Book Image

Infrastructure as Code (IAC) Cookbook

By : Stephane Jourdan, Pierre Pomès
Book Image

Infrastructure as Code (IAC) Cookbook

By: Stephane Jourdan, Pierre Pomès

Overview of this book

Para 1: Infrastructure as code is transforming the way we solve infrastructural challenges. This book will show you how to make managing servers in the cloud faster, easier and more effective than ever before. With over 90 practical recipes for success, make the very most out of IAC.

Related Content you might be interested in

Current Title:

Small book image
Infrastructure as Code (IAC) Cookbook
Stephane Jourdan | Pierre Pomès
Feb, 2017 | 440 pages
Small book image
Chef Cookbook
Matthias Marschall
Feb, 2017 | 268 pages
Small book image
Getting Started with Terraform
Kirill Shirinkin
Jul, 2017 | 208 pages
Small book image
Docker Orchestration
Randall Smith
Jan, 2017 | 284 pages
Table of Contents (18 chapters)
Infrastructure as Code (IAC) Cookbook
Infrastructure as Code (IAC) Cookbook
Credits
Credits
About the Authors
About the Authors
About the Reviewer
About the Reviewer
www.PacktPub.com
www.PacktPub.com
Customer Feedback
Customer Feedback
Preface
Preface
Free Chapter
1
Vagrant Development Environments
Vagrant Development Environments
Introduction
Adding an Ubuntu Xenial (16.04 LTS) Vagrant box
Using a disposable Ubuntu Xenial (16.04) in seconds
Enabling VirtualBox Guest Additions in Vagrant
Using a disposable CentOS 7.x with VMware in seconds
Extending the VMware VM capabilities
Enabling multiprovider Vagrant environments
Customizing a Vagrant VM
Using Docker with Vagrant
Using Docker in Vagrant for a Ghost blog behind NGINX
Using Vagrant remotely with AWS EC2 and Docker
Simulating dynamic multiple host networking
Simulating a networked three-tier architecture app with Vagrant
Showing your work on the LAN while working with Laravel
Sharing access to your Vagrant environment with the world
Simulating Chef upgrades using Vagrant
Using Ansible with Vagrant to create a Docker host
Using Docker containers on CoreOS with Vagrant
2
Provisioning IaaS with Terraform
Provisioning IaaS with Terraform
Introduction
Configuring the Terraform AWS provider
Creating and using an SSH key pair to use on AWS
Using AWS security groups with Terraform
Creating an Ubuntu EC2 instance with Terraform
Generating meaningful outputs with Terraform
Using contextual defaults with Terraform
Managing S3 storage with Terraform
Creating private Docker repositories with Terraform
Creating a PostgreSQL RDS database with Terraform
Enabling CloudWatch Logs for Docker with Terraform
Managing IAM users with Terraform
3
Going Further with Terraform
Going Further with Terraform
Introduction
Handling different environments with Terraform
Provisioning a CentOS 7 EC2 instance with Chef using Terraform
Using data sources, templates, and local execution
Executing remote commands at bootstrap using Terraform
Using Docker with Terraform
Simulating infrastructure changes using Terraform
Teamwork – sharing Terraform infrastructure state
Maintaining a clean and standardized Terraform code
One Makefile to rule them all
Team workflow example
Managing GitHub with Terraform
External monitoring integration with StatusCake
4
Automating Complete Infrastructures with Terraform
Automating Complete Infrastructures with Terraform
Introduction
Provisioning a complete CoreOS infrastructure on Digital Ocean with Terraform
Provisioning a three-tier infrastructure on Google Compute Engine
Provisioning a GitLab CE + CI runners on OpenStack
Managing Heroku apps and add-ons using Terraform
Creating a scalable Docker Swarm cluster on bare metal with Packet
5
Provisioning the Last Mile with Cloud-Init
Provisioning the Last Mile with Cloud-Init
Introduction
Using cloud-init on AWS, Digital Ocean, or OpenStack
Handling files using cloud-init
Configuring the server's time zone using cloud-init
Managing users, keys, and credentials using cloud-init
Managing repositories and packages using cloud-init
Running commands during boot using cloud-init
Configuring CoreOS using cloud-init
Deploying Chef Client from start to finish using cloud-init
Deploying a remote Docker server using cloud-init
6
Fundamentals of Managing Servers with Chef and Puppet
Fundamentals of Managing Servers with Chef and Puppet
Introduction
Getting started (notions and tools)
Installing the Chef Development kit and Puppet Collections
Creating a free hosted server Chef account and a Puppet server
Automatically bootstrapping a Chef client and a Puppet agent
Installing packages
Managing services
Managing files, directories, and templates
Handling dependencies
More dynamic code using notifications
Centrally sharing data using a Chef data bag and Hiera with Puppet
Creating functional roles
Managing external Chef cookbooks and Puppet modules
7
Testing and Writing Better Infrastructure Code with Chef and Puppet
Testing and Writing Better Infrastructure Code with Chef and Puppet
Introduction
Linting Chef code with Foodcritic and Puppet code with puppet-lint
Unit testing with ChefSpec and rspec-puppet
Testing infrastructure with Test Kitchen for Chef and Beaker for Puppet
Integration testing with ServerSpec
8
Maintaining Systems Using Chef and Puppet
Maintaining Systems Using Chef and Puppet
Introduction
Maintaining consistent systems using scheduled convergence
Creating environments
Using Chef encrypted data bags and Hiera-eyaml with Puppet
Using Chef Vault encryption
Accessing and manipulating system information with Ohai
Automating application deployment (a WordPress example)
Using a TDD workflow
Planning for the worse – train to rebuild working systems
9
Working with Docker
Working with Docker
Introduction
Docker usage overview
Choosing the right Docker base image
Optimizing the Docker image size
Versioning Docker images with tags
Deploying a Ruby-on-Rails web application in Docker
Building and using Golang applications with Docker
Networking with Docker
Creating more dynamic containers
Auto-configuring dynamic containers
Better security with unprivileged users
Orchestrating with Docker Compose
Linting a Dockerfile
Deploying a private Docker registry with S3 storage
10
Maintaining Docker Containers
Maintaining Docker Containers
Introduction
Testing Docker containers with BATS
Test-Driven Development (TDD) with Docker and ServerSpec
The workflow for creating automated Docker builds from Git
The workflow for connecting the Continuous Integration (CI) system
Scanning for vulnerabilities with Quay.io and Docker Cloud
Sending Docker logs to AWS CloudWatch logs
Monitoring and getting information out of Docker
Debugging containers using sysdig
Index
Index

