Ansible Meetup Kickoff

So I want to batch run this thing...

Do the API servers in production have a clock skew problem? Quick check.

ansible -i prod api -a date

These commands look similar...

Classic nodejs deploy:ssh prod-api-1cd /opt/myappgit pullnpm installsudo service myapp restart… for each prod-api-* ...

Make them a playbook- hosts: api vars: app: myapp tasks: - name: clone from git git: repo=”git@github.com:bigpandaio/{{app}}" dest=”/opt/{{app}}" - name: npm install command: npm install --production - name: restart service service: name=”{{app}}” state=restarted sudo: yes

But wait! My deployment also needs...

HipChat notificationtasks: - hipchat: room=ops token={{token}} msg=”Starting deploy” ...rest of playbook...

But wait! My deployment also needs...

Remove from ELB:tasks: - local_action: module: ec2_elb region: “{{region}}” instance_id: “{{ec2_id}}” ec2_elbs: “{{elb_name}}” state: absent

But wait! My deployment also needs...

Re-add to ELB:... - local_action: module: ec2_elb region: “{{region}}” instance_id: “{{ec2_id}}” ec2_elbs: “{{elb_name}}” state: present

But wait! My deployment also needs...

Notify BigPanda (*wink* *tug*)

- bigpanda: component={{app}} version={{version}} state=started … - bigpanda: component={{app}} version={{version}} state=finished

Some velvet morning...

Quick heartbleed patch- hosts: frontend sudo: yes serial: 1 tasks: - name: Unregister machine from elb local_action: … - apt: pkg=libssl1.0.0 state=latest update_cache=yes

- service: name=nginx state=restarted

- name: Add machine to elb local_action: …

Grouping tasks into components

● Ansible’s solution is roles● A role can be an app, service, common settings

○ roles/app1○ roles/app2○ roles/rabbitmq○ roles/mongodb○ roles/maintenance_cronjobs

My apps’ roles look the same!

● Use a generic parametrized role● roles/nodejs_app

○ notifies bigpanda○ git pull {{app}}○ npm install○ service {{app}} restart○ self test the {{app}} service

● Specific roles depend on it

Deploying to stage with same roles

Use a different inventory for prod and stage:

ansible-playbook -i prod api.yml

ansible-playbook -i stage api.yml

Deploy ALL THE THINGS!

site.yml:- include: api.yml- include: mongodb.yml- include: frontend.yml

Deploy some of the things

Tag all of your tasks/roles with their relevant app/service name- { role: app1, tags: app1 }

- name: Generate configuration template: src=config.j2 dest=/dest/path tags: [ myservice_config, myservice ]

Deploy some of the things

Then you can:ansible-playbook -i prod site.yml --tags app1Or even:alias deploy-prod=’ansible-playbook -i prod site.yml --tags’deploy-prod app1..aaahhhhh..

And the logical conclusion

Provision a server in EC2

● The ec2 module creates new instances● We have the rest of the config as roles● Simple solution:ansible-playbook -i prod ec2_create.yml -e type=frontendansible-playbook -i prod site.yml --limit frontend

Provision a DC

Same thing really:for i in frontend api mongodb; do ansible-playbook -i prod ec2_create -e type=$idone

ansible-playbook -i prod site.yml

Thanks!Questions?