Infrastructure as a Code
5 likes1,337 views
This document discusses infrastructure automation using tools like Ansible and Docker to help startups boost their infrastructure. It provides an introduction to concepts like infrastructure as code, DevOps, configuration management tools including Ansible, containers and Docker. It then dives deeper into explaining Ansible architecture, modules, inventory, roles and playbooks. Finally, it covers Docker architecture, the build-ship-run model and provides a simple "Hello World" example of running a Docker container. The presenter is introduced as an expert in these topics working to promote open source adoption.
![- 25 -
Inventory file
● Usually named « hosts »
[loadbalancers]
lb1 server_role= « lb »
ansible_ssh_port=22
ansible_ssh_host=xx.xx.xx.xx
[app:children]
user_app
admin_app
[user_app]
app1 server_role « app »
ansible_ssh_port=22 ansible_ssh_host=xxxx
Intro
BG
Ansible
Docker](https://image.slidesharecdn.com/infrastructure-as-a-coderiseup2015-151214094612/85/Infrastructure-as-a-Code-25-320.jpg)
Infrastructure as a Code
- 1. - 1 - Infrastructure as-a-Code How can DevOps automation help you boosting your startup By : Ahmed Mekkawy
- 2. - 2 - The presenter ● Ahmed Mekkawy AKA linuxawy. ● CEO | Founder of Spirula Systems. ● Co-founder of OpenEgypt. ● Free Software Foundation (FSF) member. ● Independent consultant at MCIT. ● Advisory board member at Mushtarak. ● One of the authors of the Egyptian government's FOSS adoption strategy. Intro BG Ansible Docker
- 3. - 3 - Who is this for ? ● Entrepreneur with a technical background, to take wise decision. ● Developers, to get closer to operations and DevOps. ● SysAdmins/SysOps, to get closer to developers and DevOps. ● Entry level DevOps. Intro BG Ansible Docker
- 4. - 4 - prerequisites ● A background of development or system administration. ● Linux systems awareness. ● Familiarity with Linux command line. Intro BG Ansible Docker
- 5. - 5 - Infrastructure as a code ● Definition ● Unlocked potentials : ● Dynamic infrastructure ● Minimizing cycle ● Environment versioning – through source control ● Testing your code/environment Intro BG Ansible Docker
- 6. - 6 - Devops ? ● DevOps (a clipped compound of "development" and "operations") is a culture, movement or practice that emphasizes the collaboration and communication of both software developers and other information-technology (IT) professionals while automating the process of software delivery and infrastructure changes. It aims at establishing a culture and environment where building, testing, and releasing software, can happen rapidly, frequently, and more reliably. - Wikipedia Intro BG Ansible Docker
- 7. - 7 - DevOps Culture ● The opposite of DevOps is despair — Gene Kim ● Technology has became more reliable than our management and our process. ● People > Process > Tools. ● DevOps is not a job title, nor a product, but rather a culture and practices. ● It's an extension to « You operate what you build » to « everyone's involved ». Everyone includes more than devs and SysOps. Business guys are in, too. ● Everyone involved knows how the entire system works, and is clear about the underlying business value they bring to the table. Availability becomes the problem for the entire organization, not just for the SysOps. Intro BG Ansible Docker
- 8. - 8 - DevOps Culture ● DevOps is not a technology problem. DevOps is a business problem. ● Waterfall ● Complete isolation between Devs, SysOps, Business department. ● Each new release has destabilizing influence. ● DevOps ● Devs and Ops are a single team. ● « us » instead of « them ». ● Emphasizing people and process over tools. ● Allows tight alignment of operations with business needs and thus with customer needs. Intro BG Ansible Docker
