Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Self host part 2 #702

Open
wants to merge 2,786 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 250 commits
Commits
Show all changes
2786 commits
Select commit Hold shift + click to select a range
2a90780
Added starlord.yml
May 8, 2017
fa6fdbd
Merge remote-tracking branch 'origin/master' into SAN-6926-starlord-3
May 8, 2017
9163d32
Removed npm_version because it was causing failed builds.
May 8, 2017
daf8b10
Fixed deployment
May 8, 2017
754973d
Fixed deployment
May 8, 2017
53f3a4c
Added deploy song
May 8, 2017
f757a01
words
May 8, 2017
7632b90
Removed registry file
May 8, 2017
d759c1c
Removed container_run_opts
May 8, 2017
79d9e90
Fix status (#657)
anandkumarpatel May 8, 2017
50ccb43
Created an aws_region variable
May 8, 2017
fe44f97
Merge branch 'master' into SAN-6926-starlord-3
Myztiq May 8, 2017
89f0b2f
Added delta-user-vault credentials
May 8, 2017
ee103bd
Updated auth tokens and readme
May 8, 2017
ec5758c
San 6323 fix crons (#656)
anandkumarpatel May 9, 2017
65b6b9e
Remove the bad lines so the deploy works.
damienrunnable May 9, 2017
bf2e0e5
Merge pull request #658 from CodeNow/fix-web
damienrunnable May 9, 2017
4a943d8
pass vault endpoint env
podviaznikov May 9, 2017
6db539a
fix env location
podviaznikov May 9, 2017
ee564dd
rename env
podviaznikov May 9, 2017
ba0bdf4
Merge pull request #649 from CodeNow/SAN-6926-starlord-3
Myztiq May 9, 2017
651a8d9
add datadog to clio (#660)
anandkumarpatel May 9, 2017
e1253e5
Share hostname (#659)
anandkumarpatel May 9, 2017
3fe8b22
fix ssl location (#661)
anandkumarpatel May 10, 2017
3836737
update version
podviaznikov May 10, 2017
0970f81
Merge branch 'master' into 5-2-update-dock-init-and-charon
podviaznikov May 10, 2017
4b0f713
pass USER_VAULT envs into dock init
podviaznikov May 10, 2017
50d776e
save use vault access token
podviaznikov May 12, 2017
0d4dbb0
envs
podviaznikov May 12, 2017
f460bd4
user vault
podviaznikov May 12, 2017
4b470b4
refactor
podviaznikov May 12, 2017
33b39fe
update scripts
podviaznikov May 13, 2017
a4f0df1
fix dock.sh generation
podviaznikov May 15, 2017
e03fe3f
Add graphql port for Eru, add multiple upstreams for services in ngin…
May 15, 2017
5af574c
Update nginx ingress proxy configuration to allow for multiple upstre…
May 16, 2017
b6007f7
Merge pull request #663 from CodeNow/change-ingress-ports
tosih May 16, 2017
11bbd0d
update template and gamma configs
May 16, 2017
83cc52e
Merge pull request #664 from CodeNow/hotfix-ingress-eru
tosih May 16, 2017
8c46953
Update gamma ingres proxy k8 configs.
May 16, 2017
f9148e9
Added keymaker configurations.
May 16, 2017
b9b09b8
Removed installing of postgres client
May 16, 2017
240c225
Added keymaker pg password for gamma
May 16, 2017
c01cc0f
Created password for keymaker on delta
May 16, 2017
dbd504c
Fixed var name
May 16, 2017
ce39231
Added keymaker to localhost
May 16, 2017
68b98ba
Fixed node version
May 16, 2017
303a39d
Merge pull request #665 from CodeNow/gamma-ingress-proxy-k8
tosih May 17, 2017
fa57986
Update k8 deployment for api delta/gamma.
May 17, 2017
858643d
Merge branch 'master' into 5-2-update-dock-init-and-charon
podviaznikov May 17, 2017
4c54ae7
Removed unused postgres strings.
May 17, 2017
0399481
Changed port.
May 17, 2017
4e58cde
Fix tagging of image builder
thejsj May 17, 2017
a2d0363
Added builder role back in so it publishes to quay.
May 17, 2017
7ccf31c
Change way we deploy image-builder
thejsj May 17, 2017
6eb6cc4
We don't need 4 replicas
May 17, 2017
d0eda67
Change host. Add comment
thejsj May 17, 2017
1862b6c
Merge pull request #666 from CodeNow/SAN-6252-keymaker
Myztiq May 18, 2017
691eeb5
update node version to the tested one
podviaznikov May 18, 2017
0bddbc6
Add ability to add default dockerfile
thejsj May 18, 2017
4ee579e
Merge branch 'fix-image-builder-push' of github.com:CodeNow/devops-sc…
thejsj May 18, 2017
b4abbc9
Change role to just use build_with_dockerfile
thejsj May 18, 2017
9447bef
Updated
May 18, 2017
a44b903
