atmosphere 2014
TRANSCRIPT
Holy shit the Polish know how to drink. I hope nobody can tell that I'm still drunk from last nightBy Jamie Winsor
Berkshelf Core Team» Jamie Winsor <[email protected]>
» Seth Vargo <[email protected]>
» Michael Ivey <[email protected]>
berkshelfChef Cookbook manager and dependency resolver
» Retrieve a cookbooks dependencies
» Package cookbooks and their dependencies
» Author new cookbooks
» League of Legends
» Guild Wars 2
» TERA
» Lord of The Rings Online
» Dungeons and Dragons Online
» Asheron's Call
"Deploy Windows"
Risk Mitigation
Introducing change into a system is a synonym for introducing risk
Not deploying is a risk, too
Q. What?A. Graphing the risk of multiple changes over time isn't linear
Risk is exponentially greaterirb> changes = ChangeSet.newirb> changes.add Change.newirb> changes.risk_level=> 1irb> 5.times doirb> changes.add Change.newirb> endirb> changes.risk_level=> 46656
Risk Level: 6 ^ 6
Not deploying at 5pm isn't Robbing peter to pay paul
Not deploying at 5PM is:1.Killing Peter
a. Framing it as a suicideb. Making his wife your wifec. Stealing his entire family inheritenced. Telling his children you're their new dade. Defecating on his grave
To pay Paul
When should we deploy?
Yeah, I'm gonna release it at 5PM on a Friday.
Deploy WindowsA clear indicator that your release process is broken
What about the risk?That's why we have deploy windows
They exist because
Deployment was an afterthoughtAnd it's within your power to control deployment times to reduce risk
That software doesn't even want to be deployed
Just Deploy Already
How do we reduce riskwhile still allowing for change
Continuous Delivery & DevopsTo the rescue
“Just rub some DevOps on it.”Joshua Timberman
DevOps is a software development pattern
DevOps is not» A position
» A team
» A department
» Or an organization
“Disruptive startup is hiring DevOps ninjas”LinkedIn Spammer
You can't buy a DevOps tool andYou can't buy a continuous delivery tool
Software doesn't solve problems. People do.
“If you put the right people in the right room they'll solve the problem the right way”Jeff Hackert
Coming Together
You will need to change your development and release process
Adopting devops isMUCH EASIERon new projects
Start smallYour first program is typically "Hello, World!"
Automate and testeverything
Version, package, and releaseEVERYTHING
Let's build something
Application Checklist» Source code
» Build tasks
» Release tasks
» Cookbook
Resulting in1.Software Artifact (app.tar.gz)
2.Cookbook Artifact (cookbooks.tar.gz)
3.Installation | Upgrade | Configuration Docs
If you're a developerGive these three things to your Operators for every release.
Elixir
Generate Your Project$ mix new highfive
Add to source control$ cd highfive$ git init .$ git remote add origin [email protected]:reset/highfive.git
Generate Your application's Cookbook$ berks cookbook highfive ./cookbook --pattern environment --skip-git
Make deployment part of your build process
Cookbook And Application Share Version$ cat cookbook/metadata.rb
name "highfive"maintainer "Jamie Winsor"maintainer_email "[email protected]"license "All rights reserved"description "Installs/Configures highfive"long_description "Installs/Configures highfive"version File.read(File.expand_path("../../VERSION", __FILE__))
$ cat cookbook/attributes/default.rb
## Cookbook Name:: highfive# Attribute:: default#
default[:highfive][:release] = Highfive::Chef.cookbook_version(run_context)}
$ cat cookbook/libraries/highfive.rb
## Cookbook Name:: highfive# Libraries:: highfive#
module Highfive module Chef class << self # Returns the version of the loaded highfive cookbook # # @param [Chef::RunContext] context # # @return [String] def cookbook_version(context) context.cookbook_collection["highfive"].version end end endend
Environment Cookbook» Nearly identical to an Application Cookbook
» Has it's Berksfile.lock committed into version control
Build Tasks» Version bump
$ mix version.bump patch
» Compile$ mix compile
» Test$ mix test
Version BumpingGenerates a VERSION file at the root of the project
$ cat VERSION1.0.0
How do we get our compiled software in our vm?
