 We're talking about using WordPress, Ansible, and Get to manage your website. So a sort of obligatory slide, who am I? I just actually started working at MailChimp, so still trying to find my way around there. I've been doing WordPress for a little while, Ansible, a couple of years. I almost certainly drink more coffee than you, and I've written way more bad code very seriously. And this is where to find me. There's the SNARK version and the less SNARK version, so you guys can read. Couple of disclaimers. I think Google exists. You can use it. You all know how to read, and you don't need me to read my slides to you. Working with servers. I'm kind of a fan. It's fun stuff. We're going to do some of that today. And I also think that Elvis is alive, and Matt Mullen might be probably him. Can you guys see my little footnets? They're important. So the first question that you should ask, or sort of the motivation, I was talking to some guys back here earlier about, yes, Roots has done some great work with Ansible, for example. Actually, there's also a project. It's not using Ansible, it's VVV. It's a great, very full-featured project. You should use Trellis by Roots. You should use VVV. I guess that was by 10-Up, do you know? There's some great projects out there. But it's also really important that you understand how these technologies work. And if you just spend a minute and think about the question, how does the internet work? How long does it take before you start feeling kind of stupid? Like, it takes me 10 seconds. Well, I type in something, and there's a DNS resolve happening. You get lost very quickly when you actually have to sit down and imagine that you're explaining how the internet works to a two-year-old. You should definitely think about that problem. And to be honest, I've been doing this for 10 years, and I still can't answer the question to my own satisfaction. But I think it's something that we should try to do. What's that? It's incredible. It is incredible. It's also a lot of pearl strips and duct tape holding everything together. But it's important to understand how this stuff works at a fairly low level. VGP. Yes. Pearl, PGP, Bash, there's a lot of duct tape, and it's kind of like sausages and laws. You don't want to see this stuff getting made. Software is the same way. It's also one of my footnotes. But I do think that we need to consider this. And one of the ways that I want to encourage everyone to think about how the internet works is to start on the back end and say, how does a server work? Towards that end, there's this technology called Ansible. Now Ansible, by the way, it's named after this book called Ender's Game, which I think is also a movie. And there was a sci-fi book written a long, long time ago. And this term Ansible kind of caught on the sci-fi community as a fictional device to manage large fleets of servers. The idea behind Ansible is that, hey, I may want to go provision a server. I may want to go install WordPress. Or I may want to go install a database on one server. Or for that matter, maybe I want to run it on two, or three, or 200 different servers. I'm going to get tired of typing SSH stuff, right? I'm a human. I make mistakes. I mean, I don't. But you guys probably do, right? Only one person laughed. That's not good. All going to be downhill from here, guys. Like I got a lot of these corny jokes. And I mean, this is not good. I know. It's a conference. But yeah, the whole idea of how do we manage a large number of servers without actually having to physically go out ourselves and manage them? And Ansible is one of many tools. There's Chef, there's Salt, there's Puppet, Ansible, of course. There's a lot of different tools that do this. Ansible, in my experience, has been one of the most easy for people to learn, because it's very, very, very similar to SSH. If you've ever SSHed into a server, Ansible's going to make a lot of sense to you. How it works in a nutshell is you define, let's say you've got some unit of work, like installing EngineX or installing IP tables or UFW or something like that. That might be considered a role. Now you could just define a specific task, but there's usually some unit of work that you're going to want to do, like install WordPress and configure it. You're going to have to change the password in WP config. You're going to want to hit the salt URI. Has everybody here installed WordPress before? Yeah, so a lot of you have. There's going to be a certain number of steps that you always end up doing. And those are the sorts of things that you can very easily shove into a role in Ansible and just say, hey, you know what? Go talk to all of these different servers. Go run these specific roles, perform this amount of work on them. Rolescoping is one of those things that it's going to be kind of, it's hard to define an appropriate rolescope. I mean, I could sit here and say, well, this should be a role, but that should be a task. And maybe this should be a variable. But one of the better ways to actually kind of get a feel for this is to look at other people's code. By the way, how many of you guys spend an awful lot of time reading other people's code? Every room, every hand in the room, should go up for that, by the way. The one thing that you can do as a developer to really, really, really improve is read other people's code. It's kind of miserable sometimes. I'm not going to lie. But you learn a lot doing it. So we're going to actually take a look at some other people's code. We're going to start with this guy. He's probably really smart. He's probably a great presenter, very funny. I have heard. I don't know. Never met him. But this is a project that I'm working on right now. And I call it Teller. I don't know why. I just need a simple acronym that I could pronounce. That's like Hadoop or anything else, right? Just word salad. Let me grab something. And what Teller is, is setting up my little cluster of servers the way that I want them set up. So I want WordPress. I also want Search by Elastic Search. I don't want to use plain vanilla in my SQL. I want to use Percona. And I also want replication on my Percona boxes. And then I want to use HipHop Virtual Machine and blah, blah, blah. I've got all these different sort of my laundry list of things that I want on my servers. And Teller is away from me to install it. So with that said, we're just going to take a look at some of this code. And we're going to look at some other code. I've got a bunch of roles in here. So I've got this role that installs ZShell. If you guys use ZShell, anybody in here? I just want you to know that you're the smartest people in the room, objectively speaking. I've got a role that installs WordPress. I've got a role that installs Vem. Are there any Emacs users here? Good, I can make fun of