- 9. - 9 - DevOps Automation ● Why automation? ● SysAdmin POV : ● Handle growing scale ● Counter increasing failures ● Ensuring servers consistency ● Stop repeating tasks ● Design for failure ● No more server documentation (yaaay!) ● Developers POV : ● Automation is fun ● Environment versioning ● You understand how production environment impact your code, hence you write more efficient code. Intro BG Ansible Docker
- 10. - 10 - DevOps Automation ● Entrepreneur POV : ● Decrease operation overhead with scale ● Move among infrastructure providers ● Be agile on the infrastructure level ● Disaster Recovery ● Rapid Growth ● Slashdot Effect / Reddit Hug of Death Intro BG Ansible Docker
- 12. - 12 - DevOps Automation ● Why not ? ● Oopses here are bad, really bad. ● It can be tempting to do risky things. ● Knowing how to automate doesn't mean that you know what to automate. ● Knowing what to operate doesn't mean that you know how to automate. ● With great power comes great responsibility. Intro BG Ansible Docker
- 13. - 13 - I. backgroundIntro BG Ansible Docker
- 14. - 14 - Cloud ● On-demand computing: (I|P|S)aaS, the aaS part is what matters. ● Why? Too late to ask that now. ● Its impact from the infrastructure POV: resulting IT systems become more complex and scalable Intro BG Ansible Docker
- 15. - 15 - Configuration management ● Concept ● Since when ● Push vs. Pull Intro BG Ansible Docker
- 16. - 16 - conf. Management tools ● Ansible ● Chef ● Puppet ● Saltstack ● Fabric ● CFEngine Intro BG Ansible Docker
- 17. - 17 - Containers ● OS level virtualization ● Containers vs. Virtualization ● Most known container engines: ● FreeBSD jails ● Solaris Zones ● Virtuozzo / OpenVZ ● LXC ● Docker Intro BG Ansible Docker
- 18. - 18 - Microservices ● A software architecture style ● Application is broken down to lots of tiny services. ● The service does a single function. ● Each service is elastic, resilient, composable, minimal, and complete. ● Services can be implemented using different programming langages and environments. ● Services communicate using APIs ● Unix philosophy : Do one thing and do it well. Intro BG Ansible Docker
- 19. - 19 - II. ansible Intro BG Ansible Docker
- 20. - 20 - What is ansible ? ● named after the fictional instantaneous hyperspace communication system featured in Ender's Game. ● Feb 2012, Michael DeHaan – author of cobbler - started Ansible project, after working in puppet labs. ● Design goals: ● Minimal ● Consistent ● Secure ● Highly reliable ● Low learning curve ● Commercially supported (Ansible Tower - GUI). Intro BG Ansible Docker
- 21. - 21 - Why ansible ? ● Agentless : uses plain SSH. ● Idempotent : safe to re-run. ● Modular : large number of contributed modules. ● Simple ● Easy to use : ● YAML syntax ● JSON output ● It's python :) ● FOSS, naturally. Intro BG Ansible Docker
- 22. - 22 - First look : ad-hoc command ● pip install ansible ● Echo “localhost” > hosts ● ansible all -i hosts -m ping ● ansible all -i hosts -m setup Intro BG Ansible Docker
- 23. - 23 - Modules ● ansible all -i hosts -s -m shell -a 'apt- get install nginx' ● ansible all -i hosts -s -m apt -a 'pkg=nginx state=installed update_cache=true' ● Note : 'state' not 'change' ● You can write your own on any language, but please use python. ● https://docs.ansible.com/ansible/modules_by_category.html Intro BG Ansible Docker
- 24. - 24 - task ● The basic unit of ansible code ● Playbook => roles => tasks tasks: - name: Install Nginx apt: pkg=nginx state=installed update_cache=true Intro BG Ansible Docker
- 25. - 25 - Inventory file ● Usually named « hosts » [loadbalancers] lb1 server_role= « lb » ansible_ssh_port=22 ansible_ssh_host=xx.xx.xx.xx [app:children] user_app admin_app [user_app] app1 server_role « app » ansible_ssh_port=22 ansible_ssh_host=xxxx Intro BG Ansible Docker
- 26. - 26 - Dynamic InvEntory ● Getting the inventory file from another system : ● LDAP ● Cobbler ● OpenStack ● EC2 ● … etc ● https://docs.ansible.com/ansible/intro_dynamic_inventory.html Intro BG Ansible Docker