Using Ansible with Vagrant to create a Docker host

Ansible (https://www.ansible.com/) is a very simple and powerful open source automation tool. While using and creating Ansible playbooks is off-topic for this book, we'll use a very simple playbook to install and configure Docker on a CentOS 7 box. Starting from here, you'll be able to iterate through more complex Ansible playbooks.

Getting ready

To step through this recipe, you will need the following:

  • A working Vagrant installation

  • A working hypervisor

  • A working Ansible installation on your machine (an easy way is to $ pip install ansible or to pick your usual package manager like APT or YUM/DNF)

  • An Internet connection

How to do it…

Because writing complex Ansible playbooks is out of the scope of this book, we'll use a very simple one, so you can learn more about Ansible later and still reuse this recipe.

A simple Ansible Docker playbook for Vagrant

Our playbook file (playbook.yml) is a plain YAML file, and we'll do the following in this order:

  1. Install EPEL.

  2. Create a Docker Unix group.

  3. Add the default Vagrant user to the new Docker group.

  4. Install Docker from CentOS repositories.

  5. Enable and start Docker Engine.

Here's how the playbook.yml file looks:

---
- hosts: all
  become: yes
  tasks:
    - name: Enable EPEL
      yum: name=epel-release state=present
    - name: Create a Docker group
      group: name=docker state=present
    - name: Add the vagrant user to Docker group
      user: name=vagrant groups=docker append=yes
    - name: Install Docker
      yum: name=docker state=present
    - name: Enable and Start Docker Daemon
      service: name=docker state=started enabled=yes

Apply Ansible from Vagrant

To use our Ansible playbook, let's start with a simple Vagrantfile starting a CentOS 7 box:

Vagrant.configure("2") do |config|
  config.vm.box = "bento/centos-7.2"
  config.vm.define "srv-1" do |config|
    config.vm.hostname = "srv-1"
    config.vm.network "private_network", type: "dhcp"
  end
end

Simply add Ansible provisioning like this to the VM definition so it will load and apply your playbook.yml file:

    config.vm.provision "ansible" do |ansible|
      ansible.playbook = "playbook.yml"
    end

You can now run vagrant up and use CentOS 7 Docker Engine version right away:

$ vagrant ssh
[vagrant@srv-1 ~]$ systemctl status docker
[vagrant@srv-1 ~]$ docker --version
Docker version 1.10.3, build d381c64-unsupported
[vagrant@srv-1 ~]$ docker run -it --rm alpine /bin/hostname
0f44a4d7afcd

There's more…

What if for some reason you don't or can't have Ansible installed on your host machine? Alternatively, maybe you need a specific Ansible version on your Vagrant box to mimic production and you don't want to mess with your local Ansible installation. There's an interesting variant Ansible provider you can use: it will either use Ansible directly from the guest VM, and if it's not installed, it will install it from official repositories or PIP. You can use this very simple default configuration:

    config.vm.provision "ansible_local" do |ansible|
      ansible.playbook = "playbook.yml"
    end

You can also use the following command:

$ vagrant up
[…]
==> srv-1: Running provisioner: ansible_local...
    srv-1: Installing Ansible...
    srv-1: Running ansible-playbook...
[…]

Log in to the box via SSH and check that Ansible is locally installed with the latest version:

$ vagrant ssh
$ ansible --version
ansible 2.1.1.0

If your use case is different, you can use more precise deployment options, to be able to fix an Ansible version number using PIP (here, version 1.9.6 instead of the latest 2.x series):

Note

It will take noticeably longer to start, as it needs to install many packages on the guest system.

    config.vm.provision "ansible_local" do |ansible|
      ansible.version = "1.9.6"
      ansible.install_mode = :pip
      ansible.playbook = "playbook.yml"
    end

You can also use the following command:

$ vagrant up
[…]
==> srv-1: Running provisioner: ansible_local...
    srv-1: Installing Ansible...
    srv-1: Installing pip... (for Ansible installation)
    srv-1: Running ansible-playbook...

Inside the Vagrant guest, you can now check for the PIP and Ansible versions:

$ pip --version
pip 8.1.2 from /usr/lib/python2.7/site-packages (python 2.7)
$ ansible --version
ansible 1.9.6

You can also check if our playbook has been installed correctly with the old 1.x Ansible version:

$ docker version

Also check if Docker is installed, and verify now it's working as the Vagrant user:

$ docker run -it --rm alpine ping -c2 google.com
PING google.com (216.58.211.78): 56 data bytes
64 bytes from 216.58.211.78: seq=0 ttl=61 time=22.078 ms
64 bytes from 216.58.211.78: seq=1 ttl=61 time=21.061 ms
Previous Section
End of Section 18
Next Section