them. Are there any UFW users here? Do you guys know what UFW is? Do you guys know what IP tables is? Has anyone here ever used IP tables? OK, those people, keep your hand up if you like working with IP tables. Everybody's hand just went down. It's not surprising. IP tables is miserable for most of us. If you're not a network engineer, IP tables is pretty miserable. UFW literally stands for uncomplicated firewall. If you don't put a firewall on your boxes, somebody will DDoS you. Somebody will hijack your server. You absolutely need to use a firewall. If you're going to do it, there's a couple different ways to do it. These guys over at Roots, I think they use, what is it? FPM on Trellis? Yeah, there's different ways to do it, but UFW is pretty simple. For most of us, it's a very good firewall to use. Metabase, LogStash, Kibana, HHVM. That's where I'm actually installing HVM, HHVM, which is the hip hop virtual machine, Facebook, PHP. Nginx, Elasticsearch, blah, blah, blah. So I'm just installing a bunch of stuff here. And since we're all pretty familiar with WordPress, we'll actually go ahead and take a look at some of these tasks. This is what an Ansible Playbook actually looks like. So I'm creating a WordPress directory. So this might be something like MKDIR in a shell, right? I'm just creating a directory. And I'm also saying, here's who owns it. Here's the permissions on the directory. And we've got all that in one convenient command. Download and extract WordPress. We've all done that. This is not any different than what we're doing in SSH usually. Copy the WordPress config file. We've all done that before. These are all very, they should be very familiar things to you. Let's go look at some other people's code. This is my slide. So Trellis. We got a guy here, at least one guy from Roots. Julian? Yeah, that guy? Smart dude. You should definitely talk to him. Roots put together this thing called Trellis. And Trellis is a framework for using Ansible together with WordPress. It's very, very, very good. And if I were doing something in production today, I would definitely use it. The reason I don't necessarily think you should start there is back to that first slide. Think about how the internet works. How far can you explain something like that before? I don't even know how this even works anymore. You probably need to build stuff by hand a little bit, just enough to get a feel for, hey, now I see what Trellis is doing here. Now I see how this, you know, they're putting, I guess you've got MariaDB, I think. Here's where they're defining that. If I wanted to flip out MariaDB and put Precona and they were playing vanilla MySQL, how would you do that? How do you actually work with something like that? If you pick up Trellis to start with, there's lots and lots and lots of code. There's lots and lots of things happening. I don't actually think you should start there. Not because it's a bad program. It's very much not. It's great. But you're going to miss some details. You're going to not understand how this stuff works correctly. So I'm going to come back to another repository that I would encourage you all to use. We'll come back to that in a moment. But as you can see, I mean, they've got, you know, you saw mine, right? I was actually logging into the server. I was downloading WordPress. I was making a directory, et cetera. These guys do it a little bit differently. They actually use WP-Klea to install WordPress. So that's another way that you can do that. You should absolutely compare my repository for Teller and how I'm installing WordPress with the way that they do it. You'll start to form opinions about, hey, this makes sense or this does not. By the way, does this all make sense what's actually happening? Like, I know you haven't read the code yet. Again, I think, you know, code and slides is typically pretty boring. You need to read it yourself. You need to work with it yourself. But as it makes sense, I would log into a server. I would install WordPress. I might use WP-Klea. I might be downloading a tar file and unpacking it. But I mean, we're installing WordPress. There's a certain unit of work and there's a certain thing that I would normally do. And I maybe don't want to do that on 500 different servers. Maybe I'll want my software to go and install it for me. With that, because the Wi-Fi here is pretty bad, I've got a playbook here. Earlier this morning, it was installing WordPress on 100 different servers all around the world and it was pretty slow on my Wi-Fi. Here, it's like crawling, right? Because it's just, you know, there's no way I can install WordPress on 100 servers from here using their Wi-Fi. But I can't install it on five. I'm actually going to go ahead and click, you know, kick this off. For now, what I want to point out is, do we agree there's nothing on this site? I can refresh it all day long. It's not that my internet's dead. I can go, I mean, hell, we've been navigating around here. I can go to Facebook, LinkedIn, whatever. Go to LinkedIn. My internet's fine, but these sites do not exist. We agree? So at the end of the talk, that's going to be different. And this is, by the way, how you run commands in Ansible. I've got a playbook. I've got some stuff that I want to do. I've also got an inventory file. Here's the stuff I want to do it to. My inventory file has five servers on it. So I can go over here to my servers. And you can see that I've gotten a total of five of them. So I've got one in Canada. I've got one in Germany. I've got one in Singapore. I've got one in New York. That's the one at the top. And then I've also got it on a Debian install because I've been installing it on Ubuntu 14.04. I just wanted to see if it would work. So that's a Debian 8, a Debian 7 that I'm installing on. And when I go back here, I hit this. This is what's going to happen. I'm just going to let this run for a minute. You guys can kind of get a feel for what's happening. This task here, that's connecting to the server. It's saying, by the way, I'm talking to all five servers now. It's going to start doing some additional work. It's going to take a while because the Wi-Fi's slow. This is going over SSH. And by the way, SSH is slow when you're talking to 100 different servers or five different servers. So that is something that you will run into. Now it's installing system packages. So I want things like, yet, I want things like whatever else I put in there. I tend to be pretty obsessed with monitoring. So I've got a lot of H-top and D-stat and stuff like that that I'm putting on the server. But you can see it's in the, blow it up a little bit. Blow up the servers? Who do you think you are, man? Yeah, hang on. That is actually, by the way, one of my favorite things to do is stand up servers and then just start blowing them up. I