zero downtime deployment with ansible
DESCRIPTION
Zero Downtime Deployment with Ansible - learn how to provision Linux servers with a web-proxy, a database and automate zero downtime deployment of a Java application to a load balanced environment. These are the slides from a tutorial held at the Velocity Conference in Barcelona November 19th, 2014. Git repo: https://github.com/steinim/zero-downtime-ansibleTRANSCRIPT
![Page 1: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/1.jpg)
ZERO DOWNTIME DEPLOYMENT WITH ANSIBLE
OPEN
![Page 2: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/2.jpg)
SLIDES & REPOhttp://steinim.github.io/slides/zero-downtime-ansiblehttps://github.com/steinim/zero-downtime-ansible
![Page 3: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/3.jpg)
WHAT'S A PROVISIONING FRAMEWORK?Automated setup of serversConfiguration as code
![Page 4: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/4.jpg)
EXAMPLESCreate usersInstall softwareGenerate and manipulate config filesStart/stop/restart processesSet up dependencies between operations
![Page 5: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/5.jpg)
DESCRIBE WHAT TO DO#!/bin/bash
if $( command -v vim >/dev/null 2>&1 ); then echo "vim is already installed."else apt-get install vimfi
if $( grep -Fxq "filetype indent off" /etc/vim/vimrc ); then echo "set filetype indent off is already in /etc/vim/vimrc."else echo "filetype indent off" >> /etc/vim/vimrc # TODO: Do not continue if this fails.fi
# TODO: Rollback if something fails.
![Page 6: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/6.jpg)
DESCRIBE STATE- name: ensure installed vim apt: pkg=vim state=installed
- name: set filetype indent off for vim lineinfile: dest=/etc/vim/vimrc line='filetype indent off' state=present
![Page 7: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/7.jpg)
ANSIBLESSH-basedClient only (no server)YAML configurationPush (and pull)Supports more than setup and provisioning:
Application deploymentRemote command execution
![Page 8: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/8.jpg)
BRING UP THE BOXESvagrant up
![Page 9: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/9.jpg)
LAYOUT├── ansible.cfg├── hosts├── site.yml├── group_vars│ └── <group name>├── host_vars│ └── <host name>├── roles│ ├── <role>│ │ ├── files│ │ └── <file>│ │ └── templates│ │ └── <template>.j2│ │ ├── handlers│ │ │ └── main.yml│ │ ├── tasks│ │ │ └── main.yml
![Page 10: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/10.jpg)
PLAY!ansible-playbook site.yml
![Page 11: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/11.jpg)
FACTSAnsible by default gathers “facts” about the machines undermanagement.These facts can be accessed in Playbooks and in templates.ansible -m setup app1.local
![Page 12: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/12.jpg)
THE TASKAn app user 'devops', with:
Home directory: /home/devopsssh-key
A PostgresSQL database.Nginx as a reverse proxy.An init script installed as a service.Deploy an application that uses the provisioned infrastructure.
![Page 13: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/13.jpg)
![Page 14: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/14.jpg)
HELP!http://docs.ansible.com/list_of_all_modules.html
![Page 15: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/15.jpg)
TASK1: INSTALL AND CONFIGURE SOFTWAREModify roles/common/tasks/apt.yml.Install Vim.Insert the line 'filetype indent off' in /etc/vim/vimrc
git checkout start
Help:
http://docs.ansible.com/apt_module.htmlhttp://docs.ansible.com/lineinfile_module.html
git checkout task1_help
![Page 16: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/16.jpg)
TASK1: SOLUTIONgit diff HEAD origin/task1git checkout task1 # or keep your own solutionansible-playbook site.yml --tags apt,vim
ProTip: Use '--tags', '--skip-tags', '--limit' and/or 'gather_facts: False'to reduce execution time.
![Page 17: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/17.jpg)
PROGRESSInstalled softwareManipulated files
![Page 18: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/18.jpg)
VARIABLESAnsible uses variables (a lot!).
Inventorygroup_vars and host_varsPlaybookFactsCommand line
Access variables from playbooks: "{{ variable }}"
http://docs.ansible.com/playbooks_variables.html
![Page 19: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/19.jpg)
TASK2: CREATE AN APPLICATION USERCreate roles/users/tasks/main.ymlHome directory: /home/devopsssh-keyUse variables! (group_vars)
Help:
(copy ssh-key) (.ssh/authorized_keys)
http://docs.ansible.com/group_module.htmlhttp://docs.ansible.com/user_module.htmlhttp://docs.ansible.com/file_module.htmlhttp://docs.ansible.com/lineinfile_module.htmlhttp://docs.ansible.com/playbooks_best_practices.html#group-and-host-variables
git checkout task2_help
![Page 20: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/20.jpg)
TASK2: SOLUTIONgit diff HEAD origin/task2git checkout task2 # or keep your own solutionansible-playbook site.yml --limit appservers --skip-tags apt,vim,java
![Page 21: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/21.jpg)
PROGRESSInstalled softwareManipulated filesCreated a user and set up a ssh-key
![Page 22: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/22.jpg)
TASK3: INSTALL AND CONFIGURE POSTGRESQLroles/postgresql├── files│ ├── ACCC4CF8.asc│ └── postgresql.conf├── handlers│ └── main.yml├── tasks│ ├── main.yml│ └── ...└── templates └── pg_hba.conf.j2
Use variables (group_vars/all and/or group_vars/dbservers).
