Status: Draft / Work in progress
This is my opinionated guideline to deploy one application:
- Follow The Twelve-Factor App methodology
- Your applications:
- Store your app configuration in the environment variable
- Write log messages to stdout
- If you can don't save data directly on file system but use Object storage system like Minio ❤️, S3...
- Provide database upgrade and downgrade migration script, use tools like migrate ❤️ or alembic
- Provide demo test data (for development environment)
- Provide script to anonymize customer private data, like this tool mysql-anonymize
- Use Docker container everywhere
- Strictly separate container build (use CI to build your application Docker images) and container run stages
- Use Infrastructure as Code tools (installation/configuration with Web Console, Ssh… is denied):
- Try to use Infrastructure as a service platform like Packet Scaleway, DigitalOcean, Vultr, AWS, Google Cloud Platform
- Use Terraform ❤️ (you can also use Ansible, Puppet…) to manage your infrastructure
- Maybe use Packer to directly install pre configured OS (with Docker, Node exporter…)
- Use Ansible ❤️, Puppet, Salt, or Chef configuration management tool to install and configure your application on your infrastructure
- Use DnsControl, Terraform Provider or Ansible Cloud Modules to manage your DNS Configuration
- Don't store uncrypted secrets in Git, use Pass or better, install and use HashiCorp Vault
- Backup your application data:
- If your application use PostgreSQL database, configure 25.3. Continuous Archiving and Point-in-Time Recovery (PITR) (see POC wal-g - Archival and Restoration for Postgres)
- If your application store data on filesystem, you can use Restic to backup your files (see POC Restic with Docker)
- Sentry up with your application to track errors
- Docker log to centralized logging system. I suggest Fluentd/Fluentbit ❤️ + Loki ❤️ + Grafana ❤️
- Monitor your servers, I suggest this stack Prometheus ❤️ + Node exporter ❤️ + Grafana ❤️ + alertmanager ❤️
- Export your app monitoring data to Prometheus
- Do things that don't scale
- First install your application on one server or one server by service. Use simply docker-compose with watchtower ❤️ (You can read also my document named « My opinionated microservice deployment guideline »)
- Next, when you master
docker-composedeployment, you can migrate to Docker Swarm instead Ansible, see Sentry deployment with Swarm - When you need to scale your service, simply migrate your Docker-compose configurations to Kubernetes cluster
- Provide script to execute load testing
- Deploy several environments:
- Production environment
- Staging environment
- Test environemnt
- If possible, one environement by branch
- Install Continuous delivery system
Ressources: