Scripts for managing our deployments.
Before you can deploy you'll need to install the appropriate tools, scripts, and keys on your local machine. To do so, execute the following steps:
-
Install Ansible v2.2.1.0 (the deploy automation tool we use to deploy projects to production) Installation: http://docs.ansible.com/intro_installation.html Upgrading:
sudo pip install ansible==2.2.1.0or http://docs.ansible.com/ansible/intro_installation.html#latest-releases-via-pip -
Install JMESPath:
pip install jmespath-terminal -
Get the latest devops-scripts (the recipes that we use to deploy various projects) https://github.com/CodeNow/devops-scripts
-
Change to the devops scripts repo directory and run the following command:
ln -s /<local-path-to-devops-scripts>/ssh/config ~/.ssh/config -
Obtain the "Ansible Secrets" zip for the environment you want to deploy (or create the new environment following ./environments/README.md)
-
Unzip file obtained above into
devops-scripts/environments/${YOUR_ENV}/secrets -
Copy the
*.pemfiles fromdevops-scripts/ansible/secretsto your~/.sshdirectory -
Install two required tools onto your machine:
brew update && brew install vault daemonAt this point you should be capable of deploying; keep reading to find out how to actually perform a deploy!
- IMPORTANT: always pull latest devopts-scripts (
git pull origin master) - IMPORTANT: Before you deploy a new version of any project make sure to determine which version of the project is currently deployed. This way you can quickly revert to the last stable release if something goes wrong after pushing a new version.
To determine the latest deploy tag for a project please check the project's repository on
github and look for the latest release tag (should be in the form vX.Y.Z). Once you've located the tag,
copy it down somewhere that is easily and quickly accessible (you may need to use it quickly if something goes wrong).
- WARNING: If you were unable to determine the last deploy tag for a project and cannot revert STOP. Ask someone on the team for help before continuing.
- IMPORTANT: All commands should be run from the
devops-script/ansibledirectory.
Please note that there are playbook that require encrypted ansible vault files. If you see the following error:
ERROR: A vault password must be specified to decrypt # snipyou will need to re-run the playbook with:
--ask-vault-passBuild and deploy a service to the latest tag of its repository. This will build the docker image needed to run the container on our infrastructure.
Build and deploy a service to a specific branch or tag on its repository. This performs a build of the docker image needed to run the service on our architecture.
ansible-playbook -i ../[inventory_dir] [service-playbook] -e @../environments/[gamma-or-delta]/main.yml -e git_branch=[branch-or-tag] -t deploy
[inventory_dir]- The environment inventory files (servers and variables). Should be one of the following:/enviroments/stage- Runnable sandbox staging environment services/environments/gamma- Gamma services (internal use only; production mirror)/environments/delta- Delta services (real production)
[main-var-file]- The file with the main variables for the environment[service-playbook]- The playbook for the service you wish to deploy, ex:api.yml- Deploys both the api and the api-workers servicesshiva.yml- Deploys the shiva micro-servicecharon.yml- Deploys a specific version of charon DNS to all docks
[branch-or-tag]- The branch or tag you wish to deploy, ex:-e git_branch=v1.9.9(version tag)-e git_branch=my-feature-branch(branch)-e git_branch=3928745892364578623(specific commit)
Forces a rebuild of a docker image for the given service at the given branch or tag and then deploys the newly created image. This is useful when a previously deployed branch has new changes that need to be deployed to an environment.
Generally this command is only used with gamma-hosts/ as it is often used to update code
being tested in the production mirror.
ansible-playbook -i ../[inventory_dir] [service-playbook] -e @../environments/[gamma-or-delta]/main.yml] -e git_branch=[branch-or-tag] -t deploy -e build_args=--no-cache
[inventory_dir]- The environment inventory files (servers and variables).[main-var-file]- The file with the main variables for the environment[service-playbook]- The playbook for the service you wish to deploy.[branch-or-tag]- The branch or tag you wish to deploy.
If, for some reason, the new deploy is not operating as expected you can quickly revert by referencing the tag you collected in Step 1. Simply run the appropriate deploy command in the previous section with the last release tag and the new deploy will be reverted.
- IMPORTANT: Make sure to play the song loud and proud when deploying!
It is the custom at Runnable to play a song to the entire team when deploying. For each of the repositories here are the respective songs: