itlc hanoi 17 - infrastructure as code 07-01-2016
TRANSCRIPT
![Page 1: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/1.jpg)
Infrastructure as Codeat VCCorp
Phạm Tuấn AnhTeam Platform Services, VCCloud
ITLC HANOI MONTHLY PUBLIC MEETUP
![Page 2: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/2.jpg)
Agenda
1. Giới thiệu
2. Hiện trạng hệ thống trước năm 2014
3. Infrastructure as Code
4. Triển khai thực tế từ 2014 đến nay
5. Demo
![Page 3: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/3.jpg)
Agenda
1. Giới thiệu
2. Hiện trạng hệ thống trước năm 2014
3. Infrastructure as Code
4. Triển khai thực tế từ 2014 đến nay
5. Demo
![Page 4: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/4.jpg)
$ whoami• Phạm Tuấn Anh,
1988• 2 failed (funded)
startups• VCCorp từ 2010
• Co-founder của Appdex
• Stack: python, nginx, lua, git, ansible, redis, memcached, mysql, mongodb
![Page 5: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/5.jpg)
VCCorp5 khối:
1. Nội dung
2. Thương mại điện tử (Zamba)
3. Game (Soha Game)
4. Quảng cáo (Admicro)
5. Hạ tầng (VCCloud)
![Page 6: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/6.jpg)
VCCloud• > 60 người
• 3 bộ phận lớn:• Data
Center• Cloud Solutions
• Platform Services
• Các bộ phận nhỏ khác: Security, Helpdesk
![Page 7: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/7.jpg)
Team Platform Services• Thành lập từ khoảng năm
2010• Hiện tại có 8
người• Các project chính:
• Storage (static files, ảnh, video…)
• CDN
• DDoS Request Filter
• PaaS
![Page 8: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/8.jpg)
Một vài thống kê• ~ 3 tỷ files, 750TB (12 data nodes, hơn 200
HDDs)
• MySQL 450GB, MongoDB 560GB
• 30k requests/s, > 400k active connections
• 40Gbps, ~ 30% CPU, 7 servers
• HTTP access log ~ 1.4GB/phút
• > 20 projects lớn nhỏ, khoảng > 100 servers
![Page 9: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/9.jpg)
![Page 10: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/10.jpg)
![Page 11: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/11.jpg)
![Page 12: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/12.jpg)
![Page 13: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/13.jpg)
Agenda
1. Giới thiệu
2. Hiện trạng hệ thống trước năm 2014
3. Infrastructure as Code
4. Triển khai thực tế từ 2014 đến nay
5. Demo
![Page 14: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/14.jpg)
Hiện trạng hệ thống trước 2014
Một vài sự cố lớn:
• 2012: Database conflict
• 2013: DDoS
• 2014: Sập DC
![Page 15: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/15.jpg)
![Page 16: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/16.jpg)
![Page 17: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/17.jpg)
Hiện trạng hệ thống trước 2014
Một vài vấn đề:
• các server cài giống nhau nhưng chạy khác nhau (facepalm)
• các rule về security áp dụng không đồng nhất (do làm thủ công và nhiều server)
• theo dõi hệ thống sơ sài, dùng con người là chính
• triển khai, thay thế server khó khăn, hay lỗi khi mới đưa vào
• server reboot: ~ 20-30 phút
![Page 18: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/18.jpg)
Agenda
1. Giới thiệu
2. Hiện trạng hệ thống trước năm 2014
3. Infrastructure as Code
4. Triển khai thực tế từ 2014 đến nay
5. Demo
![Page 19: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/19.jpg)
![Page 20: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/20.jpg)
Configuration drift
![Page 21: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/21.jpg)
A few key people to do "sensitive" deployments?
