Embed Size (px)
Citation preview
Ansible Meetup Kickoff
So I want to batch run this thing...
Do the API servers in production have a clock skew problem? Quick check.
ansible -i prod api -a date
These commands look similar...
Classic nodejs deploy:ssh prod-api-1cd /opt/myappgit pullnpm installsudo service myapp restart… for each prod-api-* ...
Make them a playbook- hosts: api vars: app: myapp tasks: - name: clone from git git: repo=”[email protected]:bigpandaio/{{app}}" dest=”/opt/{{app}}" - name: npm install command: npm install --production - name: restart service service: name=”{{app}}” state=restarted sudo: yes
But wait! My deployment also needs...
HipChat notificationtasks: - hipchat: room=ops token={{token}} msg=”Starting deploy” ...rest of playbook...
But wait! My deployment also needs...
Remove from ELB:tasks: - local_action: module: ec2_elb region: “{{region}}” instance_id: “{{ec2_id}}” ec2_elbs: “{{elb_name}}” state: absent
But wait! My deployment also needs...
Re-add to ELB:... - local_action: module: ec2_elb region: “{{region}}” instance_id: “{{ec2_id}}” ec2_elbs: “{{elb_name}}” state: present
But wait! My deployment also needs...
Notify BigPanda (*wink* *tug*)
- bigpanda: component={{app}} version={{version}} state=started … - bigpanda: component={{app}} version={{version}} state=finished
Some velvet morning...
Quick heartbleed patch- hosts: frontend sudo: yes serial: 1 tasks: - name: Unregister machine from elb local_action: … - apt: pkg=libssl1.0.0 state=latest update_cache=yes
- service: name=nginx state=restarted
- name: Add machine to elb local_action: …
Grouping tasks into components
● Ansible’s solution is roles● A role can be an app, service, common settings
○ roles/app1○ roles/app2○ roles/rabbitmq○ roles/mongodb○ roles/maintenance_cronjobs
My apps’ roles look the same!
● Use a generic parametrized role● roles/nodejs_app
○ notifies bigpanda○ git pull {{app}}○ npm install○ service {{app}} restart○ self test the {{app}} service
● Specific roles depend on it
Deploying to stage with same roles
Use a different inventory for prod and stage:
ansible-playbook -i prod api.yml
ansible-playbook -i stage api.yml
Deploy ALL THE THINGS!
site.yml:- include: api.yml- include: mongodb.yml- include: frontend.yml
Deploy some of the things
Tag all of your tasks/roles with their relevant app/service name- { role: app1, tags: app1 }
- name: Generate configuration template: src=config.j2 dest=/dest/path tags: [ myservice_config, myservice ]
Deploy some of the things
Then you can:ansible-playbook -i prod site.yml --tags app1Or even:alias deploy-prod=’ansible-playbook -i prod site.yml --tags’deploy-prod app1..aaahhhhh..
And the logical conclusion
Provision a server in EC2
● The ec2 module creates new instances● We have the rest of the config as roles● Simple solution:ansible-playbook -i prod ec2_create.yml -e type=frontendansible-playbook -i prod site.yml --limit frontend
Provision a DC
Same thing really:for i in frontend api mongodb; do ansible-playbook -i prod ec2_create -e type=$idone
ansible-playbook -i prod site.yml
Thanks!Questions?
