Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add Ansible CD using github action to deploy project on staging vm #1123

Open
wants to merge 11 commits into
base: master
Choose a base branch
from

Conversation

changchaishi
Copy link
Contributor

Types of changes

  • Bugfix
  • New feature
  • Refactoring
  • Breaking change (any change that would cause existing functionality to not work as expected)
  • Documentation Update
  • Other (please describe)

Description

Add a github action to deploy project to staging VM using ansible
Ansible will do:

  1. check python docker module is present
  2. create target directory for docker build
  3. copy (rsync) projects files to vm
  4. build the docker image
  5. PENDING (start the service)

More Information

Please refer run action on https://github.com/iknowright/pycon.tw/actions/runs/4290521364/jobs/7474619726

@josix josix linked an issue Feb 28, 2023 that may be closed by this pull request
@mattwang44
Copy link
Member

mattwang44 commented Mar 1, 2023

還沒有時間好好 review 但想要先開啟一個討論:在志工性質開發專案引入新的 tech stack (ansible here) 往往需要更謹慎(因志工普遍開發經驗較少、churn rate 也高,故維護成本希望越低越好),因此想丟幾個問題看看大家有沒有什麼意見

  • 以往 PyCon TW 開發組志工大多都沒有 operation 能力(各年度招募進來的志工可能只有一兩位有相關經驗),我們目前或未來是否可以負擔引入 ansible 多帶來的維護成本?
  • 實作方法還有沒有其他 alternatives?優缺點比較為何?
    • 隨便舉個例XD(雖然我沒有用過,但是)純 github action 跑 remote command (e.g. ssh-action) 會不會是維護難度更低的做法?

@changchaishi
Copy link
Contributor Author

👌🏻

  • 目前的部署流程很單純,ansible 導入的步驟也不會太複雜所以才試試看。
  • Ansible 底層也是借由 ssh 去對 VM 操作,但使用的是 ansible 開發的 modules (playbook) 去下指令。好處是它在每一次執行都會檢查狀態(state change),使用者可以在 result 看到執行的結果,壞處是 modules/playbook/yaml 的學習成本比較高。但相較於 ssh-action, ansible 比較成熟。

但由於目前手動部署的方式我自己也沒有太清楚,所以在 CD 上需要小心。目前只是驗證到可以把 codebase 搬過去,並且 build image (docker-compose up 因為會牽涉一些環境變數與靜態檔案,還沒寫進去)。等大大們評估後才看看怎麼實際導入。

補充:後來發現學習成本其實蠻重的,如果 ssh-action, 對自動化不熟的志工來說就比較淺顯易懂(跑指令),ansible 就比較旋了 (跑 module)。

@changchaishi changchaishi marked this pull request as draft March 3, 2023 16:05
@changchaishi changchaishi closed this by deleting the head repository Mar 4, 2023
@changchaishi changchaishi reopened this Mar 4, 2023
@changchaishi changchaishi reopened this Mar 5, 2023
@josix
Copy link
Collaborator

josix commented Mar 6, 2023

那就再麻煩 @iknowright 協助補上有關部署、Ansible 使用操作相關的說明文件了,我們可以再下一次例會時討論那份文件,確認每個人可以 follow 文件進行操作,Thanks!

@codecov-commenter
Copy link

codecov-commenter commented Mar 7, 2023

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (a200f81) 70.80% compared to head (b152d8f) 70.77%.
Report is 5 commits behind head on master.

❗ Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #1123      +/-   ##
==========================================
- Coverage   70.80%   70.77%   -0.03%     
==========================================
  Files          85       85              
  Lines        3381     3381              
==========================================
- Hits         2394     2393       -1     
- Misses        987      988       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@changchaishi changchaishi force-pushed the staging branch 7 times, most recently from 0e5a1bb to 48cdb02 Compare March 7, 2023 15:30
@changchaishi changchaishi marked this pull request as ready for review March 8, 2023 13:20
@changchaishi changchaishi marked this pull request as draft March 8, 2023 13:38
@changchaishi
Copy link
Contributor Author

更新了,可以分為以下幾點:

  1. Ansible 的導入先從 staging VM 開始,且產生的 docker image 與 docker container 有做名稱上的區隔。
  2. 修改可以觸發 CD action 的事件, 分成兩部分:
    第一: 當 master 有新的 commit (由於 PR 經過 review 後才 merge, 所以先預設上了 master 的 code 都可以被自動部署)。
    第二: 管理者 自行觸發 (使用時機:如果 VM 中斷或者部署失敗,只有有權限的管理可以啟動 action;當環境變數的設定有改動後想要重新部署,則可以手動觸發)。
  3. 新增文件:給管理者設定 CD action 的文件

@changchaishi changchaishi changed the title [WIP] Add Ansible CD using github action to deploy project on staging vm Add Ansible CD using github action to deploy project on staging vm Mar 8, 2023
@changchaishi changchaishi marked this pull request as ready for review March 8, 2023 14:01
Copy link
Collaborator

@josix josix Mar 19, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggestion: Overall the document looks great to me. Thanks @iknowright!
Here are some suggestions. If you think they would be beneficial, please feel free to adopt them.

  • Provide more context in the introduction. What is continuous deployment, and why is it important? How does it relate to the docker production deployment document mentioned?
  • In the "Settings for Github Actions Workflow" section, consider adding a brief overview of what Github Actions and Ansible are, and how they are used for continuous deployment.

@tyuchx
Copy link

tyuchx commented Nov 26, 2023

承如 Matt 所說,目前這個專案屬於志工維護性質,導入新的技術時需要審慎的考慮。

以目前的服務規模,似乎還沒有增加這個技術棧 (Ansible ) 需求 ,長期來看後面的組員也不見得有維護 Ansible 的經驗

建議改用 Github Action + SSH 的方式部署至 Instances 內。避免維護上增加未知的風險

詳細可參考此專案 google-github-actions

@changchaishi
Copy link
Contributor Author

Hi @tyuchx google-github-actions 其實跟 Ansible 是一樣後面都是 ssh,看起來 ssh-compute 這個套件是專門為 gcp 所設計,而 ansible 是不分平臺的。意思是這個 PR 也是 Github Action + SSH, 只是 SSH 是 ansible 而不是 ssh-compute。不過也蠻有道理 Ansible 要瞭解 playbook 的概念,ssh-compute 則是 script, 直覺上 ssh-compute 應該比較好上手?

主要是看大家是否可以掌握 CD 的精髓,而非後面工具的選擇,如果是選擇工具方面的話,我認爲 Ansible 是很好的選擇。如果要改成用 ssh-compute 我也可以協助。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

[Backend] Add CD pipeline for staging
5 participants