Ansible

Simplify Server and Application Management

Ashok Modi | DrupalCamp LA 2018

Ashok Modi

Engineer - CARD.com

Freelance - provision/maintain client infrastructure / workflows

Love automation

Agenda

  • What is Ansible
  • What about containers?
  • Why use Ansible
  • Components
    • Inventory
    • Playbooks
    • Roles
  • Demo

Ask questions any time

What is ansible?

  • Configuration Management Tool (what is that?) for servers the 'old fashioned' way
  • Written in Python (like Django, Flask, Fabric)
  • Uses YAML format*

* Except for the inventory file if you choose

Why not containers? Ansible is old

  • Docker (and Containers) is amazing!
  • Lando, Vessel, Docksal are all fantastic (all for dev)
  • You can pin the version of php, set up a networked cluster for all services
  • Secrets management = you need to learn Kubernetes/Mesos
    Swarm isn't really an option.

Why use Ansible?

  • Well maintained
  • Easy to understand
  • Few dependencies (only need SSH!)
  • Ansible Galaxy = less 'custom' code
  • Some integration with Docker though it is getting better
  • Use Ansible to prep Docker!

Components

Inventory

Inventory

  • Written in INI or YAML format
  • Consists of hosts, groups
  • Hosts are IP address of server along with additional info (ssh port to connect, ssh password, sudo password, etc)
  • Groups are collections of hosts, to denote a host will run certain playbooks

Inventory

Example

webapp1 ansible_ssh_host=173.230.156.63
app1 ansible_ssh_host=12.34.56.78
app2 ansible_ssh_host=10.0.0.2 ansible_ssh_user=btmash
db1 ansible_ssh_host=1.2.3.5 ansible_ssh_user=btmash ansible_ssh_pass=NoWayMan!

[application]
webapp1
app1
app2

[webservers]
webapp1

[dbservers]
db1

Inventory

  • Can pull from static files
  • Can pull from dynamic/cloud sources

Components

Playbooks

Playbooks

  • Design Plans
  • Manage configurations
  • Map groups of hosts to roles (which define tasks)

Playbooks

Example

---
- hosts: webservers
  vars:
    http_port: 80
    max_clients: 200
  remote_user: root
  tasks:
  - name: ensure apache is at the latest version
    yum: pkg=httpd state=latest
  - name: write the apache config file
    template: src=/srv/httpd.j2 dest=/etc/httpd.conf
    notify:
    - restart apache
  - name: ensure apache is running (and enable it at boot)
    service: name=httpd state=started enabled=yes
  handlers:
    - name: restart apache
      service: name=httpd state=restarted

Components

Roles

Roles

  • Way to make a playbook concise
  • Useful for reusability
  • Playbooks then include roles

Roles

provision.yml 
---
- hosts: webservers
  vars:
    http_port: 80
    max_clients: 200
  remote_user: root
  roles:
    - apache
roles/apache/tasks/main.yml 
---
  - name: ensure apache is at the latest version
    yum: pkg=httpd state=latest
  - name: write the apache config file
    template: src=/srv/httpd.j2 dest=/etc/httpd.conf
    notify:
    - restart apache
  - name: ensure apache is running (and enable it at boot)
    service: name=httpd state=started enabled=yes

Ansible Galaxy

  • Lots of roles created by community
  • Try one of these before writing your own
  • Jeff Geerling (geerlingguy) has lots of roles that pertain specifically to Drupal

Other features

Demo

Using Vagrant to spin them up, Ansible for setup

  • 1 application server (NGINX, PHP-FPM, COMPOSER, DRUSH, DRUPAL CONSOLE)
  • 1 database server (MARIADB)
  • (If we have time) Drupal 8 application
  • (not in demo) 1 or more performance servers (REDIS, SOLR, etc)

Try it out

Resources

Questions?

Thank you!