don't know why, but there's something so satisfying about crash that server and then rebuild it. It's just very, very fun. So you guys can maybe see this now? So that first task where it's saying, hey, I'm in communication with these five different servers. If I had a better Wi-Fi, I'd be doing it on more of them. This core utils thing. This is just literally installing things that I want on my server like D-stat, H-top, et cetera. By the way, this may look for it. You guys all know what APT is, right, aptitude? Cool, so you apt-get install and GenX or something like that. I can do the same thing, but I can do it smarter. Those are the things that I want to install. Can you guys see that? So I want to install D-stat. I want to install H-top, sys-stat, tar, unzip, et cetera. I can just loop over them. Very, very simple. That installs anything that I want to install on APT. I can pop it into that list. It's going to go and install it for me. If that changes, right, if I realize, oh, you know, geez, I really want Java 8. If I can install that, I guess I can't install Java 8 with APT yet. Whatever else you want to put on there, you can put it in there. HHVM, you know, you can do that. Yeah? You're installing an APT. Yes, indeed you can. So HHVM, for example, that's not in the main repository. By the way, are we all familiar with code repositories? How that works? I feel bad for those guys. If you are a code maintainer, I just want to say thank you, because it's hard. Yeah, you can absolutely add a specific. You can add the PPA signature and install it. In fact, the HHVM, I'll show you that afterwards, but that actually does that. So I'm going to let this continue, but it's installing a bunch of core Python packages, because I also do a fair amount of stuff in Python. And I want a library, and they're called glances, so I can monitor things. It's going to go install this. It's going to be fairly slow. But in the end, we're going to have five working WordPress installations on these five different servers all around the world. Back to the slides. These are some other examples of how people are using Ansible to install WordPress. And the reason that I mentioned these, I sort of cherry-picked ones that I thought were pretty good. To be clear, with the exception of the first ones, it's actually pretty bad. No, I really don't like it at all, but I'm going to come back to that, too. These are next four, though. They've got some nice ideas. They've got some nice design patterns. And the reason I mentioned all four of them, and the reason I asked you about, have you read code? And how much have you spent a lot of time reading code? You should absolutely read this code. It's going to take a long time. But you want to see, how do they install WordPress here? How do they install it there? How are they configuring EngineX here? How are they configuring EngineX there? You will learn so much about how to configure a server and how to make a server very, very fast, just by reading these code, these specific repositories. With that, we're going to move on. One of the things that's important about Ansible is you define a bunch of, I mentioned, hey, we've got these different roles. That's all fine and good, but if I can't put variables in there, it doesn't do very much for me. So an example of a variable might be your database user, or your database password, where I can show you what that actually looks like. I've got a bunch of roles that I'm installing, and for example, my WordPress defaults. I'm saying, you know what? By default, this is where I want you to install WordPress. This is what I want the database to be called. This is what the user should be. Now, I can override these defaults, these specific variables that live in the defaults for the WordPress role. That's saying, if I don't tell you anything else, assume this is what I want. But there's a pretty good chance that I don't want my WB password to be pass, because I'm not that stupid. Pretty close, but not that stupid. So, you know, in the Canadian install, obviously I think the MySQL user should be WPUserA. And the MySQL pass obviously should be, what's this all about? And you know, with Germany, I don't even remember where the beer is great, right? I mean, Singapore, the password is you will never guess. Obviously these are strong passwords, and you're gonna wanna change these sorts of things. So, variables in Ansible are a way that you can do that. By the way, I know that I'm not going into a lot of detail yet. I'm gonna come back to that. But as a whole notion of, you've got a role and you've also got some variables, does that sort of make sense? Cool. By the way, kind of pain in the butt to do this by hand, isn't it? Like, if you had to go install WordPress, they say it's a five-minute install. If you've done it a few times, if you know what you're doing, you can do it in five minutes. This morning, with my slow Wi-Fi, I installed it on 20 of them in five minutes. So, it's nice to have your computers. Computers are stupid, but they're also very powerful. And if you kinda learn how to use Ansible or Publisher, I'm not gonna tell you Ansible's the best thing in the world, it's a tool. It's a very useful tool, it may be helpful to you. But yeah, I mean, that whole five-minute install thing, install it in 500 servers if you want. You just need a fast Wi-Fi connection. Or a fast server that's doing this. You could actually, by the way, if you wanna put this center, you know, like put a box in a data center and run Ansible from Linux, you can do that. And I've done that before, too, much faster, if you get the local connections. Where were we? We were talking about the rules and the variables. There's properties that it hits, kinda like the, you guys know the template hierarchy and WordPress, right? Same idea. Do I have a PHP file? What is it? Single, I guess? Single.php? Does that exist? No, use index, right? So that's how these variables are gonna work in Ansible, too. You can define a certain, there is a certain, I guess, variable hierarchy. It's very, very similar to the template hierarchy. You can read all that, all the rules there. And if you're thinking, if you think through, how do I use variables? Compared to the WordPress hierarchy, you're never gonna go wrong there. Let me get back to my slides here. Git. So, if you're not familiar with this guy up here, Linus Travaldas, everybody knows who wrote Git, right? Linus Travaldas, he wrote Linux as well. And the reason he called it Git is because he likes to name software after himself. And Git's actually an old English term for somebody who's unpleasant. So, and other useless trivia. Here's where Ansible came from. But Git's a version of, what's that? Yeah, Linus, so this gentleman up at the front said Linus is pretty unpleasant