SlideShare a Scribd company logo
1 of 32
Download to read offline
DevOps in a Regulated World
aka ‘Ansible, AWS, and Jenkins’

www.doseme.com.au
$ git clone git@bitbucket.org:doseme/ansible-aws-talk.git
Overview
• What

is DoseMe?

• DevOps

devices

and medical

• Ansible

Overview

• Ansible

and AWS

• Our

technology decisions
and the results
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
What Is DoseMe?
• DoseMe: simple

dose-individualisation, with:
• iPad, iPhone, web and mobile web.
• GP patient management software
• HL7 integration (e.g. Pathology)

• Can

dose many classes of drugs.

• Dosing

individually:
• Increases the childhood leukaemia survival rate by 15%.
• Save an average $2,500/patient on aminoglycosides.
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
How Does DoseMe Work?
•

It is your first day in a new job, in a new
location, how much time would you give
yourself to drive to work?

•

You didn’t get fired on your first day. . .
what influences your decision on when to
leave home on your second day of work?

•

We can calculate your next drug dose the
same way - using mathematical models of
drug absorption/clearance fit to your prior
data.
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
What’s A Medical Device?
W!
NE

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
DoseMe - A Medical Device?
Not currently a medical device
Lower classification medical device
Higher classification medical device

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
How Is This Relevant To DevOps?
•

Medical device guidelines require:
•

Traceability of complaints / features / fixes

•

Reproducible production environment /
‘manufacturing’

•

Consistent, maintained, and recorded
production environment

•

Maintained records of production
‘manufacturing runs’

•

Regular and repeatable QA/QC testing

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.

}

+
What Is Ansible?
• “IT

Orchestration Engine” - Config management, deployment.

• Like

CFEngine, or Puppet, except:

• Dead-simple syntax (YAML), executed in order
• Written in Python
• Agentless
• Secure - uses SSH
• Free and Open Source (Top 10 Python Project, GitHub)
• Backed by a commercial company (AnsibleWorks)
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
What Can You Do? (Modules)
• Pretty

much anything:

accelerate
acl
add_host
airbrake_deployment
apt
apt_key
apt_repository
arista_interface
arista_l2interface
arista_lag
arista_vlan
assemble
assert
async_status
at
authorized_key
bigip_monitor_http
bigip_monitor_tcp
bigip_node
bigip_pool
bigip_pool_member
boundary_meter
bzr
campfire
cloudformation
command
copy
cron
datadog_event
debug
digital_ocean
django_manage
dnsmadeeasy
docker
docker_image
easy_install
ec2

ec2_ami
ec2_eip
ec2_elb
ec2_elb_lb
ec2_facts
ec2_group
ec2_key
ec2_tag
ec2_vol
ec2_vpc
ejabberd_user
elasticache
facter
fail
fetch
file
filesystem
fireball
firewalld
flowdock
gc_storage
gce
gce_lb
gce_net
gce_pd
gem
get_url
git
github_hooks
glance_image
group
group_by
grove
hg
hipchat
homebrew
hostname

htpasswd
include_vars
ini_file
irc
jabber
jboss
kernel_blacklist
keystone_user
lineinfile
linode
lvg
lvol
macports
mail
modprobe
mongodb_user
monit
mount
mqtt
mysql_db
mysql_replication
mysql_user
mysql_variables
nagios
netscaler
newrelic_deployment
nova_compute
nova_keypair
npm
ohai
open_iscsi
openbsd_pkg
openvswitch_bridge
openvswitch_port
opkg
osx_say
ovirt

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.

pacman
pagerduty
pause
ping
pingdom
pip
pkgin
pkgng
pkgutil
portinstall
postgresql_db
postgresql_privs
postgresql_user
quantum_floating_ip
quantum_floating_ip_assoc
iate
quantum_network
quantum_router
quantum_router_gateway
quantum_router_interface
quantum_subnet
rabbitmq_parameter
rabbitmq_plugin
rabbitmq_policy
rabbitmq_user
rabbitmq_vhost
raw
rax
rax_clb
rax_clb_nodes
rax_dns
rax_dns_record
rax_facts
rax_files
rax_files_objects
rax_keypair
rax_network

rax_queue
rds
redhat_subscription
redis
rhn_channel
rhn_register
riak
route53
rpm_key
s3
script
seboolean
selinux
service
set_fact
setup
shell
slurp
stat
subversion
supervisorctl
svr4pkg
swdepot
synchronize
sysctl
template
unarchive
uri
urpmi
All
user of these are in core
virt
wait_for
xattr
yum
zfs
zypper
zypper_repository
Installation
• In

this talk, we use the devel branch of ansible
(currently required for some AWS features).

$
$
$
$

sudo pip install paramiko PyYAML jinja2 httplib2
git clone git://github.com/ansible/ansible.git
cd ansible
git checkout devel

$ source ./hacking/env-setup
OR
$ sudo python setup.py install

• We

also need boto installed to talk to EC2

$ sudo pip install boto
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Inventory And Selecting Hosts
• Simple

ini-style definitions,
grouping hosts:

# file: server-inventory
[local]
localhost
[www]
www01.example.com
www02.example.com
[launched]
# Empty - We’ll discuss later
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.