make vault public (#669)
anandkumarpatel May 18, 2017
ca66634
Merge remote-tracking branch 'origin/master' into 5-2-update-dock-ini…
May 18, 2017
c580845
Remove unused vars
thejsj May 18, 2017
ba22cc4
Merge branch 'master' into fix-image-builder-push
thejsj May 18, 2017
4d37ce0
Merge pull request #667 from CodeNow/fix-image-builder-push
thejsj May 18, 2017
bed07a6
Update dock-init version
May 18, 2017
0240417
Uncomment
May 18, 2017
d44b9e8
Merge branch 'master' into 5-2-update-dock-init-and-charon
podviaznikov May 18, 2017
2e1de5e
minor
podviaznikov May 18, 2017
6adc247
revert
podviaznikov May 18, 2017
aa07d0f
set user vault envs
podviaznikov May 18, 2017
7cfb217
udpates
podviaznikov May 18, 2017
13e51bf
change image builder version
podviaznikov May 19, 2017
a40bc01
Rename all k8 files to add .yml extension
thejsj May 19, 2017
116e81c
Merge remote-tracking branch 'origin/master' into 5-2-update-dock-ini…
May 23, 2017
e598237
Update image builder version
May 23, 2017
1ce3cf1
Merge branch '5-2-update-dock-init-and-charon' of https://github.com/…
May 23, 2017
020918c
Uncomment
May 23, 2017
beef482
hotfix port router
May 23, 2017
cad2509
Merge branch 'master' of https://github.com/CodeNow/devops-scripts
May 23, 2017
dfe69e7
update certs (#676)
anandkumarpatel May 23, 2017
b5c5b11
Update BP Postgres password
thejsj May 23, 2017
2b95bae
Merge pull request #677 from CodeNow/update-bp-pg-password
thejsj May 23, 2017
f930973
Remove terraform. We never use this. (#670)
thejsj May 23, 2017
ff32a9b
feedback
podviaznikov May 24, 2017
c3d51fd
back
podviaznikov May 24, 2017
475f2f0
remove whitespace
podviaznikov May 24, 2017
7cbb84e
Merge pull request #647 from CodeNow/5-2-update-dock-init-and-charon
henrymollman May 24, 2017
356c1a9
Hotfix cron jobs so we cleanup properly and don't try to run a whole …
May 24, 2017
3919d2a
Updated cron job template
May 24, 2017
d4ea26d
Moved vars to the right locations
May 24, 2017
935824b
Updated policies for delta
May 24, 2017
60ac711
Added deadline for job.
May 24, 2017
b9a6427
Replace -> Forbid, bumped timeout by 5 minutes.
May 24, 2017
a7d02f4
Replace instead of forbid.
May 24, 2017
e3c704c
Merge pull request #678 from CodeNow/hotfix-cron
Myztiq May 24, 2017
f8368a5
bump palantiri
May 24, 2017
39f83c2
Remove unused code (#671)
thejsj May 24, 2017
c56639a
Remove local inventory (#674)
thejsj May 24, 2017
41a5ebf
Merge branch 'master' into rename-all-files-to-yml
thejsj May 24, 2017
7778d07
Merge pull request #673 from CodeNow/rename-all-files-to-yml
thejsj May 24, 2017
249683c
Update shiva version.
May 24, 2017
26939db
Add registry login/logout to container start
May 24, 2017
0283ac8
Added log level for keymaker.
May 25, 2017
b631f68
Added keymaker mappings for API. (#681)
Myztiq May 25, 2017
51a302c
Removed build tag
May 25, 2017
dda9f6d
Add user_vault_load_balancer
May 25, 2017
144cb6b
Merge pull request #682 from CodeNow/add-user-vault-to-shiva
henrymollman May 25, 2017
1d4da23
Merge pull request #679 from CodeNow/5-24-fix-runnable-angular-deploy…
thejsj May 26, 2017
0133222
better prom for kube
May 26, 2017
e41d4f4
add prom files
May 26, 2017
9a12dea
remove k8
May 26, 2017
f1b8477
Merge pull request #680 from CodeNow/keymaker-log-level
Myztiq May 28, 2017
a3b0593
Move inventories
thejsj May 30, 2017
df533d4
Keep k8 directories
thejsj May 30, 2017
e63ba81
Update gitignore
thejsj May 30, 2017
c0b7ba5
Add .gitkeep to directories
thejsj May 30, 2017
017bf26
Add .gitkeep to directories
thejsj May 30, 2017
4695e63
Update gitignore
thejsj May 30, 2017
266b3ff
Add new directories
thejsj May 30, 2017
238add2
Change domain roots
thejsj May 30, 2017
deffda9
Change directory. Add check
thejsj May 30, 2017
b27cb52
Change certs root in docker_client
thejsj May 30, 2017
02c51cf
Remove unnecessary gitignore rule
thejsj May 30, 2017
4a11905
Fix docker-client directory
thejsj May 30, 2017
920322b
Move files to inventory directory
thejsj May 30, 2017
8494a31
Add script to generate client certs
thejsj May 30, 2017
f5baa43
