Salt Procedural instruction order much easier to work with than functional Playbook format is very straightforward Having no master server by default gives us a lot of flexibility All infrastructure can be described in a single repo and atomic changes are possible
all of our server images Other roles can always depend on the common role being run first on any hosts Repeatability is a must - the common role should be able to run at any time to add new base packages, user SSH keys, etc.
application cluster is a good fit News can also have surges and is not as easy to predict With AWS you pay for exactly what resources you use, so tuning auto-scaling is crucial
and components (e.g. Rails server, memcached host) Use a server with scaling SNS hooks that applies the playbook to any new hosts that spin up. Post-creation the same server reconfigures any load balancers to add new hosts.
role. After any deployments (changes) to running instances create an AMI snapshot of the host. Update the scaling group for the changed role to point to the AMI. Use the EC2 APIs to configure load balancers on a schedule (every minute works fine).
new EBS-backed hosts in an average of 30 seconds as opposed to 10+ minutes. Leveraging tags in the EC2 hosts and scaling groups lets us create load balancer configurations with minimal lag between host creation and registration for requests. Make sure you freeze scaling groups during the deployment and snapshot, and unfreeze them afterwards. The faster you can scale up and down, the more cost effective AWS is. This also applies to tightening scaling thresholds (CPU usage, etc).
practice Some fights with the template system (Jinja 2) - it’s very simple and you can’t just outright embed Python code When we started two years ago we had to build out AWS description plugins We curse “bundle AMI” but don’t have a good replacement :-)
CircleCI running all deployments after the tests pass - why waste our time running the command? Putting all application-relevant configuration (Ruby version for example) in the app’s own GitHub repos.
we would use other tools for but it still is a great base Integrating Ansible and AWS has reduced our work (and drama) hugely Questions? Luke Reeves @lukereeves