himself. It's, I mean, among software developers, he's kind of a hero for obvious reasons. He does have a tendency to be fairly abrasive. There are a few famous conflicts between him, for example, in NVIDIA, where he got a little bit heated. But yeah, Linus is a funny character. Do you guys know anything about version control systems? Okay, you guys all use Git? The biggest thing, and this is one of those, just kind of an FYI, this is more useless trivia. The difference between something like Git and something like SVN is, in Git, we all know the history. We all know what happened. Whereas in, you know, version control systems early on, SVN in particular, and sort of the deviants of SVN, deviants, the derivatives. Deviants of, yes, the derivatives of SVN. Only the master server knew everything that happened. And that can actually be problematic, right? You know, maybe you want every person who has a laptop, who has access to this repository, to be able to determine what code was pushed and when and what different branches existed and so forth. So Git is distributed, everybody has full access to what happened. There's a ton of workflows for using Git, and by the way, have anybody here used Git specifically with WordPress? How do you guys like using Git with WordPress? Okay. So it's been a real thing with distributed developers? Okay. So it is the best one for us to get it on the system? So this guy is saying that he has a distributed team of developers. How many developers do you have? Okay. Right. Go build a plugin and put it in there and let's just rock and roll. So in a situation like that where you've got a large distributed team, lots of different departments and so forth, something like Git's gonna basically save your life. It really is sort of before Git and after Git with having access to, or giving distributed version control to the team. How many people here work on WordPress kind of by themselves or maybe with one other person? To be honest with you, I mean I'd love to tell you otherwise, but Git's not gonna do that much for you. It's not a bad idea to learn it. My own site, I mean I can't lie to you. I don't have my own site in Git version control. I've got backups cause it's not that high traffic and I'm not doing anything, be reasonable. If you're working on a large distributed team, yes, it really will be before Git and after Git. If you're just doing your own stuff, you need to know how to use it. But in particular, why I think it belonged in this talk was A, it made the acronym work. It's not entirely true. But B, it's back to this notion of reading your own code. That repository that I showed you earlier, TLR teller. Okay, so I'm installing HHVM. I'm installing Elasticsearch. I'm installing Procona MySQL. I've got replicated MySQL going on. I want SSL with Let's Encrypt. There's a lot of mechanics here and I gotta remember what I'm doing. I gotta learn from my mistakes. Git is a great way to tell on yourself. It's a really, really great way to learn so that you understand, hey, did I learn anything new here? Maybe the way that I was installing Intranax was wrong. Maybe I didn't know something and you wanna pull that additional information in. If you don't have a history, it's actually kind of hard to learn what you were thinking and why. It's gonna be really hard to kind of take it back to the first slide. It's gonna be really hard to understand how the internet works without some history of what you've been learning about in the first place. You will forget things. So sort of the first, I guess, point here is, yeah, you should learn Git so you can work with WordPress. If you're ever working on a distributed team, it really is gonna save your butt. But if just your ansible stuffs in particular, you need version control there or you're gonna get so lost. It really is, there's just no way you can keep all of it straight. For that matter, you might break things. In theory, when I'm provisioning stuff, if you guys ever heard that statement, the definition of insanity is doing the same thing again and again with a different result. Have you ever worked with code bases that actually do have a different result depending on how you run it? It's fun, isn't it? So a lot of times when you're running it, in theory, when you're running your ansible playbook, you should be able to run it again and again and again and get the same outcome. It should be describing the end result. If you do it wrong, and by the way, when you're learning it, you will. You will make a mistake at some point. And you're gonna do something that completely alters the state of the system so that if you were to run that same playbook again, you're gonna blow stuff up. If you don't have your get history on what you were doing and why, that's gonna be very, very difficult to find and very, very difficult to sort out. So use get, use ansible. Learn how servers work specifically with your ansible stuff. You want that inversion control. You can use SVN, you can use get. Person, I think you should put it on get and put it up there for us to read because it's good, that's how you learn. WordPress and get, if you want to learn how to use WordPress and get together, specifically, like this guy's using WordPress and get on a team, if you want to do that, if you read one article, that first one, two articles, the second one, three articles, third one, you guys know who that last guy is? Mark Jayquiff, core developer, worth paying attention on what he has to say, he's got a lot of good ideas. The other guy's stupid, ignore them. So let's get to do this, that's again, I jumped ahead. You definitely want your stuff under control, version control, specifically your ansible stuff. You will do something stupid eventually when you're trying to learn how servers work and learn how to manage your, if you want to go look through teller, right, that thing that I was showing you earlier, look at how many commits there are on there, figure out how many times I'm undoing that stupid thing that I just did, it's often the case and this is really useful stuff. By the way, if you're using WordPress and get, do you guys know what continuous integration is? You do, a couple of people around the room. So continuous integration is this idea that, hey, maybe I've got some version control system and get repository, whatever. Once I'm done, once it's on the master, let's bundle this thing up, let's ship it to the server and let's run it. That's what continuous integration can actually do. It's very, very cool stuff. There's lots of different platforms like Travis. I forget all of the other stuff, but there's like 20 of them, lots of flamware's abound about which one's better than this one. But the entire idea of it is, okay, you've got your code, it's on the master of the repository. Now how do you get