Cork Open Technology Presentation, 20th November 2018.
Ansible is an open source automation language. It’s also a deployment and orchestration tool. We will look at some of the core concepts and use cases, rolling updates, version controlled deployment and Infrastructure as code.
3. Introduction
Ansible is an python based tool for deployment and orchestration of
infrastructure
It is agentless and communicates with hosts via ssh
Push based
Easy to read
5. Installation
● Pre-installed on many linux distro
● Use package manager
● Use pip install
● MacOs pip install
○ CC=clang sudo -E pip install pycrypto.
● Not officially supported on windows
○ Cygwin
○ Linux subsytem.
We can still manage
windows hosts even if
Ansible does not support
windows as a management
machine
8. Playbook and Plays
Playbooks are made up of one or more
plays.
Indentation is important!!!
A play is a set of task which are run on
the host pattern outlined by the play.
Common keywords used to control the
play
9. Tasks
Tasks are a list of modules to be
executed in order.
Modules are written to be idempotent.
Which means they can be run multiple
times and result will be the same each
time.
Script, command, shell commands
may not return the same result each
time.
Pre-tasks, post-tasks, blocks
11. Static Inventory
Static defined by user
Organised into groups
All hosts belong to at least 2 groups
Can use patterns to decide what hosts
to run plays on, including multiple
groups, excluding groups or an
intersection of groups
We can also store variable data in
inventory files
12. Dynamic Inventory
Python scripts and modules which can
generate the inventory file
Must enable the plugin
Can organise based on tags
Difficult set up for gce
Plugin not working properly on ansible
2.6 or 2.7
14. Variables
Currently there are over 20 places we
can define a variable.
Tasks in a role will see their own
default vars
Tasks defined outside a role will see
the last roles role defaults
If multiple groups have the same
named variable the last to load will be
used.
Hosts at the same group level load
alphabetically
● command line values (eg “-u user”)
● role defaults
● inventory file or script group vars
● inventory group_vars/all
● playbook group_vars/all
● inventory group_vars/*
● playbook group_vars/*
● inventory file or script host vars
● inventory host_vars/*
● playbook host_vars/*
● host facts / cached set_facts
● play vars
● play vars_prompt
● play vars_files
● role vars (defined in role/vars/main.yml)
● block vars (only for tasks in block)
● task vars (only for the task)
● include_vars
● set_facts / registered vars
● role (and include_role) params
● include params
● extra vars (always win precedence) -e “this=that”
https://docs.ansible.com/ansible/2.7/user_guide/playbooks_variables.html#variabl
e-precedence-where-should-i-put-a-variable
15. Variables
When a play is run generally the setup
module is run. We can disable it using
gather_facts: false.
Gather facts gives us access to a lot
of vars on the target machine. Too
many to list here. (ansible all -m setup)
Arguments can be accessed with
bracket or dot notation
Registered vars are where we save the
output from a task
ansible hostname -m setup
- debug: var=ansible_facts
{{ ansible_facts['devices']['xvda']['model'] }}
//can cause conflicts with python
{{ ansible_facts.devices.xvda.model }}
- hosts: web_servers
tasks:
- shell: /usr/bin/foo
register: foo_result
ignore_errors: True
- shell: /usr/bin/bar
when: foo_result.rc == 5
16. Templates
Templates use the jinja2 templating
engine
The modules takes a source template
which contains a placeholder for a var:
{{ my_var }} replaces it on the
controller machine with the var and
then copies it to the destination host
18. Roles
Roles are a way to organise and reuse
and share ansible content; tasks, file
vars, templates etc
Similar to the default structure
ansible -galaxy contains many roles
Import (static) v include (dynamic)
Previously had to use roles, pre-task,
post-tasks more difficult to control the
flow of tasks
20. Rolling updates
Rolling updates are simple
Add the serial keyword to the play
Add max_fail_percentage (optional)
Run your playbook
Example can pass a list of numbers or
percentage to a serial and it will run
first on 1 host, then on 5, then on 20%
of remaining machines until
completion
Setting max_fail_percentage: would
act on all those groups too