View
458
Download
0
Category
Preview:
Citation preview
ANSIBLE + WORDPRESSALAN LOK
BECAUSE YOU NEED THEMGOALS
• Simple* and repeatable installs • Automate your tasks
*Simple ≠ Easy Sorry, everything takes effort
MASTER (WORDPRESS) BUILDER?
ARE YOU A
CC, Source: Flickr/VGB.Studios
A TOOL FOR ALL OF USANSIBLE
• Automate machine provisioning and deployments
• Agentless • Configuration management
• Idempotent
(TELL ME THE MAGIC)HOW DOES ANSIBLE FIT IN?
• An orchestration machine with a usable shell prompt (*NIX)
• Server(s) accessible by SSH to orchestrate changes
SSH
http://docs.ansible.com/ansible/intro_installation.htmlHOW TO INSTALL ANSIBLE
• CentOS/RH/Amazon Linux: sudo yum install ansible
• Debian: sudo apt-get install ansible
• OS X: sudo easy_install pip; sudo pip install ansible
• Windows: sorry :(
BASICSANSIBLE
THE THING YOU DOTASK AND HANDLER
• A task is the most granular “thing” you do. For example:
• Copy a file • Start a process • Create a file using Jinja2 syntax
• Tasks are linear, whereas handlers are invoked by task completion (similar to WordPress hooks)
• Tasks can loop, and may contain conditional evaluation
A CONTAINER FOR TASKS AND HANDLERSROLES
• Roles are sets of tasks and handlers that Ansible executes • Think shell script, but better organized and easier to read
• Roles can have default variables, and be overridden by a play
HOW ANSIBLE STITCHES IT TOGETHERPLAYBOOK
• A playbook is a collection of plays • A play is a collection of roles
• One can assign plays to a host or host group
http://docs.ansible.com/ansible/playbooks.html
CONFIGURATION MANAGEMENT’S BEST FRIENDVARIABLES
• Variables can be specified at 3 levels • Global (config / env /
command line) • Play • Host
• Don’t hard code configuration, leverage variables and set defaults for overriding
{x}http://docs.ansible.com/ansible/playbooks_variables.html
DEFINING WHO WE AREHOSTS
• A play can target a host or a group of hosts
• Inventory may be static or dynamic (eg. AWS)
• Specific host-related information to access server
• User must have sudo privileges to perform system tasks
TOGETHERPUTTING IT ALL
CONFIGURE A HOST
1.Make a SSH key pair ssh-keygen -t ecdsa -f deploy
2.Copy your key file to the host (deploy.pub) and append the file contents to ~/.ssh/authorized_keys
3.Ensure the host user has sudo access (or else “become” parameter won’t work)
4.Ensure the python module python-httplib2 is installed
5.Disable selinux
http://docs.ansible.com/ansible/intro_inventory.htmlCREATE YOUR HOST FILE
[wordpress] 172.16.12.146 ansible_user=alan ansible_ssh_private_key_file=deploy
Host Group
IP or FQDN Ansible options
YOU DON’T HAVE TO WRITE EVERY ROLEDOWNLOAD SOME ROLES
ansible-galaxy install sbaerlocher.wp-cli geerlingguy.php geerlingguy.apache geerlingguy.mysqlgeerlingguy.php-mysqlgeerlingguy.firewall
BECAUSE NOT ALL ROLES WORK OUT OF THE BOXMODIFING GALAXY ROLES
• Let’s check out 2 roles I modified https://github.com/alanlok/ansible-role-wordpress.git https://github.com/alanlok/ansible-role-wordpress-apache.git
• Modified from ansible-galaxy author darthwade’s roles
• Made more variables available for customization
• Made roles RedHat/CentOS/Amazon Linux friendly
• You can write your own roles too!
FILES IN YOUR STRUCTURECREATING YOUR OWN PLAYBOOK
•group_vars •wordpress
•config
•roles •ansible-role-wordpress •ansible-role-wordpress-apache
•hosts
•wordpress-simple.yml
YAML file containing yourhost group’s variables
Your custom rolesin the roles directory
Which hosts should Ansible act on
Your playbook
SECRET SAUCE TO MAKE IT UNIQUETHE GROUP VARIABLES
--- apache_user: "apache" apache_group: "apache" wp_version: 4.5 wp_site_name: 'site1' wp_install_dir: '/var/www/html/{{ wp_site_name }}' wp_db_name: '{{ wp_site_name }}' wp_db_user: '{{ wp_site_name }}_user' wp_db_password: 'password' wp_db_host: 'localhost' wp_apache_hostname: '{{ wp_site_name }}.vm'
Yup, how else can I give a demo!
This is not pretty.See “vault” for more details.
DONEC QUIS NUNCTHE PLAYBOOK
- hosts: wordpress become: yes roles: - geerlingguy.apache - geerlingguy.php - geerlingguy.mysql - geerlingguy.firewall - geerlingguy.php-mysql - ansible-role-wordpress - ansible-role-wordpress-apache - sbaerlocher.wp-cli
LET’S RUN THIS…ansible-playbook -i hosts
wordpress-simple.yml
SORTA?IT’S DEPLOYED…
THE REAL VOODOOLET’S RUN SOME AD-HOC COMMANDS
• Configure WordPress for the first time ansible -i hosts wordpress --become -a "sudo -u apache wp core install --url\=site1.vm --title\=\"Yet another demo\" --admin_user\=alan --admin_password\=alan --admin_email\=\"alan@wlx.ca\" --path\=/var/www/html/site1"
• Update WordPress ansible -i hosts wordpress --become -a "sudo -u apache wp core update —path\=/var/www/html/site1"
• Update server: ansible -i hosts wordpress --become -a "yum update -y"
• Reboot server: ansible -i hosts wordpress --become -a "reboot"
”
“
— The LEGO® Movie
EVERYTHING IS AWESOME!!!
THANKS@alan_lok
Recommended