Wednesday, February 27, 2013

A new era - Azure Cloud

It's official I started my first Windows Azure instance

$ ssh
The authenticity of host ' (' can't be established.
RSA key fingerprint is 0a:aa:74:ec:6a:0d:13:de:1c:c7:e2:8c:e5:74:0b:cf.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ',' (RSA) to the list of known hosts.'s password: 

The programs included with the Ubuntu system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by
applicable law.

Welcome to Ubuntu 12.10 (GNU/Linux 3.5.0-21-generic x86_64)

 * Documentation:

  System information as of Thu Feb 28 01:04:05 UTC 2013

  System load:  0.04              Processes:           92
  Usage of /:   3.0% of 29.52GB   Users logged in:     0
  Memory usage: 16%               IP address for eth0:
  Swap usage:   0%

  Graph this data and manage this system at

45 packages can be updated.
26 updates are security updates.

Get cloud support with Ubuntu Advantage Cloud Guest

Monday, February 18, 2013

Ansible within AWS (ec2)

Ansible is a new configuration/orchestration management framework and is just awesome!

Why is that ?

  • very short learning curve
  • no need for a specific data service language
  • can be used to both execute/configure machines
  • very simple to write your own modules
  • can be used into a push or pull model
  • ... ... for more info

This is how you can use it within aws(ec2) to manage services.

# Install ansible via git
$ cd /tmp
$ git clone
$ cd ansible
$ python install
$ pip install boto # used for the ec2 inventory

# setup aws variables
$ export ANSIBLE_HOSTS=/tmp/ansible/plugins/inventory/ # ec2 inventory

# setup ssh access
$ ssh-agent 
SSH_AUTH_SOCK=/tmp/ssh-dFUXvhH31724/agent.31724; export SSH_AUTH_SOCK;
echo Agent pid 31725;

# I use ec2-user onto a amazon linux
ansible -m ping all -u ec2-user | success >> {
    "changed": false, 
    "ping": "pong"

The inventory has connected to the aws api and obtained all the instances running within the account that has the exported credentials AWS SECRET/KEY. Then ansible used the ping module -m ping to ping the host(s). The ping module just connects via ssh to a host and reports pong with changed: false.

Now that we can connect let's see if we can leverage some of the metadata offered by AWS. My server runs into the security group ssh-web and to access this information from within ansible all you have to do is to use security_group_ssh-web. Where this come from is the inventory script, if you run the script directly you will see something like this.

$ /tmp/ansible/plugins/inventory/

  "i-e4c9ca9c": [
  "key_mykey": [
  "security_group_ssh-web": [
  "tag_Name_srv01": [
  "type_t1_micro": [
  "us-east-1": [
  "us-east-1b": [

In order to start the apache web server on all instances belonging to the ssh-web group is as simple as:

ansible -m service -a "name=httpd state=started"  security_group_ssh-web  -u ec2-user -s | success >> {
    "changed": true, 
    "name": "httpd", 
    "state": "started"

# notice -s which stands for use sudo without password 
From here on sky is the limit, you can take a look at the docs site for more complex examples.