• Ad-hoc

commands let you
select hosts or groups, using
logical operators:

$ ansible -m ping www
$ ansible -m ping www:!local
A Simple Ad-Hoc Task

• Guaranteed

co-workers:

to annoy your

$ ansible all -i inventory_file 
-m apt pkg=sl state=installed

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Ansible In Production - Playbooks
• How

you use ansible in
production.
• Executed in order.
• Files can include other files.
--# Example Playbook
- hosts: all
vars_files:
- vars/common.yml
tasks:
- include: tasks/common.yml
handlers:
- include: handlers/common.yml
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Ansible In Production - Roles
• DRY:
• Roles

allow you to reuse:
• Tasks
• Variables
• Handlers
• Files
• Templates

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Ansible In Production - Roles
roles/
common/
tasks/
files/
templates/
handlers/
vars/
meta/
www/
tasks/
files/
templates/
handlers/
vars/
meta/

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.

•

A main.yml in all of these folders will
be included via a simple definition:

--- hosts: www
remote_user: admin
sudo: True
roles:
- common
- www
Ansible & AWS
•A

sample playbook is available via git at:

$ git clone git@bitbucket.org:doseme/ansible-aws-talk.git
https://bitbucket.org/doseme/ansible-aws-talk/

• Demonstrates

configuring:
• VPC and two security groups
• Two EC2 instances (in VPC)
• RDS (in VPC)
• Elastic Load Balancer
• Installs Apache, Vim, Postfix, screen, and sudo on instances.
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Ansible & AWS - Authentication
• Firstly, create

an IAM role - e.g. belonging to a power-user
group. Download the credentials, then:

• Add

to $HOME/.boto:

[Credentials]
aws_access_key_id = <Access Key>
aws_secret_access_key = <Secret Key>

• Now

we’re ready to deploy!

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Deploying EC2 Instances - 1/3
- name: Provision EC2 instances - zone 1
  local_action:
        module: ec2
        state: present
        id: "{{ idempotent_id }}"
        region: "{{ aws_region }}"
        keypair: "{{ aws_keypair }}"
        group: ansibleDeployedDefault
        instance_type: "{{ aws_instanceType }}"
        image: "{{ aws_image }}"
        vpc_subnet_id: "{{ vpc.subnets[0].id }}"
  register: ec2

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Deploying EC2 Instances - 2/3
• If

you’re running Ansible every hour, last
thing that you want is to deploy another
complete set of servers on every run.
{{ idempotent_id }}

• Can

represent either one or a set of
instances - do not reuse.
• See here for a guide:
http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Deploying EC2 Instances - 3/3
- name: Provision EC2 instances - zone 1
  local_action:
        module: ec2
        state: present
        id: "{{ idempotent_id }}"
        region: "{{ aws_region }}"
        keypair: "{{ aws_keypair }}"
        group: ansibleDeployedDefault
        instance_type: "{{ aws_instanceType }}"
        image: "{{ aws_image }}"
        vpc_subnet_id: "{{ vpc.subnets[0].id }}"
  register: ec2

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
VPCs And Security Groups
- name: "Provision VPC in
{{ aws_region }}"
  local_action:
        module: ec2_vpc
        state: present
        cidr_block: 10.1.0.0/16
        subnets:
- cidr: 10.1.1.0/24
                  az: us-east-1a
- cidr: 10.1.2.0/24
                  az: us-east-1d
        internet_gateway: True
        route_tables:
- subnets:
- 10.1.1.0/24
- 10.1.2.0/24
                  routes:
- dest: 0.0.0.0/0
                          gw: igw
        region: "{{ aws_region }}"
        wait: yes
  register: vpc
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.

- name: Provision ec2 security group
  local_action:
        module: ec2_group
        state: present
        name: ansibleDeployedDefault
        description: "Default -http"
        vpc_id: "{{ vpc.vpc_id }}"
        region: "{{ aws_region }}"
        rules:
- proto: tcp
            from_port: 80
            to_port: 80
            cidr_ip: 0.0.0.0/0
VPCs And Security Groups
• Each Ansible

task returns a data-structure of useful
information, which we can register to a variable and then use.
• -v will show you the returned output from a task in JSON.
• The docs aren’t terribly clear on the data returned, so
developing Ansible playbooks requires liberal use of -v.
rob@zazu:~/projects/git/doseme-config-warfarin-aws$ ansible-playbook -i server_inventory site.yml
-v
PLAY [local] ******************************************************************
TASK: [aws | Provision VPC in us-east-1] **************************************
ok: [localhost] => {"changed": false, "item": "", "subnets": [{"az": "us-east-1d", "cidr":
"10.2.2.0/24", "id": "subnet-e9f8f49d"}, {"az": "us-east-1a", "cidr": "10.2.1.0/24", "id":
"subnet-40371e06"}], "vpc": {"cidr_block": "10.2.0.0/16", "dhcp_options_id": "dopt-d8d7ddba", "id":
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Provisioning An ELB
• Unfortunately, even

devel branch Ansible doesn’t yet support
creating Elastic Load Balancers in VPCs (It does support
adding hosts to them).