![Page 22: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/22.jpg)
Human error factor
![Page 23: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/23.jpg)
Infrastructure as Code
![Page 24: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/24.jpg)
Infrastructure as Code
Reusable
![Page 25: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/25.jpg)
Infrastructure as Code
Version Control
![Page 26: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/26.jpg)
Infrastructure as Code
Coding Standards
![Page 27: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/27.jpg)
Infrastructure as Code
Contribution
![Page 28: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/28.jpg)
Infrastructure as Code
Code Review
![Page 29: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/29.jpg)
Infrastructure as Code
Refactoring
![Page 30: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/30.jpg)
Infrastructure as Code
Testing
![Page 31: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/31.jpg)
Infrastructure as Code
Continuous Integration
![Page 32: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/32.jpg)
Infrastructure as Code
Small Deployments
![Page 33: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/33.jpg)
Infrastructure as Code
≠DevOps
![Page 34: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/34.jpg)
Infrastructure as Code
≠Automation
![Page 35: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/35.jpg)
Infrastructure as Code
=Automation at Scale
![Page 36: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/36.jpg)
Infrastructure as Code:
1. Tự động hóa quá trình deploy
2. Quản lý (mọi thứ) thông qua source control
3. Áp dụng tests
4. Hạn chế viết tài liệu
5. Dev & Ops cộng tác trên cùng 1 repo
![Page 37: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/37.jpg)
![Page 38: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/38.jpg)
![Page 39: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/39.jpg)
![Page 40: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/40.jpg)
Agenda
1. Giới thiệu
2. Hiện trạng hệ thống trước năm 2014
3. Infrastructure as Code
4. Triển khai thực tế từ 2014 đến nay
5. Demo
![Page 41: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/41.jpg)
Triển khai thực tế:
• Wikimedia:
http://git.wikimedia.org/project/operations
• Bắt đầu từ tháng 7/2014 đến hiện tại (~18 tháng)
• Công cụ: Ansible, Git, GitLab, GitLab CI
![Page 42: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/42.jpg)
![Page 43: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/43.jpg)
Tại sao lại chọn Ansible?
• "agentless"
• Cú pháp rõ ràng
• Tài liệu chi tiết, nhiều module có sẵn
• Phổ biến
• Tốc độ?
![Page 44: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/44.jpg)
Ansible vs Salt
![Page 45: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/45.jpg)
Ansible vs Chef
![Page 46: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/46.jpg)
Ansible vs Puppet
![Page 47: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/47.jpg)
GitLab CI?
• jenkins
• GitLab CI UI đẹp hơn :)
![Page 48: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/48.jpg)
![Page 49: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/49.jpg)
![Page 50: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/50.jpg)
Một vài vấn đề khi triển khai:• Con người
• Setup môi trường
• Password, secret keys trên production
• Git workflow
• Tests
![Page 51: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/51.jpg)
Con người:
• Ops: Học thêm git, ansible
• Dev: Học thêm ansible
• Thay đổi thói quen:• Giảm login vào server để
sửa• Fix lỗi xong viết
tests/checks
![Page 52: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/52.jpg)
Con người:• Khó
khăn:• naming things
![Page 53: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/53.jpg)
– Phil Karlton
“There are only two hard things in Computer Science: cache
invalidation and naming things.”
![Page 54: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/54.jpg)
Con người:• Khó
khăn:• naming things
• good commit messages
• atomic commits
• check-in early, check-in often
![Page 55: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/55.jpg)
Setup môi trường:
• development (mỗi dev được cấp 1 server ảo)
• test (dành riêng cho server CI chạy)
• staging (dùng gor để capture & replay traffic từ production)
• production
![Page 56: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/56.jpg)
Setup môi trường:
$ gor --http-original-host \--input-raw :80
\--output-http "http://10.3.3.4|5%"
![Page 57: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/57.jpg)
Password, secret keys trên production:
• ansible-vault
• ejson (Shopify)
• vault (HashiCorp), keywhiz (Square)
![Page 58: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/58.jpg)
![Page 59: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/59.jpg)
![Page 60: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/60.jpg)
![Page 61: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/61.jpg)
Git workflow:
![Page 62: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/62.jpg)
Git workflow:
• master là nhánh ổn định, khi cần có thể deploy ngay
• các thay đổi được làm ở topic branches
• rebase sớm để tránh conflicts
• push trực tiếp vào repo chính, không dùng Fork
• roll forward
![Page 63: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/63.jpg)
![Page 64: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/64.jpg)
![Page 65: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/65.jpg)
Tests• các gói, thư viện cài đúng
chưa?• service chạy thật
chưa?• firewall chặn SSH từ WAN
chưa?• disable password login chưa?
• cảnh báo mail khi SSH hoạt động không?
• mạng server có bình thường không?
