Automate with Ansible basic (2/e, English)

[ jonny@latticework ~ ] $ cat .profile # Author: chusiang (at) drx.tw # Blog: http://note.drx.tw # Modified: 2017-03-10 18:43

The Ansible automated configuration tips

of modern IT engineer must be know (2/e)

About Me• Chu-Siang Lai

• More than 1 year experience in Ansible use.

• Maintaining Ansible Roles:

• php7 (php-fpm)

• switch-apt-mirror

• vim-and-vi-mode

• zabbix-agent

2

Ready ?Go

3

OutlineI. What is the modern IT Engineer ?

4

OutlineI. What is the modern IT Engineer ?

II. What are the benefits of use an automated configuration management tool ?

5

OutlineI. What is the modern IT Engineer ?

II. What are the benefits of use an automated configuration management tool ?

III. What is the Ansible ?

6

OutlineI. What is the modern IT Engineer ?

II. What are the benefits of use an automated configuration management tool ?

III. What is the Ansible ?

IV. How to deploy the Ansible environment ?

7

OutlineI. What is the modern IT Engineer ?

II. What are the benefits of use an automated configuration management tool ?

III. What is the Ansible ?

IV. How to deploy the Ansible environment ?

V. How to use the Ansible ?

8

OutlineI. What is the modern IT Engineer ?

II. What are the benefits of use an automated configuration management tool ?

III. What is the Ansible ?

IV. How to deploy the Ansible environment ?

V. How to use the Ansible ?

VI. Q & A

9

Ⅰ. What is the modern IT Engineer ?

10

DevOps

What is modern IT Engineer ?

11

CLASSICS MODERN

UP AND RUNNING More than hours Less than 30 minutes

GET TO WORKKnock the many

commands, ofter forgot the anything change

Manage machines with coding

GET OFF WORK Write the job diary Write the tools (for get off work early)

Ⅱ. What are the benefits of use an automated configuration management tool ?

12

Using Ansible, We can reduce the

service interruption time, test the infrastructure,

reduce the risk of accidents , and seamless integration the development, testing

and production environment.

source: Ansible as Automation Glue13

HUMAN AUTOMATE

REPEAT COSTS High Low

HUMAN ERROR High Low

TESTABILITY Hard Easy

MODULARIZATION Hard Easy

GET OFF WORK EARLY Hard Easy

What are the benefits of use an automated configuration management tool ?

14

Ⅲ. What is the Ansible ?

15

Ansible named from novel Ender's Game . It is a fictional superluminal communication device.

With Ansible, we can control the servers like Ender

command the warships.

source: https://goo.gl/4xftZT16

Ansible is the rising popularity of DevOps automation software

in recent years

Using agentless architecture, flexible deployment,

easy to read, so become a popular DevOps tool, quickly.

source: http://goo.gl/yJbWtz17

What is the Ansible ?

• It's Configuration Management Tools (Infrastructure as Code) like the Puppet, SaltStack, Chef.

• Easy to use.

• Somebody in the DevOps world.

• Using the Push architecture, no need the agent, only need the Python and SSH.

• Python base !!!

18

Ⅳ. How to deploy the Ansible environment ?

19

concept, setup, setting

How does the Ansible work ?Define the Managed node with inventory, communicate with SSH and Python.

20

How to setup the Ansible ?• Only install the Ansible on Control Machine;

the Managed node need the Python 2.5+ and SSH.

21

# Debian & Ubuntu (apt).$ sudo apt-get install ansible

# RHEL & CentOS (yum).$ sudo yum install ansible

# Mac OS X (homebrew). $ brew install ansible

# Python (pip).$ sudo pip install ansible

How to setting the Ansible ?• Setting the inventory (host file) path, remote username

and ssh key of Managed node with ansible.cfg.

22

$ vim ansible.cfg[defaults] # Setting the inventory file path.hostfile = hosts

# Remote username.remote_user = docker#private_key_file = ~/.ssh/id_rsa

# Don’t checking ssh key.host_key_checking = False

What is the inventory ?• Define the host address, group of Managed node,

it can also setting the ssh connect config.

23

$ vim hosts # ansible_ssh_host: remote ssh host address.# ansible_ssh_port: remote ssh port.# ansible_ssh_user: remote ssh username.# ansible_ssh_private_key_file: local ssh private key.# ansible_ssh_pass: remote ssh password (recommend use the private key).[dev]ansible-demo ansible_ssh_host=127.0.0.1 ansible_ssh_pass=pwd

[test]ansible-test ansible_ssh_host=172.10.10.1 ansible_ssh_port=2222

[prod]ansible-prod ansible_ssh_host=10.10.10.1 ansible_ssh_user=deploy

Ⅴ. How to use the Ansible

24

Ad-Hoc command, Playbook* (Module)

Ad-Hoc command

and

25

Playbook

What is the Ad-Hoc command ?• Short (temporality) command, like the normal (classic)

command line mode, operate it with one line at a time.

