| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by ptdel 2900 days ago

I'm not familiar with your setup, so I'm not sure how much of this is applicable, but I've seen a few different approaches, the all more or less go like this:

* choose a configuration state manager like Salt, Ansible, Chef, Puppet, etc. Of all these I'd probably say Salt is the simplest for somebody approaching this methodology.

* choose a source control management system -- I'd just go with git, and host something on github or gitlab or bitbucket or whatever.

* choose a secure storage medium for the variables that are going to be loaded into your configuration state manager.

* choose some form of automation management tool, Jenkins, Thoughtworks Go, TravisCI, CircleCI, w/e.

You're going to use these in conjunction to gain the following: when a developer pushes code to a specific branch, this push triggers a build on the automation server, which is able to package the code, and distribute it to the nodes managed by your configuration state manager. Aka, a push to your repo makes it all happen (with testing, etc as gatekeepers to deployment of course.)

I'll describe a basic setup I've encountered in the wild using Salt in a master-agent setup (since it's the most basic imo, aside from headless):

-> developer writes some code

   -> developer pushes that code to github

   -> a POST webhook containing branch info is sent to my Jenkins box

   -> Jenkins initiates a build job that pulls down that branch of code

   -> Jenkins uses make (we use make) to build the code branch.

   -> Jenkins deposits the built code artifacts on a fileshare somewhere.

   -> Jenkins calls to the salt-master to update all nodes.

   -> the salt master (which could just be hosted on the Jenkins i guess) tells all minions to update

   -> all minions pull the new code and HUP themselves.

Salt uses yaml files to define the desired state you want, this includes installing deps, installing config files, loading files, blah blah.

I use Jenkins Groovy pipelines (which I'm not that crazy about) to ensure that the Jenkins jobs themselves are captured as code and are repeated the same way each time across my make build steps. I work in AWS, so the machines I use, the bootstraps they boot with, the desired state config files, and everything are defined as code in some regard.

You should attempt to push for 'desired state' and move towards 'immutable state'.

I would also strongly consider looking at the other options aside from salt, it's only so-so.