Application Centric Deployment Guide

Introduction

This guide introduces the ACD plugin and explains how to use it.

ACD stands for Application Centric Deployment and describes a fundamentally different approach to provisioning and configuring new hosts. Traditionally, orcharhino has pursued a host centric approach. Now, the ACD approach presents a new idea: deploying hosts in order to run an application that requires a predefined set of services.

A modern application typically consists of multiple services and therefore requires multiple, different kinds of hosts connected to each other. These hosts have dependencies to each other, e.g. an application server might require a database server.

The number of deployed hosts depends on the expected usage of the application. You can scale an application instance vertically via compute profile or horizontally by choosing multiple hosts to run the same service to handle increased workloads.

Within ACD, Ansible playbooks are executed on the orcharhino server. Make sure all managed systems can be reached by Ansible from the orcharhino server. Deploying and configuring hosts via different orcharhino Proxys will be added at a later stage.

Terminology

ACD

ACD stands for Application Centric Deployment and describes a new approach to provision and configure hosts based on the service they will provide.

Ansible Playbooks

Ansible playbooks are the core of the application definition. They describe the relation between different services to provide a whole application with one click of a button. These playbooks contain roles, which in turn contain tasks to properly configure hosts.

Application Definitions

Application definitions are blueprints of how to deploy an application and its services.

Application Instances

Application instances are configured application definitions. There might be different configurations based on a testing or production environment or its expected usage. For example, a system deploying a wiki platform for 20 users might use the 1-small compute profile, whereas a system with hundreds of expected users might choose the 3-large compute profile.

Service

A service is a type of host necessary to run an application. For example, the LAMP stack consists of three services: an Apache webserver, a MySQL database, and PHP scripting language all running on Linux servers.

Host Groups

Host groups are predefined sets of provisioning and configuration settings for a new host. They allow you to quickly deploy hosts with identical settings with the click of a button.

Host Centric vs. Application Centric Deployment

Host Centric Deployment

Application Centric Deployment

Requirements

none (possible by default)

ACD plugin

Focus

individual hosts

applications

Number of Hosts

1

1 to many

Automation

via Host Group

via Ansible playbook and application definition

Advantages

full control over each host

deploy a number of hosts at once; self service for technically less inclined; scale vertically and/or horizontally

Disadvantages

extra abstraction layer between a host and its purpose

dependency on/limitation to existing application templates

Usage Example

The following application centric deployment illustrates the deployment of hosts in an application centric approach. The web application requires an HAProxy, an Apache web server, a Tomcat application server, and a database server.

Using ACD, this web application can be deployed and configured in a single step:

  1. Import the Ansible playbook

    Upload the Ansible playbook to your orcharhino server. Specify the path and the name of the Ansible playbook via management UI.

  2. Create an application definition

    This example requires four different services: proxy servers, web servers, application servers, and database servers. Those hosts are ideally part of a host group.

  3. (Optional) Adapt Ansible variables

    You can either use the default values, change values, or lock the Ansible variables from being edited for an application instance. Ansible variables are read from the group variables of the Ansible playbook.

  4. (Optional) Overwrite variables from the host group

    For example, change the compute profile or set a different lifecycle environment.

  5. Deploy an application instance

    • You may simply deploy the application instance;

    • run the Ansible playbook as is;

    • or customize the Ansible playbook before running it.

In case a package needs to be installed via an Ansible playbook and the host is subscribed to orcharhino server, make sure the package exists in the content view.

Architecture

The ACD plugin is about deploying whole applications instead of single hosts at a time.

ACD uses smart proxies and a new remote execution provider called acd.

Ansible playbooks are downloaded from orcharhino server to the orcharhino Proxy before being executed. You only need to submit the Ansible playbook to the orcharhino server, but not an arbitrary number of connected orcharhino Proxys.

This is using a new job provider and new job template.

Ansible Playbooks

Ansible playbooks provide the configuration of deployed applications. They are required next to an application definition to create application instances.

Ansible group variables are mandatory and only supported as key:value, i.e. lists and dictionaries are currently not allowed and cannot be edited via management UI.

Ansible playbooks need to contain Ansible group variables for each provided service.

The Ansible inventory is automatically created by the ACD plugin.

Navigate to Applications > Ansible Playbooks to manage Ansible playbooks for application centric deployment.

The Ansible playbook must contain all necessary roles and tasks to execute the playbook. Support for Ansible collections will be added in a future release.

If your Ansible playbooks are currently using Ansible collections, make sure they are present on every attached orcharhino Proxy by hand. You can install Ansible collections by hand by running the following command on your orcharhino server and orcharhino Proxy:

ansible-galaxy collection install namespace.collection

Replace namespace.collection with the Ansible collection you are intending to use, e.g. community.general. This uses the Ansible galaxy as configured in the ansible.cfg file.

Application Definitions

Application definitions are blueprints of deployed applications. They are required next to an Ansible playbook to create application instances.

