Scribd
Upload
128 views

Ansible Presentation

This document provides an overview of Ansible, an open source tool for configuration management and application deployment. It discusses how Ansible is lightweight, simple to use, and self-documenting. It requires only Python and SSH to work and allows managing servers without installing agents. Playbooks are used to define configurations and orchestrate complex processes using YAML. Variables, templates, and conditionals make playbooks flexible. Roles allow splitting playbooks into reusable components.

Uploaded by

stanislaw.jachura
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
128 views

Ansible Presentation

This document provides an overview of Ansible, an open source tool for configuration management and application deployment. It discusses how Ansible is lightweight, simple to use, and self-documenting. It requires only Python and SSH to work and allows managing servers without installing agents. Playbooks are used to define configurations and orchestrate complex processes using YAML. Variables, templates, and conditionals make playbooks flexible. Roles allow splitting playbooks into reusable components.

Uploaded by

stanislaw.jachura
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 23

Ansible

A brief overview
Robin Long
June 22, 2016

Robin Long (Lancaster University) Ansible June 22, 2016 1/1


Introduction

• How could we configure a server?


• Manual install? - Slow
• Shell scripts? - What is I run them a second time?
• Configuration Managment? Many options here.
• What do you mean I need a server to setup a server?

Robin Long (Lancaster University) Ansible June 22, 2016 2/1


Why Ansible?

• Lightweight.
• Simple.
• It is its own documentation.
• Forces better practises.

Robin Long (Lancaster University) Ansible June 22, 2016 3/1


Cutting the strings and
setting yourself free.

• Why not puppet?


• Very complex, nested, unclear.
• Need a server to setup a server.
• Getting too big.
• RedHat bought ansible.

Robin Long (Lancaster University) Ansible June 22, 2016 4/1


Ansible Requirements

• Needs very few dependencies:


• Python
• Jinja2
• PyYAML
• Paramiko
• laptop
• Ansible just uses SSH, no need for servers, certificates and
client installs.

Robin Long (Lancaster University) Ansible June 22, 2016 5/1


Ansible Setup - Hosts file

• Ansible uses a very simple hosts file


• default is /etc/ansible/hosts
• pass a -i <inventory file> to ansible

[storage-nodes]
stor[000:031].hec.lancs.ac.uk

[service-nodes]
fal-pygrid-15.lancs.ac.uk
fal-pygrid-30

[loki]
py-loki.lancs.ac.uk:222

[norse]
py-loki.lancs.ac.uk:222
py-eir.lancs.ac.uk

Robin Long (Lancaster University) Ansible June 22, 2016 6/1


Ansible - Basic commands

• We can use ansible on the command line to issue basic


commands and tasks
$ ansible <host-pattern> [-f forks] [-m module_name] [-a args]
$ ansible storage-nodes -m yum -a ‘‘name=httpd state=installed’’
$ ansible storage-nodes -m service -a ‘‘name=httpd state=running enabled=yes’’

• ansible uses variables. System defaults called facts

$ ansible local -m setup

• use -u <user> if host and client differ.

Robin Long (Lancaster University) Ansible June 22, 2016 7/1


Ansible - Playbooks

• simple way to manage many machines.


• Declare configurations and orchestrate complex processes
• Uses YAML
• Contain many different plays - each play is a task (install and
start running apache.)

Robin Long (Lancaster University) Ansible June 22, 2016 8/1


Ansible - Playbooks

---
- hosts: webservers
vars:
http_port: 80
max_clients: 200
remote_user: root

tasks:
- name: ensure apache is at the latest version
yum: name=httpd state=latest
- name: write the apache config file
template: src=/https/www.scribd.com/srv/httpd.j2 dest=/etc/httpd.conf
notify:
- restart apache
- name: ensure apache is running (and enable it at boot)
service: name=httpd state=started enabled=yes

handlers:
- name: restart apache
service: name=httpd state=restarted

Robin Long (Lancaster University) Ansible June 22, 2016 9/1


Playbooks
Splitting long lines
---
- hosts: webservers
vars:
http_port: 80
max_clients: 200
remote_user: root

tasks:
- name: ensure apache is at the latest version
yum:
name: httpd
state: latest
- name: write the apache config file
template:
src: /srv/httpd.j2
dest: /etc/httpd.conf
notify:
- restart apache
- name: ensure apache is running (and enable it at boot)
service:
name: httpd
state: started
enabled: yes

handlers:
- name: restart apache
service:
name: httpd
state: restarted
Robin Long (Lancaster University) Ansible June 22, 2016 10 / 1
Ansible - Playbooks

• execute by running

ansible-playbook playbook.yml -f 10

Robin Long (Lancaster University) Ansible June 22, 2016 11 / 1


Ansible - Roles
• we can include other playbooks in our main one with
- include: servers.yml
• This allows more complex playbooks, and roles.
• Roles are much the same as playbooks, just with added search
paths.
site.yml
storage-servers.yml
roles/
common/
files/
templates/
tasks/
handlers/
vars/
defaults/
meta/
storage-servers/
...