it to your server and actually run it? And you can automate that stuff too, which is great if you're working with like 50 different WordPress servers, for example, and you're updating this plugin or something like that, or for that matter, maybe you want to deploy certain, I don't know, something to, hard to think of a good example with WordPress, honest. I guess a plugin's about the only thing, but you could also use the plugin management infrastructure, so, kind of hard. Because we have this model. Okay, right. So what this gentleman just said is that they use deploy HQ for continuous integration and one of the most important things that they're able to do is roll back a history. So if they commit something to master, it goes and deploys and, oops, the test failed. It didn't, we didn't catch something that we should have. Now we need to roll back. It's very actually easy to do that in a continuous integration type of environment because you've got, here's the state of the master at time T and then I go forward a week. Well crap, we broke it, roll back to the last version. It's very, very easy to do that in a continuous integration environment. If you're doing WordPress with a lot of, I mean it sounds like you are, most of us aren't working on large teams with complicated projects. I imagine Roots does. If you do great, these are great tools to use and you should absolutely use them. If you're not, if you're just kind of working on your own personal site or maybe a specific client. To be honest, I think continuous integrations may be gonna be overkill for you, but give it a shot anyway. You'll learn something really awesome and it's still fun to know how the internet works. Which is really, I mean if I could subtitle my talk, anything, it's Ansible is a great way to understand why we're all here and what we're actually doing in the first place. If you think of your job as I build websites in WordPress, yeah, it's kind of limiting though, right? I mean you could build an iPhone application with WordPress. In fact, there's some guys that did that. They've got an entire framework for doing that. You could say something like I wanna build a social network using WordPress. Well, it's MySQL, it's PHP, that's Facebook, literally. You could do that. But for you to actually do something like that well, you need to understand how the servers work and I think Ansible is a great way to do that and I think it's a great way to kind of tell on yourself and learn from mistakes. I mentioned earlier just side note, if you guys can read any of those slides in the bottom, I'm making fun of Emacs again cause I'm a Vim user and it's my job. So the moment we've all been waiting for, right? We're gonna provision a server which we actually started earlier, but this is a little side note game as well. We take a small diversion to determine where's Wapu. Does anyone see him yet? Stop right, okay, it's way too easy. So let's go take a look at our servers and see if everything's provisioned. Yeah, we're done. All right, so this play recap, right? So we ran a job earlier, we ran a specific playbook which is, I think it is intentionally football terminology that here are the different moves that I wanna create or execute and so it's done. Everything's okay, we changed the state of the system a couple of times and now back to these sites which we all agreed weren't working. That one's fixed, it is magic, yes. That one's fixed, I can keep going. That one's fixed as well. That one, that one and that one. So that's five servers running four, two different operating systems in four different countries, et cetera. The five minute install, again, if you're using your own Wi-Fi connection at home, you can typically install WordPress on 100 servers if you wanted, if you got 100 servers to deploy it on, it's not very complicated to do and it's pretty quick. Although, again, SSH, keep in mind, you do have 100 connections around the world so it will slow things down a little bit. That's it, actually. No, it's not, including remarks. Oh, that's right, we have to decimate other people's code. I mean, read other people's code. So I actually wanted to take a look and this is, I do very strongly believe that one of the best ways to learn about servers is to do it. One of the best ways to tell on yourself is to version control your stuff and one of the most important things that you can do is I mentioned earlier, read other people's code and I wanted to go ahead and do that. So Digital Ocean, I'm sure we're all familiar, if not, they're a VPS hosting company, pretty good. Actually, I really like them a lot, personally. And they've got this tutorial on how to install WordPress using Ansible. I don't agree with about half of what he says. That's fine, by the way. These are all sort of personal case issues, but I thought it'd be interesting to kind of go through here and highlight some specific things that I think are kind of not good and also show you why. So the first one that I wanna point out is way, way, way, way, way down here. The first one is that they're using Apache. That's obviously wrong, right? I mean, come on. It took a minute, it was delayed. You're guys like, wait, what? Yeah, Nginx all the way. Not really, there's reasons. Do you guys ever used in Linux, have you guys ever used line in file from the command line? It's a really annoying command that's very easy to forget. And you're kind of gonna be glad that you forgot it because it's actually not very useful. So right here, this line in file stuff, what that's literally doing is it's editing the file on the server itself, right? So it's saying, all right, I want you to update the default Apache site. So go to this particular file. This site's enabled zero, zero default conf and I want you to run this regular expression to replace stuff on that specific file. That's not a very good idea. What could go wrong? Why? So he says everything, he's right, why? Well, it's trying to change the file. What if the file got moved? That's a good point. So what if the file's not where you thought it would be? What if the file changed? Maybe you weren't the one making the change. That's a fair point. Let's think back to the continuous integration point. Can you do a rewind like that? Can you say, oops, I didn't mean to do that. That was a bad idea. You're changing the file. Using a reg X, you might be wrong. You might screw something up. That's probably not a good idea. That's my first issue. So how do we solve that problem? If I'm telling you that, hey, you know what? That's a bad idea. I don't want you to run linem file using Ansible. What do you do? What would be the ideal situation? You guys don't know Ansible, so you don't know what to do, that's fine. But what would be ideal? What's that? Use the variable. Use the variable? Okay, you