The associated video is available: https://vimeo.com/107895274 Software configuration management tools are gaining ground everywhere. We've all probably at least heard of puppet, chef or salt by now, however there's a new rising star: Ansible. In this talk we'll learn about the way ansible approaches configuration management, software deployment, remote execution and other general IT tasks. We'll examine how to get up and running in a moment and how easy it is to manage multiple concurrent servers in parallel without needing additional daemons or bootstrapping! The talk will cover differences to puppet, chef etc and examine how to customise and extend Ansible with our favourite language. Join us for this talk and you'll see why this award winning Python project has relevance for PHP and your work life through getting your servers under control. This is a new talk about a relatively new configuration management system that is less complex to work with than puppet, chef, salt etc. but requires nothing extra on the machines being managed.

1. @magma_digital
Orchestrate your Infrastructure
Magma Digital Ltd
Jeremy Coates

2. @magma_digital
Who am I?๏ Jeremy Coates, MD at Magma Digital Ltd
๏ Founder of PHPNW
๏ Manchester Digital Association Council
Member
๏ @phpcodemonkey
๏ linkedin.com/in/jeremycoates

3. @magma_digital
What is
Ansible?
SALT CHEFPUPPET Ansible

4. @magma_digital
Why
use it?

5. @magma_digital
Install:Controller
๏ Only install on controller machine
๏ Requires: Python 2.6+, Paramiko (ssh), PyYAML, Jinja2
๏ RedHat: yum install ansible
๏ Debian: apt-get install ansible
๏ OS X: brew install ansible
๏ All: pip install ansible or from source

6. @magma_digital
Install:Remotes
๏ Nothing much!
๏ SSH server
๏ Python 2.4+ and simplejson module
๏ Or just Python 2.6+
๏ Essentially any *nix distro in last decade

7. @magma_digital
First 10 minutes
๏ Command line usage:
• ansible -i hosts -m ping all
• ansible webserver -m setup
• ansible -i /path/to/hosts -m <module>
[options e.g -vvvv] <host pattern>
• Default checks /etc/ansible/hosts
• -- check && -- diff

8. @magma_digital
Inventory: Hosts
[webservers]
web ansible_ssh_host=127.0.0.1 ansible_ssh_port=2222 ansible_ssh_user=vagrant
ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
web2 ansible_ssh_host=127.0.0.1 ansible_ssh_port=2201
ansible_ssh_user=vagrant
ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key
[dbservers]
db ansible_ssh_host=127.0.0.1 ansible_ssh_port=2202 ansible_ssh_user=vagrant
ansible_ssh_private_key_file=~/.vagrant.d/insecure_private_key

9. @magma_digital
Inventory:Dynamic hosts
๏ Plugin scripts for:
• Amazon EC2
• Digital Ocean
• Linode
• Vagrant
• + others
๏ Or create your own CMDB (Configuration Management DB)

10. @magma_digital
Playbooks๏ Commandline doesn’t scale: Playbooks do
๏ Playbooks are YAML
๏ ansible-playbook -i hosts playbook.yml

11. @magma_digital
Sample Playbook
---
- hosts: localhost
user: root
vars:
motd_warning: 'WARNING: Use by ACME Employees ONLY'
tasks:
- name: setup a MOTD
copy: dest=/etc/motd content={{ motd_warning }}

12. @magma_digital
Playbooks๏ Language of playbooks relatively familiar to devs
๏ Targets - groups of tasks / vars etc.
๏ Vars - nice and obvious!
๏ Tasks - actions using modules / vars
๏ Includes - re-usable components

13. @magma_digital
Playbooks Speed
๏ Playbooks default to 5 forks
• -- forks <N> to vary this
๏ async: <seconds> for long running processes
๏ poll: <seconds> check the progress
๏ Tags: target sections of play books
๏ Roles: convention to enable reuse of playbooks

14. @magma_digital
Playbooks…๏ Looping: with_items:, with_fileglob:
๏ Conditional processing: when: ansible_os_family == ‘RedHat’
๏ Task Delegation: delegate_to: <host> or local_action:
shorthand
๏ Vars: hostvars, groups, inventory*, environment

15. @magma_digital
Playbook Templates
๏ Jinja2 template engine. Has access to any ansible facts
(vars)
๏ Comments: {# a comment #}
๏ If/else: {% if 'authorativenames' in group_names %} {% else
%} {% endif %}
๏ Loops: {% for ip in ansible_all_ipv4_addresses %} {% end
for %}

16. @magma_digital
Modules๏ Over 100 modules already exist
• Swiss army knife of machine management: ansible-doc
๏ Write own modules in any language, including PHP
(json_encode)
๏ Module output key=value or JSON

17. @magma_digital
Ansible-pull
๏ Runs on the machine to be configured
๏ Larger deployments (auto-scaling server farms etc.)
๏ Auto-update when repo changes
๏ Requires cron

18. @magma_digital
SHARE REUSEENHANCE

19. @magma_digital
Related?๏ ansible-vault - encryption for sensitive yaml files
๏ Ansible Guru - support subscription ($99/month)
๏ Ansible Tower (AWX) - commercial version
• Web console, REST API
• 50 machines from $2500/year (depending on support level
needed)
๏ Vagrant - Ansible provisioner module

20. @magma_digital
ResourcesWebsite: ansible.com
Documentation: docs.ansible.com
Twitter: @ansible
IRC: #ansible (freenode)
Google Group: ansible-project
Reddit: reddit.com/r/ansible
Ansible Weekly Newsletter: devopsu.com
Ansible Configuration Management:
(Daniel Hall: Packt Publishing Nov ’13 ISBN 978-1-78328-081-0)

21. @magma_digital
๏ Jeremy Coates, MD at Magma Digital Ltd
๏ Founder of PHPNW
๏ Manchester Digital Association Council Member
๏ @phpcodemonkey
๏ linkedin.com/in/jeremycoates
http://bit.ly/orchestrate_infrastructure
Simply Orchestratehttps://joind.in/11296