Automatic deployment of Nginx using Jenkins + Ansible

First posted by: Jenkins Chinese Community

This article describes how to use Jenkins + Ansible to achieve automatic deployment of Nginx. The final results are as follows:

Once you push the Nginx configuration to GitHub, Jenkins will automatically deploy and the target server’s Nginx configuration will automatically take effect. This process is idempotent, as long as the code does not change, the final effect does not change how many times it is executed.
If the target machine does not have Nginx installed, Nginx will be installed automatically.
Automatically set server firewall rules.

1. Introduction to the experimental environment

In this experiment, Docker Compose was used to build Jenkins and Jenkins Agent. Start a virtual machine using Vagrant to deploy Nginx. Using Vagrant is optional, and readers can start a virtual machine using VirtualBox. The whole point of using Vagrant was to automate the environment.

The following is the architecture diagram of the entire experimental environment:

Note that 5123 <-> 80 in the figure represents the forwarding of port requests from the host machine to port 80 in the virtual machine.

Vagrant: Virtual machine management tool that allows you to define and manage virtual machines using text.
Ansible: automatic o&M tool
Docker Compose: It is a tool for defining and running multi-container Docker applications. You can use YAML files to configure services for your application.

2. Start the experiment environment

Clone the code and enter the folder

git clone https://github.com/zacker330/jenkins-ansible-nginx.git
cd jenkins-ansible-nginx
Copy the code

There are two reasons why a Jenkins Agent image needs to be customized:
1. In this experiment, the Swarm plug-in is used to realize the communication between Jenkins Master and Agent, so Jenkins Agent needs to start the Swarm client.
2. Jenkins Agent must support Ansible.
```
docker build -f JenkinsSlaveAnsibleDockerfile -t jenkins-swarm-ansible .
Copy the code
```
Enable Jenkins Master and Jenkins Agent
```
docker-compose up -d
Copy the code
```
throughhttp://localhost:8080Visit Jenkins Master, if the “Unlock password” page appears as shown below, execute the commanddocker-compose logs jenkinsView Jenkins Master startup log. Enter the unlock password from the log into the form. Then follow the instructions step by step to install.

The following plug-ins need to be installed in this experiment:
- Pipeline 2.6: plugins. Jenkins. IO/workflow – ag…
- Swarm 3.15: plugins.jenkins. IO/Swarm was used to realize automatic connection between Jenkins master and Jenkins Agent
- Git 3.9.3: plugins. Jenkins. IO/Git
Configuration Jenkins master does not perform tasks Enter the page: http://localhost:8080/computer/ (master)/configure, as shown in the figure below Settings:

Make sure Jenkins security is configured with open ports for Jenkins Agent to connect to. We set the Jenkins Master open port, which can be fixed at 50000 or set to random. Set the link: http://localhost:8080/configureSecurity/.

Start the target machine on which Nginx is deployed by executing the following command from the command line:
```
vagrant up 
Copy the code
```
Notice the Vagrantfile fileconfig.vm.boxThe value must change to your Vagrant box.

At this point, the experimental environment has been set up. Now you can create a New Jenkins task.

3. Create a deployment task on Jenkins

New assembly line task

Configure pipeline Configure Jenkins task to pull Jenkinsfile from remote repository as shown below:

Other than that, no other configuration is required, isn't that easy?Copy the code

4. Manually trigger an automated build

Click “Build Now” :

The final execution log is as follows:

At this point, deployment is complete. To change the configuration of Nginx in the future, just change the code and push it to the remote repository, and the deployment will be automated. No need to manually log in to the target machine to manually modify.

Finally, you can visit http://localhost:5123. If the following page is displayed, the deployment is successful:

5. Code explanation

The above steps don’t tell you what automated deployment really does. That’s because all of our logic is written in code. Yes, it could be everything is code.

Next we introduce the code repository.