Application definitions are typically handled by administrative orcharhino users. They serve as a blueprint providing easy self service for end users.

Navigate to Applications > App Definitions to manage application definitions for application centric deployment.

Application Instances

An application instance is a preconfigured application definition and can be rolled out by end users. This automatically deploys and configures hosts based on the application definition and Ansible playbook.

Based on one application definition, end users can configure and deploy multiple application instances.

Navigate to Applications > App Instances to manage application instances for application centric deployment.

Ansible Variables and Parameter Hierarchy

There are different levels on how to set Ansible variables and parameters for a service/host.

Ansible variables
  • On the base, there are Ansible group variables for all services as defined in the Ansible playbook.

  • Next, there are Ansible group variables defined for all services in the application definition. Individual Ansible variables can be locked, removed, or added to the application definition. They overwrite the ones from the Ansible playbook.

  • An application definition also contains Ansible variables for service groups. These overwrite Ansible variables set for all services.

  • An application instance can overwrite any unlocked Ansible variables from the application definition.

Parameters
  • Managed hosts inherit parameters from multiple entities:

    • Global parameters

    • Organization parameters

    • Location parameters

    • Domain parameters

    • Subnet parameters

    • Operating system parameters

    • Host group parameters

    • Host parameters

    For example, domain level parameters overwrite both location and organization based parameters and host parameters overwrite any other defined parameter.

User Roles

The ACD plugin is used to deploy applications and requires sufficient orcharhino permissions. Depending on your environment, there might be two different groups of users in regard to managing an application and deploying an application:

  • An administrative group of users might be responsible for providing the tools to deploy an application, i.e. an Ansible playbook and application definition.

  • An end user group might be using orcharhino to deploy applications, i.e. creating and deploying application instances based on provided application definitions within their organization and location context. Many application instances can be created based on the same application definition.

By default, there are two ACD user roles:

Application Centric Deployment Manager

Configuring Ansible playbooks and application definitions requires the Application Centric Deployment Manager user role. It bundles permissions to manage Ansible playbooks, application definitions, and application instances as well as using ACD remote execution features. This role is suited for administrative users.

The ACD manager role includes permissions to deploy and configure hosts; to manage Ansible playbooks, application definitions, and application instances; and to view, create, and cancel job invocations and templates.

Application Centric Deployment User

Creating and deploying application instances requires the Application Centric Deployment User user role. It bundles permissions to manage application instances and access to the ACD remote execution features. This role is suited for end users.

The ACD user role includes permissions to deploy and configure hosts; to manage application instances; and to view, create, and cancel job invocations and templates.

Installation

You need to install both the foreman_acd and smart_proxy_acd plugins to use ACD.

This describes the package installation on CentOS 7, Red Hat Enterprise Linux 7, and Oracle Linux 7.

Procedure
  1. Install the required packages on your orcharhino server:

    yum install tfm-rubygem-foreman_acd tfm-rubygem-smart_proxy_acd tfm-rubygem-smart_proxy_acd_core
  2. Run database migrations on your orcharhino server:

    foreman-rake db:migrate
    foreman-rake db:seed
  3. Restart the orcharhino services:

    foreman-maintain service restart

Ansible Playbooks

Viewing an Ansible Playbook

You can view existing Ansible playbooks used for application centric deployment via your orcharhino server management UI.

Procedure
  1. Navigate to Applications > Ansible Playbooks.

  2. Select an entry in the list of Ansible playbooks.

Adding an Ansible Playbook

You can add Ansible playbooks used for application centric deployment via your orcharhino server management UI.

Procedure
  1. Navigate to Applications > Ansible Playbooks.

  2. Click the New Ansible Playbook button.

  3. In the Name field, enter the name of new Ansible playbook.

  4. In the Description field, enter an arbitrary description.

  5. In the Path field, enter the location of the Ansible playbook on your orcharhino server.

    We recommend putting the Ansible playbook into /etc/foreman/plugins/foreman_acd/ansible-playbooks/ to avoid SELinux issues.

  6. In the Playfile field, enter the name of the Ansible playbook.

  7. Click Submit to save your Ansible playbook.

  8. Once submitted, click the Import groups button to import Ansible group variables before this Ansible playbook can be used for an application definition.

Making changes to any Ansible roles included in your Ansible playbook does not require reimporting the Ansible playbook via management UI.

Removing an Ansible Playbook

You can remove Ansible playbooks used for application centric deployment via your orcharhino server management UI.

Procedure
  1. Navigate to Applications > Ansible Playbooks.

  2. Click the Delete button in the drop down menu to remove the Ansible playbook from your orcharhino server.

Application Definitions

Viewing an Application Definition

You can view existing application definitions used for application centric deployment via your orcharhino server management UI.

Procedure
  1. Navigate to Applications > App Definitions.

  2. Select an entry in the list of application definitions.

Creating an Application Definition

You can create application definitions used for application centric deployment via your orcharhino server management UI.

Procedure
  1. Navigate to Applications > App Definitions.