Add generation of docker client certs
thejsj May 30, 2017
a26ac6c
Add creation of chained.pem and dhparam.pem
thejsj May 30, 2017
b431d6d
Update gitignore
thejsj May 30, 2017
c16f369
Update the instance id to fork from
May 30, 2017
dea7658
Add changes
thejsj May 30, 2017
21ea886
Fix changes in genClientCert
thejsj May 30, 2017
0db1b07
Fix typo
thejsj May 30, 2017
8535dc0
Update READMEs
thejsj May 30, 2017
8495bf8
Fix volume ids
thejsj May 30, 2017
b7eed63
Fix docker-client generate script
thejsj May 30, 2017
7a801f8
Adding files to gitignore
thejsj May 30, 2017
be816d6
Move inventory files to a variable file
thejsj May 31, 2017
79bfbb6
Fix env name
thejsj May 31, 2017
120a376
Remove debug statement. Change to localhost
thejsj May 31, 2017
c8da894
Move/Add/Remove READMEs
thejsj May 31, 2017
7898924
Update README
thejsj May 31, 2017
c642cb9
Update README
thejsj May 31, 2017
1833012
Merge pull request #683 from CodeNow/move-inventories-2
thejsj May 31, 2017
ae76d42
SAN-6255 Pass the redirect url
damienrunnable Jun 1, 2017
9c5cf18
Move package.json (#687)
thejsj Jun 2, 2017
0b1da9b
SAN-6255 Missing the app part
damienrunnable Jun 2, 2017
2009fd6
Merge pull request #686 from CodeNow/SAN-6255
damienrunnable Jun 2, 2017
22c56f3
Fix minor issues with swarm-cloudwatch-rpoerter
thejsj Jun 6, 2017
64e0b86
Dont inject CA in furry cactus
thejsj Jun 7, 2017
76f1a60
Remove duplicate key in main.yml
tosih Jun 7, 2017
49166fe
Merge pull request #690 from CodeNow/dont-inject-ca
thejsj Jun 7, 2017
f6dfc9b
Remove duplicate docker_config in all.yml
tosih Jun 7, 2017
bacf4cc
Create README.md
anandkumarpatel Jun 9, 2017
ec002f7
Give mongo migrate the variables it needs
Nathan219 Jun 9, 2017
13e0700
Merge pull request #692 from CodeNow/set-envs-for-api-mongo-migrate
Nathan219 Jun 10, 2017
b3123de
Update image builder version
Jun 12, 2017
4f97f19
Merge pull request #693 from CodeNow/SAN-6200-add-ssh-keys
henrymollman Jun 12, 2017
aaf7fd5
Add preliminary deploy files.
Jun 7, 2017
754dcb4
Add delta vars, and fix changes from before.
Jun 7, 2017
80b37bc
Update Song for Praful
Jun 12, 2017
a1ed5ea
Fixes for Anand and fix jira user/pass
Jun 12, 2017
3b13f3c
Merge pull request #691 from CodeNow/add-customerbot
tosih Jun 12, 2017
ae5e1f9
Hotfix to add customerbot to delta hosts.
Jun 12, 2017
64a8178
Cleanup readme.md
Jun 12, 2017
b68c05a
use >> not > to chain certs (#694)
anandkumarpatel Jun 13, 2017
e92b80c
Fix chained gen (#695)
anandkumarpatel Jun 13, 2017
b7c8a6c
update npm token
Jun 13, 2017
0a720a8
add limits to cron (#696)
anandkumarpatel Jun 13, 2017
b023ab0
Add container net alert (#688)
anandkumarpatel Jun 13, 2017
05de2b5
Merge remote-tracking branch 'origin/master' into update-network-cana…
Jun 14, 2017
d8ff0d0
remove delta-host variables
Jun 14, 2017
34ce8a5
Merge pull request #684 from CodeNow/update-network-canary-instance
henrymollman Jun 14, 2017
6a9d18a
Re-add docker_client role
thejsj Jun 16, 2017
0548ae1
Update consul-values job
thejsj May 31, 2017
5044e85
Add consul/vault updates
thejsj May 31, 2017
1829489
Remove unsealing of the vault. Vault should already be unsealed.
thejsj Jun 1, 2017
8155e3b
Revert consul-values. Change to use pip module.
thejsj Jun 1, 2017
7cedd80
Add consul-values-job
thejsj Jun 1, 2017
c5ba6f6
Add job to create mongo users automatically
thejsj Jun 1, 2017
fb6c73b
Add job to create exchanges automatically
thejsj Jun 1, 2017
8578093
Add default variables for rollbar keys
thejsj Jun 1, 2017
d15c128
Add more defaults to variables (Mixpanele and Stripe)
thejsj Jun 1, 2017
c864c3b
Change runnable angular and enterprise-sign-in into jobs
thejsj Jun 1, 2017
f512d67
Move rollbar key to environments
thejsj Jun 1, 2017
c286902
Fix mongo auth for navi and link
thejsj Jun 1, 2017
9d8972a
Fix ansible_undefined variable
thejsj Jun 5, 2017
799ba36
Re-adding new line
thejsj Jun 16, 2017
2d7ab01
Merge pull request #689 from CodeNow/fix-swarm-cloudwatch-reporter-stuff
thejsj Jun 16, 2017
b4e272d
Change to consul_url
thejsj Jun 16, 2017