Build and package release» OTP Release assemble
$ mix release.assemble
» Package$ mix package$ ls pkghighfive-osx.tar.gz
We need to assemble a release for the os we're deploying to
Build a Build Server
Build Server Recipe$ cat cookbook/recipe/build_server.rb
include_recipe "highfive::_common"include_recipe "build-essential::default"include_recipe "elixir::default"
Edit metadata.rb$ cat cookbook/metadata.rb
name "highfive"maintainer "Jamie Winsor"maintainer_email "[email protected]"license "All rights reserved"description "Installs/Configures highfive"long_description "Installs/Configures highfive"version "0.1.0"
supports "ubuntu"
depends "build-essential", "~> 2.0"depends "elixir", "~> 0.5"
Vagrant BuilderOn-demand virtualized build server
Vagrant.configure("2") do |config| # ... additional configuration ...
config.vm.synced_folder File.dirname(__FILE__), "/builder" config.vm.provision :chef_solo do |chef| chef.run_list = [ "recipe[highfive::build_server]" ] end
config.vm.provision :shell, inline: <<-SCRIPTexport PATH=/usr/local/lib/elixir/bin::$PATHexport ELIXIR_EBIN=/usr/local/lib/elixir/lib/elixir/ebinexport MIX_ENV=prodmix clean --allmix version.bump patchmix deps.getmix compilemix release.assemblemix package SCRIPTend
Build it (from our host machine)$ vagrant up --provision.... provisioning ...$ ls pkghighfive-linux-x86-tar.gz
deploying our artifact
Create app.rb recipe
node.set[:'build-essential'][:compile_time] = trueinclude_recipe "libarchive::default"include_recipe "runit"
libarchive_file "highfive-linux-x86.tar.gz" do path "/pkg" extract_to "/opt/highfive" owner "highfive" group "highfive"
action :extract notifies :restart, "runit_service[highfive]" only_if { ::File.exist?(asset.asset_path) }end
runit_service "highfive"
Update Cookbook Dependenciesdepends "build-essential", "~> 2.0"depends "elixir", "~> 0.5"depends "libarchive"
Edit .kitchen.yml$ cat cookbook/.kitchen.yml
driver: name: vagrant synced_folders: - ["<%= File.expand_path("../../pkg", __FILE__) %>", "/pkg"]
provisioner: name: chef_solo
platforms: - name: ubuntu-12.04
suites: - name: default run_list: - recipe[highfive::default] attributes:
Kitchen Converge$ cd cookbook$ kitchen converge-----> Starting Kitchen (v1.2.2.dev)...-----> Kitchen is finished. (14m6.31s)
Generating the Cookbook artifact$ berks package pkg/cookbooks.tar.gz -b cookbook/BerksfileCookbook(s) packaged to pkg/cookbooks.tar.gz
The archive contains
» The Berksfile.lock from resolution
» A cookbooks directory containing each cookbook found in the Berksfile.lock
Put these archives in an artifact server
Artifact Servers» Github | Github Enterprise
» Sonatype's Nexus
» Artifactory
» Basic Auth HTTP Server (sadface)(https://artifacts.myorg.com/myapp/1.2.3/myapp.tar.gz)
Github Releases and Release Assets
GitHub Deploy
asset_path = "/pkg"
unless node[:highfive][:_local_deploy] asset = github_asset "berkshelf-api.tar.gz" do repo "berkshelf/berkshelf-api" release "v1.2.1" end
asset_path = asset.pathend
libarchive_file "highfive-linux-x86.tar.gz" do path asset_path extract_to "/opt/highfive" owner "highfive" group "highfive"
action :extract notifies :restart, "runit_service[highfive]" only_if { ::File.exist?(asset.asset_path) }end
Update .kitchen.ymldriver: name: vagrant synced_folders: - ["<%= File.expand_path("../../pkg", __FILE__) %>", "/pkg"]
provisioner: name: chef_solo
platforms: - name: ubuntu-12.04
suites: - name: default run_list: - recipe[highfive::default] attributes: { highfive: { _local_deploy: true } }
Release artifacts allow us to» Build a new environment with a specific version
» Upgrade pre-existing environments
» Promote through logical environments(Dev, Stage, Production)
Deploy It
Create Environment$ knife environment create highfive-dev
Bootstrap A Node$ knife ec2 server create -I ami-0eb2d83e -E highfive-dev
BerkflowA Cookbook-Centric Deployment workflow tool
Install Berkflow with Chef-DK$ chef gem install berkflow$ export PATH=/opt/chefdk/embedded/bin:$PATH
$ which blo/opt/chefdk/embedded/bin/blo
"Install" the cookbook artifact into your Chef Server$ blo install https://github.com/reset/highfive/releases/download/v1.0.0/cookbooks.tar.gz
"Upgrading" a Chef Environment$ blo upgrade highfive-dev highfive 1.2.1
Or upgrade to latest
$ blo upgrade highfive-dev highfive latest
One Button Upgrade
Be a catalyst for changeBut don't expect a parade. It's not coming.
Even if it doesYou won't have your own float
Wanna Make Games?http://undeadlabs.com/jobs/
» Game Programmer
» Game Producer
» Game Animator
» Game Designer
Jamie [email protected]/reset