• …
![Page 66: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/66.jpg)
Tests• coding, writing style
• deploy (ansible)
• unit tests
• smoke tests (các service running hết chưa?)
• integration tests (theo logic cụ thể của từng project)
• nagios
![Page 67: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/67.jpg)
Continuous Integration• git commit
• git push lên GitLab
• GitLab gọi GitLab CI
• GitLab CI đẩy task sang GitLab CI Runner
• GitLab CI Runner chạy tests và report lại kết quả
• deploy lên production (thủ công)
![Page 68: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/68.jpg)
![Page 69: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/69.jpg)
![Page 70: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/70.jpg)
![Page 71: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/71.jpg)
![Page 72: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/72.jpg)
![Page 73: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/73.jpg)
![Page 74: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/74.jpg)
![Page 75: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/75.jpg)
Một số lưu ý khi triển khai:• Admin UI → Config
files• SSH 2-factor → OpenVPN +
DuoSecurity• Packages/dependencies
• Account deploy dùng chung?
![Page 76: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/76.jpg)
Kết quả đem lại:• Giảm áp lực vận hành hệ
thống• Giảm lỗi, các server chạy thống
nhất• Có log chi tiết các thay
đổi• Việc chia sẻ, phối hợp trong team dễ dàng
hơn• Các thay đổi được review, test trước khi
deploy• Người đi - kiến thức ở
lại
![Page 77: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/77.jpg)
Q&A
![Page 78: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/78.jpg)
FAQs• Sao không dùng dynamic
inventory?• Merge/Pull Requests dùng thế
nào?• Merge vào master luôn như thế có nguy
hiểm không?
• Ansible deploy chậm
• CI server deploy lên đâu? Làm sao có môi trường như production để test?
![Page 79: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/79.jpg)
FAQs• "Cloud" ở đâu?
• Zero-downtime reloads?
• Có server cần tham số riêng thì làm thế nào?
• Quản lý đồng thời server CentOS và Ubuntu thế nào?
• Các module ansible hay dùng?
![Page 80: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/80.jpg)
![Page 81: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/81.jpg)
FAQs
• Auto scale?
• Ansible vs Docker?
• Khi provision infra tự động mà bị lỗi thì các bạn xử lý thế nào? Có bài học nào hay ho không?
• Những khó khăn và thách thức nào khi xây dựng và quản lý hạ tầng private và public?
![Page 82: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/82.jpg)
Agenda
1. Giới thiệu
2. Hiện trạng hệ thống trước năm 2014
3. Infrastructure as Code
4. Triển khai thực tế từ 2014 đến nay
5. Demo
![Page 83: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/83.jpg)
![Page 84: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/84.jpg)
![Page 85: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/85.jpg)
Inventory file
![Page 86: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/86.jpg)
Templates
![Page 87: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/87.jpg)
Templates
![Page 88: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/88.jpg)
Tasks
![Page 89: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/89.jpg)
Tasks
![Page 90: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/90.jpg)
Deploy
![Page 91: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/91.jpg)
Quản lý users
![Page 92: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/92.jpg)
Quản lý users
![Page 93: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/93.jpg)
Quản lý users
![Page 94: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/94.jpg)
Iptables
![Page 95: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/95.jpg)
Iptables
![Page 96: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/96.jpg)
Update DNS
![Page 97: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/97.jpg)
Update DNS
![Page 98: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/98.jpg)
Deploy server mới
![Page 99: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/99.jpg)
Security fix
![Page 100: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/100.jpg)
Thêm cảnh báo
![Page 101: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/101.jpg)
Q&A
![Page 102: ITLC Hanoi 17 - Infrastructure as Code 07-01-2016](https://reader035.vdocuments.mx/reader035/viewer/2022070512/589df58e1a28ab1e718b4d25/html5/thumbnails/102.jpg)
Một số link tham khảo• Ansible Best Practices:
http://docs.ansible.com/ansible/ playbooks_best_practices.html
• Ansible Vault: https://therealmarv.com/ansible-vault-file-handling/
• Ansible Modules: http://docs.ansible.com/ansible/ modules_by_category.html
• RedHat mua Ansible: https://www.redhat.com/en/about/blog/ why-red-hat-acquired-ansible
• Continuous Delivery: https://puppetlabs.com/sites/default/files/ CDebook.pdf