6534a0e
Fix ENV stuff. Fix storage gb vars
thejsj Jun 16, 2017
be9ac2d
Add newline
thejsj Jun 16, 2017
5330bce
Merge pull request #685 from CodeNow/add-new-self-hosted-environment
thejsj Jun 16, 2017
5605514
Revert "Add new self hosted environment Part 1"
thejsj Jun 17, 2017
5950203
Merge pull request #697 from CodeNow/revert-685-add-new-self-hosted-e…
thejsj Jun 17, 2017
9ab64c0
Revert "Revert "Add new self hosted environment Part 1""
thejsj Jun 19, 2017
7b6d6aa
Fixing navi/link stuff
thejsj Jun 17, 2017
c57d6c5
add JMESPath requirement
runnabro Jun 19, 2017
88a7d02
Make mongo usernames/password consistent
thejsj Jun 19, 2017
07f32cb
fix numbering
runnabro Jun 19, 2017
b1a7a85
add .. and main.yml to commands
runnabro Jun 19, 2017
01327d1
add gamma volume
Jun 19, 2017
19c4031
Fix navi and links hosts
thejsj Jun 20, 2017
452bd49
Change images to trusy
thejsj Jun 20, 2017
2d8c8f6
Merge pull request #698 from CodeNow/revert-697-revert-685-add-new-se…
thejsj Jun 21, 2017
b2faef3
Fix building of app and enterprise-sigin-in
thejsj Jun 21, 2017
1efa734
Small fixes
thejsj Jun 22, 2017
5340ed4
Fix repleset envs. .Add HelloRunnable github id
thejsj Jun 27, 2017
520611b
Add LoadBalancer source ranges
thejsj Jun 27, 2017
4ba22dc
Added readiness probe
Jun 28, 2017
1b0b017
http -> tcp
Jun 28, 2017
8a262e6
http -> tcp
Jun 28, 2017
35ac3c8
Updated to use API_port
Jun 28, 2017
a64daaa
Add DOCKER_IMAGE_BUILDER_HOST_CONFIG_PATH env var.
Jun 28, 2017
2149856
Merge pull request #701 from CodeNow/add-ecr-env-var-for-api
tosih Jun 28, 2017
5fda823
Merge pull request #700 from CodeNow/add-readiness-probe
Myztiq Jun 28, 2017
8d5255c
Add self-hosted bastion settings
thejsj Jun 29, 2017
f48c052
Fix ssh config
thejsj Jun 29, 2017
db2e857
Add consul and vault LBs (Theyre currently public)
thejsj Jun 29, 2017
4f9d052
Fix AWS access key issues. Fix swarm issues. Fix consule access issues
thejsj Jun 30, 2017
8219816
Add files to git ignore
thejsj Jul 5, 2017
140841f
Fixing stuff
thejsj Jul 5, 2017
2a00993
fix prom vol
Jul 5, 2017
3283c8a
Merge pull request #699 from CodeNow/add-JMESPath-requirement
runnabro Jul 5, 2017
6f4e6ae
use multiport navi (#704)
anandkumarpatel Jul 6, 2017
39ea1ff
SAN-6473
damienrunnable Jul 7, 2017
1569303
Add single-host files
thejsj Jul 7, 2017
60b39bb
SAN-6473 Code review
damienrunnable Jul 7, 2017
b49b32f
Merge pull request #705 from CodeNow/SAN-6473
damienrunnable Jul 7, 2017
92eda33
Merge branch 'master' into self-host-part-2
damienrunnable Jul 7, 2017
7aec33f
SAN-6473
damienrunnable Jul 7, 2017
26f4e92
Add mongo-seed-db k8 job.
Jul 7, 2017
0799267
Clean up yml.
Jul 7, 2017
c2cb8e7
Fixes for Jorge.
Jul 7, 2017
25025e2
Fixes for Jorge II
Jul 7, 2017
04cdb75
Add api_base env vars.
Jul 7, 2017
fd7ce20
Go back to old envs.
Jul 7, 2017
1045234
Add higher log level.
Jul 7, 2017
05679e7
Merge pull request #706 from CodeNow/add-mongo-seed-job
tosih Jul 7, 2017
fccc2d0
Update group vars
thejsj Jul 13, 2017
aa9da9b
Update roles
thejsj Jul 13, 2017
51a853d
Update git ignore
thejsj Jul 13, 2017
9c2b62c
update gamma main variables
thejsj Jul 13, 2017
9521294
Update self-hosted-2 vars
thejsj Jul 13, 2017
b9416c9
Update gitignore
thejsj Jul 13, 2017
5a1747c
Delete dock user-data scripts
thejsj Jul 13, 2017
dec8668
Fix charon API token
thejsj Jul 14, 2017
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
24 changes: 24 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
node_modules
*.pem
pass
.pass
hellorunnable
dump.rdb
erl_crash.dump
npm-debug.log
ca.srl
.DS_Store
ansible/roles/hipache/templates/runnable*
enviroments/**/k8/**/configMaps/*cert*
environments/*/secrets/**/*
# Leaving for now while PR is merged
environments/*/k8
# Meant to not break anything. Might remove later
environments/runnable-on-prem-test
*.retry
*.tfstate*
terraform/credentials.tfvars
terraform/.build
ansible/secrets/*
ansible/single-host-part-*.yml
.idea
38 changes: 38 additions & 0 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
FROM ubuntu:14.04