• We’re

working on a patch internally, and hope to have this
working and submitted soon!

• There’s

examples in the talk code repository, but I won’t
discuss this here.
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Provisioning A Multiple A-Z RDS
- name: Provision RDS
  local_action:
        module: rds
        command: create
        region: "{{ aws_region }}"
        multi_zone: yes
        subnet: "{{ aws_db_subnetgroup }}"
        vpc_security_groups: "{{ rdsvpc.group_id }}"
        instance_name: "{{ aws_db_name }}"
        db_engine: "{{ aws_db_engine }}"
        size: "{{ aws_db_size }}"
        instance_type: "{{ aws_db_instanceType }}"
        username: "{{ aws_db_username }}"
        password: "{{ aws_db_password }}"
  register: rds
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Ok, So Now What?
• Remember

the empty host group “launched”?

- name: Add new instances to host group
  local_action: add_host hostname="{{ item.public_ip }}" groupname=launched
  with_items: ec2.instances

• Even

though it was empty earlier, we still assign a role to it:

- hosts: launched
  remote_user: admin
  sudo: True
  roles:
- role: common

• Result: Role

is applied – instance deployed and configured!

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
How Do We Automate Running
Of Ansible Configurations?
• Not

going to discuss Jenkins in
detail, but we can trigger jobs to
run based on:
• Git/Hg/SVN

Commits

• Periodically
• As

a dependent task

• Manually
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Plugging This Into Jenkins
• We

use Perl unit tests to test our playbooks in Jenkins upon
commit - the test script could be as simple (and bad) as:

#!/usr/bin/perl
use Test::More tests => 1;
my $result = `ansible-playbook -i servers --syntax-check site.yml`;
chomp $result;
ok($result eq 'Playbook Syntax is fine', "Syntax check of playbook");

• This

can then be run in Jenkins as:

prove --formatter=TAP::Formatter::JUnit > jenkins-${JOB_NAME}-${BUILD_NUMBER}-junit.xml

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Continuous (Server) Deployment
• Following

a configuration check in Jenkins, we then run the
playbook. This gives us a record of:
• Changes made to the playbook (by who
• Any changes made to a host.
• Full console output of running Ansible.
• Summary of actions taken - e.g.

and when)

PLAY RECAP ********************************************************************
yyy.zzz.doseme.com.au : ok=37
changed=2
unreachable=0
failed=0
Finished: SUCCESS
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Continuous (Server) Deployment

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Challenges - Ansible, AWS, & Jenkins
• We

started using Ansible early (pre-1.0, from memory)

• The syntax has changed (even how you use
• Roles didn’t exist then (DRY was harder)
• Still

variables!)

missing support for some features:

• The ec2_elb_lb module doesn’t support VPCs.
• rds and ec2 modules in release are lacking some
• We

can’t do continual deployment to production.

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.

features.
Benefits Of Ansible We’ve Found

• We

don’t use Ruby, so we don’t need to deploy Ruby.
• We don’t have to worry about agent deployment.
• The Python modules are relatively easily extendable.
• It

was easy to start with a simple playbook and grow it as
the company has – no complex setup required to begin.

DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
Questions?
$ git clone git@bitbucket.org:doseme/ansible-aws-talk.git
http://docs.ansible.com
http://boto.readthedocs.org/en/latest/ec2_tut.html

e’re
W
g!
ir in
H
DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.

More Related Content

What's hot

Continuous Testing with Molecule, Ansible, and GitHub Actions
Continuous Testing with Molecule, Ansible, and GitHub ActionsContinuous Testing with Molecule, Ansible, and GitHub Actions
Continuous Testing with Molecule, Ansible, and GitHub ActionsJeff Geerling
 
Automating aws infrastructure and code deployments using Ansible @WebEngage
Automating aws infrastructure and code deployments using Ansible @WebEngageAutomating aws infrastructure and code deployments using Ansible @WebEngage
Automating aws infrastructure and code deployments using Ansible @WebEngageVishal Uderani
 
Ansible Oxford - Cows & Containers
Ansible Oxford - Cows & ContainersAnsible Oxford - Cows & Containers
Ansible Oxford - Cows & Containersjonatanblue
 
Ansible Intro - June 2015 / Ansible Barcelona User Group
Ansible Intro - June 2015 / Ansible Barcelona User GroupAnsible Intro - June 2015 / Ansible Barcelona User Group
Ansible Intro - June 2015 / Ansible Barcelona User GroupOrestes Carracedo
 
Ansible 2 and Ansible Galaxy 2
Ansible 2 and Ansible Galaxy 2Ansible 2 and Ansible Galaxy 2
Ansible 2 and Ansible Galaxy 2Jeff Geerling
 
CI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureCI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureFaisal Shaikh
 
DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!Jeff Geerling
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Richard Donkin
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentationSuresh Kumar
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...Simplilearn
 