could use a variable, but you're trying to basically take a configuration file, right? You've got an Apache configuration file or a Nginx configuration file and you wanna take this file and you wanna put it on that server. In fact, that's exactly what you wanna do, isn't it? You wanna have a file here under version control and you wanna say, copy that to the server. And you might also wanna use some variables, like he was saying, like my password. I might wanna have Ansible put my password in there for me, does that make sense? We can do that with Ansible very easily. So we can, for example, WP config. I don't wanna go edit WP config on my server. I want Ansible to copy this file and put it on my server. And I want it to fill in some details for me. I want it to say, there's the database that you should be using. There's the user, there's the password. If you guys recall earlier, we were doing Canada. What's this, it's my password, eh? Like that's, I want you to fill those details in for me and copy that file to the server. What's the advantage of doing this? Yes, you have complete control over the file. Arguably, more importantly, you've got control over the files history because your files history is now in version control. So how many of you, when you're working on your site, you've maybe got your code in version control? How many of you have your configuration in version control? How many of you, I could literally go turn off, so I'm running about maybe 15 different servers at the moment. How many of you could I just literally blow up your servers and say, bring it back online? You, yes, Mike, you guys, okay, backups, et cetera. So three hands went up, right? Four, four hands went up. That's the kind of thing that you can do using Ansible. If you do it right, if you actually version control your infrastructure, not just your code. It's a very important thing to do in my opinion. So, yes, absolutely. Okay, I'm gonna repeat that for the camera and also for the people who are watching. So he brought up a very good point. Let's suppose that you're not, you're running five different copies of WordPress. They're all the same thing. You've got a load balancer out front that's, you know, saying, okay, request A goes to server one, request B goes to server two, et cetera. You've got to deploy any configuration changes that you make to these five servers. You have to make sure it's on all five of them and you have to make sure that there's no typos or human error. Ansible can do that. So can puppets, so can chefs, so can a lot of other things. But that, you know, these are the tools that we use when we're trying to do something like that. I run my day job several elastic search servers. I have to do the same thing where I've got a ton of different servers that I have to deploy my code to. Hey, you know, I need more memory here. I need this other setting here. For me to deploy those changes to all of those servers, I don't want to log in to each one of these servers and make the change. I will make a typo eventually and it's slow and I've got better things to do with my time. I want to change it one time and I want it under version control, which is where Git comes into play. Because it's one thing to deploy it to five servers. When something goes wrong, you want to know why. You want to know, hey, this broke and here's what happened. That's where, you know, Git and Ansible together can be very powerful. Again, Chef, Puppet, whatever. Do whatever you want. Just have it in version control and deploy your code. We were decimating, reading other people's code. Did you have any other, any, okay. They do a couple of other things. I don't know that I like this. This is an interesting pattern. It's one I think Trellis avoids this. So Trellis, again, is that project. There are links that Roots put together. We've got a role and this role has a specific handler and that handler restarts Apache. So there's that question of role scoping. If I'm installing WordPress, can I assume that I've got Apache? Maybe not, maybe I'm running IngenX. Maybe I'm using Windows. I think it can do that actually. That may not be an appropriate role scope. It might be, but it might not be. Those are the sorts of things that you'll start to notice. We'll read different code repositories. I actually do this too, where I assume I'm using IngenX, because I always will. But those are the sorts of things that you might start to notice. Hey, wait a second. Do I really want this unit of work here, or am I making an assumption that I don't want to be making? In this specific case, if you were to read up here and say, well, that's wrong, they're using Apache, you got to make 15 other changes to this bit of code. I understand why they're doing it, but that's the kind of thing that you want to start paying attention to. I don't think there's anything else that just immediately stood out to me. The pseudo-cag, by the way, a lot of the tutorials, one reason why you want to read repositories, and specifically ones that are currently being updated, if you read a tutorial like this, it's fine. I understand why the guy wrote it the way that he did. There's nothing technically wrong with it, but you'll also run into a lot of deprecated code this way. So about half of the things that this guy's doing, not half of them, but several of the statements, it's not really how you're supposed to do it anymore. Using the command to move a file like that, that's not, you don't need to do that. There's all this line in file crap that he's doing. You don't need to do that either, right? There's these things that you're using. Ansible itself is a growing project. It has changed over the years. It has changed since this guy wrote his thing. If you're using Git, if you're reading other people's code, you'll see a lot of the best practices in action because people do typically, especially if it's a repository that's being maintained, they'll start to incorporate that. They'll stop doing things that have been deprecated or have been recognized as really terribly bad ideas, like using Apache. With that, that's pretty much my talk and I'm gonna go open that up for questions. Are there any? Yes? Great question. So the question is, what is the benefit of using something like Ansible as opposed to a Bash script or an AMI? By the way, an AMI is an Amazon machine image. It's a very good question. So on the topic of the AMI, I'm gonna abstract away from that from a little bit and I'm gonna say instead of specifically an AMI, maybe you're using like a Docker image, for example. AMI is I would object to vendor lock-in. What if Amazon goes away? What if, you know, they no longer support whatever AMI stuff you're doing? That's some vendor lock-in that you maybe want, but you could just as easily, you know, have a Docker