talk about ansible and infrastructure as code
Post on 02-Dec-2014
2.225 Views
Preview:
DESCRIPTION
TRANSCRIPT
Ansibleの話と、ユルいInfrastructure as Codeの話
Satoshi TAGOMORI (@tagomoris)2014/10/03
SATOSHI TAGOMORI (@TAGOMORIS)
黒ラベルうまあああああああああああああああああああああいいいいいいいいいいいいいい!!!!!!!!!
Ansibleansible
operate servers by module & arguments$ ansible SERVERS \ -m yum \ -a ‘name=bash state=latest’
ansible-playbook
yaml playbook$ ansible-playbook playbooks/update_packages.yaml
playbook
---- include: ansible.yaml- hosts: all-centos-servers gather_facts: False tasks: - yum: name=openssl state=latest - yum: name=bash state=latest
See also: http://www.slideshare.net/tagomoris/ansibleja
Iterative authorization1.execute “ansible” steps 1-by-1 on a server
1. if it failed, fix arguments
2. if it succeeded, add it on playbook
2.complete playbook
3.run playbook on another server
4. run playbook on all servers
Very flexible!Variable expansion
all yaml values are jinja2 template!
variables from playbook, inventory, facts(servers)
Conditionals
execute it only when ...
Loops
“shell” & “command” modules
Don’t shoot yourself in the foot :(
Too much flexibility brings destruction...
Infrastructure as Code
Write code to struct our IT infra
Infra? Server?
Using IaaS: Network configuration as Code?
On-premise: Datacenter as Code ...
Server as Code
1. server deployment by code
Only code deploy servers
Blue-green deployment
Code knows all of server status
We must write all as code
2. GMs + setup code
Golden Master server images for general purpose
OS minor versions are not determined
It’s not problem whether GM is from code or not
Setup code has 2 layer
Compatibility layer for GM differences
Deployment layer for applications
3. Stateful servers + codeServers have state and be eventually changed
Everything are different from each other
Minimum code for limited parts of server status
For applications
Fragile parts: routing, ssh keys, monitoring agents
To be patched: security updates
Middleware deployment: Hadoop, Presto, Fluentd
Just start to write minimum code :)
As same with web or other apps!
top related