Mastering Ansible

Recommendations

Info

Chapter 1Task performanceDoing the math from the above description, that's at least three SSH connectionsper task, per host. In a small fleet with a small number of tasks, this may not be aconcern; however, as the task set grows and the fleet size grows, the time required tocreate and tear down SSH connections increases. Thankfully, there are a couple waysto mitigate this.The first is an SSH feature, ControlPersist, which provides a mechanism to createpersistent sockets when first connecting to a remote host that can be reused insubsequent connections to bypass some of the handshaking required when creatinga connection. This can drastically reduce the amount of time Ansible spends onopening new connections. Ansible automatically utilizes this feature if the hostplatform where Ansible is run from supports it. To check whether your platformsupports this feature, check the SSH main page for ControlPersist.The second performance enhancement that can be utilized is an Ansible featurecalled pipelining. Pipelining is available to SSH-based connection methods and isconfigured in the Ansible configuration file within the ssh_connection section:[ssh_connection]pipelining=trueThis setting changes how modules are transported. Instead of opening an SSHconnection to create a directory, another to write out the composed module, and athird to execute and clean up, Ansible will instead open an SSH connection and startthe Python interpreter on the remote host. Then, over that live connection, Ansiblewill pipe in the composed module code for execution. This reduces the connectionsfrom three to one, which can really add up. By default, pipelining is disabled.Utilizing the combination of these two performance tweaks can keep your playbooksnice and fast even as you scale your fleet. However, keep in mind that Ansible willonly address as many hosts at once as the number of forks Ansible is configuredto run. Forks are the number of processes Ansible will split off as a worker tocommunicate with remote hosts. The default is five forks, which will address up tofive hosts at once. Raise this number to address more hosts as your fleet grows byadjusting the forks= parameter in an Ansible configuration file, or by using the –forks (-f) argument with ansible or ansible-playbook.[ 25 ]
System Architecture and Design of AnsibleVariable types and locationVariables are a key component of the Ansible design. Variables allow for dynamic playcontent and reusable plays across different sets of inventory. Anything beyond thevery basics of Ansible use will utilize variables. Understanding the different variabletypes and where they can be located, as well as learning how to access external data orprompt users to populate variable data, is the key to mastering Ansible.Variable typesBefore diving into the precedence of variables, we must first understand the varioustypes and subtypes of variables available to Ansible, their location, and where theyare valid for use.The first major variable type is inventory variables. These are the variables thatAnsible gets by way of the inventory. These can be defined as variables that arespecific to host_vars to individual hosts or applicable to entire groups as group_vars. These variables can be written directly into the inventory file, delivered bythe dynamic inventory plugin, or loaded from the host_vars/<host> or group_vars/<group> directories.These types of variables might be used to define Ansible behavior when dealingwith these hosts, or site-specific data related to the applications that these hostsrun. Whether a variable comes from host_vars or group_vars, it will be assignedto a host's hostvars, and it can be accessed from the playbooks and template files.Accessing a host's own variables can be done just by referencing the name, suchas {{ foobar }}, and accessing another host's variables can be accomplished byaccessing hostvars. For example, to access the foobar variable for examplehost:{{ hostvars['examplehost']['foobar'] }}. These variables have global scope.The second major variable type is role variables. These are variables specific to arole that are utilized by the role tasks and have scope only within the role that theyare defined in, which is to say that they can only be used within the role. Thesevariables are often supplied as a role default, and are meant to provide a defaultvalue for the variable, but can easily be overridden when applying the role. Whenroles are referenced, it is possible to supply variable data at the same time, either byoverriding role defaults or creating wholly new data. We'll cover roles in-depth inlater chapters. These variables apply to all hosts within the role and can be accesseddirectly, much like a host's own hostvars.[ 26 ]