RUN apt-get update -y
RUN DEBIAN_FRONTEND=noninteractive apt-get install --no-install-recommends -y -q unzip build-essential python-pip python-dev python-yaml libxml2-dev libxslt1-dev zlib1g-dev git curl sshpass openssh-client
RUN pip install --upgrade pyyaml jinja2 pycrypto

RUN curl -sL https://deb.nodesource.com/setup_7.x | sudo -E bash - && \
apt-get install -y nodejs

RUN curl -O https://releases.hashicorp.com/vault/0.6.3/vault_0.6.3_linux_amd64.zip && \
unzip ./vault_0.6.3_linux_amd64.zip -d /bin && \
chmod +x /bin/vault

RUN git clone git://github.com/ansible/ansible.git --recursive /opt/ansible

RUN cd /opt/ansible && \
git checkout v2.1.3.0-1 && \
git submodule update --init --recursive && \
bash -c 'source ./hacking/env-setup'

ENV PATH /opt/ansible/bin:$PATH
ENV PYTHONPATH /opt/ansible/lib:$PYTHONPATH
ENV MANPATH /opt/ansible/docs/man:$MANPATH

ADD ./ssh /root/.ssh
RUN echo 'eval `ssh-agent`' >> /root/start.sh
RUN echo 'ssh-add /root/.ssh/id_rsa' >> /root/start.sh
RUN echo 'npm start' >> /root/start.sh
RUN chmod +x /root/start.sh

ADD ./ansible/ /ansible
RUN cd /ansible && npm install

ADD ./deployer/ /deployer
RUN cd /deployer && npm install

WORKDIR /deployer
CMD /root/start.sh
23 changes: 23 additions & 0 deletions PULL_REQUEST_TEMPLATE.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
We should treat our k8 files as compiled files, since we don't actually (http://blog.andrewray.me/dealing-with-compiled-files-in-git/). We should probably wait some time until we actually have more confidence in our compilation.

[//]: # (Let's get your best description here about what's happend! Here's a list as well, if you like:)

* I removed this function
* I fixed all these things, etc.

#### Dependencies

- [ ] list dependencies (eg, PR from another branch or repo; tags or versions required prior to deployment)

#### Tests

> Test any modifications on one of our environments.

- [ ] tested on _environment_ by _someone_

#### Deployment (post-merge)

> Ensure that all environments have the given changes.

- [ ] deployed to gamma
- [ ] deployed to delta
150 changes: 149 additions & 1 deletion README.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,152 @@
devops-scripts
==============

devops-scripts
Scripts for managing our deployments.

