Clever Geek Handbook

Ansible is idempotent. Alexey Sokolov







Hello! My name is Alexey Sokolov. I represent the company mail.ru. And today we'll talk about Ansible.















First, a small survey. Who has ever worked with Ansible? Wonderful, almost everything. And this is a very revealing thing. Ansible is usually the tool that people start using when they first come to the DevOps story.







Who left Ansible in favor of other tools? For example, Salt, Chef? Why?







. , Ansible. , . , , . , , .













- , . : Chef, Puppet. ? , , . , Ansible – . , – .







Ansible , . . , , . . , .







, -, , . .













. .













Ansible. . , Ansible, , .







.







, , . - , , . , , .







, , Ansible, .













. , -, , . .













? . . , , .







. , . - , - - . , .













, . . . , .







– ?







  • – . , - , .
  • , . - , - . . , .
  • , , , .
  • , , - . , . , .








, , .







  • -, , . . , . , , , , , , .
  • -, . , . , : git blame + - .








?







  • -, Ansible, - .
  • -, , , , , .
  • -, , , , , .


, , :













, Ansible, : Ansible – Shell.







Ansible , shell-. Ansible – . Ansible – , , - .













Ansible , .







  • , SSH. SSH, - Ansible’ , .
  • Ansible . Python, , .
  • . . , shell’, . .








  • , , . . , , . , - , , .
  • . , . , , .








. , - , - , .







, - . , - , - . .







, - .













: shell. . . Ansible , shell- makefile, - , . . .













shell . ? .













.







  • shell. Ansible - .
  • , , , , - .
  • , .


, Ansible , .













, ? , , ? .













? , . .













Ansible : , , . . . Ansible .













: – , – .













? , Ansible ?







  • -, , .
  • -, , . . . - , Ansible .
  • -, , . , , - , . . - , - . . .








?







. , . .







. register, . . register, , . - : Β« Β». , , .













:







  • , Ansible .
  • .
  • .








, - . diff, , , , . .







, . ? ? -?













, . , . , .







, . , .







- . - . . - - . . Ignore_errors – .







, - , . , , . , ?













, . . .







, , , , shell: Ansible . : Β« , ? rm, shell- Ansible? . !Β»













? , . ignore_errors .













:







  • -, - . , , . - , . . . 0 - , .
  • , (. race condition). - . . , . Ignore_errors – .
  • . , - . , . , .








, ?







register. , exit code . . , . Ansible failed_when. , , , .







, . , . - . : Β« , Β». - , , , , .













. , 124- . : Β« 124, Β». 124, , 124, - . 124 , Ansible , .







, , , . .







. . Ansible , - . Β«exit 124Β» - ? , . .



















  • changed_when, . . , , - . , , , : changed_when: false Ansible , , .







  • , . : creates removes. , , , , -, -.







    , , : - creates , Ansible , . , .







    removes. , , .







  • , , . , stdout, stderr . – .















? . . , changed_when: false. . Ansible . : Β«, Β».













, - . , . , , - . .







, pause. , , .







. wait_for. : Β«, , Β». Ansible . . - . tcp, , . . . , - .







, . . , - , . , .













? . , . , Ansible. Ansible , .













. : Β«PauseΒ», - . , . , , , -.













. : Β« , . , Β».













. , exit 0. . exit 0 , . , , , . , , .







.













, - . . . , - .







, . , . , .













. - . , . , . , , .







, , , .







: failed_when: true. , . : Β« Β». , - . , , , Β« Β».













. , , .













-, handler.







Handler – - , . .







- playbook, . - handlers, . . . , , , . - , handlers , .







, - . , handlers . , flush_hundlers , – when: changed. - , , .







, , .













. . , – . . . , , playbook, . port, port, port, , , .







  • . , . , .
  • – .








– «». , - . , . ? Ansible . , , .













. hash_behavior. Ansible, .







, . , - , - , . , . .













, , , , . - , - . - - , - . .







. , - .













, , , , .













, , , .







, . – - , - , , . – , .







changes 0, , - , . , - , - - .







, - , - .







Ansible , . . , , .













  • . , Ansible shell, Ansible .
  • , . , .
  • , - . , - . , - , - .
  • . .








: , , . , , , .













! .













. Ansible. ? , , ?







, . . - , , , , Kubernetes. .







! ! ? , . ?







. .







, , . branch. branch – galaxy- = - .







! . : Β« : - YAML, Ansible-lint ?Β».







YAML-lint – . , , .







, – - , - . , - - , . . , , – , , , .







. , .







! - hash_behavior merge, , ? , , ?







defaults, , . . , .







. , . , , , .







- hash_behavior, - . , hash_behavior – , , .







, . ?







, .







! Ansible-? ? root Ansible-? ?







, , SystemD, sudo, - root.







! , , include_task, import_task? , , , - ? common?*







common .







includes, . , - , , , , . . - , . .







?







. .







?







. - .







, …







, . , . . ., , - , .







. ?







, , . .







?







.







! Ansible ? ? ?







Ansible-vault, .







Ansible, Ansible – , , , . - , , , .







Ansible . , , , .







. . Ansible, ? , ?







, .







! ! ? , Ansible, , 300-400-500 .







In our conditions, there is no such volume. Ansible does not cover the entire infrastructure. Used pointwise. And if you really need some kind of high-performance solution designed for a large number of servers, then - yes, probably it is worth moving away from Ansible in favor of other centralized solutions that can handle all this much more reliably. Ansible is not about managing several hundred, thousands of servers.







PS In addition to this report, the author has a workshop posted on GitHub , which may come in handy.







More articles:


All Articles