6 CD

Continuous Deployment

A playbook (written in YAML) defines one or more plays that will be executed on one or more remote machines (selected from inventory) through an SSH connection (no agent required).
A play has a name (optional), vars (optional), target hosts (selected by patterns), a remote_user (e.g., root), one or more tasks to execute, and (optionally) one or more handlers to be notified to run when the play changes machine state.
A task executes a [named] module (built-in or 3rd-party) against remote machines (default execution strategy is sequential).
An inventory (YAML/INI file) contains [named groups of] IP addresses or hostnames of remote machines, it can also store variables.
Ansible collects return codes from executed tasks, facts about remote machines and magic variables storing internal state.
Role: the standard way to group related Ansible artifacts (vars, files, tasks, etc.) to share them so they can be loaded and reused.

Getting familiar with Ansible by writing plays to automatically install docker and deploy one of the applications on the Vagrant VMs created during the previous phase.

Install Ansible CLI
Apply terraform plan with vagrant provider from previous phase.
```
cd terraform/vagrant
terraform apply
```
Forwarded SSH ports will be printed, note them down to use in Ansible config.
Create inventory ansible/hosts.ini with configurations for connecting to VMs.
Specify ansible_ssh_private_key_file=<key_file> in inventory.
- Key files can be found in .vagrant directory which should be ignored from the VCS.
Create project configuration ansible/ansible.cfg and override inventory file location to use the one just created.
- You may also disable host_key_checking as it requires interactive input to add VMs to ~/.ssh/known_hosts.
Test connection with ping module

ansible-galaxy collection install community.docker

Create 4 roles inside ansible/roles directory for:
- Installing nginx on the loadbalancer VM with a given nginx.conf.
- Installing docker on app VMs specified in hosts file.
- Deploying application image with a given dockerhub_id and app_name
- Wiping application from VMs.
Write main.yml that executes such roles against the VMs.
Test the roles: ansible-playbook main.yml
Verify that docker is installed and application image is running
Verify that app is running on http://localhost:8080
You may also schedule Watchtower to automatically update app images from DockerHub.

Documentation Reference
A module should be responsible for one small simple task.
Use the recommended directory structure for roles.
Use ansible-playbook --check to check actions before taking them (not all modules support this).
- Or try changes on staging environment first.
Give tasks meaningful names, separate them with empty lines for readability, use comments for extra explanation.
Use ansible-lint to lint playbooks.
Use dynamic inventory when working with cloud hosts to avoid manual IP/hostname configurations.
Use state to specify the desired module state so that modules won’t execute twice unless needed.