Recomendados
Recomendados
Más contenido relacionado
Similar a Full-Stack Deployment with Ansible
Similar a Full-Stack Deployment with Ansible (20)
Último
Último (20)
Full-Stack Deployment with Ansible
- 1. Full-Stack Plone Deployment with Ansible Fulvio Casali & Steve McMahon Plone Conference 2015 Budapest, Romania
- 2. What do we mean by full stack?
- 3. Approaches to full-stack deployment Containers
- 4. Approaches to full-stack deployment Orchestration
- 5. Is your unit of automation a component of the stack, or a full server? Container or Orchestration?
- 6. Server Orchestration Tools Client-Server (Mostly)Agentless A bit simpler
- 7. Your mileage may vary… Simplicity Wins! For our purposes
- 8. A Quick Introduction to Ansible
- 9. Ansible ✤ Plays — a state specification ✤ Ideally idempotent ✤ Playbooks — Lists of plays ✤ Roles — Reusable lists of plays
- 10. YAML: Python’s JSON - List Item One - List Item Two - Key One: Value One Key Two: Value Two - List Item Four
- 11. Playbook Sample - name: Update host apt: upgrade=dist update_cache=yes - name: Ensure optional packages apt: pkg={{ item }} state=present with_items: additional_packages
- 12. Templates & Variable Interpolation eggs = Plone Pillow {% if plone_additional_eggs %} {% for egg in plone_additional_eggs %} {{ egg }} {% endfor %} {% endif %}
- 13. Roles: playbooks for use inside playbooks. Write them yourself; or check them out via Ansible Galaxy
- 14. Using roles roles: ... - role: plone.plone_server tags: plone - role: haproxy when: install_loadbalancer tags: haproxy - role: varnish when: install_proxycache tags: varnish ...
- 15. Plone’s Ansible Toolkit Two parts: the Plone Server Role and the Plone Playbook
- 16. Plone Server Role ✤ Only the Zope/Plone Server ✤ In a ZEO configuration ✤ Includes process management via Supervisor ✤ And backup, packing cron jobs ✤ Available on Ansible Galaxy
- 17. The Plone Playbook ✤ Incorporates Plone Server Role ✤ Adds: ✤ Load balancer ✤ Proxy cache ✤ Web server / rewrite engine ✤ MTA & Admin ✤ Available via github.com/plone
- 18. Choosing your entry point ✤ Choose the Plone Server Role if you wish to pick and choose your stack components. Incorporate it in your own Playbook. ✤ Choose the Plone Playbook if you want the full stack chosen by the Installer Team.
- 19. Plone Server Role: Major Options ✤ Canned or custom buildout ✤ With canned buildout: ✤ ZEO client count ✤ Memory profile ✤ Additional eggs
- 20. Plone Ansible Playbook Full stack components
- 21. Integration Payoff: Client Restart ✤ Playbook knows its component part and can do things like install a client restart script that: ✤ Restarts all ZEO clients ✤ Removes client from haproxy backend before restart ✤ Fetches homepage of each virtualhost after restart to load Zope object cache ✤ Adds client back to cluster after page fetch ✤ Flushes varnish cache
- 22. Playbook: Major Options All Plone Server Role options, plus…
- 23. Playbook Options ✤ Skip installs of haproxy, varnish, Nginx, Munin … ✤ Set up virtual hosts / SSL ✤ Tune cache ✤ Server packages, MOTD ✤ Postfix relay
- 24. But how to customize those variables in a maintainable way? Customization Strategies All options are configured via variables
- 25. Local Customization File ✤ Create a local-configure.yml file with variable settings ✤ Override any setting ✤ Samples provided for several typical configurations ✤ Just copy the sample to local-configure.yml and edit ✤ Pulls will never overwrite local-configure.yml
- 26. sample-medium.yml admin_email: plone_initial_password: timezone: "UTCn" muninnode_query_ips: - ip.of.munin.monitor plone_client_count: 2 plone_zodb_cache_size: 15000 plone_client_max_memory: 750MB
- 27. Use this strategy if you don’t like some of the major stack component choices Alternative Strategy: Fork It You fork it, you own it…
- 28. Testing Ready to test locally via Vagrant. vagrant up does a complete provisioning of a virtualbox using Vagrant’s Ansible provisioner.
- 29. State of the Ansible Kit
- 30. Every customization variable documented Solid Documentation docs.plone.org
- 31. Server Platforms Supported Currently Ubuntu/Debian and CentOS
- 32. Server Platforms … Future But we’d like to do more — with your help.
