現代 it 人一定要知道的 ansible 自動化組態技巧
TRANSCRIPT
[ chusiang@kalug ~ ] $ cat .profile # Author: / chusiang.lai (at) gmail.com # Blog: http://note.drx.tw # Modified: 2016-05-31 16:30
• 4 IT
• DrSays IT
• Ansible 4e.
• Ansible Galaxy Roles
• php7 (php-fpm)
• switch-apt-mirror
• vim-and-vi-mode
• zabbix-agent
• CVE-2016-3714
2
3
OutlineI. IT
4
OutlineI. IT
II.
5
OutlineI. IT
II.
III. Ansible
6
OutlineI. IT
II.
III. Ansible
IV. Ansible
7
OutlineI. IT
II.
III. Ansible
IV. Ansible
V. Ansible
8
OutlineI. IT
II.
III. Ansible
IV. Ansible
V. Ansible
VI. Q & A
9
Ⅰ. IT
10
DevOps
IT
11
IT IT
(hr) 30 (min)
code code
( )
Ⅱ.
12
※ = Configuration management (CM)
" "
14
Ⅲ. Ansible
15
Ansible
- https://goo.gl/4xftZT16
Ansible
• Puppet, Salt, Chef (Infrastructure as Code)
DevOps
• Push Python SSH Angent
• Python
18
Ⅳ. Ansible
19
Ansible inventory Managed node SSH Python
20
Ansible• Control Machine Ansible Managed node
Python 2.5+ SSH
21
# Debian & Ubuntu (apt).$ sudo apt-get install ansible
# Mac OS X (homebrew). $ sudo brew install ansible
# Python (pip).$ sudo pip install ansible
Ansible• ansible.cfg inventory (host file)
Managed node ( ) SSH …
22
$ vim ansible.cfg[defaults] # inventory hostfile = hosts
# remote_user = vagrant#private_key_file = ~/.ssh/id_rsa
# host_key_checking: ssh host_key_checking = False
inventory • Managed node ( )
ssh
23
$ vim hosts # ansible_ssh_host: SSH # ansible_ssh_port: SSH (Port)# ansible_ssh_user: SSH # ansible_ssh_private_key_file: SSH # ansible_ssh_pass: SSH ( )[dev]ansible-demo.local ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222
[test]ansible-test.local ansible_ssh_host=10.10.1.1 ansible_ssh_user=adeliae
[prod]ansible-prod.local ansible_ssh_host=demo.drx.tw ansible_ssh_port=22
Ⅴ. Ansible
24
Ad-Hoc command, Playbook* (Module, Galaxy), Ansible Tower
Ad-Hoc command
and
25
Playbook
Ad-Hoc command • ( ) command line
26
# command line
$ ping ansible-demo.localPING localhost (127.0.0.1): 56 data bytes64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.037 ms
--- localhost ping statistics ---1 packets transmitted, 1 packets received, 0.0% packet lossround-trip min/avg/max/stddev = 0.037/0.037/0.037/0.000 ms
$ echo Hello WorldHello World
Ad-Hoc command • Ansible -m
Module Index
27
# ansible < > -m < >
$ ansible all -m ping ansible-demo.local | SUCCESS => { "changed": false, "ping": "pong" }
$ ansible all -m command -a "echo Hello World"ansible-demo.local | SUCCESS | rc=0 >>Hello World
Playbooks
• Shell Script
• YAML code
• Jinja2 (template )
...
