CS计算机代考程序代写 python database AWS Automation, Orchestration and

Automation, Orchestration and
Con�guration Management:

Getting Started With Ansible

Dimeji Fayomi

10 August 2021

1 / 20

Outline
A scenario exercise

Why automation, orchestration and configuration management are
important ?

Some concept definitions
Automation
Orchestration
Configuration Management
Infrastructure as Code (IaC)

Ansible
What is it ?
How it works
Features and advantages over other tools

Installing Ansible
Ansible concepts
Demos: using ansible

2 / 20

Scenario Exercise
Assume you are a devops for an organisation

You are responsible for:

Provisioning infrastructure for critical web applications on the cloud

Deploying the applications

Rolling out new features for the applications

Applying security patches to the infrastructure and applications

Providing 24/7 application and infrastructure support

3 / 20

Scenario Exercise
With small infrastructure

Doing these tasks manually:
is relatively easy
iterative and interactive
not time-consuming

With medium/large infrastrucure

Doing these tasks manually:
becomes boring
means the same tasks are repeated multiple times
error-prone
inconsistent configuration and state across your infrastructure
leaves litle time for innovation and adding value with new
features

Automation, Orchestation and Configuration management

Lets you focus on the important things:
Adding new features for your applications quickly!!!
Making your applications and systems better.

4 / 20

Concept De�nitions
Automation

Using tools and software to perform repeatable configuration actions and
processes
With minimal human intervention or input
Think single task or process:

Installing an application on a server

Orchestration
Coordinated provisioning and configuration of multiple applications
Involves executing a series of configuration and provisioning actions in a
specific order
Automating a series of tasks to work together
Think of the steps and tasks involved in deploying a PHP application

You need to install and configure:
PHP Engine
A web server (Apache or Nginx)
A database

5 / 20

Concept De�nitions
Con�guration Management

Keeping your infrastructure in the desired and consistent state
Maintaining consistency of configuration for all systems
Keeps your configuration uniform across your infrastructure
Makes it easy to track configuration changes
Minimises errors and faults due to wrong configurations

Infrastructure as code (IaC)
Provisioning and managing infrastructure:

with descriptive and declarative machine-readable files
More consistent across systems

Better than:
Iterative, interactive, physical and manual config processes and tools.

6 / 20

Ansible
What is it ?

An open source automation and orchestration tool for:
Provisioning and configuration of infrastructure
Deploying and configuring applications on the infrastructure

Cross platform
Linux/Unix and Windows supported

Swiss knife tool for automation and configuration
If a task can be automated, it can be done with ansible!!!
If a process can be orchestrated, it can be done with ansible!!!

7 / 20

Ansible
Key Features

No agent required on the nodes to be configured
Just SSH required
Declarative and human-readable language

Everything is a YAML file
Push-based approach for deploying configuration on nodes

Better control and security
Idempotent

Only make changes on the node if state is different from what is
specified in the configuration.

8 / 20

Ansible
How it works

9 / 20

Ansible
What makes it di�erent from other tools e.g Puppet,
chef e.t.c ?

Idempotent

Only make changes if needed
Repeat actions without side-effects

Declarative vs Procedural

Other tools are procedural
Perform this action first and then this
If one step is skipped, chaos ensures

Ansible is declarative
I want this service configured and running

No agents

Other tools require an agent installed on the managed nodes
10 / 20

Installing Ansible
You can install with pacakge manager (Not recommended!!!)

apt-get install ansible

Install with pip in a virtualenv
Install python3-pip

sudo apt-get install python3-pip

Install virtualenv

pip3 install virtualenv

Create a virtualenv

virtualenv -p /usr/bin/python3 compx527

11 / 20

Installing Ansible (Cont’d)
Activate your virtualenv

source compx527/bin/activate

Install Ansible and other AWS SDK libraries in your virtualenv

pip install ansible
pip install boto3
pip install botocore
pip install boto

12 / 20

Ansible Concepts
Control Node

The machine where ansible is installed
Ansible commands and playbooks are invoked from this machine
Could your laptop or dedicated machine

Managed Nodes

Servers, VMs and AWS resources managed with Ansible.
Ansible is not installed on these nodes

Inventory

The list of managed nodes
Useful for organising your nodes into groups
Can be specified using IP addresses or FQDNs

13 / 20

Collections

A distribution format for Ansible
Includes playbooks, roles and modules

Modules

Unit of code executed by Ansible
Each module has a specific use e.g

Administering users
Installing software
Managing files

Modules are used to implement tasks

Tasks

A unit of action performed on a node e.g
with the apt module, install packages on a node

14 / 20

Playbooks

An ordered list of tasks
That can be run repeatedly

Roles

Built-in structure for grouping and organizing similar tasks
Easily manage execution of tasks

15 / 20

Using Ansible
Ad hoc command

Running a command-line to automate a single task on one or more
managed nodes

Playbooks
repeatable deployment
Orchestrating tasks

16 / 20

Ansible playbooks
A small ansible playbook that deploys a simple static website on S3.
(Remember to change your bucket name in the ansible playbook)

git clone :olafayomi/COMPx527.git
cd COMPx527/ansible-s3
ansible-playbook main.yml –tags deploy-live-s3

Your website should be live at: http://[your-bucket-name].live.s3-website-
us-east-1.amazonaws.com/index.html

The same playbook can be used to remove the S3 bucket

ansible-playbook main.yml –tags remove-bucket

17 / 20

Another Ansible playbook
This ansible playbook creates a security group and provision an EC2
instance.

cd ../ansible-ec2
ansible-playbook -v -i inventories/hosts main.yml –tags provision

SSH to instance

ssh -v -i ~/.ssh/oof1-ec2-key.pem ubuntu@[instance-ip-address]

The playbook can be further extended to patch upgrade packages on the
newly created EC2 instances

ansible-playbook -v -i inventories/hosts main.yml –tags update-package-manag
ansible-playbook -v -i inventories/hosts main.yml –tags patch
ansible-playbook -v -i inventories/hosts main.yml –tags reboot

18 / 20

Ansible Ad Hoc Commands
ansible -i inventories/hosts webservers -m ping
ansible -i inventories/hosts webservers -m apt -a ‘name=nginx state=latest’
ansible -i inventories/hosts webservers -m apt -a ‘name=nginx state=absent’

19 / 20

Reference
Ansible Docs
(https://docs.ansible.com/ansible/latest/user_guide/index.html)

Digital Ocean
(https://www.digitalocean.com/community/tutorial_series/how-to-write-
ansible-playbooks)

Tutorials Point
(https://www.tutorialspoint.com/ansible/ansible_tutorial.pdf)

Ansible modules
(https://docs.ansible.com/ansible/2.9/modules/list_of_all_modules.html)

Questions ??

20 / 20

https://docs.ansible.com/ansible/latest/user_guide/index.html
https://www.digitalocean.com/community/tutorial_series/how-to-write-ansible-playbooks
https://www.tutorialspoint.com/ansible/ansible_tutorial.pdf
https://docs.ansible.com/ansible/2.9/modules/list_of_all_modules.html