ansible for beginners ...?

Ansible for

Beginners#pyfes 2013.11 in Tokyo

by @r_rudi(しろう)

…?

Ansible

ChefPuppet

Saltcfengine

juju…..

ProvisioningTool

by Lee Thompson at Velocity 2010

Ansible

by Lee Thompson at Velocity 2010

Today’sAssumptions

Task

- name: install python homeblew: name=python installs_options={{ option }} state=present

Task

- name: install python homeblew: name=python installs_options={{ option }} state=present

module name

arguments

variables

task name (optional)

status: uninstall if “absent” (depends on the module)

Playbook == A set of Tasks

- hostname: name=AnsibleDemo- apt_repository: repo=’deb http://….’- apt_key: url=http://…..

Order

How to run

% ansible-playbook hoge.yml

-i inventory file (connection host list)-u username-k ssh pass-C check mode-D diff

OKLet' Go !

unarchive module

- unarchive: src=blah.tar.gz dest=/tmp/

Local

Remote

Remote

copy unzipuntar

- shell: foo.sh

shell module

Local

copyRemote

Remote

Run

Run

ec2

- local_action: ec2 args: instance_type: c1.medium image: emi-329394 count: 3

Launch Instances module

- Google Compute Engine- Digital Ocean- Linode- Rackspace- Docker :

Q: How many instances?- local_action: ec2 args: count: 3- local_action: ec2 args: count: 3- local_action: ec2 args: count: 3

Q: How many instances?- local_action: ec2 args: count: 3- local_action: ec2 args: count: 3- local_action: ec2 args: count: 3

９

Q: How many instances?- local_action: ec2 args: count: 3- local_action: ec2 args: count: 3- local_action: ec2 args: count: 3

９idempotence ...?

ec2 elb

- local_action: ec2_elb args: instance_id: “{{ ansible_ec2_instance_id }}” state: present

deploy !!

- local_action: ec2_elb args: state=absent- nagios: action=disable_alert- git: repo=.... dest=/www version=release-11- service: name=foo state=restarted- wait_for: port=8080 state=started :

rolling update

- serial: 1

- run only a server at a single time

Remote

Remote

Remote

cause this is #pyfes

Python API

from ansible.inventory import Inventoryfrom ansible.playbook import PlayBookfrom ansible import callbacksfrom flask import Flask, render_templateimport json

app = Flask(__name__)@app.route("/play")def play(): inventory = Inventory('localhost.conf') stats = callbacks.AggregateStats() playbook_cb = callbacks.PlaybookCallbacks()

ansible + flask runner_cb = callbacks.PlaybookRunnerCallbacks(stats) results = PlayBook(playbook='pyfes-demo.yml', forks=1, remote_user='shirou', sudo=False, module_path='module', callbacks=playbook_cb, runner_callbacks=runner_cb, stats=stats, inventory=inventory).run() return json.dumps(results)

if __name__ == '__main__': app.run('0.0.0.0', debug=True)

AnsibleWorks AWX

Demoor Die

Web UI demo

- shell script using Twilio API

True Demo: twilio module

#!/usr/bin/env shAccountSid=AAAAAAAAAAuthToken=07999999999999

curl -X POST 'https://api.twilio.com/2010-04-01/Accounts/ACe0361e5b6236a8948191d08635bcd449/Calls.json' \-d 'From=%2B822222222222' -d 'To=%2B81999999993' \-d 'Url=http%3A%2F%2Fexample.com%2Fansible.html' -u ${AccountSid}:${AuthToken}echo "changed=True"exit 0

module creation

- super easy- Write any script languages

- unfortunately, golang is impossible

- If you think it’s hard to write YAML, create module - auto execute if on the ./library

handler

tasks: - template: src=/srv/hoge.j2 dest=/etc/hoge notify: - restart apache handlers: - name: restart apache service: name=httpd state=restarted

How many serversAnsible can manage?

We have users using Ansible in push mode against 5000 machines at a time

Accelarated mode

- hosts: all

accelerate: true

tasks: ...

- Launch daemon on server via SSH- Then, direct connection

- terminate after playbook ends

- 2-8x faster than SSH

Module introduction

Arista networks

- 10G/40G/100G switch

- login via ssh- python included

Arista modules

- name: enable interface Ethernet 1 arista_interface: interface_id=Ethernet1 admin=up speed=10g duplex=full logging=true

DB

- mongodb_user- mysql_db- mysql_replication- postgres_user- postgres_db- riak- redis

notification

- irc- hipchat- jabber- mail- osx_say

Conclusion

- Can use Ansible as Remote Execution Tool- So many modules- Easy to create module if ansible does’nt have

- You don’t need Python- Fast enough to manage over 1k servers

Ansible Book

- Release Nov. 2013- cover wide area - especially, not included part this slide