- 27. - 27 - roles ● Organized set of tasks with their needs rolename - defaults - files - handlers - meta - templates - tasks - vars ● Each of those directories include main.yml, except files and templates. Intro BG Ansible Docker
- 28. - 28 - Files ● Files to be copied to the servers as is. ● No main.yml here. ● Example : startup scripts. Intro BG Ansible Docker
- 29. - 29 - Templates ● Files to be copied to the server after substituting the variables, or doing some minor logic (i.e. loops) ● Python's Jinja2 template engine. ● No main.yml here too. ● Simple use : echo {{ ip_forward }} > /proc/sys/net/ipv4/ip_forward Intro BG Ansible Docker
- 30. - 30 - Templates ● Adbanced use : {% for service in outgoing %} {{'##'|e }} {{ service.name }} {{'##'|e }} {{'=' * service.name|length }} iptables -A OUTPUT -p {{ service.protocol | default('tcp') }} {{ '-d '+service.destination if service.destination is defined else '' }} --dport {{ service.port }} -j ACCEPT iptables -A INPUT -p {{ service.protocol | default('tcp') }} {{ '-s '+service.destination if service.destination is defined else '' }} --sport {{ service.port }} {{ '' if service.protocol is defined and service.protocol == 'udp' else '! --syn ' }} -j ACCEPT {% endfor %} Intro BG Ansible Docker
- 31. - 31 - handler ● Just as a task, but triggered from within another task. ● Notifiers are only run if the Task is run. Think Event tasks: - name: Install Nginx apt: pkg=nginx state=installed update_cache=true notify: - Start Nginx handlers: - name: Start Nginx service: name=nginx state=started Intro BG Ansible Docker
- 32. - 32 - Meta ● Role meta data, including dependencies on other roles. --- author: your name description: what this role does company: your_company licence: GPLv2 min_ansible_version: 1.2 dependencies: - { role: ssl } Intro BG Ansible Docker
- 33. - 33 - playbook ● A complete project playbook - group_vars - group1.yml - all.yml - hosts - playbook.yml - roles - role1 - role2 Intro BG Ansible Docker
- 34. - 34 - variables ● declaration (in override order): ● command line ● playbook file ● group_vars ● role (vars) ● role (defaults) ● facts. ● https://docs.ansible.com/ansible/playbooks_variables.html Intro BG Ansible Docker
- 35. - 35 - Spirula's practices ● Treat your CM code as code : ● Use version control. ● Comment on commits. ● Code reuse. ● Have a testing procedure. ● Keep your /etc/ansible/hosts empty, so you have to define inventory file on each run. ● Keep your variable definition clean: ● Don't define vars in playbook file. ● Keep your project vars in playbook's group_vars, in all.yml, or in the group if needed. Intro BG Ansible Docker
- 36. - 36 - Ansible Galaxy ● Community hub for contributing, downloading, and reviewing ansible roles. ansible-galaxy install Spirula.common ● https://galaxy.ansible.com Intro BG Ansible Docker
- 37. - 37 - III. dockerIntro BG Ansible Docker
- 38. - 38 - Docker Architecture Intro BG Ansible Docker
- 39. - 39 - Containerization soln Intro BG Ansible Docker
- 40. - 40 - Build Ship Run ● Build images using Dockerfiles. ● Ship images to different environments (testing, staging, production). ● Run and scale your containers on different platform. Intro BG Ansible Docker
- 41. - 41 - Docker 'Hello world' ● Install Docker engine on your Linux platform. ● Run : $ docker run -it ubuntu:14.04 /bin/bash ● Docker will run a /bin/bash process inside a container and give you control of this process. Intro BG Ansible Docker
- 43. - 43 - Resources ● Ansible: ● https://docs.ansible.com/ansible/ ● https://serversforhackers.com/an-ansible-tutorial ● http://slash4.net/blog/deployment-automation/howto-use-ansible-to ● https://www.spirulasystems.com/blog/tech ● Book : Ansible for DevOps ● Book: The Practice of Cloud System Administration ● Docker ● https://the.binbashtheory.com/before-you-start-with-lxc-and-docke ● https://serversforhackers.com/getting-started-with-docker
- 44. - 44 - Thank you Ahmed Mekkawy mekkawy@spiru.la www.spirulasystems.com