# How to Deploy at Runnable
## Setup

Before you can deploy you'll need to install the appropriate tools, scripts, and keys on your local machine.
To do so, execute the following steps:

1. Install Ansible v2.2.1.0 (the deploy automation tool we use to deploy projects to production)
Installation: http://docs.ansible.com/intro_installation.html
Upgrading: `sudo pip install ansible==2.2.1.0` or http://docs.ansible.com/ansible/intro_installation.html#latest-releases-via-pip

2. Get the latest devops-scripts (the recipes that we use to deploy various projects)
https://github.com/CodeNow/devops-scripts

3. Change to the devops scripts repo directory and run the following command:
`ln -s /<local-path-to-devops-scripts>/ssh/config ~/.ssh/config`

4. Obtain the "Ansible Secrets" zip for the environment you want to deploy (or create the new environment following [./environments/README.md](./environments/README.md))

5. Unzip file obtained above into `devops-scripts/environments/${YOUR_ENV}/secrets`

6. Copy the `*.pem` files from `devops-scripts/ansible/secrets` to your `~/.ssh` directory

7. Install two required tools onto your machine:
```bash
brew update && brew install vault daemon
```

At this point you should be capable of deploying; keep reading to find out how to actually perform a deploy!

## Deploying Services
- **IMPORTANT:** always pull latest devopts-scripts (`git pull origin master`)
- **IMPORTANT:** Before you deploy a new version of any project make sure to determine which version of the project is currently deployed. This way you can quickly revert to the last stable release if something goes wrong after pushing a new version.

### Step 1: Determine the Current Deploy Version
To determine the latest deploy tag for a project please check the project's repository on
github and look for the latest release tag (should be in the form `vX.Y.Z`). Once you've located the tag,
copy it down somewhere that is easily and quickly accessible (you may need to use it quickly if something goes wrong).

### Step 2: Deploy the Project via `ansible-playbook`

- **WARNING:** If you were unable to determine the last deploy tag for a project and cannot revert **STOP**.
Ask someone on the team for help before continuing.
- **IMPORTANT:** All commands should be run from the `devops-script/ansible` directory.

#### Ansible Vault

Please note that there are playbook that require encrypted [ansible vault](http://docs.ansible.com/ansible/playbooks_vault.html) files. If you see the following error:

```bash
ERROR: A vault password must be specified to decrypt # snip
```

you will need to re-run the playbook with:

```bash
--ask-vault-pass
```

#### Latest Tag
Build and deploy a service to the latest tag of its repository. This will build
the docker image needed to run the container on our infrastructure.

#### Branch or Tag
Build and deploy a service to a specific branch or tag on its repository. This performs a build
of the docker image needed to run the service on our architecture.

##### Command
```
ansible-playbook -i ./[inventory_dir] [service-playbook] -e @[main-var-file] -e git_branch=[branch-or-tag] -t deploy
```

##### Arguments
- `[inventory_dir]` - The environment inventory files (servers and variables). Should be one of the following:
- `/enviroments/stage` - Runnable sandbox staging environment services
- `/environments/gamma` - Gamma services (internal use only; production mirror)
- `/environments/delta` - Delta services (real production)
- `[main-var-file]` - The file with the main variables for the environment
- `[service-playbook]` - The playbook for the service you wish to deploy, ex:
- `api.yml` - Deploys both the api and the api-workers services
- `shiva.yml` - Deploys the shiva micro-service
- `charon.yml` - Deploys a specific version of charon DNS to all docks
- `[branch-or-tag]` - The branch or tag you wish to deploy, ex:
- `-e git_branch=v1.9.9` (version tag)
- `-e git_branch=my-feature-branch` (branch)
- `-e git_branch=3928745892364578623` (specific commit)

##### Rebuild and Deploy Tag or Branch (No Cache)
Forces a rebuild of a docker image for the given service at the given branch or tag and then deploys the
newly created image. This is useful when a previously deployed branch has new changes that need to
be deployed to an environment.

Generally this command is only used with `gamma-hosts/` as it is often used to update code
being tested in the production mirror.

##### Command
```
ansible-playbook -i ./[inventory_dir] [service-playbook] -e @[main-var-file] -e git_branch=[branch-or-tag] -t deploy -e build_args=--no-cache
```

##### Arguments
- `[inventory_dir]` - The environment inventory files (servers and variables).
- `[main-var-file]` - The file with the main variables for the environment
- `[service-playbook]` - The playbook for the service you wish to deploy.
- `[branch-or-tag]` - The branch or tag you wish to deploy.

## Reverting
If, for some reason, the new deploy is not operating as expected you can quickly revert by referencing the tag you collected in Step 1.
Simply run the appropriate deploy command in the previous section with the last release tag and the new deploy will be reverted.

## Deploy Songs

- **IMPORTANT:** Make sure to play the song loud and proud when deploying!

