Ansible
Simplify Server and Application Management
Ashok Modi | DrupalCamp LA 2018
Ashok Modi
Freelance - provision/maintain client infrastructure / workflows
Love automation
Agenda
- What is Ansible
-
What about containers?
- Why use Ansible
- Components
- Inventory
- Playbooks
- Roles
- Demo
Ask questions any time
What is ansible?
- Configuration Management Tool (what is that?) for servers the 'old fashioned' way
- Written in Python (like Django, Flask, Fabric)
- Uses YAML format*
* Except for the inventory file if you choose
Why not containers? Ansible is old
-
Docker (and Containers) is amazing!
-
Lando, Vessel, Docksal are all fantastic (all for dev)
-
You can pin the version of php, set up a networked cluster for all
services
-
Secrets management = you need to learn Kubernetes/Mesos
Swarm isn't really an option.
Why use Ansible?
- Well maintained
- Easy to understand
- Few dependencies (only need SSH!)
-
Ansible Galaxy = less 'custom' code
-
Some integration with Docker though it is getting better
-
Use Ansible to prep Docker!
Inventory
- Written in INI or YAML format
- Consists of hosts, groups
- Hosts are IP address of server along with additional info (ssh port to connect, ssh password, sudo password, etc)
- Groups are collections of hosts, to denote a host will run certain playbooks
Inventory
Example
webapp1 ansible_ssh_host=173.230.156.63
app1 ansible_ssh_host=12.34.56.78
app2 ansible_ssh_host=10.0.0.2 ansible_ssh_user=btmash
db1 ansible_ssh_host=1.2.3.5 ansible_ssh_user=btmash ansible_ssh_pass=NoWayMan!
[application]
webapp1
app1
app2
[webservers]
webapp1
[dbservers]
db1
Inventory
- Can pull from static files
- Can pull from dynamic/cloud sources
Playbooks
- Design Plans
- Manage configurations
- Map groups of hosts to roles (which define tasks)
Playbooks
Example
---
- hosts: webservers
vars:
http_port: 80
max_clients: 200
remote_user: root
tasks:
- name: ensure apache is at the latest version
yum: pkg=httpd state=latest
- name: write the apache config file
template: src=/srv/httpd.j2 dest=/etc/httpd.conf
notify:
- restart apache
- name: ensure apache is running (and enable it at boot)
service: name=httpd state=started enabled=yes
handlers:
- name: restart apache
service: name=httpd state=restarted
Roles
- Way to make a playbook concise
- Useful for reusability
- Playbooks then include roles
Roles
provision.yml
---
- hosts: webservers
vars:
http_port: 80
max_clients: 200
remote_user: root
roles:
- apache
roles/apache/tasks/main.yml
---
- name: ensure apache is at the latest version
yum: pkg=httpd state=latest
- name: write the apache config file
template: src=/srv/httpd.j2 dest=/etc/httpd.conf
notify:
- restart apache
- name: ensure apache is running (and enable it at boot)
service: name=httpd state=started enabled=yes
Ansible Galaxy
-
Lots of roles created by community
-
Try one of these before writing your own
-
Jeff Geerling (geerlingguy) has lots of roles that pertain specifically to Drupal
Demo
Using Vagrant to spin them up, Ansible for setup
- 1 application server (NGINX, PHP-FPM, COMPOSER, DRUSH, DRUPAL CONSOLE)
- 1 database server (MARIADB)
- (If we have time) Drupal 8 application
-
(not in demo) 1 or more performance servers (REDIS, SOLR, etc)
Try it out