Ansible-container

build and release docker containers with CI/CD pipelines

Florian Dambrine - Senior Devops Engineer @GumGum

@Ansible Los-Angeles 

  • Introducing Docker at GumGum
    • Automation and Pipelines
    • Enforcing good practices running containers
    • Reusing Ansible content ?
       
  • Ansible-Container
    • Introduction
    • Concepts
    • Developer adoption
       
  • GumGum Pipelines V2
    • Building base images with Ansible-Container
    • Delegating work to developers
    • Jenkins pipelines to deploy multiple environments

Agenda

Offers  innovative advertising and visual intelligence solutions for brands and publishers  

Invented In-Image

advertising in 2008

- ai company

Introducing Docker at gumgum

  • Even if you have automations, it is sometimes hard to keep up with the engineering demand
     
  • Sometimes you don't use 100% of  your EC2 resources

Time

Infrastructure size

Ops team size

- Automation and pipelines

Introducing Docker at gumgum

- Automation and pipelines

  • The use of containers and pipelines offers a way to define application templates and help you keep up with the demand
Build gradle build yarn build pip install
Package Artifact myapp.jar tar -czf myapp.tgz \      myapp/dist/ tar -cf myapp.tgz \         myapp/ venv/
Add Runtime java / tomcat nginx / nodejs python / uwsgi

Application projects

Deploy containers on clusters

Templates:

Introducing Docker at gumgum

- enforcing good practices running containers

  • Build Twelve-factor compliant applications
    • Dev / Prod parity
    • Build > Test > Release > Run
    • Config environments
  • Patch and update frequently
  • No build tools on production containers

Source code

Build container

Artifact

Production container

Introducing Docker at gumgum

- Reusing ansible content ?

?

How do I reuse my Ansible roles with Docker ?

Ansible container

Ansible container

Ansible Container is an open source project that aims to enable the automation of the entire container build, deployment and management process. Best of all, [...] it uses Ansible  automation language [...].

$ ansible-container init
  # Create an Ansible container project

$ ansible-container build
  # Build the containers with ansible roles

$ ansible-container run [--production]
  # Run the application for dev or production mode

$ ansible-container push
  # Publish images to the registry

$ ansible-container deploy
  # Generate an Ansible playbook that can be used to deploy 
  # the application to a cloud platform

- introduction

Ansible container

- project structure

Conductor container:

  • Orchestrate the containers
  • Communicates with the container engine (Docker)
  • Contains Ansible runtime, Docker client, and a Python runtime
# myapp/container.yml
version: "2"

settings: 
   conductor:
     base: "centos:7"
 
services:
  web:
    from: "centos:7"
    roles:
      - common
      - apache
    ports:
      - "80:80"
    command: ["/usr/bin/dumb-init", 
              "/usr/sbin/apache2ctl", 
              "-D", "FOREGROUND"]
    dev_overrides:
      environment:
        - "DEBUG=1"
myapp/
├── ansible.cfg
├── ansible-requirements.txt
├── container.yml
├── meta.yml
├── requirements.yml
└── roles/

$ ansible-container init

Ansible container

- conductor container

  • How to build production containers with no build tools ?

Conductor container

workspace/myapp/
├── app/
├── test.py
├── README.md
└── requirements.txt

/myapp

Laptop environment

Container environment

python-builder container

python container

1 - Fetch the code from the conductor

2 -  Install, build and run tests

3 - Copy a zipped archive of the app

/artifact.tgz

4 -  Copy and unzip the app

$ ansible-container build --with-volumes \

workspace/myapp

: /myapp

Ansible container

- how to run dev / prod environments

  • How to run dev and prod environments  with the same ansible-container project ?

Demo

Ansible container

- Ops and developer adoption

  • Reusing Ansible roles as they are ?
    • Most of them actually need to be rewritten to be minimal and adapted to Docker (Init scripts, process in foreground).
       
  • No deployment command for AWS yet
     
  • Is Ansible-Container easy to pick up for developers ?
    • You can not require people from learning Ansible in order to transition to Docker.
       
    • Dockerfiles and Docker-compose have been there for a while and a lot of doc / examples are available on the Web.

baseline

python

java

nodejs

tomcat

Build tools
Inherits from

Gumgum pipelines v2

- building base images with ansible-container

python

Jenkins pipelines continuously integrate different versions of ansible container projects to deploy base images to ECR (Docker registry)

2

python

3

push

push

Gumgum pipelines v2

- building base images with ansible-container

### Application Builder Image
FROM <image>-builder:latest
MAINTAINER team-name <team-name@gumgum.com>

# Your App builds here
...

##################################################

### Production Application
FROM <image>:latest
MAINTAINER team-name <team-name@gumgum.com>

# /!\ App deps if needed but no Build tools /!\
...

# Copy previously built code
COPY --from=0 /code /app
# Copy previously installed deps
COPY --from=0 /venv /venv

Gumgum pipelines v2

- delegating to developers

ECS Cluster

 <feature-1>

 <feature-2>

 <dev>

 <stage>

 <master>

app.gumgum.com

stage.va.ggops.com

dev.va.ggops.com

feature-2.dev.va.ggops.com

feature-1.dev.va.ggops.com

commit > build > test > release > deploy







app/
├── ...
├── Dockerfile
└── Jenkinsfile

Gumgum pipelines v2

- continuous integration and delivery pipelines

Thanks !

Slides: http://bit.ly/2AYvWN9

It's time for Q&A !

Made with Slides.com