Orchestration & Extensibility: A preview of Ansible 0.7
In just a few weeks, Ansible 0.7 will be released.
Ansible is, without a doubt, the simplest deployment and config management tool to set up and use today, which leaves time for people to do interesting work — setting up real things — rather than fiddling with some complex framework. It recognizes that when rolling out web (and other) infrastructure you are doing a lot more than just pushing config files — you are interacting with a complex series of different systems, and, gosh darn it, order and when you do things often matters.
0.7 takes those capabilities several steps further.
Orchestration!
What seperates Ansible most from other tools is that it was designed for complex multi-machine orchestration environments from day one — and doesn’t require any additional software or agents on your remote machine. 0.7 takes the idea that you’re not just dealing with one machine in a vacuum and makes it a central focus.
The new ‘serial’ directive to a playbook can be used to decide how many hosts should be executing a playbook in parallel on your infrastructure. This means that if you want to do a rolling deployment of 1 host a time, or 5 at a time, or all in parallel — you can decide that level of parallelism. If you pick “5”, your configuration will complete on only 5 hosts at a time, and they’ll complete all the way through before moving on to the next 5. There’s no danger of taking your infrastructure all down at once for an update. You’re in control. Hosts aren’t just going to check in and decide to “do stuff” when they feel like it.
The new ‘delegate_to’ directive is ideal for communicating with load balancers to take machines out of rotation and put them back — or to speak with a monitoring service to signal an outage window. It allows you to say “host over here, do X on behalf of this other host”. It’s pretty powerful stuff. Combine that with ‘serial’ and drop 5 machines out of a load balanced pool at a time and update those 5 in parallel, then put them back in and get the next 5 when done.
Not Just The Facts
Puppet and Chef have the concept of facts… but it’s often tedious to have to write a fact, it requires writing custom code. Often you just want to run a command and use the result of that command as if it were a variable. The new ‘register’ keyword does exactly that. If you want to write a playbook that does something to hosts with only a certain amount of diskspace (as contrived as that may be), it’s now super easy to do.
Laser Focus!
Ranged patterns allow you to carve out a portion of your infrastructure for updates, allowing you to target, say, 25% of your infrastructure for a rolling update, only to pick up with the remaining other quarters of your infrastructure when the time is right — or deliver some new code to a few servers just to try it out.
A new —limit keyword allows selection of hosts based on “AND” criteria instead of just “OR” criteria. Need to easily target updates to just your webservers that just happen to be in a particular datacenter? Easily done. Do this without having to tweak your recipes.
Modularity!
“Callbacks” are now plugins. This means the way ansible behaves is totally customizable to meet any environment or integration needs. You could use ansible to update nagios or graphite, send logging to a special Enterprise logging service, or activate your office lava lamps. There’s a new repo that hosts these and we even have one that makes “pew pew” laser gun noises on OS X. Yes, we are the first config management tool to have that feature. These plugins aren’t included by default, but you can pick and choose which ones you’d like to include.
Inventory scripts, inspired largely by Puppet’s external nodes system, are also plugins, though we’ve never really called them that. (We’ve had those for a while though, but are part of the overall plugin theme)
Finally, connection types are plugins as well! While ansible offers two SSH options out of the box (paramiko and native openssh), and one local mode, perhaps you’d like to experiment and speak over some other transport — you can now do that, provided you write the daemon.
This Is The Link That You Click On
0.7 is not released quite yet, but you can consume the development branch right now.