  2. Click the New Application Definition button.

  3. In the Name field, enter the name of the new application definition.

  4. In the Description field, enter an arbitrary description.

  5. From the Ansible Playbook menu, select the name of an Ansible playbook.

  6. Click the + icon to add a new set of hosts.

    • In the Name field, enter the name of the new set of hosts.

    • In the Description field, enter an arbitrary description.

    • From the Hostgroup menu, select an existing host group.

      You cannot create a service for an application definition without any existing host groups.

    • From the Ansible Group menu, select existing Ansible group variables from the selected Ansible playbook.

    • In the min count field, enter the minimum number of hosts providing this service. If it is unset, users can choose to not deploy a host providing this service at all.

    • In the max count field, enter the maximum number of hosts providing this service. If it is unset, users can choose to deploy an unlimited number of hosts providing this service.

    • In the Actions column,

      • click the edit icon to edit an entry;

      • click the settings icon to add or edit existing orcharhino parameters. Every hierarchy level of orcharhino parameters can be overwritten.

      • click the A character to edit, add, lock, or delete Ansible group variables;

      • click the delete icon to delete an entry.

  7. Click Submit to save your application definition.

Removing an Application Definition

You can remove application definitions used for application centric deployment via your orcharhino server management UI.

Procedure
  1. Navigate to Applications > App Definitions.

  2. Click the Delete button to remove the application definition from your orcharhino server.

Application Instances

Viewing an Application Instance

You can view existing application instances used for application centric deployment via your orcharhino server management UI.

Procedure
  1. Navigate to Applications > App Instances.

  2. Select an entry in the list of application instances.

Creating an Application Instance

You can create application instances as a blueprint for users to provision and configure hosts.

Procedure
  1. Navigate to Application > App Instances and click the New Application Instance button.

  2. In the Name field, enter the name of the new application instance.

  3. In the Description field, enter an arbitrary description.

  4. From the Application Definition menu, select an existing application definition.

  5. In the table, connect the hosts and necessary services:

    • In the Hostname field, enter a unique name for the host. You may choose from all lowercase characters, digits, and hyphens. Hosts may not start with a hyphen.

    • In the Description field, enter an arbitrary description.

    • From the Service menu, choose a service from the selected application definition. Refer to the list of services in the top right corner.

    • In the Actions column,

      • click the edit icon to edit an entry;

      • click the settings icon to add or edit existing orcharhino parameters. Every hierarchy level of orcharhino parameters can be overwritten.

      • click the A character to edit, add, lock, or delete Ansible group variables;

      • click the delete icon to delete an entry.

  6. Click the A character to view and edit the corresponding Ansible group variables. You may edit unlocked values.

  7. Click Submit to save your application instance.

Deploying an Application Instance

Application instances can be deployed once or multiple times.

Procedure
  1. Navigate to Applications > App Instances.

  2. Select the application instance you want to deploy and click the Deploy button. If the selected application instance has been deployed before, you will be prompted to confirm redeploying existing hosts. Confirming this automatically starts provisioning the specified hosts and configuring them according to the Ansible playbook.

The firewall settings must be handled by the Ansible playbook itself. Make sure to open any required network ports for any defined service by creating an additional role or task in the Ansible playbook.

Run Playbook

Procedure
  1. Navigate to Applications > App Instances.

  2. Select the application instance you want to deploy and click the Run Playbook button from the drop down menu. This will automatically start configuring the specified hosts according to the Ansible playbook.

Run Playbook - Customize First

Procedure
  1. Navigate to Applications > App Instances.

  2. Select the application instance you want to deploy and click the Run Playbook - customize first button from the drop down menu. This opens the Job Invocation page with prefilled instructions to deploy the application instance. It allows you to customize your application instance deployment and configuration as follows:

    • You can make the Ansible playbook output more verbose.

    • You can add more Ansible variables before executing the Ansible playbook.

    • You can set the amount of concurrently running Ansible tasks.

    • You can select specific tags and hereby limit the tasks of the Ansible playbook that will be executed. Alternatively, you can also choose to skip specific tasks by selecting tags to skip.

      Those options are passed to the Ansible playbook.

    Clicking the Submit button at the bottom without making a change simply runs the Ansible playbook and deploys the application instance.

You may also choose to deploy the application instance at a certain point of time in the future or recurringly. For example, you can deploy an application every (Sunday) morning as part of a testing routine.

Removing an Application Instance

You can remove application instances used for application centric deployment via your orcharhino server management UI.

Procedure
  1. Navigate to Application > App Instances.

  2. In the list of application instances, open the drop down menu and select Delete on the application instance you want to remove.

    This prompts a list of hosts that have been deployed via the selected application instance. You can choose to also delete hosts when deleting the application instance. Otherwise, those managed hosts remain.

The text and illustrations on this page are licensed by ATIX AG under a Creative Commons Attribution–Share Alike 3.0 Unported ("CC-BY-SA") license. This page also contains text from the official Foreman documentation which uses the same license ("CC-BY-SA").