Managing Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with AnsibleManaging Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with Ansiblefmaccioni
 
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Idan Tohami
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Keith Resar
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction Robert Reiz
 
Introduction to ansible galaxy
Introduction to ansible galaxyIntroduction to ansible galaxy
Introduction to ansible galaxyIvan Serdyuk
 
Jenkins and ansible reference
Jenkins and ansible referenceJenkins and ansible reference
Jenkins and ansible referencelaonap166
 
Getting Started with Ansible
Getting Started with AnsibleGetting Started with Ansible
Getting Started with AnsibleAhmed AbouZaid
 
Ansible module development 101
Ansible module development 101Ansible module development 101
Ansible module development 101yfauser
 

What's hot (20)

Cyansible
CyansibleCyansible
Cyansible
 
Continuous Testing with Molecule, Ansible, and GitHub Actions
Continuous Testing with Molecule, Ansible, and GitHub ActionsContinuous Testing with Molecule, Ansible, and GitHub Actions
Continuous Testing with Molecule, Ansible, and GitHub Actions
 
Automating aws infrastructure and code deployments using Ansible @WebEngage
Automating aws infrastructure and code deployments using Ansible @WebEngageAutomating aws infrastructure and code deployments using Ansible @WebEngage
Automating aws infrastructure and code deployments using Ansible @WebEngage
 
Ansible Oxford - Cows & Containers
Ansible Oxford - Cows & ContainersAnsible Oxford - Cows & Containers
Ansible Oxford - Cows & Containers
 
Ansible Intro - June 2015 / Ansible Barcelona User Group
Ansible Intro - June 2015 / Ansible Barcelona User GroupAnsible Intro - June 2015 / Ansible Barcelona User Group
Ansible Intro - June 2015 / Ansible Barcelona User Group
 
Ansible 2 and Ansible Galaxy 2
Ansible 2 and Ansible Galaxy 2Ansible 2 and Ansible Galaxy 2
Ansible 2 and Ansible Galaxy 2
 
CI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureCI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for Infrastructure
 
DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!DevOps for Humans - Ansible for Drupal Deployment Victory!
DevOps for Humans - Ansible for Drupal Deployment Victory!
 
Ansible - Hands on Training
Ansible - Hands on TrainingAnsible - Hands on Training
Ansible - Hands on Training
 
Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)Go Faster with Ansible (PHP meetup)
Go Faster with Ansible (PHP meetup)
 
Ansible presentation
Ansible presentationAnsible presentation
Ansible presentation
 
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
What Is Ansible? | How Ansible Works? | Ansible Tutorial For Beginners | DevO...
 
Managing Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with AnsibleManaging Your Cisco Datacenter Network with Ansible
Managing Your Cisco Datacenter Network with Ansible
 
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.Ansible 2.0 - How to use Ansible to automate your applications in AWS.
Ansible 2.0 - How to use Ansible to automate your applications in AWS.
 
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
Ansible Automation Best Practices From Startups to Enterprises - Minnebar 12
 
Ansible Introduction
Ansible Introduction Ansible Introduction
Ansible Introduction
 
Introduction to ansible galaxy
Introduction to ansible galaxyIntroduction to ansible galaxy
Introduction to ansible galaxy
 
Jenkins and ansible reference
Jenkins and ansible referenceJenkins and ansible reference
Jenkins and ansible reference
 
Getting Started with Ansible
Getting Started with AnsibleGetting Started with Ansible
Getting Started with Ansible
 
Ansible module development 101
Ansible module development 101Ansible module development 101
Ansible module development 101
 

Viewers also liked

Devops services
Devops servicesDevops services
Devops servicesRomexsoft
 
Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber. Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber. Stelligent
 
Mule ESB Tutorial Part 1
Mule ESB Tutorial Part 1Mule ESB Tutorial Part 1
Mule ESB Tutorial Part 1Srikanth N
 
Mule ESB - Integration Simplified
Mule ESB - Integration SimplifiedMule ESB - Integration Simplified
Mule ESB - Integration SimplifiedRich Software
 
Automated Deployments with Ansible
Automated Deployments with AnsibleAutomated Deployments with Ansible
Automated Deployments with AnsibleMartin Etmajer
 
Ansible: How to Get More Sleep and Require Less Coffee
Ansible: How to Get More Sleep and Require Less CoffeeAnsible: How to Get More Sleep and Require Less Coffee
Ansible: How to Get More Sleep and Require Less CoffeeSarah Z
 
7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins UsersAndrew Bayer
 
Test-Driven Infrastructure with Ansible, Test Kitchen, Serverspec and RSpec
Test-Driven Infrastructure with Ansible, Test Kitchen, Serverspec and RSpecTest-Driven Infrastructure with Ansible, Test Kitchen, Serverspec and RSpec
Test-Driven Infrastructure with Ansible, Test Kitchen, Serverspec and RSpecMartin Etmajer
 

Viewers also liked (9)

Devops services
Devops servicesDevops services
Devops services
 
Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber. Test-Driven Infrastructure with CloudFormation and Cucumber.
Test-Driven Infrastructure with CloudFormation and Cucumber.
 