- 33. ✤ Drinking young chimpanzee, CC BY Tambako The Jaguar Follow, https://www.flickr.com/photos/tambako ✤ Chimpanzee with a snack, CC BY NC SA, Dan, https://www.flickr.com/photos/dgermony/ ✤ Baboons in a row, CC BY Tambako The Jaguar Follow, https://www.flickr.com/photos/tambako ✤ Portrait of a surprised baboon, CC BY Tambako The Jaguar Follow, https://www.flickr.com/photos/tambako ✤ Chacma Baboon - Papio ursinus, CC BY NC SA, Arno Meintjes, https://www.flickr.com/photos/arnolouise/ ✤ Orangutan with baby, CC BY ND, Nathan Rupert, https://www.flickr.com/photos/nathaninsandiego/ ✤ Baby orangutan, CC BY, Daniel Kleeman, https://www.flickr.com/photos/75821270@N00/ ✤ Bornean Orangutan, CC NY ND, Josh More, https://www.flickr.com/photos/guppiecat/ ✤ Mother and baby gibbons eating, CC BY Tambako The Jaguar Follow, https://www.flickr.com/photos/tambako ✤ Portrait of a gibbon, , CC BY Tambako The Jaguar Follow, https://www.flickr.com/photos/tambako ✤ Black and white gibbon, , CC BY Tambako The Jaguar Follow, https://www.flickr.com/photos/tambako ✤ Cute squirrel monkey, CC BY Tambako The Jaguar Follow, https://www.flickr.com/photos/tambako ✤ squirrel-monkeys-at-drusillas-park-zoo-018, CC BY NC ND, Dean Thorpe, https://www.flickr.com/photos/aspexdesign/ ✤ Squirrel monkeys in the grass, CC BY Tambako The Jaguar Follow, https://www.flickr.com/photos/tambako ✤ IMG_4986 (do not feed), CC BY NC, Roland Harvey, https://www.flickr.com/photos/rolymo/ ✤ Cornered, CC BY NC, Esther Simpson, https://www.flickr.com/photos/estherase/ ✤ Howler Monkey WLD_4487, CC BY NC ND, https://www.flickr.com/photos/guppiecat/ ✤ Ooooooo, CC BY NC SA, Len Radin, https://www.flickr.com/photos/drurydrama/ ✤ Say aaahhhh!, CC BY NC ND, Abid Karamali, https://www.flickr.com/photos/abidk/ ✤ Capuchin Monkeys, Manuel Antonio, Costa Rica, CC BY NC SA, Stephen Johnson, https://www.flickr.com/photos/stephenjjohnson/ ✤ Capuchin (tongue), CC BY NC SA, Jim Webber, https://www.flickr.com/photos/wwwebber/ Talk licensed CC BY 2.0 Primate photo licenses and attributions:
Notas del editor
- A delivery stack for Plone adequate for production purposes, plus supporting server requirements like monitoring, log analysis and mail-transfer agent
- There are two major paradigms for automated deployment: containers and orchestration. Containers, for example Docker and Juju. In the container paradigm, the working units are the individual applications that make up the stack.
- With the orchestration paradigm, the units are full servers. A state specification is applied to a server by an orchestration engine. The same specification may build many servers. Background note: I’m not really distinguishing between orchestration and automation.
- The idea of disposable appliances makes full-server automation the right choice for me. Your choices may differ.
- The open-source server provisioning space is dominated by four tools. Chef is built on Ruby and Erlang (no kidding) and uses Ruby for its configuration language. YUCK! Puppet is built on Ruby and uses Ruby for its configuration language. YUCK! SaltStack and Ansible are built in Python and use YAML for configuration. We choose Python.
- The installer team chose Ansible — simply because it made more sense to the people who wanted to work on a Plone server provisioning kit.
- This photo doesn’t have any connection with the subject. Nor do any of the others. They’re just to keep the audience awake :)
- An Ansible, by the way, is a device for instantaneous communication at a distance. It was invented by the physicist Shevek in Ursula K. Le Guin’s marvelous science-fiction novel The Dispossessed. Too bad Ansible Corporation used sports metaphors for the Ansible configuration units.
- YAML: YAML Ain’t Markup Language YAML is used for all Ansible’s configuration specifications. YAML expresses python data structures in a text outline format Basic units: strings, numbers, dictionaries and lists
- This is a fragment of a playbook. It is a list of two items. Each of the items is a dictionary. Each item in this case uses Ubuntu’s “apt” package manager. The second item executes an operation on a list of items specified in a variable.
- Ansible playbooks may use Jinja2’s template language wherever they use strings. Ansible can also copy whole template files to the server. This is a fragment of the buildout.cfg template used in the Plone Ansible kit.
- Galaxy is Ansible’s PyPI
- The top-level playbook — the one you actually run — is mostly a list of roles to be played. This is a fragment from Plone’s Ansible Playbook.
- Since the components of the stack are known in the full playbook, we can use that knowledge for integration. The client restart script is a good example. It uses a lot of knowledge from the stack to manage a smooth client restart. Zero downtime to restart clients (when using more than one client).
- The easiest strategy: use a configuration file.
- Here’s an example local configuration — without the extensive commenting. This sample is aimed at a server with 2GB of RAM and a couple of cores. Sample configs go down to “very small” — targeting a half-gigabyte server.
- Alternatively, fork the toolkit and customize the role use.
- Local testing is amazingly easy. A Vagrant config file is included. Just type “vagrant up” to create your target server in a virtualbox — complete with port mappings for all the major components.
- Want to see the Plone Ansible Playbook on FreeBSD or other servers? So do we. Join the team. Targets should typically be the latest stable or LTS release of an OS or distribution. Remember, cloud servers are disposable; there is no reason to target an old distribution.
- Questions or ideas?