Ansible Deployments

Cloud and Platform services are currently deployed using Ansible.

The Ansible playbooks live in the fel-provisioning repo under the prov directory.

Some utility scripts for running these playbooks can be found in the cli-utils. You should really use these!

Most of the Ansible playbooks just deploy Docker containers. But there is also a fair amount of heavy lifting around configuring and wiring up nginx and dns. These by-and-large follow one of the standard conventions, although you will also find some ad-hoc examples here and there.

The ansible vars generated by conventional playbooks are dumped to /tmp/ansible_<playbook>.json thanks to this pre-task: - include: tasks/facts.yml module="<playbook>"

Releases

For releases, use the smcrelease script from the cli-utils repo:

$ cd /path/to/ansible/playbooks/
$ smcrelease <deployment> <release> <playbook> [...ansible-playbook args]

e.g. To release the UI deployment

$ smc-release cloud 1.2.3 gateway.yml

If your host is for dev or test purposes only, you can append dev or test to the name and releases will be automatically rejected.

If your host is deprecated and you wish to make it clear that it should no longer receive any releases, add a file named deprecated to the host directory, with a deprecation message in it.

APB

For ad-hoc or iterative deployments, use the smcapb script from the cli-utils repo.

This script leaves no tracks in git so does not help with rollbacks and tracking changes. You should therefore avoid using this with deployments you want to track and audit - i.e. anything in production. To help you with this, you will be asked for confirmation to proceed.

If your target is just for development or test and therefore intentionally iterative, you can either name the host directory so that it ends with dev or test, or add an empty file named permissible. This will disable the constant checks and reminders.

$ cd /path/to/ansible/playbooks/
$ smcapb <playbook> <host> [...ansible-playbook args]

e.g. to release an infra-api for development in the staging deployment, pointing at the customers infra:

$ smcapb _infra_api.yml staging --limit customers

The staging hosts directory has a permissive file in it, so it will not ask for confirmation before deploying.