Mule ESB Tutorial Part 1
Mule ESB Tutorial Part 1Mule ESB Tutorial Part 1
Mule ESB Tutorial Part 1
 
Mule ESB Fundamentals
Mule ESB FundamentalsMule ESB Fundamentals
Mule ESB Fundamentals
 
Mule ESB - Integration Simplified
Mule ESB - Integration SimplifiedMule ESB - Integration Simplified
Mule ESB - Integration Simplified
 
Automated Deployments with Ansible
Automated Deployments with AnsibleAutomated Deployments with Ansible
Automated Deployments with Ansible
 
Ansible: How to Get More Sleep and Require Less Coffee
Ansible: How to Get More Sleep and Require Less CoffeeAnsible: How to Get More Sleep and Require Less Coffee
Ansible: How to Get More Sleep and Require Less Coffee
 
7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users7 Habits of Highly Effective Jenkins Users
7 Habits of Highly Effective Jenkins Users
 
Test-Driven Infrastructure with Ansible, Test Kitchen, Serverspec and RSpec
Test-Driven Infrastructure with Ansible, Test Kitchen, Serverspec and RSpecTest-Driven Infrastructure with Ansible, Test Kitchen, Serverspec and RSpec
Test-Driven Infrastructure with Ansible, Test Kitchen, Serverspec and RSpec
 

Similar to DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'

Ansible Devops North East - slides
Ansible Devops North East - slides Ansible Devops North East - slides
Ansible Devops North East - slides InfinityPP
 
Deploy, Manage, and Scale Your Apps with OpsWorks and Elastic Beanstalk
Deploy, Manage, and Scale Your Apps with OpsWorks and Elastic BeanstalkDeploy, Manage, and Scale Your Apps with OpsWorks and Elastic Beanstalk
Deploy, Manage, and Scale Your Apps with OpsWorks and Elastic BeanstalkAmazon Web Services
 
MongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James BroadheadMongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James BroadheadMongoDB
 
Scaling Django Apps using AWS Elastic Beanstalk
Scaling Django Apps using AWS Elastic BeanstalkScaling Django Apps using AWS Elastic Beanstalk
Scaling Django Apps using AWS Elastic BeanstalkLushen Wu
 
Ansible Tutorial.pdf
Ansible Tutorial.pdfAnsible Tutorial.pdf
Ansible Tutorial.pdfNigussMehari4
 
MongoDB Management & Ansible
MongoDB Management & AnsibleMongoDB Management & Ansible
MongoDB Management & AnsibleMongoDB
 
Automated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAutomated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAlberto Molina Coballes
 
AWS Webcast - AWS OpsWorks Continuous Integration Demo
AWS Webcast - AWS OpsWorks Continuous Integration Demo  AWS Webcast - AWS OpsWorks Continuous Integration Demo
AWS Webcast - AWS OpsWorks Continuous Integration Demo Amazon Web Services
 
Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...
Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...
Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...Edureka!
 
AWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWS
AWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWSAWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWS
AWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWSAmazon Web Services
 
T3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your appsT3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your appsAmazon Web Services
 
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013Puppet
 
Ansible top 10 - 2018
Ansible top 10 -  2018Ansible top 10 -  2018
Ansible top 10 - 2018Viresh Doshi
 
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...Paul Durivage
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Alex S
 
UNIT-I Introduction to Ansible.pptx
UNIT-I Introduction to Ansible.pptxUNIT-I Introduction to Ansible.pptx
UNIT-I Introduction to Ansible.pptxPandiya Rajan
 

Similar to DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins' (20)

Ansible Devops North East - slides
Ansible Devops North East - slides Ansible Devops North East - slides
Ansible Devops North East - slides
 
Deploy, Manage, and Scale Your Apps with OpsWorks and Elastic Beanstalk
Deploy, Manage, and Scale Your Apps with OpsWorks and Elastic BeanstalkDeploy, Manage, and Scale Your Apps with OpsWorks and Elastic Beanstalk
Deploy, Manage, and Scale Your Apps with OpsWorks and Elastic Beanstalk
 
DevOps for database
DevOps for databaseDevOps for database
DevOps for database
 
MongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James BroadheadMongoDB Ops Manager and Kubernetes - James Broadhead
MongoDB Ops Manager and Kubernetes - James Broadhead
 
ansible_rhel.pdf
ansible_rhel.pdfansible_rhel.pdf
ansible_rhel.pdf
 
Scaling Django Apps using AWS Elastic Beanstalk
Scaling Django Apps using AWS Elastic BeanstalkScaling Django Apps using AWS Elastic Beanstalk
Scaling Django Apps using AWS Elastic Beanstalk
 
Ansible Tutorial.pdf
Ansible Tutorial.pdfAnsible Tutorial.pdf
Ansible Tutorial.pdf
 
MongoDB Management & Ansible
MongoDB Management & AnsibleMongoDB Management & Ansible
MongoDB Management & Ansible
 
Automated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. AnsibleAutomated Deployment and Configuration Engines. Ansible
Automated Deployment and Configuration Engines. Ansible
 
AWS Webcast - AWS OpsWorks Continuous Integration Demo
AWS Webcast - AWS OpsWorks Continuous Integration Demo  AWS Webcast - AWS OpsWorks Continuous Integration Demo
AWS Webcast - AWS OpsWorks Continuous Integration Demo
 
Managing Postgres with Ansible
Managing Postgres with AnsibleManaging Postgres with Ansible
Managing Postgres with Ansible
 
Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...
Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...
Chef vs Puppet vs Ansible vs SaltStack | Configuration Management Tools Compa...
 
AWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWS
AWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWSAWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWS
AWS Summit Stockholm 2014 – T5 – Deploy, manage and scale applications on AWS
 
Ansible
AnsibleAnsible
Ansible
 
T3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your appsT3 - Deploy, manage, and scale your apps
T3 - Deploy, manage, and scale your apps
 
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013Bootstrapping Puppet and Application Deployment - PuppetConf 2013
Bootstrapping Puppet and Application Deployment - PuppetConf 2013
 
Ansible top 10 - 2018
Ansible top 10 -  2018Ansible top 10 -  2018
Ansible top 10 - 2018
 
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...
Ransack, an Application Built on Ansible's API for Rackspace -- AnsibleFest N...
 
Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015Ansible is the simplest way to automate. MoldCamp, 2015
Ansible is the simplest way to automate. MoldCamp, 2015
 
UNIT-I Introduction to Ansible.pptx
UNIT-I Introduction to Ansible.pptxUNIT-I Introduction to Ansible.pptx
UNIT-I Introduction to Ansible.pptx
 

Recently uploaded

Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7DianaGray10
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXTarek Kalaji
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationIES VE
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesMd Hossain Ali
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 

Recently uploaded (20)

Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7UiPath Studio Web workshop series - Day 7
UiPath Studio Web workshop series - Day 7
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
VoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBXVoIP Service and Marketing using Odoo and Asterisk PBX
VoIP Service and Marketing using Odoo and Asterisk PBX
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve DecarbonizationUsing IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
Using IESVE for Loads, Sizing and Heat Pump Modeling to Achieve Decarbonization
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just MinutesAI Fame Rush Review – Virtual Influencer Creation In Just Minutes
AI Fame Rush Review – Virtual Influencer Creation In Just Minutes
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 

DevOps in a Regulated World - aka 'Ansible, AWS, and Jenkins'