image or something like that. Docker, by the way, it builds little containers of code and you could deploy them. I absolutely think the whole AMI concept can make sense. It's for a lot of people with something like Docker, something like an AMI. It actually does make a lot of sense. One thing about an AMI, let's suppose that you wanna run, that you've built an AMI and you're currently in East Coast, whatever. They're East Coast one. And then, oh crap, that data center went away, which has been known to do it sometimes. It's been a long time since they've had a major outage, but let's suppose that the East Coast one gets hit by a hurricane and goes away. Can you put your AMI in the West Coast? You cannot. Look it up. You can absolutely look it up. So that's a specific two AMIs, by the way. You cannot, these machine images have to be specific to the individual locations. So if you're gonna go actually make however many AMIs you need for however many regions you're in, go for it. Absolutely, go for it. If you wanna use something like Docker, absolutely, go for it. It's a lot more complicated than this and I would argue, again, before you go start working on Docker, start working with the machines that you have and start understanding them. Because if you try to go from zero to Docker, that's gonna be kinda difficult, to be honest. If you go from, I know how to SSH to, I'm gonna try to manage my servers that I normally would manage with SSH using Ansible. That's gonna make a lot more sense and then you're gonna start graduating into, hey, I wanna build the stuff in Docker. Hey, I wanna build my own AMIs. With, again, the caveat that certain things you may, the reason you can't transfer them, by the way, is they're specific to actually do the hardware. So you have to build for whatever hardware they're using and the East Coast versus the West. Kind of a bummer, and they may have changed that very recently, I don't know. If you know better than I do, then power to you. Do you know better? No, no, no. You may very well, I could be wrong, by the way. Don't take my word, right? The sort of reading rainbow caveat. I could be totally wrong about that. I don't think I am. I think I'm wrong, but nobody ever says that. I don't think I'm wrong trivially. So the other question is, what's wrong with a bash script? Let's take a look at one. That's actually one of the slides in here was I said, hey, take a look at VVV. That's what they do, by the way. They have this giant bash script that goes and installs a bunch of stuff. Now I'm gonna pull that up. Roots over here. Now by the way, I love VVV. VVV is absolutely great, I'm not here to knock them. But like everybody else, they make mistakes. So they make calls that I might find limiting. One of them is, that's their shell script. All seven, eight, nine, 825 lines of it. Now I come to you and I say, you know what? I like VVV, VVV is great. But I wanna use Percona MySQL. Get crackin'. Get 825 lines of code that you have to manage. It's not roll scoped. You gotta read all those 825 lines and don't make a mistake. By the way, you just know what the probability of making a mistake is, or how that's correlated to line length. The longer the code, the more likely you're gonna screw it up. So that's my argument against a bash script. Yeah, Mike. Mike has another argument against bash scripts. Let's hear it. The bash script is a procedure. I'm gonna repeat that again for the sake of the cameras. So what Mike is talking about is actually a notion called item potency. Mike is a pretty sophisticated developer. He's a great guy, runs a company, new clarity or something like that. Smart guy, you should absolutely talk to him. What he's getting at is that Ansible, Chef, Puppet, et cetera. If you do it right, some of them a little bit, I think actually Puppet would be hard to do wrong, but Ansible, for example, if you do it right, Ansible's not telling, it's not actually going to do everything you tell to do. It's not going to install open SSH again. It's not gonna install in Gen X3 and 457 different times. In theory, if you run the same Ansible script on the same server again and again and again, you get the same result. With SSH, it's not a given, right? You might actually change the state of the system. You can at least describe what the infrastructure should look like and then let Ansible sort out the details. Oh, in Gen X is already installed, that file already exists, fine, I don't have to do anything. I've got actually, if you were to look at my log file, there's some red code, which red obviously means errors, right? It doesn't. What I'm doing is I'm saying, check if in Gen X is already there. If it is, leave it alone. So I'm using dPackage for that. That's the kind of stuff that you can do very easily in something like an Ansible or a Chef or a Puppet, is you can say, hey, you know what? Don't touch the state of the system. This is what I need it to look like. If it already looks like that, back off and don't do anything. That kind of stuff's very, very easy here. It's not very easy with a bash script. I don't even think you could do it with a bash script. Like for example, do you guys know what RAID is? RAID levels? Write me a bash script that's not going to re-raid a system, like literally write over it if you run it again and again and again and again. I don't know how you could write an idempotent RAID controlling script. My baby could be done sort of, but I don't know how to do it. Whereas I can do something like that using a Puppet or a Chef or Ansible. A lot of that you can potentially do? Yeah, so the point that he made is you maybe could write a bash script that does that, but the complexity is going to go up. And depending on the amount of work you're going to do, I mean you could end up with VVV's 825 page or line bash script, which is not anything against them. It's a great project. It's doing exactly what it needs to do. But you maybe don't want to do that because maybe you want something else. Maybe you want Burkona. Julian? Yeah. Just because we're in here and talking about it right now, I wanted to mention one use case as to why somebody may want to do this. And that would be testing and staging. So like primarily obviously we have, maybe there's a huge feature going out and you have a really important site. And just like you guys run load balancers or whatever like that, staging is going to, like using this for staging is going to allow you to actually test what's going to happen. So that's awesome if you have it through continuous integration. Say it passes all of those things, if you still want to be able to put a site up for somebody to approve or somebody to work on or somebody to do stuff with, you can have the state of your application basically already defined. And so all you have to do