# Example
---
- name: hello world
hosts: all
tasks:
- name: submit greetings
debug:
msg: "Hello DevFest Hamburg!"10 Things You Need To Know About Automating Google Cloud with Ansible
GDG DevFest Hamburg 2016 · October 15th, 2016
Thilo-Alexander Ginkel · TG Byte Software GmbH
thilo.ginkel@tgbyte.de · www.tgbyte.de
About us
TG Byte Software GmbH
Founded in 1998, located in Hamburg
Service Range
Software Development & Consulting
DevOps
Training & Coaching
Looking for freelancers to support us with various projects
Thilo-Alexander Ginkel
Passionate Software Engineer, IT Consultant & Trainer
Focus
Software Development & Architecture
DevOps
Troubleshooting
Software Development since 1994
1. Why Automate Google Cloud Configuration?
1. Why Automate Google Cloud Configuration?
Consistent system landscape configuration
Repeatability
Allows efficient implementation of similar environments (dev, test, staging)
2. What’s this "Ansible" All About?
2. What’s this "Ansible" All About?
"An ansible is a fictional machine capable of instantaneous or superluminal communication. It can send and receive messages to and from a corresponding device over any distance whatsoever with no delay."
— Source: Wikipedia
2. What’s this "Ansible" All About?
Lightweight configuration management
Based on idempotent tasks declared as YAML
Push-based approach (in contrast to what is typically used with Puppet or Chef)
Typically used to configure servers
But: Using "infrastructure as code" paradigm it can also be used to manage infrastructure
2. What’s this "Ansible" All About?
3. Why use Ansible for GCE?
3. Why use Ansible for GCE?
Use single solution for all your configuration management needs
Provision Google Cloud infrastructure and hosts using the same tool chain
Enables multi-cloud scenarios
4. What Can Be Automated?
4. What Can Be Automated?
Ansible ships with a set of Google Cloud related modules for:
GCE Instances ("VMs")
GCE Persistent Disks
GCE Images
Google Cloud DNS
Google Cloud Load Balancer
Google Cloud Networks / Firewall Rules
Google Cloud Storage
5. Examples
GCE Instances
- name: create GCE instance
gce:
disks: example-disk
instance_names: example-instance
machine_type: n1-standard-1
zone: europe-west1-dGCE Persistent Disks
- name: create GCE disk
gce_pd:
name: example-disk
image: debian-8
mode: READ_WRITE
size_gb: 100
zone: europe-west1-dGoogle Cloud Networks / Firewall Rules
- name: allow traffic from load-balancer
gce_net:
name: default
fwname: default-allow-loadbalancer-80
allowed: tcp:80
src_range: 130.211.0.0/226. But…
6. But…
Some of these modules do not offer feature parity with what Google Cloud offers
For some Google Cloud features there is no Ansible module at all
7. But… What About The Rest?
7. But… What About The Rest?
gcloudCLI to the rescueExposes most Google Cloud operations from the command line
Extra effort needed to make sure operations are idempotent
Example
- name: check if SSL certificate is registered with GCE
command: >
gcloud compute ssl-certificates describe example-ssl-cert
--format json
ignore_errors: yes
changed_when: false
failed_when: false
register: describe_ssl_cert_result
- name: register SSL cert with GCE
command: >
gcloud compute ssl-certificates create example-ssl-cert
--certificate "dir/cert.pem"
--private-key "dir/key.pem"
when: describe_ssl_cert_result | failure8. Phew, That’s Somewhat Complicated…
8. Phew, That’s Somewhat Complicated…
Solution
Integrate Google Cloud Deployment Manager with Ansible
Describes Google Cloud infrastructure as YAML
Yet another CLI invocation, but a rather simple one
Keeps the Ansible integration for an all-in-one deployment in place
9. Show Me Some Code! (aka. The Demo)
10. Summary
10. Summary
Ansible can be used as a facilitator to bridge the gap between infrastructure and system provisioning and deployment
There is a basic set of native bindings
When these do not suffice, either manual
gcloudcommand line usage or Google Cloud Deployment Manager can be easily integrated into the Ansible provisioning process