  • 1. DevOps in a Regulated World aka ‘Ansible, AWS, and Jenkins’ www.doseme.com.au $ git clone git@bitbucket.org:doseme/ansible-aws-talk.git
  • 2. Overview • What is DoseMe? • DevOps devices and medical • Ansible Overview • Ansible and AWS • Our technology decisions and the results DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 3. What Is DoseMe? • DoseMe: simple dose-individualisation, with: • iPad, iPhone, web and mobile web. • GP patient management software • HL7 integration (e.g. Pathology) • Can dose many classes of drugs. • Dosing individually: • Increases the childhood leukaemia survival rate by 15%. • Save an average $2,500/patient on aminoglycosides. DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 4. How Does DoseMe Work? • It is your first day in a new job, in a new location, how much time would you give yourself to drive to work? • You didn’t get fired on your first day. . . what influences your decision on when to leave home on your second day of work? • We can calculate your next drug dose the same way - using mathematical models of drug absorption/clearance fit to your prior data. DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 5. What’s A Medical Device? W! NE DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 6. DoseMe - A Medical Device? Not currently a medical device Lower classification medical device Higher classification medical device DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 7. How Is This Relevant To DevOps? • Medical device guidelines require: • Traceability of complaints / features / fixes • Reproducible production environment / ‘manufacturing’ • Consistent, maintained, and recorded production environment • Maintained records of production ‘manufacturing runs’ • Regular and repeatable QA/QC testing DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014. } +
  • 8. What Is Ansible? • “IT Orchestration Engine” - Config management, deployment. • Like CFEngine, or Puppet, except: • Dead-simple syntax (YAML), executed in order • Written in Python • Agentless • Secure - uses SSH • Free and Open Source (Top 10 Python Project, GitHub) • Backed by a commercial company (AnsibleWorks) DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 9. What Can You Do? (Modules) • Pretty much anything: accelerate acl add_host airbrake_deployment apt apt_key apt_repository arista_interface arista_l2interface arista_lag arista_vlan assemble assert async_status at authorized_key bigip_monitor_http bigip_monitor_tcp bigip_node bigip_pool bigip_pool_member boundary_meter bzr campfire cloudformation command copy cron datadog_event debug digital_ocean django_manage dnsmadeeasy docker docker_image easy_install ec2 ec2_ami ec2_eip ec2_elb ec2_elb_lb ec2_facts ec2_group ec2_key ec2_tag ec2_vol ec2_vpc ejabberd_user elasticache facter fail fetch file filesystem fireball firewalld flowdock gc_storage gce gce_lb gce_net gce_pd gem get_url git github_hooks glance_image group group_by grove hg hipchat homebrew hostname htpasswd include_vars ini_file irc jabber jboss kernel_blacklist keystone_user lineinfile linode lvg lvol macports mail modprobe mongodb_user monit mount mqtt mysql_db mysql_replication mysql_user mysql_variables nagios netscaler newrelic_deployment nova_compute nova_keypair npm ohai open_iscsi openbsd_pkg openvswitch_bridge openvswitch_port opkg osx_say ovirt DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014. pacman pagerduty pause ping pingdom pip pkgin pkgng pkgutil portinstall postgresql_db postgresql_privs postgresql_user quantum_floating_ip quantum_floating_ip_assoc iate quantum_network quantum_router quantum_router_gateway quantum_router_interface quantum_subnet rabbitmq_parameter rabbitmq_plugin rabbitmq_policy rabbitmq_user rabbitmq_vhost raw rax rax_clb rax_clb_nodes rax_dns rax_dns_record rax_facts rax_files rax_files_objects rax_keypair rax_network rax_queue rds redhat_subscription redis rhn_channel rhn_register riak route53 rpm_key s3 script seboolean selinux service set_fact setup shell slurp stat subversion supervisorctl svr4pkg swdepot synchronize sysctl template unarchive uri urpmi All user of these are in core virt wait_for xattr yum zfs zypper zypper_repository
  • 10. Installation • In this talk, we use the devel branch of ansible (currently required for some AWS features). $ $ $ $ sudo pip install paramiko PyYAML jinja2 httplib2 git clone git://github.com/ansible/ansible.git cd ansible git checkout devel $ source ./hacking/env-setup OR $ sudo python setup.py install • We also need boto installed to talk to EC2 $ sudo pip install boto DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 11. Inventory And Selecting Hosts • Simple ini-style definitions, grouping hosts: # file: server-inventory [local] localhost [www] www01.example.com www02.example.com [launched] # Empty - We’ll discuss later DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014. • Ad-hoc commands let you select hosts or groups, using logical operators: $ ansible -m ping www $ ansible -m ping www:!local
  • 12. A Simple Ad-Hoc Task • Guaranteed co-workers: to annoy your $ ansible all -i inventory_file -m apt pkg=sl state=installed DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 13. Ansible In Production - Playbooks • How you use ansible in production. • Executed in order. • Files can include other files. --# Example Playbook - hosts: all vars_files: - vars/common.yml tasks: - include: tasks/common.yml handlers: - include: handlers/common.yml DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 14. Ansible In Production - Roles • DRY: • Roles allow you to reuse: • Tasks • Variables • Handlers • Files • Templates DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 15. Ansible In Production - Roles roles/ common/ tasks/ files/ templates/ handlers/ vars/ meta/ www/ tasks/ files/ templates/ handlers/ vars/ meta/ DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014. • A main.yml in all of these folders will be included via a simple definition: --- hosts: www remote_user: admin sudo: True roles: - common - www
