Best practices for deploying 100 apps in multiple environments

Archives Ansible Project
1

Hello,

We are currently using Ansible to provision VMs with developer tools for a java workshop (jenkins, maven, sonarqube, nexus, svn, redmine …). We’re now considering using it for deploying our java applications to our dev, staging and production environments.

All of our java web applications are currently deployed as executable jars. We currently deploy them with a bash script that takes the following parameters:

  • maven GAV Group id / Artifact Id / Version for the jar to be deployed
  • Java parameters for the application (memory, GC, http port, context path…)
    The script is also responsible for installing a system service and enabling it on startup.

For each applications we also need to perform the following tasks by hand:

  • configure our reverse proxy (haproxy) to direct http traffic to the applications
  • configure zabbix for monitoring
  • configure our logstash forwarder instance to direct the logs produced by the application to our logstash instance
  • configure the firewall to open the required ports
  • create a jenkins job for updating the application

This has worked for us for some time but the number of applications is quickly increasing. We are approaching 100 applications and we think we can do better with Ansible by automating almost everything. We are also considering deploying more than one instance of our applications to provide high availability. This Ansible example (https://github.com/ansible/ansible-examples/tree/master/lamp_haproxy) does a good job at showing how to do this for a single application but I’m wondering what the community is thinking about scaling this to a hundred applications which are all almost the same deployment wise.

Is it better to create a single configurable role or is it better to create a dedicated role for each application?
In the latter case how can the common logic be shared? Is it possible to use a role from within a role?

I believe the best practice would be to have a group per application in the inventory listing all the hosts where the application should be deployed. Am I correct?

How can I have a single rolling_update.ml file where the app and version are specified at runtime?

We would also like the application version to be defined at runtime since non technical users are responsible for deploying new versions of the application. Is there a recommended way to do so.

For dealing with multiple environments we are looking into this blog post http://www.geedew.com/setting-up-ansible-for-multiple-environment-deployments/ . Is it generally accepted as a good practice?

Thanks

2

There are many ways to do this, I have done very similar setups with
java, C and python apps.

I recommend you create generic roles for the load balancers and any
other 'shared/common' services.

Afterwards, you can have either app roles or 'app type' roles for
similar apps that only differ in some data you can pass in a variable
(you know your apps, you decide).
These app roles can then depend on the shared/common roles to ensure
everything is as expected.

I personally kept very strict naming conventions which allowed me to
know by machine name what lived where, it made making groups very
easy, then I used groups to bind hosts to the apps.

you can have a single rolling_update.yml, it might be made up by roles
or by other plays through includes.

^ just one way of doing it, a lot depends on your context which is why
ansible is flexible and can be adapted to the workflow you need.