Baby Playbook Onesie - http://goo.gl/GKJvXn28
Playbooks • Playbook Play Tasks
• Play*1, Task*3 Module*3 (command, apt, lineinfile)
29
$ vim example.yml ---
- name: This is a Super-basic playbook. hosts: all tasks: - name: Hello World command: echo "Hello World"
- name: Install Vim & Emacs become: yes apt: name={{ item }} state=present with_items: - vim - emacs
# emacs - name: use vi-mode in readline become: yes lineinfile: dest=/etc/inputrc line="set editing-mode vi"
Playbooks • Playbook Play Tasks
• Play*1, Task*3 Module*3 (command, apt, lineinfile)
30
$ vim example.yml ---
- name: This is a Super-basic playbook. hosts: all tasks: - name: Hello World command: echo "Hello World"
- name: Install Vim & Emacs become: yes apt: name={{ item }} state=present with_items: - vim - emacs
# emacs - name: use vi-mode in readline become: yes lineinfile: dest=/etc/inputrc line="set editing-mode vi"
Play
Playbooks • Playbook Play Tasks
• Play*1, Task*3 Module*3 (command, apt, lineinfile)
31
$ vim example.yml ---
- name: This is a Super-basic playbook. hosts: all tasks: - name: Hello World command: echo "Hello World"
- name: Install Vim & Emacs become: yes apt: name={{ item }} state=present with_items: - vim - emacs
# emacs - name: use vi-mode in readline become: yes lineinfile: dest=/etc/inputrc line="set editing-mode vi"
Task 1
Task 2
Task 3
Playbooks • Playbook Play Tasks
• Play*1, Task*3 Module*3 (command, apt, lineinfile)
32
$ vim example.yml ---
- name: This is a Super-basic playbook. hosts: all tasks: - name: Hello World command: echo "Hello World"
- name: Install Vim & Emacs become: yes apt: name={{ item }} state=present with_items: - vim - emacs
# emacs - name: use vi-mode in readline become: yes lineinfile: dest=/etc/inputrc line="set editing-mode vi"
Module
Playbooks • example.yml playbook
33
$ ansible-playbook example.yml
PLAY [This is a Super-basic playbook.] *****************************************
TASK [setup] *******************************************************************ok: [ansible-demo.local]
TASK [Hello World] *************************************************************changed: [ansible-demo.local]
TASK [Install Vim & Emacs] *****************************************************changed: [ansible-demo.local] => (item=[u'vim', u'emacs'])
TASK [use vi-mode in readline] *************************************************changed: [ansible-demo.local]
PLAY RECAP *********************************************************************ansible-demo.local : ok=4 changed=3 unreachable=0 failed=0
Playbooks • example.yml playbook
34
$ ansible-playbook example.yml
PLAY [This is a Super-basic playbook.] *****************************************
TASK [setup] *******************************************************************ok: [ansible-demo.local]
TASK [Hello World] *************************************************************changed: [ansible-demo.local]
TASK [Install Vim & Emacs] *****************************************************changed: [ansible-demo.local] => (item=[u'vim', u'emacs'])
TASK [use vi-mode in readline] *************************************************changed: [ansible-demo.local]
PLAY RECAP *********************************************************************ansible-demo.local : ok=4 changed=3 unreachable=0 failed=0
Setup
(Recap)
Live Demo
35
Module
38
http://docs.ansible.com/ansible/list_of_commands_modules.html
Docs » commands Modules
yes
Galaxy
42
– (Debian Buzz)
46
• Ansible Docs - http://docs.ansible.com/ansible/intro_installation.html
• Ansible: Up and Running - https://www.ansible.com/ansible-book
• Ansible (7:15) | Software Architecture School - http://goo.gl/nhykzE
• Ansible - http://get.soft-arch.net/ansible/
• | ・ - http://school.soft-arch.net/blog/90699/
metaphor-in-cm
• Ansible by sakana / Max - https://goo.gl/e9RwhE
• Ansible | - http://goo.gl/5gs1q9
• IT Ansible | - http://goo.gl/daAtVi
47
Free
• Blasts Off Space Rocket From Cosmodrom In The Clouds, Polygonal Stock Illustration | dreamstime - http://goo.gl/6FAuiQ
• - http://www.ngtaiwan.com
• Using cloud-init and uvtool to initialize cloud instances | Rui - https://goo.gl/CbdvTH
• Books icon (PSD) | GraphicsFuel - http://www.graphicsfuel.com/2012/07/books-icon-psd/
• Avatar, business, company, group, manager, people, users icon | Icon search engine - https://goo.gl/Hm6ScX
• A Galaxy Just Appeared Out of Nowhere - http://chirpnews.com/2016/04/17/new-galaxy-appeared/
48
49
DevOps Taiwan
https://www.facebook.com/groups/DevOpsTaiwan/
https://devopstaiwan.slack.com/
https://gitter.im/DevOpsTW/
Q & A
55
E N D