Deploying PHP Applications with Ansible
-
Upload
orestes-carracedo -
Category
Technology
-
view
1.000 -
download
1
Transcript of Deploying PHP Applications with Ansible
Deploying PHP applications
with
CC https://www.flickr.com/photos/din_bcn/2551132104/
@OrestesCA @phpvigo
Orestes Carracedo
Software Consultant
@OrestesCA
whoami
ßetabeersBarcelona
@OrestesCA @phpvigo
@OrestesCA @phpvigo
2003
2015
1. Deployment 2. Ansible 3. All together
@OrestesCA @phpvigo
Deployment
@OrestesCA @phpvigo
Blue-green deployment
@OrestesCA @phpvigo
http://martinfowler.com/bliki/BlueGreenDeployment.html
Simple blue-green deployment
@OrestesCA @phpvigo
-- /var/www/my-app.com |-- current -> /var/www/my-app.com/releases/20100509150741 |-- releases | |-- 20100509150741 | |-- 20100509145325 |-- shared
Blue-green deployment: demo
@OrestesCA @phpvigo
Ansible 1. Setup 2. Inventory 3. Commands 4. Modules 5. Tasks 6. Roles
@OrestesCA @phpvigo
What is Ansible
SCM automation tool agent-less
simple + powerful
@OrestesCA @phpvigo
Connections
Managed Node #1 Managed Node #2Control Machine
Inventory
ssh
@OrestesCA @phpvigo
Control Machine setup
http://docs.ansible.com
$ sudo pip install ansible … $ ansible ansible ansible-doc ansible-galaxy ansible-playbook ansible-pull ansible-vault
@OrestesCA @phpvigo
Inventory setup
$ export ANSIBLE_INVENTORY=~/ansible_hosts
[vagrant] 127.0.0.1:2222 foo=bar
[vagrant:vars] ansible_ssh_user=vagrant env=local
http://docs.ansible.com/intro_inventory.html https://docs.ansible.com/playbooks_variables.html
Precedence: -i file or $ANSIBLE_INVENTORY or /etc/ansible/hosts
@OrestesCA @phpvigo
Modules
$ ansible vagrant -m ping --vvvv <127.0.0.1> ESTABLISH CONNECTION FOR USER: vagrant on PORT 2222 TO 127.0.0.1 <127.0.0.1> REMOTE_MODULE ping … 127.0.0.1 | success >> { "changed": false, "ping": "pong" } $ ansible all -m ping —vvvv …
@OrestesCA @phpvigo
Random fact
_________________ < GATHERING FACTS > ----------------- \ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w | || ||
http://docs.ansible.com/faq.html#how-do-i-disable-cowsay
export ANSIBLE_NOCOWS=1
@OrestesCA @phpvigo
Playbooks
- hosts: vagrant sudo: True tasks: - name: Install ntp apt: pkg=ntp state=installed
$ ansible-playbook test_playbook.yml … GATHERING FACTS ok: [127.0.0.1] TASK: [Install ntp] changed: [127.0.0.1] PLAY RECAP 127.0.0.1: ok=2 changed=1 unreachable=0 failed=0
test_playbook.yml
@OrestesCA @phpvigo
Idempotence
- hosts: vagrant sudo: True tasks: - name: Install ntp apt: pkg=ntp state=installed
$ ansible-playbook test_playbook.yml … GATHERING FACTS ok: [127.0.0.1] TASK: [Install ntp] ok: [127.0.0.1] PLAY RECAP 127.0.0.1: ok=2 changed=0 unreachable=0 failed=0
test_playbook.yml
@OrestesCA @phpvigo
Idempotence
- hosts: vagrant sudo: True tasks: - name: Install ntp apt: pkg=ntp state=installed
$ ansible-playbook test_playbook.yml … GATHERING FACTS ok: [127.0.0.1] TASK: [Install ntp] ok: [127.0.0.1] PLAY RECAP 127.0.0.1: ok=2 changed=0 unreachable=0 failed=0
test_playbook.yml
@OrestesCA @phpvigo
Facts
$ ansible vagrant -m setup 127.0.0.1 | success >> { "ansible_facts": { "ansible_all_ipv4_addresses": [ "10.0.2.15" ], "ansible_all_ipv6_addresses": [ "fe80::a00:27ff:fe6b:d3e" ], "ansible_architecture": "x86_64", "ansible_bios_date": "12/01/2006", "ansible_bios_version": "VirtualBox", …
@OrestesCA @phpvigo
Templates, facts and variables
- hosts: vagrant sudo: True
tasks: - name: Write MOTD template: src=templates/motd dest=/etc/motd
You’re now in the {{ env | upper }} environment at {{ ansible_hostname }} {{ ansible_distribution }} {{ansible_distribution_release }} {{ ansible_distribution_version }} {{ ansible_system }} {{ ansible_kernel }} {{ ansible_architecture }}
test_playbook.yml
