Ansible In Action
Ansible + Real World App
What Is Ansible?
is an open source software that automates software provisioning, configuration management, and application deployment.
The Keys Features of Ansible
Agentless
There is no software or agent to be installed on the client that communicates back to the server.
Idempotent
No matter how many times you call the operation, the result will be the same.
Simple and extensible
Ansible is written in Python and uses YAML for playbook language, both of which are considered relatively easy to learn.
Get Started
Installing and Running Ansible
# ubuntu
sudo apt-get install ansible
#mac-OS
brew install ansible
For other OS check this link
Ansible Architecture
Modules
small programs that do some work on the server, so for example instead of running this command
sudo apt-get install htop
we can use apt
module and install htop
- name: Install htop
apt: name=htop
Using module give you the ability to know if it’s installed or not.
Plugins
Plugins are pieces of code that augment Ansible’s core functionality. Ansible ships with a number of handy plugins, and you can easily write your own.
Host inventories
To provide a list of hosts, we need to provide an inventory list. This is in the form of a hosts file.
In its simplest form, our hosts file could contain a single line:
35.178.45.231 ansible_ssh_user=ubuntu
Playbooks
Ansible playbooks are a way to send commands to remote computers in a scripted way. Instead of using Ansible commands individually to remotely configure computers from the command line, you can configure entire complex environments by passing a script to one or more systems.
group_vars
file contains set of variables for example db username and password.
roles
Roles are a way to group multiple tasks together into one container to do the automation in very effective manner with clean directory structures
handlers
Handlers are lists of tasks, not really any different from regular tasks, that are referenced by a globally unique name, and are notified by notifiers. If nothing notifies a handler, it will not run. Regardless of how many tasks notify a handler, it will run only once, after all of the tasks complete in a particular play.
Tags
If you have a large playbook it may become useful to be able to run a specific part of the configuration without running the whole playbook.
Demo “Real World App”
The goal of this demo to install Laravel App in VPS, in this demo i am going to use lightsail.
The steps to make Laravel APP up and Running are :-
- Creating ubuntu Lightsail instance
- Installing Ansible prerequisites on our VPS
- Building our hosts and ansible.cfg
- Adding instance ssh-key to git access keys
- Define a Role in Ansible
- Define a Handler in Ansible
- Installing PHP Modules
- Installing Nginx
- Adding Nginx default config file
- Adding vars to manage db credentials, host, github origin url and .env variables.
- Creating MySql DB, UserName and Password
- Using Ansible-vault
- Clone code base to our VPS
- Generating
.env
- Creating our playbook.
Creating ubuntu Lightsail instance
Installing Ansible prerequisites on our VPS
sudo add-apt-repository ppa:deadsnakes/ppa -y
sudo apt-get update
sudo apt-get install -y python2.7 python3 python-pip
Now we have our instance up and running lets start build our Ansible Project.
Adding instance ssh-key to git access keys
you have to add your server id_rsa.pub to your github ssh keys by login to your instance
Building our hosts and ansible.cfg
hosts.ini
ansible.cfg
Define a Role in Ansible
Define a Handler
Installing PHP Modules
Installing Nginx
Adding Nginx default
config file
vars.yml
it’s recommended approach to use ansible-vault to encrypt and decrypt your vars
How to use Ansible-vault
Create vault secret file which contains encryption key which encrypts your var
touch .vault_pass.txt
echo 'YOUR_CONFIG_PASS' > .vault_pass.txt
Encrypt your vars
ansible-vault encrypt group_vars/vars.yml --vault-password-file .vault_pass.txt
Decrypt your vars
ansible-vault decrypt group_vars/vars.yml --vault-password-file .vault_pass.txt
Creating MySql DB, UserName and Password
Clone our code base
Generating .env
Ansible uses Jinja2 templating to enable dynamic expressions and access to variables, lets create Template env.conf
file
Lets define role
to move this template to our application dir
Creating PlayBook
Run Your Playbook
#ansible-playbook playbookName
ansible-playbook code-deploy.yml# run with specific tags
ansible-playbook playbook.yml --tags="env-files,php"#if you are using ansible-valut
ansible-playbook code-deploy.yml --vault-password-file .vault_pass.txt
The Complete Project structure
├── ansible.cfg
├── code-deploy.yml
├── files
│ └── dump.sql
├── group_vars
│ └── vars.yml
├── handlers
│ └── main.yml
├── hosts.ini
├── logs
│ └── ansible-log.log
├── roles
│ ├── bootstrap-app
│ │ └── tasks
│ │ └── main.yml
│ ├── code-deploy
│ │ ├── tasks
│ │ │ ├── config-files.yml
│ │ │ └── main.yml
│ │ └── templates
│ │ └── env.conf
│ ├── misc
│ │ └── tasks
│ │ └── main.yml
│ ├── mysql
│ │ └── tasks
│ │ ├── config.yml
│ │ └── main.yml
│ ├── nginx
│ │ ├── tasks
│ │ │ └── main.yml
│ │ └── templates
│ │ └── nginx.conf
│ ├── php
│ │ └── tasks
│ │ └── main.yml
│ └── redis
│ └── tasks
│ └── main.yml
├── scripts
│ ├── install_composer.sh
│ └── startup.sh
└── site.yml