Welcome! Using Ansible to Provision Web Servers and Install - - PowerPoint PPT Presentation

welcome
SMART_READER_LITE
LIVE PREVIEW

Welcome! Using Ansible to Provision Web Servers and Install - - PowerPoint PPT Presentation

Mar 10, 2023 516 likes •729 views

Conference 2018 Conference 2018 Welcome! Using Ansible to Provision Web Servers and Install Wordpress About Me + Resources Scott Robarts Web Server Administrator, Capilano University scottrobarts@capilanou.ca Github: srobarts Twitter:

slide-1
SLIDE 1

Conference 2018

Conference 2018

Welcome!

Using Ansible to Provision Web Servers and Install Wordpress

slide-2
SLIDE 2

Conference 2018

About Me + Resources

Scott Robarts Web Server Administrator, Capilano University scottrobarts@capilanou.ca Github: srobarts Twitter: srobarts Instagram: srobarts Notes and Resources: https://github.com/srobarts/bcnet-ansible-presentation

slide-3
SLIDE 3

Conference 2018

What is Ansible?

“Configuration management for humans”

Key pluses:

  • 1. Easy install
  • 2. SSH for remote management – simple, built-in, fast
  • 3. 300+ built in modules
  • 4. Low infrastructure – just Ansible, SSH, and your playbooks
  • 5. Agent free
slide-4
SLIDE 4

Conference 2018

What is Ansible, continued …

Free and open-source (GNU Public License) Purchased by Redhat in 2015 Written in Python. (Also some Powershell, for Windows) Command line based, but also there are GUI tools:

  • Ansible Tower – paid – www.ansible.com
  • AWX – open source - https://github.com/ansible/awx

More information in general: www.ansible.com

slide-5
SLIDE 5

Conference 2018

Ansible’s competitors …

Both Chef and Puppet do similar things to Ansible. Some advantages – i.e. they monitor state of servers, to maintain desired state configuration Disadvantages:

  • Require an agent to be installed on servers
  • Are more complex
  • May be open-source, but more advanced config costs $$
slide-6
SLIDE 6

Conference 2018

Ansible architecture

Controller can be a dedicated server, or your laptop, It only needs Ansible installed Target Servers can be:

  • Web servers
  • Database servers
  • Network devices
  • Linux servers
  • Windows servers

Connection is via SSH,

  • r WinRM for Windows

Ansible does not need to be installed on target servers

slide-7
SLIDE 7

Conference 2018

Ansible installation

Debian/Ubuntu: sudo apt-get-repository ppa:ansible/ansible sudo apt-get update sudo apt-get install ansible Redhat/CentOS: sudo yum install ansible Mac: brew install ansible

slide-8
SLIDE 8

Conference 2018

Four main parts:

  • 1. Inventory: Describe & list your infrastructure
  • 2. Ad-Hoc Commands: One-off tasks
  • 3. Playbooks: Task orchestration, “infrastructure as code”
  • 4. Roles: Configuration encapsulation
slide-9
SLIDE 9

Conference 2018

Inventory (the hosts file)

Used for describing, listing and group your infrastructure. Located by default at /etc/ansible/hosts ## HOSTS DEMO

slide-10
SLIDE 10

Conference 2018

Connecting to target servers

Ansible User

  • By default Ansible will use SSH
  • Best practice for security is to disable SSH login of root user
  • Instead create an Ansible user on servers
  • Ansible user will be able to login and sudo

Key-based SSH Login

  • We need to create a private and public key on our Ansible controller
  • Then share the public key with our target servers
slide-11
SLIDE 11

Conference 2018

Idempotence

  • A key strength of Ansible
  • Run commands over and over again, without doing things over and
  • ver again
  • Ansible checks Facts about the server, before running Tasks
  • Facts are used to find the state of the server
  • Desired State Configuration

Snippet:

"name=vim state=present“

  • We tell Ansible that we want VIM to be present on a server, not that

we want to install it.

slide-12
SLIDE 12

Conference 2018

Basic Playbooks

Running ad-hoc commands is not very powerful Better to group Tasks into a playbook Playbooks encapsulate Tasks, Handlers, Files, Templates. <<Playbook Example>>

slide-13
SLIDE 13

Conference 2018

Playbooks - Roles

Roles are a way of encapsulating playbook functions In the examples I will show (for installing Wordpress), we will have the following roles: Common Apache PHP MySQL Wordpress

slide-14
SLIDE 14

Conference 2018

Playbooks - concepts

Handlers:

  • Basically a task, and can do everything a task can do,

but will only be run when called by another task << example >> Variables:

  • Ansible allows you to use variables in playbooks. In this

way we can have one location to maintain variables, to be used across playbooks. << example >>

slide-15
SLIDE 15

Conference 2018

Playbooks - concepts

Templates:

  • Ansible allows you to create templates using the Jinja2

templating engine. These templates should have the .j2 extension. << example >>

slide-16
SLIDE 16

Conference 2018

Advanced Playbooks

Advanced Playbook Concepts and Structure Playbook folders: (you can have some, or all of these) files/ handlers/ meta/ templates/ tasks/ vars/

slide-17
SLIDE 17

Conference 2018

WP-CLI

WP-CLI is awesome (if you’re a geek) WP-CLI is a command line interface for Wordpress. A few things you can do:

  • Update Wordpress
  • Install and active plugins
  • Install and activate themes
  • Manage users
  • Administer Wordpress multisite
  • Scaffold new sites
  • Work with media
  • Perform basic database operations
slide-18
SLIDE 18

Conference 2018

WP-CLI Example Commands

wp install plugin user-switching –activate wp install theme twenty-sixteen –activate wp theme list --status=inactive << demo >>

slide-19
SLIDE 19

Conference 2018

Pulling it all together

One playbook to install LAMP stack and Wordpress. Playbook will use WP-CLI to handle some Wordpress related work. Playbook will be divided into Roles to encapsulate tasks. Variables will be used to share values across playbook. Templates will be used to scaffold configuration files.