Use handler to restart postgresql upon notification
Template: git checkout master -- roles/postgresql/templates/pg_hba.conf.j2
Help: (pg_hba.conf.j2)
http://docs.ansible.com/template_module.htmlhttp://docs.ansible.com/postgresql_user_module.htmlhttp://docs.ansible.com/postgresql_db_module.htmlhttp://docs.ansible.com/playbooks_intro.html#handlers-running-operations-on-changehttp://docs.ansible.com/playbooks_best_practices.html#group-and-host-variables
![Page 23: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/23.jpg)
TASK3: SOLUTIONgit diff HEAD origin/task3git checkout task3 # or keep your own solutionansible-playbook site.yml --limit dbservers --tags pg_install
$ vagrant ssh dbvagrant@db:~$ psql -d devops -U devops -Wdevops=> \q
![Page 24: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/24.jpg)
PROGRESSInstalled softwareManipulated filesCreated a user and set up a ssh-keyInstalled and configured a database and a db user
![Page 25: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/25.jpg)
TASK4: DEPLOY!roles/app├── files│ └── init.sh├── tasks│ └── main.yml└── templates └── config.properties.j2
NB! Use variables (./hosts).
Set 'serial: 1' for appservers in site.yml.
Help:
http://docs.ansible.com/service_module.html
![Page 26: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/26.jpg)
TASK4: SOLUTIONBrowse to http://app1.local:1234/
git diff HEAD origin/task4git checkout task4 # or keep your own solutionansible-playbook site.yml --limit appservers --tags deploy
![Page 27: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/27.jpg)
WHAT JUST HAPPENED?/home/devops├── config.properties├── current -> /home/devops/devops_1416228023.jar├── previous -> /home/devops/devops_1416221573.jar├── devops_1416221573.jar├── devops_1416228023.jar└── logs ├── stderr.log └── stdout.log
/etc/init.d└── devops
![Page 28: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/28.jpg)
PROGRESSInstalled softwareManipulated filesCreated a user and set up a ssh-keyInstalled and configured a database and a db userDeployed an application to two appservers and enabled it as aservice
![Page 29: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/29.jpg)
TASK5: DEPLOY DATABASEroles/db├── files│ └── migrate_db.sql└── tasks └── main.yml
Help:http://docs.ansible.com/command_module.html
psql -d {{ db.name }} -q -f /tmp/migrate_db.sqlsudo_user: postgres
![Page 30: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/30.jpg)
TASK5: SOLUTIONBrowse to http://app1.local:1234/
git diff HEAD origin/task5git checkout task5 # or keep your own solutionansible-playbook site.yml --limit dbservers --tags deploy
$ vagrant ssh dbvagrant@db:~$ psql -d devops -U devops -Wdevops=> \dtdevops=> select * from hello;devops=> \q
![Page 31: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/31.jpg)
PROGRESSInstalled softwareManipulated filesCreated a user and set up a ssh-keyInstalled and configured a database and a db userDeployed an application to two appservers and enabled it as aserviceMigrated the database schema and fetched data from it through theapplication
![Page 32: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/32.jpg)
TASK6: SET UP PROXYroles/nginx├── handlers│ └── main.yml├── tasks│ ├── config_nginx.yml│ ├── install_nginx.yml│ └── main.yml└── templates └── devops.conf.j2
Help:
http://wsgiarea.pocoo.org/jinja/docs/loops.html
![Page 33: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/33.jpg)
TASK6: SOLUTIONBrowse to # refresh me many timeshttp://proxy.local/
git diff HEAD origin/task6git checkout task6 # or keep your own solutionansible-playbook site.yml --limit proxies --tags nginx
![Page 34: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/34.jpg)
PROGRESSInstalled softwareManipulated filesCreated a user and set up a ssh-keyInstalled and configured a database and a db userDeployed an application to two appservers and enabled it as aserviceMigrated the database schema and fetched data from it through theapplicationSet up a reverse proxy for automatic failover between the twoappservers
![Page 35: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/35.jpg)
THE EXPAND/CONTRACT PATTERNExpand Contract
Add tablesAdd columnsTweak indexes
Remove tablesRemove columnsRemove/add constraints
![Page 36: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/36.jpg)
![Page 37: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/37.jpg)
![Page 38: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/38.jpg)
![Page 39: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/39.jpg)
![Page 40: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/40.jpg)
![Page 41: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/41.jpg)
![Page 42: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/42.jpg)
PLAY TIME :-)Suggestions:
Change database table name from HELLO to MESSAGES anddeploy a new version without downtime.Implement automated rollback.
![Page 43: Zero Downtime Deployment with Ansible](https://reader034.vdocuments.us/reader034/viewer/2022051212/559444381a28ab06308b4788/html5/thumbnails/43.jpg)
I HAVE BEEN PLAYING :-)git checkout playansible-playbook site.yml --limit appservers,dbservers --tags deployansible-playbook site.yml --limit appservers,dbservers --tags rollback