It is the custom at Runnable to play a song to the entire team when deploying. For each of the repositories here are the respective songs:

| Service | Deploy Song Link |
| ------- | ---------------- |
| api / api-workers | [Push it - Rick Ross](https://www.youtube.com/watch?v=qk2jeE1LOn8) |
| arithmancy | [onerepublic - Counting Stars](https://www.youtube.com/watch?v=hT_nvWreIhg) |
| big poppa | [Big Poppa - The Notorious B.I.G.](https://www.youtube.com/watch?v=phaJXp_zMYM) |
| charon | [Enter Sandman - Metallica](https://www.youtube.com/watch?v=CD-E-LDc384) |
| clio | [Billy Joel - We Didn't Start the Fire](https://www.youtube.com/watch?v=eFTLKWw542g) |
| cream | [C.R.E.A.M. - Wu-Tang Clan](https://www.youtube.com/watch?v=PBwAxmrE194) |
| customerbot | [Trailer Park Boys Theme](https://www.youtube.com/watch?v=dI6Drn3OA70) |
| deployer | [Rollout - Ludacris](https://www.youtube.com/watch?v=t21DFnu00Dc) |
| detention | [Unbreakable Kimmy Schmidt](https://youtu.be/CV9xF8CjhJk?t=21s) |
| docker-listener | [Call Me Maybe - Carly Rae Jepsen](https://www.youtube.com/watch?v=fWNaR-rxAic) |
| drake | [Drake - Hotline Bling](https://www.youtube.com/watch?v=uxpDa-c-4Mc)
| filibuster | [He's a Pirate - Pirates Of The Caribbean](https://www.youtube.com/watch?v=yRh-dzrI4Z4) |
| Full Stack Deploy (`all.yml`) | [The Cleveland Orchestra (George Szell conducting) Ludwig von Beethoven Symphony No. 9 "Chorale (Ode To Joy)" Opus 125 IV.](https://www.youtube.com/watch?v=4g5770gaais) |
| github-proxy | [Proxy - Martin Garrix](https://www.youtube.com/watch?v=NWB6-PJw4Mk) |
| khronos | [Time After Time - Cyndi Lauper](https://www.youtube.com/watch?v=VdQY7BusJNU) |
| krain | [Men at Work - Down Under](https://www.youtube.com/watch?v=XfR9iY5y94s) |
| link | [Zelda Main Theme Song](https://www.youtube.com/watch?v=cGufy1PAeTU) |
| mavis | [Fairy Tail Theme song](https://www.youtube.com/watch?v=R4UFCTMrV-o) |
| navi | [Ocarina of Time: Lost Woods The Legend of Zelda](https://www.youtube.com/watch?v=iOGpdGEEcJM) |
| optimus | [Original Transformers Opening Theme](https://www.youtube.com/watch?v=nLS2N9mHWaw) |
| pheidi | [Chariots of Fire Theme](https://www.youtube.com/watch?v=CSav51fVlKU) |
| runnable-angular | [Push It To The Limit - Scarface](https://www.youtube.com/watch?v=9D-QD_HIfjA) |
| sauron | [Sauron Theme Song from LOTR](https://www.youtube.com/watch?v=V_rk9VBrXMY) |
| Security Groups | [Out Of The Woods - Tayor Swift](https://www.youtube.com/watch?v=JLf9q36UsBk)
| shiva | [FFXIV Shiva Theme](https://www.youtube.com/watch?v=noJiH8HLZw4) |
| starlord | [Blue Swede - Hooked on a Feeling](https://www.youtube.com/watch?v=NrI-UBIB8Jk) |
| swarm-deamon | [Pink Floyd - Another Brick In The Wall](https://www.youtube.com/watch?v=5IpYOF4Hi6Q) |
| swarm-manager | [Eric Prydz VS Pink Floyd - 'Proper Education'](https://www.youtube.com/watch?v=IttkDYE33aU) |
| varnish | [Karate Kid Theme Song](https://www.youtube.com/watch?v=VIYqtkdMxQg) |
| vault / vault-values | [Seal - Kiss From A Rose](https://www.youtube.com/watch?v=zP3so2hY4CM) |
2 changes: 2 additions & 0 deletions ansible/.gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
_cache
*.pyc
15 changes: 15 additions & 0 deletions ansible/README.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@

Ansible provides a framework for our administration and deployment. It requires an organization for scripts and variables. By design it uses SSH to connect to all hosts before it executes the actions. As such it can be run from any machine. All Ansible provided functionality is idempotent and it strongly encourage custom scripts match that standard.