Page 1 and 2: [ 1 ]www.allitebooks.com
Page 3 and 4: Mastering AnsibleCopyright © 2015
Page 5 and 6: About the AuthorJesse Keating is an
Page 7 and 8: About the ReviewersRyan Eschinger i
Page 9 and 10: Patrik Uytterhoeven has over 16 yea
Page 12 and 13: Table of ContentsPrefaceviiChapter
Page 14 and 15: [ iii ]Table of ContentsPython obje
Page 16: Table of ContentsLookup plugins 193
Page 19 and 20: PrefaceChapter 7, Troubleshooting A
Page 21 and 22: PrefaceErrataAlthough we have taken
Page 23 and 24: System Architecture and Design of A
Page 45: System Architecture and Design of A
Page 55 and 56: Protecting Your Secrets with Ansibl
Page 70 and 71: Unlocking the Power ofJinja2 Templa
Page 72 and 73: Chapter 3Executing this playbook wi
Page 74 and 75: Chapter 3Changing the value of api.
Page 76 and 77: Chapter 3{% if dir != "/" %}data_di
Page 78 and 79: Chapter 3Now, we can execute the pl
Page 80 and 81: Chapter 3{{ dir }}{{ comma(loop) }}
Page 82 and 83: argumentsThe arguments variable is
Page 84 and 85: Chapter 3The rendered version of th
Page 86 and 87: Chapter 3The rendered result will b
Page 88 and 89: [ 67 ]Chapter 3Data manipulationWhi
Page 90 and 91: Chapter 3While default is very usef
Page 92 and 93: Chapter 3shuffleSimilar to the rand
Page 94 and 95: Chapter 3expanduserOften, paths to
Page 96 and 97:
Chapter 3Searching for contentIt is
Page 98 and 99:
Chapter 3Python object methodsJinja
Page 100 and 101:
Comparing valuesComparisons are use
Page 102 and 103:
Controlling Task ConditionsAnsible
Page 104 and 105:
Chapter 4This time when we run the
Page 106 and 107:
Chapter 4We simply stated that any
Page 108 and 109:
Chapter 4In the scenario in which t
Page 110 and 111:
Chapter 4The changed_when argument
Page 112 and 113:
Chapter 4The convenience of creates
Page 114:
Chapter 4To suppress change, simply
Page 117 and 118:
Composing Reusable Ansible Content
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
Page 133 and 134:
Page 135 and 136:
Page 137 and 138:
Page 139 and 140:
Page 141 and 142:
Page 143 and 144:
Page 145 and 146:
Page 147 and 148:
Page 149 and 150:
Page 151 and 152:
Page 154 and 155:
Minimizing Downtime withRolling Dep
Page 156 and 157:
Chapter 6Now, we can start creating
Page 158 and 159:
Chapter 6• The run-away processes
Page 160 and 161:
Chapter 6- name: haproxy configtemp
Page 162 and 163:
Chapter 6Now when we execute, we'll
Page 164 and 165:
Now, if we change our conditional s
Page 166 and 167:
Chapter 6Let's run this new play to
Page 168 and 169:
Chapter 6Forcing handlers to run ca
Page 170 and 171:
Chapter 6For our top-level playbook
Page 172 and 173:
Now, let's execute the playbook aga
Page 174 and 175:
Chapter 6When we run this play, we'
Page 176 and 177:
Troubleshooting AnsibleAnsible is s
Page 178 and 179:
Chapter 7Variable introspectionA co
Page 180 and 181:
Chapter 7Running this modified play
Page 182 and 183:
Using debug to display the entire c
Page 184 and 185:
Chapter 7When running this play, we
Page 186 and 187:
Chapter 7To discover the path to th
Page 188 and 189:
Chapter 7The where and the list com
Page 190 and 191:
Chapter 7The PlayBook class __init_
Page 192 and 193:
My development system is a Mac lapt
Page 194 and 195:
Chapter 7To demonstrate how this de
Page 196 and 197:
Chapter 7From this point on, we can
Page 198:
Chapter 7SummaryAnsible is software
Page 201 and 202:
Extending AnsibleThe basic module c
Page 203 and 204:
Extending AnsibleWith a module obje
Page 205 and 206:
Extending AnsibleModule documentati
Page 207 and 208:
Extending AnsibleWith this variable
Page 209 and 210:
Extending Ansiblesample: "/path/to/
Page 211 and 212:
Extending AnsibleProviding fact dat
Page 213 and 214:
Extending AnsibleHandling check mod
Page 215 and 216:
Extending AnsibleVars pluginsConstr
Page 217 and 218:
Extending AnsibleCallback pluginsCa
Page 219 and 220:
Extending AnsibleThat's all we have
Page 221 and 222:
Extending Ansible• digital_ocean
Page 223 and 224:
Extending Ansible3. Now, we'll crea
Page 225 and 226:
Extending AnsibleIf we pass --list,
Page 227 and 228:
Extending AnsibleOptimizing script
Page 229 and 230:
Extending AnsibleSummaryAnsible is
Page 231 and 232:
Eencrypted filesansible-playbook, e
Page 233 and 234:
included tasks, tagging 105, 106var
Page 235 and 236:
Ansible ConfigurationManagementSeco
show all

Mastering Ansible

Create successful ePaper yourself

Delete template?

Save as template?