templates/motd
You’re now in the LOCAL environment at Debian-jessie-amd64-netboot Debian jessie 8.0 Linux 3.16.0-4-amd64 x86_64
@OrestesCA @phpvigo
Conditionals
- name: Enable LOCAL env prompt indicator template: src=templates/env/local/.bash_profile dest=~/.bash_profile when: env == "local"
test_playbook.yml
export PS1="\[$(tput setaf 2)\][\u@\h \W]\\$ \[$(tput setaf 7)\]\[$(tput sgr0)\]"
templates/.bash_profile
[vagrant@Debian-jessie-amd64-netboot ~]$
https://docs.ansible.com/playbooks_conditionals.html
@OrestesCA @phpvigo
Notifications and handlers
- hosts: webservers vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: ensure apache is at the latest version yum: pkg=httpd state=latest - name: write the apache config file template: src=/srv/httpd.j2 dest=/etc/httpd.conf notify: - restart apache - name: ensure apache is running (and enable it at boot) service: name=httpd state=started enabled=yes handlers: - name: restart apache service: name=httpd state=restarted
@OrestesCA @phpvigo
Roles
site.yml roles/ common/ files/ templates/ tasks/ handlers/ vars/ defaults/ meta/ webserver/ …
files
https://docs.ansible.com/playbooks_roles.html https://github.com/ansible/ansible-examples
- hosts: webservers roles: - common - webserver
site.yml
@OrestesCA @phpvigo
First steps in practice
Dependencies Credentials Deployment
@OrestesCA @phpvigo
Install dependencies
$ ansible-playbook test_playbook.yml … /bin/sh: 1: /usr/bin/python: not found …
Missing Python
gather_facts: False tasks: - name: Install Python raw: apt-get install python -y - name: Gather facts after python install setup: - name: Write MOTD …
test_playbook.yml
@OrestesCA @phpvigo
Install dependencies
$ ansible-playbook test_playbook.yml --sudo PLAY [vagrant] TASK: [Install Python] ok: [127.0.0.1] TASK: [Gather facts] ok: [127.0.0.1] TASK: [Write MOTD] changed: [127.0.0.1] PLAY RECAP 127.0.0.1: ok=3 changed=1 unreachable=0 failed=0
test_playbook.yml
@OrestesCA @phpvigo
Setup remote access
- name: Setup access authorized_key: user="{{ ansible_ssh_user }}" key="{{ item }}" with_file: - ~/.ssh/id_rsa.pub - /some/secure/dir/keys/admin.pub
test_playbook.yml
http://docs.ansible.com/authorized_key_module.html
$ ansible-playbook test_playbook.yml --ask-pass SSH password: TASK: [Setup access] ok: [127.0.0.1] => (item=ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD… [email protected]) …
@OrestesCA @phpvigo
Simple deployment
- name: Clone git repository git: > dest=/var/www/awesome-app repo=https://github.com/initech/awesome-app update=no sudo: yes sudo_user: www-data register: cloned
- name: Clear cache … when: cloned|changed
test_playbook.yml
https://github.com/ansistranohttp://www.future500.nl/articles/2014/07/thoughts-on-deploying-with-ansible/
@OrestesCA @phpvigo
Advanced deployment
http://www.ansible.com/application-deployment http://docs.ansible.com/playbooks_delegation.html
- hosts: webservers max_fail_percentage: 30 serial: 10
@OrestesCA @phpvigo
Learning from the community
https://galaxy.ansible.com
@OrestesCA @phpvigo
All together
@OrestesCA @phpvigo
Using a contributed role
@OrestesCA @phpvigo
- name: Deploy my-app.com hosts: production vars: ansistrano_allow_anonymous_stats: no ansistrano_deploy_to: /var/www/my-app.com ansistrano_keep_releases: 10 ansistrano_deploy_via: git ansistrano_git_repo: [email protected]:orestes/my-app.com.git ansistrano_git_branch: build roles: - { role: carlosbuenosvinos.ansistrano-deploy }
$ ansible-galaxy install carlosbuenosvinos.ansistrano-deploy
https://github.com/ansistrano/deploy
final demo
@OrestesCA @phpvigo
EOF
___________________ < THAT’S ALL FOLKS! > ------------------- \ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w | || ||
@OrestesCA @phpvigo