is push it up wherever you need it to be. So I'm going to repeat what you said for the camera. So what Julian just said is that one reason why something like Ansible can be very useful is that for staging environments, for example, or if you want to do continued development on a site that may already exist, if you're doing any sort of enterprise software development, it's especially as you start kind of getting higher and higher up the food chain of what you're building. Like if you're building a mom and pop logger site, it worked on my machine doesn't sound quite as ridiculous as when you're like working for CNN or something like that. Well, no, it worked on my machine. Sorry, it took down all of CNN. Oops, I mean, these sorts of excuses start losing sort of their value as the sites that you're working on become more complex and more high traffic. And so what Julian's talking about is you get a lot more obsessed with testing your code but also testing your infrastructure because your code might work on my machine or my code might work on my machine but it might not work on a fresh clean server for example or I might miss something. If you guys have ever had the pleasure of upgrading my SQL like on a really live high traffic site, I have to stage that stuff. I have to test that stuff, upgrading elastic search. I have to stage it, I have to test it. And this allows me to basically like you would version control your site where you might use, there's actually some plugins that do this now. I think WP revisioners maybe, I don't know if that rings a bell for anybody but in the same way, really what Ansible is doing is it's giving you the ability to version control your servers. Take it back a step, why do we care? Because servers are how the internet actually works. The internet itself is this server talking to that server and if you wanna understand that which I think you should because that's how we make a living here, right? How many of you make a living working using the internet somehow? The internet's very fundamental and how many of you could talk to me for five minutes about how the internet works? Okay, I actually wanna talk to all of you. I really do, because it's one of those things and I'm not saying that by the way to be a jerk although it actually realized it kinda came out jerky and I apologize. It's the kind of, it's very Alice in Wonderland-y. As you start thinking about how does the internet work? Well you kinda understand the basics and then you think about it some, well, how does that work necessarily? You get further and further down the rabbit hole with it. Servers are a great way to start wheezing about this kind of stuff and it's also kinda fun. I mean, I can go, Julian, if you guys don't know him, he works for Roots and he's got some great stuff. A lot of those guys are doing some great stuff. I can go ping those guys afterwards and be like, I love what you're doing but you're totally wrong about Maria and I can actually have that conversation. That's another huge perk because you get to hang out with cool people like Julian so learn this stuff, it's fun. Anyway, with that, that's all I've got. Are there any other questions? Yes? I'm also wondering if you would use... The question is, could you use Ansible for packaging your plugins? I'm not gonna say definitely no. I could see using WP-Klee. I could see, for example, maybe you want to say, I want these plugins on my site, on all sites that I run and sort of having a WP-Klee script with those specific plugins listed in Ansible, that would make sense to me but as far as actually installing plugins, I feel like you'd be reinventing a wheel there. I'm not saying for sure that that's a no but I feel like WP-Klee does a pretty good job of it and I don't know that I'd reinvent the wheel personally. So you would set up Klee in Ansible? Yeah, they do actually. There's a guy sitting right next to you. So roots again, if you're doing something in production by the way, I can't recommend Trellis and DVD for that matter, highly not. I don't work for them and but it's great, it's absolutely great. You should still go play with this stuff on your own though. I really do believe that. It's not because Trellis is broken, it's not. It's because for you to actually contribute to something like Trellis and make it better, you need to do some of this stuff by hand. It's how we learn. I really do believe that and I say that because I've written more bad code. It's how I've learned. You know, it's important. So I think I've maybe got seven minutes for questions. That's cool. How can I help? Mike, again, anybody else? You as well? I have a question but I'll echo what you said. I had a partner that tried to get me to do DVD and I was overwhelming and then I just went in and started doing my own bigger stuff and I finally got it. So again, for the sake of the camera, he has worked with DVD before and he was a bit overwhelming. For me personally, I like the DVD. It's great. There's a lot of magic happening and I don't see it and that makes me very uncomfortable. I want to know what it's installing. I want to know where and how and what settings because I want to tweak them and I want to break stuff. This is what I do. The question was, and this is because you're doing a lot more of a link server stuff, can you play the CoreOS there? CoreOS, I've not. Have you? No, I've learned about it at a conference two days ago. Let's go launch a server, see what happens. I haven't had a chance to do that. All right, so we're gonna go, if you're free after this, we're gonna go launch a CoreOS server and see if we can get an answer. Why not? So he was asking if I played with CoreOS, I have not. I saw there was a question back here and also a question up here. You start. In some cases, the way that it would be used is it used for content applications? Has Ansible been used for content applications? No, what do you mean? Like in the same property of the internet? You could do that. So for example, you could say, the difference question is, could you manage like, let's suppose you wanted to have this file on these different servers. For example, you could in theory, but I would kind of gear more towards using a distributed file system for that. Is that what you're asking about? The comments are gonna be stored in the database, but the images are gonna be stored in the file system. Some of the other things like plugins, for example. The gentleman behind, you guys are load balancing, right? Are you using a distributed file system or are you having images looped around through Ansible? I'm guessing use a distributed file system. What file system do you use? No, no, the file system, so how do you make sure that all of the images end up on all of the different servers? Oh, okay. I'll circle up with him in a moment.