let's get acquainted: ansible! / symfony camp ua 2014

Igor Brovchenko

Let's Get Acquainted:

About me

• Engineer

• Chief Software Engineer at Swivl

• Symfony Camp UA

Igor Brovchenkoigor.Brovchenko@gmail.com

@tigordev

What is Ansible?• Ansible is an IT automation tool (Python)

• Free, open source (github)

• Simply

• Clear (anyone)

• Fast (to learn, setup)

• Complete (modules)

• Efficient (runs on OpenSSH)

• Secure (without agents)

Use cases

• Server provisioning

• Server orchestration

• Application deployment

• Continues Integration

• …

Who uses Ansible?

Over 1 Million DownloadsOver 900 contributors

and 8000 ★s on GitHub

Other tools

• fabric

• capistrano (capifony)

• puppet

• chef

• saltstack

Ansible 1.7.2

• Development - 1.8

• A new major release of Ansible approximately every 2 months.

Control Machine Requirements

• Red Hat

• Debian

• CentOS

• OS X

• any of the BSDs

• Windows isn’t supported for the control machine

• Ansible 1.8: Windows will be fully supported

Python 2.6

Managed Node Requirements

• Python 2.4

• Starting in version 1.7, Ansible contains support for managing Windows machines

https://galaxy.ansible.com/

http://www.ansible.com/tower

Symfony Deployment

1. Update the code

2. Update vendor dependencies

3. Running database migrations

4. Update Assetic Assets

5. Clearing the cache

6. Other Things…

Symfony Deployment$ git pull

$ php composer.phar install

$ php app/console doctrine:migrations:migrate —no-interaction

$ php app/console assets:install web —symlink$ php app/console assetic:dump --env=prod

$ php app/console cache:clear

Directory Structure`-- /var/www/example.com|-- current → /var/www/example.com/releases/20141012131539|-- releases| `-- 20141012131539| `-- 20141009150741| `-- 20141031145325`-- shared |-- web | `-- uploads |-- logs `-- config `-- parameters.yml

Installing the Control Machine (Mac OSX)

$ brew update

$ brew install ansible

$ ansible-galaxy install servergrove.symfony2

Installing the Control Machine (Mac OSX)

$ ls /usr/local/etc/ansible

hosts roles

$ ls /usr/local/etc/ansible/hosts/roles

servergrove.symfony2

Deploy

$ ansible-playbook app/config/playbook_deploy.yml

$ ansible-playbook -l localhost app/config/playbook_deploy.yml -vvv

playbook_deploy.yml- hosts: stage-app vars: symfony2_project_name: Deploy the application symfony2_project_root: /var/www/example.com symfony2_project_release: '{{ current_timestamp.stdout }}' symfony2_project_repo: git@github.com:ingvar/ExampleApp.git symfony2_project_branch: release symfony2_project_php_path: /usr/local/php55/bin/php symfony2_project_env: prod symfony2_project_console_opts: '--no-debug' symfony2_project_composer_opts: '--no-dev --optimize-autoloader'

roles: - servergrove.symfony2

tasks: - local_action: osx_say msg="Deployment complete." voice=Zarvox

Inventory (hosts)[localhost]localhost ansible_connection=local

[stage-app]stage.example.com ansible_connection=ssh

[prod-app]www1.example.comwww2.example.comwww[10:50].example.com

[databases]db-[a:f].example.com

Inventory (hosts)

$ ansible localhost -m command "echo \"Hello World\" "

$ ansible prod-app -m ping

Ansible Structure• Inventory

• Modules

• Ad Hoc Commands

• Playbooks

• Tasks

• Variables

• Templates

• Handlers

• Roles

Modules• Cloud

• Commands

• Database

• Files

• Internal

• Inventory

• Messaging

• Monitoring

• Net Infrastructure

• Network

• Notification

• Packaging

• Source Control

• System

• Utilities

• Web Infrastructure

• Windows

Modules• Cloud (DO, AWS, Azure, GCE, Docker)

• DB (Mongo, MySQL, Postgres, Redis, Riak)

• Messaging (RabbitMQ)

• Monitoring (Zabbix, Monit, Nagios, New Relic…)

• Web (apache, supervisord…)

• Docker

• Vagrant

• …

Notification Modules• flowdock

• hipchat

• irc

• jabber

• slac

• sns

• twilio

• …

Cron module# Ensure a job that runs at 2 and 5 exists.# Creates an entry like "* 5,2 * * ls -alh > /dev/null"- cron: name="check dirs" hour="5,2" job="ls -alh > /dev/null"

# Ensure an old job is no longer present. Removes any job that is prefixed# by "#Ansible: an old job" from the crontab- cron: name="an old job" state=absent

# Creates an entry like "@reboot /some/job.sh"- cron: name="a job for reboot" special_time=reboot job="/some/job.sh"

# Creates a cron file under /etc/cron.d- cron: name="yum autoupdate" weekday="2" minute=0 hour=12 user="root" job="YUMINTERACTIVE=0 /usr/sbin/yum-autoupdate" cron_file=ansible_yum-autoupdate

# Removes a cron file from under /etc/cron.d

http://docs.ansible.com/guide_vagrant.html

Roles• YAML

• Documentation

• Modules (task)

• Ansible Galaxy

Tasks (main.yml)

Templates• Templates are processed by the Jinja2 templating

language (http://jinja.pocoo.org/docs/dev/templates/)

• Powerful conditionals

• Loops and iterators

Example templates• Apache VirtualHost configuration file

• HAProxy configuration

• …

Rollback?• http://www.servermanaged.it/ansible/ansible-simple-

rollback-strategy/

• http://www.future500.nl/articles/2014/07/thoughts-on-deploying-with-ansible/

Resources• http://docs.ansible.com/

• http://docs.ansible.com/playbooks_best_practices.html

• https://galaxy.ansible.com/

• https://github.com/ansible/ansible-examples

• https://github.com/leucos/ansible-tuto

Books

Real worldapp 1

app 2

app 3

DB - master

DB - slave

RabbitMQ

Redisapp 4

storage

transcoder

logs

monitoring

Questions?• Igor Brovchenko

• @tigordev

• igor.Brovchenko@gmail.com

• http://ua.linkedin.com/in/IgorBrovchenko