% tree - L 2 ├ ─ ─ JenkinsSlaveAnsibleDockerfile# Jenkins Agent mirror Dockerfile├ ─ ─ Jenkinsfile# Pipeline logic├ ─ ─ the README. Md ├ ─ ─ VagrantfileVagrant VIRTUAL machine definition file├ ─ ─ docker - compose. Yml# Jenkins implements the environment├ ─ ─ env - the confConfigure all applications│ └ ─ ─ devConfigure the dev environment├ ─ ─ the deploy# Ansible deployment script folder│ ├─ ├─ roles ├─ kum-custom.sh# Jenkins Swarm plugin client
Copy the code

5.1 Pipeline Logic

Jenkinsfile is used to describe the logic of the pipeline. The code is as follows:

pipeline{
  // The task is executed on the Agent with ansible tags
  agent { label "ansible"}
  environment{
     // Set Ansible not to check HOST_KEY
    ANSIBLE_HOST_KEY_CHECKING = false
  }
  triggers {
     pollSCM('H/1 * * * *')
  }
  stages{
    stage("deploy nginx"){
      steps{
        sh "ansible-playbook -i env-conf/dev deploy/playbook.yaml"}}}}Copy the code

environmentPart: Used to define environment variables during pipeline execution.
triggersPart: Used to define the pipeline trigger mechanism.pollSCMThe definition of every minute to determine whether there is a change in the code, if there is a change to automatic pipeline.
agentPart: used to define the execution environment of the entire pipeline.
stagesSection: All phases of the pipeline are defined in this section.

This is just to define how the pipeline executes. Currently the pipeline has only one deploy nginx stage and only one Ansible-playbook command executed. But it doesn’t tell us what the deployment logic is.

5.2 Deployment Logic

All deployment logic, including Nginx installation and startup, configuration updates, and loading, is placed in Ansible scripts. For those unfamiliar with Ansible, you can find an introduction to Ansible at the end of this article.

Yaml contains the following entry to deploy/playbook.yaml:

---
- hosts: "nginx"
  become: true
  roles:
    # Nginx deployment
    - ansible-role-nginx
    # Firewall Settings
    - ansible-role-firewall
Copy the code

hosts: defines the target host group name for playBook deploymentnginx.
roles: contains two roles that perform specific deployment actions. The internal logic of a role is beyond the scope of this article.

5.3 Configuration Management

When it comes to deployment, you have to talk about configuration management.

Yaml Uses the -i parameter to specify the environment configuration to be used during deployment. In this way, the environment configuration is separated from the execution script. This brings the following benefits:

To create a new environment, simply copy the existing environment and change the value of the variables in it to that of the new environment. For example, to deploy the test environment, you just need to deploy the-iChange the parameter value to:env-conf/test.
Versioning control of configuration.

In this experiment, the configuration of each environment is placed in the env-conf directory. Currently, there is only dev environment. The following is the env-conf/ directory structure:

% cdEnv - conf / % tree └ ─ ─ dev ├ ─ ─ group_vars │ └ ─ ─ nginx. Yaml ├ ─ ─ host_vars │ └ ─ ─ 192.168.52.10 └ ─ ─ hostsCopy the code

Hosts file: Hosts can be grouped in Ansible to manage hosts. The hosts file contains the following contents:
```
Nginx 192.168.52.10Copy the code
```
Host_vars directory: used to store host-level configuration variables, in this example192.168.52.10Is a YAML file. Note That the file name is the IP address of the host. We put host-specific configuration in the file, such as the username and password used by Ansible to connect to the host.
Group_vars directory: Used to store configuration variables at the group level. Such as nginx.yamlnginxConfiguration variables for this group. The file name andhostsThe group name in.

conclusion

At this point, our complete automation deployment tutorial is complete. But some questions remain:

This article only installs an “empty” Nginx, but does not cover the actual configuration of Nginx.
Currently, the connection information (SSH password) of the host is written in plain textHost_vars / 192.168.52.10In the file, there are security risks.
It does not cover how to automatically update the Nginx configuration when Java applications are deployed.

This article is an introduction to automated deployment using Jenkins + Ansible, and I will decide whether to write a sequel based on reader feedback.

If this section of Jenkins pipeline logic isn’t enough for you, consider the recently published Jenkins 2.X Practical Guide. Long click on the picture below to scan code to buy.

The appendix

Environment code for this experiment: github.com/zacker330/j…
Showme. Codes /2017-06-12…
Puppet, Chef, Ansible: Showme. Codes /…

Author: Zhai Zhijun