Shulou(Shulou.com)06/01 Report--

This article shows you how to use GlobalSSH to accelerate the efficiency of Ansible overseas deployment. The content is concise and easy to understand. It will definitely brighten your eyes. I hope you can get something through the detailed introduction of this article.

What is Ansible?

Ansible is a simple and efficient automatic orchestration, deployment and configuration management tool without Agent architecture, which realizes the communication between remote nodes and management nodes through SSH protocol.

The purpose of Ansible is to simplify a large number of complex and repetitive operation and maintenance work and to establish a unified automation culture within the company with streamlined technical ideas. The Agent-free architecture makes it simpler than other tools, Ansible can do better based on SSH, and its high ease of use makes it easy to integrate into the existing system, so it is widely used.

UCloud Ansible usage scenarios Ansible is also widely used within UCloud. For example, the computer room product deployment system, which has greatly improved the deployment efficiency through Ansible, has become an important tool for UCloud computer room deployment. For another example, the existing large-scale grayscale publishing system solves the problems of grayscale release, rollback and control by integrating the basic API and Callback functions of Ansible. The system has been running stably online for more than 3 years and has completed tens of thousands of related grayscale publishing tasks.

The following is a detailed description of the use of Ansible in the computer room product deployment system, which will be helpful to readers with multiple computer room deployment needs.

Overseas multi-computer room deployment we are based on Ansible centralized batch deployment and management services, the centralized management center is located in Beijing / Shanghai computer room. When overseas nodes (such as Lagos, Ho Chi Minh, etc.) need to be built, cloud products and internal services are deployed remotely through Ansible. Some cloud products are built on UCloud CVMs as the IaaS layer, so they are also connected to the corresponding overseas CVMs through SSH.

This is similar to the usage scenario of ordinary users, whether it is self-built IDC or public cloud, or even multi-cloud deployment to manage servers on different clouds at the same time, there is a need for batch deployment.

An additional pain point for overseas deployment is the issue of deployment efficiency. Ansible uses the SSH protocol for communication, and the creation and communication speed of SSH channels are slow. When it needs to be managed through the public network, and the network environment is poor or the bandwidth is insufficient, the execution time is basically unbearable. When deploying with Ansible, stutter, connection failure, slow transmission speed and other phenomena often occur. When using Copy module to transfer larger code packages / image files, you basically have to wait until the flowers are gone.

Our solution is to integrate UCloud's PaaS product GlobalSSH into Ansible to improve the efficiency of multinational remote management servers.

In order to ensure the operation and maintenance of overseas data centers, GlobalSSH GlobalSSH has adopted many UCloud IaaS products, such as ULB4 (layer 4 load balancer), UDPN (intercontinental interconnection, 0 packet loss) and high-packet CVMs, and introduced intelligent DNS services to provide access to the nearest area. Network forwarding is based on mature and stable GRE and NAT technology, and supports TCP port (except 80,443) four-layer forwarding.

Ansible Playbook deployment We integrate GlobalSSH into Ansible and do a simple copy and installation of the package, as shown below.

1) first, we create one CVM in Beijing No.2 and one in Lagos (Nigeria) via UCloud API or console with a bandwidth of 1Mb, in which the GlobalSSH feature is automatically enabled in Lagos server room (all UCloud overseas data centers are enabled automatically), as shown below:

2) prepare a simple Ansible Playbook and complete three steps: gather facts, copy code package, and yum installation code. The relevant playbook is as follows:

-hosts: all tasks:-name: copy test copy: src=/data/MySQL-devel-5.6.41-1.el6.x86_64.rpm dest=/data/test-name: install mysql-devel yum: name=/data/MySQL-devel-5.6.41-1.el6.x86_64.rpm state=present 3) prepare a hosts file to configure the domain name generated by GlobalSSH. Ansible's support for GlobalSSH is very simple, as long as you add ansible_ssh_host=xxx.xxx.xxx.xxx.ipssh.net to the host variable. Our data center deployment system combines the Dynamic Inventory feature of Ansible to add the accelerated domain name of GlobalSSH to the ansible_ssh_host variable in the generated inventory. It is also very easy to use, as shown below.

[root@10-10-83-122122] # cat hosts_nrly [all] 152.32.140.39 ansible_ssh_pass=example [root@10-10-83-122122] # cat hosts_nrly_1 [all] 152.32.140.39 ansible_ssh_pass=example ansible_ssh_host=152.32.140.39.ipssh.net 4) use the ansible-playbook command to execute the playbook, and the task is completed.

Compared with the above mentioned, GlobalSSH has greatly improved the efficiency of our overseas deployment. You can test the specific acceleration effect by writing another Playbook without GlobalSSH acceleration.

Playbook without GlobalSSH is relatively easy to write, which is basically similar to the above, except that the accelerated domain name is not used in the hosts file in step 3, but the original public network IP address is entered directly.

In order to prevent the inaccuracy of the results of a single test, 10 times are tested here, and the average values are compared.

Test commands:

The final result of time for i in seq 1 10; do ansible-playbook-I hosts_nrly test_playbook.yml; done time for i in seq 1 10; do ansible-playbook-I hosts_nrly_1 test_playbook.yml; done is shown below. You can see that in a simple Ansible Playbook deployment, the effect after GlobalSSH acceleration is improved by 32.23%.

Ansible Ad-hoc mode GlobalSSH can improve the stability and speed of the entire network transmission under low-speed bandwidth, especially for the improvement of RTT (Round-Trip Time) round-trip delay, it has the speed advantage that the external network elastic IP does not have. So we think it is also of great help to the Ansible Ad-hoc approach.

Operators often use Ad-hoc, which is similar to pssh, but supports all module syntax of Ansible. The common use scenario is to execute commands in batches and view the echo results. In order to verify the hypothesis, we have also done a similar test on the Ad-hoc method, and found that the optimization effect after GlobalSSH is more obvious, and the optimization speed is more than 50%. The detailed results are shown below.

Test commands:

Time for i in seq 1 10; do ansible-I hosts_nrly all-m shell-a "cat / var/log/messages"; done time for i in seq 1 10; do ansible-I hosts_nrly_1 all-m shell-a "cat / var/log/messages"; done

Test results:

Ansible is a widely used DevOps tool, and we can easily integrate GlobalSSH into it according to our needs, avoiding the adverse effects of SSH stutters in server deployment.

The above content is how to use GlobalSSH to accelerate the efficiency of Ansible overseas deployment. Have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.