Robin Long (Lancaster University) Ansible June 22, 2016 12 / 1


Ansible - Roles

• storage-servers.yml would then be:

---
- hosts: webservers
roles:
- common
- storage-servers

Robin Long (Lancaster University) Ansible June 22, 2016 13 / 1


Variables, Jinja2,
Conditionals and Loops

• Ansible variables can be used in playbooks and templates.


• System created “facts” can be seen from running
ansible hostname -m setup
• most useful with templates.
• variables called in playbooks and tempates using
{{ variable_name }}
• can filter variables using jinja2.

Robin Long (Lancaster University) Ansible June 22, 2016 14 / 1


examples - loops I

- name: Install cvmfs and dependencies.


yum: name={{ item }} state=present
with_items:
- fuse
- cvmfs
- cvmfs-init-scripts

Robin Long (Lancaster University) Ansible June 22, 2016 15 / 1


examples - loops II

# copy host cert and key to /etc/grid-security/


- name: copy host cert and key to /etc/grid-security/
copy: src={{item.src}} dest={{item.dest}} mode={{item.mode}}
with_items:
- {src: ‘‘{{ host_cert }}’’, dest: /etc/grid-security/hostcert.pem, mode: ‘‘u=rw,g=r,o=r’’}
- {src: ‘‘{{ host_key }}’’, dest: /etc/grid-security/hostkey.pem, mode: ‘‘u=r,g=,o=’’}

Robin Long (Lancaster University) Ansible June 22, 2016 16 / 1


examples - template - file

# Automatically created by ansible


# using the ansible-bdii-site role

SITEBDII ldap://{{ ansible_fqdn }}:2170/mds-vo-name=resource,o=grid


{%if SITEURLS is defined %}
{% for alias, url in SITEURLS.iteritems() %}
{{ alias }} ldap://{{ url }}:2170/mds-vo-name=resource,o=grid
{% endfor %}
{% endif %}

Robin Long (Lancaster University) Ansible June 22, 2016 17 / 1


examples - loops

---
SITEURLS:
HEC: carceri.hec.lancs.ac.uk
DPM: fal-pygrid-30.lancs.ac.uk

Robin Long (Lancaster University) Ansible June 22, 2016 18 / 1


examples - loops

# Automatically created by ansible


# using the ansible-bdii-site role

SITEBDII ldap://py-fjalar.hec.lancs.ac.uk:2170/mds-vo-name=resource,o=grid
DPM ldap://fal-pygrid-30.lancs.ac.uk:2170/mds-vo-name=resource,o=grid
HEC ldap://carceri.hec.lancs.ac.uk:2170/mds-vo-name=resource,o=grid

Robin Long (Lancaster University) Ansible June 22, 2016 19 / 1


group variables

group_vars/
all
bdii-site
cvmfs-client
loki
service-nodes
squid
storage-nodes
vac

Robin Long (Lancaster University) Ansible June 22, 2016 20 / 1


group variables
---
# Variables here are applicable to the bdii-site group
SITE_NAME: UKI-NORTHGRID-LANCS-HEP
SITE_COUNTRY: UK
SITE_DESC: UKI-NORTHGRID-LANCS-HEP
SITE_WEB: https://lancsgrid.wordpress.com
SITE_LOC: Lancaster, UK
SITE_LAT: 54.0105
SITE_LONG: -2.784
SITE_EMAIL: [email protected]
SITE_SECURITY_EMAIL: [email protected]
SITE_SUPPORT_EMAIL: [email protected]

OTHERINFO:
- GRID=EGEE
- GRID=GRIDPP
- GRID=WLCG
- GRID=NORTHGRID
- TIER=2

SITEURLS:
HEC: carceri.hec.lancs.ac.uk
DPM: fal-pygrid-30.lancs.ac.uk
Robin Long (Lancaster University) Ansible June 22, 2016 21 / 1
Collaborate?

• Time to share code?


• https://github.com/lancsgrid/
• squid ( production )
• bdii ( production )
• cvmfs-client ( production )
• argus ( in progress )

Robin Long (Lancaster University) Ansible June 22, 2016 22 / 1


Robin Long
June 22, 2016

You might also like