Yearly Archives: 2012

Using ansible-pull and user-data to setup EC2 or OpenStack servers.

Using Ansible for a number of machines, using pull architecture.
The goal here is to be able to launch a number of instance by pulling ansible playbooks.

The file user-data-ansible-pull contains:

Assuming you setup your AWS EC2 or euca-tools:

prompt$ ec2-run-instances ami-a29943cb -t t1.micro \
              -k gsg-keypair -f ~/Desktop/user-data-ansible-pull

How it works?
1. Run the instance and use the user-data.
2. user-data will be executed by cloud-init and will install needed packages for ansible.
3. Install ansible via git clone
4. Setup ansible hosts variable.
5. Run ansible-pull, set parameter to a git playbook repository to clone.
6. From playbook, ansible-pull reads the local.yml whic defines the tasks to be executed.

(On the Ansible docs, it features another trick to setup a cronjob fetch for new playbooks.
See ansible examples on github. )

Simple eh? Let’s start writing more playbooks, includes these at local.yml.
Fire away your new Openstack and EC2 instances.

Ansible Nginx Playbook

With the last post related to Ansible, I present a simple example of using templates and playbook.
The directory structure of Ansible Nginx playbook:

nginx-playbook/
  nginx-ubuntu.yml 
  - template/ 
      nginx.j2
  - tasks

Here’s the nginx-ubuntu.yml

---

- hosts: web-servers
  user: ubuntu 
  sudo: True

  vars:
     #workers: use at template ansible_processor_count 
     connections : "1024" 

     is_10_up: "'$ansible_distribution_version'  >= '10.04'"
     is_ubuntu: "'$ansible_distribution' == 'Ubuntu'"

  tasks:
     # Note: these tasks can be written to a file 
     #       and include that file here to make it cleaner.
     - name: install python-software-properties
       action: apt pkg='python-software-properties' ensure=installed

     - name: "add nginx ppa if it ubuntu 10.04 and up"
       action: command /usr/bin/add-apt-repository -y ppa:nginx/stable
       only_if: '$is_ubuntu and $is_10_up'

     - name: update apt repo
       action: command /usr/bin/apt-get update

     - name: install nginx 
       action: apt pkg=nginx ensure=installed

     - name: write nginx.conf 
       action: template src=templates/nginx.j2 dest=/etc/nginx/nginx.conf
       notify:
       - restart nginx

  handlers:
     - name: restart nginx
       action: service name=nginx state=restarted

Here, the template is using generated variable ansible_processor_count and a user-defined variable connections on playbook.
The template file: templates/nginx.j2

user www-data;
worker_processes {{ ansible_processor_count }};

pid /var/run/nginx.pid;

events {
	worker_connections {{ connections }} ;
	# multi_accept on;
}

http {

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "msie6";

	# gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	# gzip_buffers 16 8k;
	# gzip_http_version 1.1;
	# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# If HTTPS, then set a variable so it can be passed along.
	##

	map $scheme $server_https {
		default off;
		https on;
	}

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}

I run this against Ubuntu Oneiric.

(ansi_env) ansible-playbook nginx-ubuntu.yml -T 30 
 
PLAY [web-servers] ****************************

SETUP PHASE ****************************

ok: [15.185.123.x]


TASK: [install python-software-properties] *********

ok: [15.185.123.x] => apt pkg='python-software-properties' ensure=installed


TASK: [add nginx ppa if it ubuntu 10.04 and up] *********

ok: [15.185.123.x] => command /usr/bin/add-apt-repository -y ppa:nginx/stable


TASK: [update apt repo] *********

ok: [15.185.123.x] => command /usr/bin/apt-get update


TASK: [install nginx] *********

ok: [15.185.123.x] => apt pkg=nginx ensure=installed


TASK: [write nginx.conf] *********

ok: [15.185.123.x] => template src=/home/ubuntu/.ansible/tmp/ansible.pVJ9lH/source dest=/etc/nginx/nginx.conf


NOTIFIED: [restart nginx] **********

ok: [15.185.123.x] => service name=nginx state=restarted



PLAY RECAP **********************


15.185.123.x                 : ok=   7 changed=   4 unreachable=   0 failed=   0 

Although this prompts for error on the current devel branch of Ansible, there’s a minor fix https://github.com/ansible/ansible/pull/282 for it.

That solves the Nginx restarts when the config file is updated. 🙂
Update: 05/04/2012 service path now fixed on devel branch.
Update: 05/07/2012 I’ve placed this playbook on my github.
Update: 06/14/2012 Added Fred’s Pedantically commented playbook example
Update: 07/10/2012 On version 0.5 service unable to get status http://bit.ly/PIGJ3I

Related examples:
https://github.com/sfromm/ansible-playbooks
https://github.com/mpdehaan/ansible-examples
Fred Alger: Pedantically commented playbook example