26

# classic command line

$ ping ansible-demo.localPING localhost (127.0.0.1): 56 data bytes64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.037 ms

--- localhost ping statistics ---1 packets transmitted, 1 packets received, 0.0% packet lossround-trip min/avg/max/stddev = 0.037/0.037/0.037/0.000 ms

$ echo Hello WorldHello World

What is the Ad-Hoc command ?• Use the Module after the -m, please refer the official

documents for detailed usage.

27

# ansible <host-pattern> -m [module_name] [-a args] [options]

$ ansible all -m ping ansible-demo.local | SUCCESS => { "changed": false, "ping": "pong" }

$ ansible all -m command -a "echo Hello World"ansible-demo.local | SUCCESS | rc=0 >>Hello World

What is the Playbooks ?• More structured than the Shell

Script language, it’s good for large deployment.

• Use the YAML format, the playbook is like documents, easy to read.

• There are usually the Play, Task and Module.

• Use the Jinja2 (template) expression, it’s support the variables, conditional judgment, loop and other syntax.

source: http://goo.gl/GKJvXn28

What is the Playbooks ?• A Playbook can have multiple Play and multiple Tasks.

• The example uses the Play*1, Task*3 and Module*3 (command, apt, lineinfile).

29

$ vim example.yml ---

- name: This is a Super-basic playbook. hosts: all tasks: - name: Hello World command: echo "Hello World"

- name: Install Vim & Emacs become: yes apt: name={{ item }} state=present with_items: - vim - emacs

# Expelliarmus for Emacs. - name: use vi-mode in readline become: yes lineinfile: dest=/etc/inputrc line="set editing-mode vi"

What is the Playbooks ?• A Playbook can have multiple Play and multiple Tasks.

• The example uses the Play*1, Task*3 and Module*3 (command, apt, lineinfile).

30

$ vim example.yml ---

- name: This is a Super-basic playbook. hosts: all tasks: - name: Hello World command: echo "Hello World"

- name: Install Vim & Emacs become: yes apt: name={{ item }} state=present with_items: - vim - emacs

# Expelliarmus for Emacs. - name: use vi-mode in readline become: yes lineinfile: dest=/etc/inputrc line="set editing-mode vi"

Play

What is the Playbooks ?• A Playbook can have multiple Play and multiple Tasks.

• The example uses the Play*1, Task*3 and Module*3 (command, apt, lineinfile).

31

$ vim example.yml ---

- name: This is a Super-basic playbook. hosts: all tasks: - name: Hello World command: echo "Hello World"

- name: Install Vim & Emacs become: yes apt: name={{ item }} state=present with_items: - vim - emacs

# Expelliarmus for Emacs. - name: use vi-mode in readline become: yes lineinfile: dest=/etc/inputrc line="set editing-mode vi"

Task 1

Task 2

Task 3

What is the Playbooks ?• A Playbook can have multiple Play and multiple Tasks.

• The example uses the Play*1, Task*3 and Module*3 (command, apt, lineinfile).

32

$ vim example.yml ---

- name: This is a Super-basic playbook. hosts: all tasks: - name: Hello World command: echo "Hello World"

- name: Install Vim & Emacs become: yes apt: name={{ item }} state=present with_items: - vim - emacs

# Expelliarmus for Emacs. - name: use vi-mode in readline become: yes lineinfile: dest=/etc/inputrc line="set editing-mode vi"

Module

What is the Playbooks ?• Run the playbook of example.yml.

33

$ ansible-playbook example.yml

PLAY [This is a Super-basic playbook.] *****************************************

TASK [setup] *******************************************************************ok: [ansible-demo.local]

TASK [Hello World] *************************************************************changed: [ansible-demo.local]

TASK [Install Vim & Emacs] *****************************************************changed: [ansible-demo.local] => (item=[u'vim', u'emacs'])

TASK [use vi-mode in readline] *************************************************changed: [ansible-demo.local]

PLAY RECAP *********************************************************************ansible-demo.local : ok=4 changed=3 unreachable=0 failed=0

What is the Playbooks ?• Run the playbook of example.yml.

34

$ ansible-playbook example.yml

PLAY [This is a Super-basic playbook.] *****************************************

TASK [setup] *******************************************************************ok: [ansible-demo.local]

TASK [Hello World] *************************************************************changed: [ansible-demo.local]

TASK [Install Vim & Emacs] *****************************************************changed: [ansible-demo.local] => (item=[u'vim', u'emacs'])

TASK [use vi-mode in readline] *************************************************changed: [ansible-demo.local]

PLAY RECAP *********************************************************************ansible-demo.local : ok=4 changed=3 unreachable=0 failed=0

Setup

Recap

Module

35

http://docs.ansible.com/ansible/list_of_commands_modules.html

Docs » commands Modules

yes = requirement to use

Play Lab

39

Going to https://goo.gl/EYJ40O (for get the lab of Control Machine*1 and Managed node*2).

Control the Managed node with Ansible

40

Try the Ansible on Jupyter notebook by myself.

Q & A

Pleast do not pat and feed !

42

E N D