: Install nginx
yum: name=nginx state=latest
Roles: webserver.ymlhosts: webserversvars_files:- group_vars/all- group_vars/webserversroles:- nginx
Roles: templates/nginx.confhttp { index {{ index_page }}; server { server_name {{ server_names }}; access_log logs/{{ main_domain }}.access.log main; root {{ vhost_root_dir }}; }}
Roles: tasks/redhat.yml---- name: Install nginx
yum: name=nginx state=latestnotify:- start nginx- enable nginx
Roles: tasks/debian.yml---- name: Install nginx
apt: name=nginx state=latestnotify:- start nginx- enable nginx
Roles: tasks/main.yml---- include: redhat.yml
when: ansible_os_family == “RedHat”
- include: debian.ymlwhen: ansible_os_family == “Debian"
- name: Copy over the nginx.conf templatetemplate: src=nginx.conf dest=/etc/nginx/nginx.confnotify: restart nginx
Roles: handlers/main.yml---- include: redhat.yml
when: ansible_os_family == “RedHat”
- include: debian.ymlwhen: ansible_os_family == “Debian”
- name: start nginxservice: name=nginx state=started
- name: restart nginxservice: name=nginx state=restarted
Secrets$ANSIBLE_VAULT;1.1;AES256343836626534373165643662656363373866626639396535393063336336333162643832353466386631366536656336353137363462643435376164363339360a303264343761336135386564653138393264613961656430666639383339653465303330613333366330366131383033353761643463623161373230353036640a6439613064666466393861633034613534613966653933353837316532663964646435343837323865613061313137346535343239653334376364323932316238386161303764343665346666333231333461636634353061313332613934313433343834366434623866636366313936656463363832343130643139636535363432333861313430343033376566613764623161616565376466383833306164386532656662306437333464343139376362613933653964643536343265623438346634616462313965643038366265646264636538636238306330306430343439633165323330323539616165333039356261613332393332376633636436656636613639613438663335316532643536326264646536636536623061383661656534633130663534316162646236636631323866336530393562636565636166646637616465313037396339633264643731366436623030326633393934346437636663636563333832303165633637303065343732323539643834643066613734363366643933613533343631303930623765616238323633393638333733663835616637306635666466636633323437343665646433383637623932316139363639323565663230656432363731623230
SecretsBuiltin support for using AES256 encrypted variables files
Files kept in group_vars files for easy access
Pass in password at execution