Managing Servers with Ansible

#66 Managing Servers with Ansible
2/5/2017

Summary

A look into the Drifting Ruby network architecture and how I manage deployments with Ansible.
5
deployment

Summary

Passwordless Authentication# Copy your public key to the remote host
cat ~/.ssh/id_rsa.pub | ssh [email protected]_host 'cat >> .ssh/authorized_keys'
# Do not require password for sudo
# Create a file in /etc/sudoers.d/USERNAME
USERNAME ALL=(ALL) NOPASSWD:ALL
Terminalbrew install ansible
inventory[servers]
DR1   ansible_host=192.168.1.25   ansible_user=passenger   
DR2   ansible_host=192.168.1.26   ansible_user=passenger
DR3   ansible_host=192.168.1.21   ansible_user=passenger
entry_point.yml- hosts: DR1
  vars_files:
    - "vars/public.yml"
  remote_user: "{{remote_user}}"
  roles:
    - app-update
    - run-migrations
    - restart-nginx
    - restart-sidekiq

- hosts: DR2,DR3
  vars_files:
    - "vars/public.yml"
  remote_user: "{{remote_user}}"
  roles:
    - app-update
    - restart-nginx
    - restart-sidekiq

# - hosts: servers
#   vars_files:
#     - "vars/public.yml"
#   remote_user: "{{remote_user}}"
#   roles:
#     - app-update
#     - restart-nginx
#     - restart-sidekiq
Terminal# Create Role Templates
ansible-galaxy init app-update
ansible-galaxy init restart-nginx
ansible-galaxy init restart-sidekiq
ansible-galaxy init run-migrations
roles/app-update/tasks/main.yml---
- name: Git Pull from Version Control
  command: git pull
  args:
    chdir: /home/passenger/drifting_ruby

- name: Bundle
  command: bash -lc "bundle"
  args:
    chdir: /home/passenger/drifting_ruby

- name: Precompile Assets
  command: bash -lc "RAILS_ENV=production rake assets:precompile"
  args:
    chdir: /home/passenger/drifting_ruby
roles/restart-nginx/tasks/main.yml---
- name: Restart Nginx
  raw: sudo service nginx restart
roles/restart-sidekiq/tasks/main.yml---
- name: Restart Sidekiq
  raw: sudo service sidekiq restart
roles/run-migrations/tasks/main.yml---
- name: Run Migrations
  command: bash -lc "RAILS_ENV=production rake db:migrate"
  args:
    chdir: /home/passenger/drifting_ruby
vars/public.ymlremote_user: passenger
Terminal# Run Ansible Playbook
ansible-playbook entry_point.yml -i inventory

Network Diagram


39656?v=3&s=64
bofrede said 4 months ago:

A simpler way to get the public key on to the server:

ssh-copy-id www.example.com

Assuming your local and remote usernames are the same. If not, prepend the username and an at sign before the hostname, just like any other ssh command.

The utility is available in Homebrew for Mac OS:

brew install ssh-copy-id


216339?v=3&s=64
glebm said 3 months ago:

If you're looking to not run the deployment as root / a passwordless sudoer, have a look at these playbooks: https://github.com/thredded/thredded-ansible

I built them to deploy a Rails app with Thredded but it should work for any Rails app.

Login to Comment