Here is the organization of the files in `devops-scripts/ansible`

* `*-hosts` - Files naming all the servers
* `*.yml` - The top level ansible actions. These files describe how a host has vars and roles executed on it.
* `/group_vars` - yml files that define variables and values for your ansible scripts. This mostly maps one to one with machine types in AWS. They’re a key value map.
* `/library` - Third party libraries and scripts.
* `/roles` - A set of folders containing the ansible roles. A role defines the executable actions by ansible. The center pieces is the `/tasks/main.yml`. It defines name actions and requirements.
The role can have several sub folders.
* `/handlers` - ???
* `/defaults` - ???
* `/meta` - contains dependencies
* `/template` - templates for any files that need to be generate and delivered.
11 changes: 11 additions & 0 deletions ansible/agreeable-egret.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
- hosts: agreeable-egret
vars_files:
- group_vars/alpha-agreeable-egret.yml
roles:
- role: notify

- role: builder

- role: k8-deployment
- role: k8-service
3 changes: 3 additions & 0 deletions ansible/ansible.cfg
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[defaults]
# Required so `sudo: yes` does not lose the environment variables, which hold the ssh-agent socket
sudo_flags = -HE
14 changes: 14 additions & 0 deletions ansible/api-core.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
---
- hosts: api
vars_files:
- group_vars/alpha-api-base.yml
- group_vars/alpha-api.yml
roles:
- role: notify
rollbar_token: "{{ api_rollbar_token }}"

- role: builder

- role: docker_client
- role: k8-deployment
- role: k8-service
3 changes: 3 additions & 0 deletions ansible/api.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
- include: api-core.yml
- include: socket-server.yml
- include: workers.yml
6 changes: 6 additions & 0 deletions ansible/app-services.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
- include: detention.yml git_branch="{{ detention_branch }}"
- include: drake.yml git_branch="{{ drake_branch }}"
- include: eru.yml git_branch="{{ eru_branch }}"
- include: metis.yml git_branch="{{ astral_branch }}"
- include: shiva.yml git_branch="{{ astral_branch }}"
# run with: `--extra-vars "@current_versions.yml"`
11 changes: 11 additions & 0 deletions ansible/arithmancy.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
- hosts: arithmancy
vars_files:
- group_vars/alpha-arithmancy.yml
roles:
- role: notify
rollbar_token: "{{ arithmancy_rollbar_token }}"

- role: builder

- role: k8-deployment
23 changes: 23 additions & 0 deletions ansible/base.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
- hosts: localhost
connection: local
tasks:
- fail: msg="`host` (target host) needs to be defined to run this role"
when: host is not defined

- add_host:
name={{ host }}
groups=dock

- hosts: "{{ host }}"
roles:
- { role: apt_update }
- { role: package-dock, tags: [ dock, package ] }
- { role: package-aws, tags: [ dock, package ] }
- { role: package_ntp }
- { role: build_essential }
- { role: docker, tags: [ docker ] }
- { role: datadog, tags: [ datadog ] }
- { role: ulimits, tags: [ ulimits ] }
- { role: loggly, tags: [ loggly, clean ] }
- { role: node }
9 changes: 9 additions & 0 deletions ansible/bastion.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
---
- hosts: bastion
roles:
- role: notify
tags: [ notify ],
app_name: bastion_sshd,
git_branch: latest,
name: bastion_sshd
- { role: bastion_sshd, tags: bastion-sshd }
13 changes: 13 additions & 0 deletions ansible/big-poppa-http.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
---
- hosts: big-poppa
vars_files:
- group_vars/alpha-big-poppa-base.yml
- group_vars/alpha-big-poppa-http.yml
roles:
- role: notify
rollbar_token: "{{ big_poppa_http_rollbar_token }}"

- role: builder

- role: k8-deployment
- role: k8-service
12 changes: 12 additions & 0 deletions ansible/big-poppa-worker.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
- hosts: big-poppa
vars_files:
- group_vars/alpha-big-poppa-base.yml
- group_vars/alpha-big-poppa-worker.yml
roles:
- role: notify
rollbar_token: "{{ big_poppa_worker_rollbar_token }}"

- role: builder

- role: k8-deployment
2 changes: 2 additions & 0 deletions ansible/big-poppa.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
- include: big-poppa-http.yml
- include: big-poppa-worker.yml
7 changes: 7 additions & 0 deletions ansible/cadvisor.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
---
- hosts: docks
vars_files:
- "group_vars/alpha-cadvisor.yml"
roles:
- { role: notify, tags: "notify" }
- { role: container_kill_start }
10 changes: 10 additions & 0 deletions ansible/charon.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,10 @@
---
- hosts: "{{ dock | default('docks') }}"
vars_files:
- group_vars/alpha-charon.yml
roles:
- { role: notify, tags: [notify] }
- { role: git_repo }
- { role: node_service }
- { role: loggly }
- { role: consul_value, tags: [consul_value] }
Loading