Continuous Integration with Ansible going from manual to automatic

Daniel Brachmann Tina Hansmann arvato Financial Solutions

http://www.pyramid-gallery.com/BoxOfGriefPic.jpg

Daniel Brachmann

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 2

developer for 15+ year

the “shell/server” guy inside dev

working on bridging the gap between dev and ops

Who we are

Tina Hansmann business intelligence & databases addicted – loving to structure the chaos into a useful orchestration. Being a problem solver means to automatize.

Continuous Integration More than just Build and xUnit

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 3

What about:

Configuration Management?

Functional Testing?

Performance Testing?

Deployment and GoLive?

Risks and Costs?

Scope

QA

ACC

Software Artefact

Quality Report

too many silos

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 4

Lots of involved players

in different Companies

split between technical and business ops

Where we started

Development: SCRUM

Operations: ITIL

different processes

SCRUM ITIL

snowflake servers

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 5

manual server provisioning

server config deviates over time

server config deviates through errors

Where we started

different manual ways of deployment

knowledge barriers

depending on the person

depending on the environment that gets deployed

depending on time pressure with release cycle

each department has its own internal processes

“known” knowledge leaves with people leaving the company

The role of ansible

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 6

same playbook in every $ENV

Continuous Integration

2

1

4

3, 6

5

1. triggers deployment run 2. playbook checkout 3. remove from loadbalancer 4. deployment tasks 5. download software artefact 6. put back in loadbalancer

The architecture of our playbooks

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 7

Each product gets its own playbook

Common tasks are implemented as roles

Each environment got its own inventory

Each environment got its own var files

Shared infrastructure var files

bootstrapping for vagrant under /bin

Continuous Integration

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 8

What worked for us?

Using refactoring projects

Use new projects or big refactorings as leverage to introduce automation

“Spring cleaning”

ITIL compatible boundary

ITIL wants a Definitive Software Library. In our case this was Sonatype Nexus

Playbooks, software artefacts, configuration and quality report as deliverables

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 9

What worked for us?

quick development cycle

vagrant destroy && vagrant up for scratch testing

devs get local environment “for free”

Jenkins as an orchestrator

Vagrant for playbook development

is a known tool

easy to build a pipeline with

logs who triggered a deployment

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 10

What worked for us?

write a role once and use it in many playbooks

use git submodules or svn:externals

different groups can take ownership of the roles most important to them (i.e. ops -> monitoring, security roles and dev -> deployment, app configuration roles)

Ansible 2.0

Reuse roles as much as possible

for improvements and new modules

i.e. maven_repository or checksum in get_url

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 11

How to load environment data

using groups

using vars_files

inventories/local:

[local:children]

wildfly

database

loadbalancer

group_vars/local

deploy.yml: vars_files: - "vars/{{ env_key }}/{{ env_key }}_env.yml" > ansible-playbook –i inv.yml –e "env_key=qa" deploy.yml

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 12

Biggest Challenges

Fostering cultural change

Keep everyone on the same aspect

Concern differences

people have to rethink their roles

working together not separately

take every concern as useful and talk | retalk them

different groups have different priorities

priorities change over time

while working on a topic opinions can change

ops wants stability / dev wants to move fast

people have different comfort zones when it comes to change

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 13

Lessons Learned

Biggest challenge isn’t the technological problem

Never underestimate the political overhead

Start building knowhow as soon as possible

Show improvements to the world

work on the realization of the vision – ways to get there are less important

Any Questions?

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 14

Q & A

02.02.2016 | Daniel Brachmann & Tina Hansmann | arvato Financial Solutions | CfgMgmtCamp 2016 15

Thank you for your attention!

Contact: Daniel Brachmann| IT Plan & Deliver| daniel.brachmann@arvato.com

Tina Hansmann | IT Plan & Deliver | tina.hansmann@arvato.com