Site Administration Tools: Ansible Christos Kanellopoulos, GRNET SAGrid All-Hands Meeting, 26 March 2013

Started back on Feb 2012 (The new kid in block) Project History Started back on Feb 2012 (The new kid in block) More than 1300 followers on GitHub 100+ Contributors in just 1 year Diverse user base (large .coms, hosting providers, universities, consultants, government agencies)

Config & Deployment over SSH Features Config & Deployment over SSH Eliminate adoption overhead (eg No requirement for PKI) Self-bootstrapping No extra daemons, No Server, Nothing to Install on Client Machines Multi-Tier Management Very Simple management language

Paramiko: Python SSH (very easy to use) Transport Options Paramiko: Python SSH (very easy to use) SSH: User plain OpenSSH (useful in cases where the authentication on the infrastructure is using Kerberor) Local: Runs directly on the client usually via cron Pull: Same like local mode, but with periodic pull request Fireball: Ephemeral 0mq daemon

Architecture

ansible/inventory [grid-cluster-services:children] [grid-cluster-worker-nodes] wn001.localdomain … wn100.localdomain [grid-cluster-site-bdii] sbdii.localdomain [grid-cluster-cream-servers] cream01.localdomain [grid-cluster-storage-elements] se01.localdomain [grid-cluster-wms-servers] wms01.localdomain Wms02.localdomain [grid-cluster-apel-servers] apel01.localdomain [grid-cluster-site-services:children] grid-cluster-site-bdii grid-cluster-cream-servers grid-cluster-storage-elements grid-cluster-apel-servers … [grid-cluster-core-services:children] grid-cluster-wms-servers grid-cluster-myproxy-servers grid-cluster-logical-file-catalogs grid-cluster-nagios-servers [grid-cluster-services:children] grid-cluster-site-services grid-cluster-core-services [grid-cluster:children] grid-cluster-worker-nodes grid-cluster-services

More than 70 core modules Transport Options http://ansible.cc/docs/modules.html pip selinux git yum apt user service copy template file nagios virt ini_file mysql Postgresql facter ohai subversion ping fireball

Parallel Task Execution $ ansible ‘grid-cluster-wms-servers’ \ –m ping $ ansible ‘grid-cluster-worker-nodes’ –a \ ‘sudo –I /yaim -c –s site-info.def \ -n MPI_WN -n WN -n TORQUE_client` $ ansible all –m user ‘name=joe \ state=absent’

Idempotent Resource Model example Service started: Started if not running stopped: Stop if running restarted: restart regardless Yum absent: remove if installed present: install if not installed *name=version: install a specific version latest: update if not at latest version

Release Engineering / Rolling Updates Set up dev environment Playbooks OS Configuration App deployment Release Engineering / Rolling Updates Set up dev environment

Example playbook - include: tasks/yaim/config_dirs.yml - hosts: nagios-servers user: ansible sudo: True vars_files: - vars/yaim.yml - vars/distros/Centos-5. tasks: - include: tasks/certificates/config.yml - include: tasks/egi-sam/repo.yml - include: tasks/glite/bdii-repo.yml - include: tasks/egi-sam/install.yml - include: tasks/egi-sam/nagios-server.yml - include: tasks/yaim/config_dirs.yml - include: tasks/yaim/vos/ops.yml - include: tasks/yaim/vos/dteam.yml - include: tasks/yaim/siteinfo.yml handlers: - include: handlers/nagios-server.yml - include: handlers/network.yml

Playbooks for Grid Services Current Apel servers Cream CE SAM Nagios Site BDII Storage Element Worker Node Upcoming WMS MyProxy VOMS Top BDII

Further Information http://www.ansible.cc/ https://github.com/auth-scc/grid-services-deployment