  • 16. Ansible & AWS •A sample playbook is available via git at: $ git clone git@bitbucket.org:doseme/ansible-aws-talk.git https://bitbucket.org/doseme/ansible-aws-talk/ • Demonstrates configuring: • VPC and two security groups • Two EC2 instances (in VPC) • RDS (in VPC) • Elastic Load Balancer • Installs Apache, Vim, Postfix, screen, and sudo on instances. DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 17. Ansible & AWS - Authentication • Firstly, create an IAM role - e.g. belonging to a power-user group. Download the credentials, then: • Add to $HOME/.boto: [Credentials] aws_access_key_id = <Access Key> aws_secret_access_key = <Secret Key> • Now we’re ready to deploy! DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 18. Deploying EC2 Instances - 1/3 - name: Provision EC2 instances - zone 1   local_action:         module: ec2         state: present         id: "{{ idempotent_id }}"         region: "{{ aws_region }}"         keypair: "{{ aws_keypair }}"         group: ansibleDeployedDefault         instance_type: "{{ aws_instanceType }}"         image: "{{ aws_image }}"         vpc_subnet_id: "{{ vpc.subnets[0].id }}"   register: ec2 DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 19. Deploying EC2 Instances - 2/3 • If you’re running Ansible every hour, last thing that you want is to deploy another complete set of servers on every run. {{ idempotent_id }} • Can represent either one or a set of instances - do not reuse. • See here for a guide: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 20. Deploying EC2 Instances - 3/3 - name: Provision EC2 instances - zone 1   local_action:         module: ec2         state: present         id: "{{ idempotent_id }}"         region: "{{ aws_region }}"         keypair: "{{ aws_keypair }}"         group: ansibleDeployedDefault         instance_type: "{{ aws_instanceType }}"         image: "{{ aws_image }}"         vpc_subnet_id: "{{ vpc.subnets[0].id }}"   register: ec2 DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 21. VPCs And Security Groups - name: "Provision VPC in {{ aws_region }}"   local_action:         module: ec2_vpc         state: present         cidr_block: 10.1.0.0/16         subnets: - cidr: 10.1.1.0/24                   az: us-east-1a - cidr: 10.1.2.0/24                   az: us-east-1d         internet_gateway: True         route_tables: - subnets: - 10.1.1.0/24 - 10.1.2.0/24                   routes: - dest: 0.0.0.0/0                           gw: igw         region: "{{ aws_region }}"         wait: yes   register: vpc DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014. - name: Provision ec2 security group   local_action:         module: ec2_group         state: present         name: ansibleDeployedDefault         description: "Default -http"         vpc_id: "{{ vpc.vpc_id }}"         region: "{{ aws_region }}"         rules: - proto: tcp             from_port: 80             to_port: 80             cidr_ip: 0.0.0.0/0
  • 22. VPCs And Security Groups • Each Ansible task returns a data-structure of useful information, which we can register to a variable and then use. • -v will show you the returned output from a task in JSON. • The docs aren’t terribly clear on the data returned, so developing Ansible playbooks requires liberal use of -v. rob@zazu:~/projects/git/doseme-config-warfarin-aws$ ansible-playbook -i server_inventory site.yml -v PLAY [local] ****************************************************************** TASK: [aws | Provision VPC in us-east-1] ************************************** ok: [localhost] => {"changed": false, "item": "", "subnets": [{"az": "us-east-1d", "cidr": "10.2.2.0/24", "id": "subnet-e9f8f49d"}, {"az": "us-east-1a", "cidr": "10.2.1.0/24", "id": "subnet-40371e06"}], "vpc": {"cidr_block": "10.2.0.0/16", "dhcp_options_id": "dopt-d8d7ddba", "id": DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 23. Provisioning An ELB • Unfortunately, even devel branch Ansible doesn’t yet support creating Elastic Load Balancers in VPCs (It does support adding hosts to them). • We’re working on a patch internally, and hope to have this working and submitted soon! • There’s examples in the talk code repository, but I won’t discuss this here. DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 24. Provisioning A Multiple A-Z RDS - name: Provision RDS   local_action:         module: rds         command: create         region: "{{ aws_region }}"         multi_zone: yes         subnet: "{{ aws_db_subnetgroup }}"         vpc_security_groups: "{{ rdsvpc.group_id }}"         instance_name: "{{ aws_db_name }}"         db_engine: "{{ aws_db_engine }}"         size: "{{ aws_db_size }}"         instance_type: "{{ aws_db_instanceType }}"         username: "{{ aws_db_username }}"         password: "{{ aws_db_password }}"   register: rds DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 25. Ok, So Now What? • Remember the empty host group “launched”? - name: Add new instances to host group   local_action: add_host hostname="{{ item.public_ip }}" groupname=launched   with_items: ec2.instances • Even though it was empty earlier, we still assign a role to it: - hosts: launched   remote_user: admin   sudo: True   roles: - role: common • Result: Role is applied – instance deployed and configured! DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 26. How Do We Automate Running Of Ansible Configurations? • Not going to discuss Jenkins in detail, but we can trigger jobs to run based on: • Git/Hg/SVN Commits • Periodically • As a dependent task • Manually DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 27. Plugging This Into Jenkins • We use Perl unit tests to test our playbooks in Jenkins upon commit - the test script could be as simple (and bad) as: #!/usr/bin/perl use Test::More tests => 1; my $result = `ansible-playbook -i servers --syntax-check site.yml`; chomp $result; ok($result eq 'Playbook Syntax is fine', "Syntax check of playbook"); • This can then be run in Jenkins as: prove --formatter=TAP::Formatter::JUnit > jenkins-${JOB_NAME}-${BUILD_NUMBER}-junit.xml DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 28. Continuous (Server) Deployment • Following a configuration check in Jenkins, we then run the playbook. This gives us a record of: • Changes made to the playbook (by who • Any changes made to a host. • Full console output of running Ansible. • Summary of actions taken - e.g. and when) PLAY RECAP ******************************************************************** yyy.zzz.doseme.com.au : ok=37 changed=2 unreachable=0 failed=0 Finished: SUCCESS DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 29. Continuous (Server) Deployment DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 30. Challenges - Ansible, AWS, & Jenkins • We started using Ansible early (pre-1.0, from memory) • The syntax has changed (even how you use • Roles didn’t exist then (DRY was harder) • Still variables!) missing support for some features: • The ec2_elb_lb module doesn’t support VPCs. • rds and ec2 modules in release are lacking some • We can’t do continual deployment to production. DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014. features.
  • 31. Benefits Of Ansible We’ve Found • We don’t use Ruby, so we don’t need to deploy Ruby. • We don’t have to worry about agent deployment. • The Python modules are relatively easily extendable. • It was easy to start with a simple playbook and grow it as the company has – no complex setup required to begin. DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.
  • 32. Questions? $ git clone git@bitbucket.org:doseme/ansible-aws-talk.git http://docs.ansible.com http://boto.readthedocs.org/en/latest/ec2_tut.html e’re W g! ir in H DoseMe | Ansible & AWS In a Regulated World | Brisbane Devops, 27th Feb 2014.