Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add roll-back demo & clean-up #77

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
41 changes: 41 additions & 0 deletions docs/rollback_demo.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
# Rollback demo using National-Parks with VMs & Terraform

With the new `--update_condition track-channel` option we can now easily demo roll-back with Habitat.

The demo is set to configure services with the `track-channel` configuration. This gives the "rollback" behavior

```
variable "update_condition" {
default = "track-channel"
}
```

First we need to create a bad `.hart` so we can show a failure in Automate. The health-check uses curl to check our health. We want to create a `404` error so the failure registers as critcial in Chef Automate.

You can comment out line the code in the `init` hook that copies the National-Parks `.war` file into the correct directory. It's line 11 at the time of this creation of this readme.

```
#NOTE comment the next line out to create/demo a bad package
cp {{pkg.path}}/*.war {{pkg.svc_var_path}}/tc/webapps
```
Change the major package version number so you can distinguish good vs bad packages.

Update `pkg_version=8.0.0` in your plan.sh.

You can also create a different channel for the roll-back demo so you don't have a bad pacakge in `current`

Upload your .hart & create the `rb_prod` channel

`hab pkg upload eric-national-parks-8.0.0-20200509192449-x86_64-linux.hart rb_prod`

To run the demo start with a working .hart, then promote the bad .hart
`hab pkg promote eric/national-parks/8.0.0/20200509192449 rb_prod`

The national-park service will upgrade & you can show the failure in the Automate Applications tab. Once you click on the failed service the right pannel will display the error log.

"Rollback" your change by demoting the bad package. The national-parks service will downgrade back to the previous version. You can show the new package number & the systems are now healthy in Chef Automate's Application tab.

`hab pkg demote eric/national-parks/8.0.0/20200509192449 rb_prod`

Included in the repo is Terraform code (Version `0.12`) for launching the application in AWS and Google Kubernetes Engine. Provision either AWS, GKE, or both, and then you can watch Habitat update across cloud deployments.

30 changes: 30 additions & 0 deletions habitat/hooks/health-check
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
#!/bin/sh

#define default return code as 0
rc=3

#curl local host - 200 code is "ok"
#variable cfg.server.port so port can be dynamic in health check
STATUS=$({{pkgPathFor "core/curl"}}/bin/curl -s -o /dev/null -w '%{http_code}' http://localhost:8080/national-parks/)

echo "HTTP Status Code: $STATUS"

case $STATUS in
200)
rc=0 ;;
1)
rc=1 ;;
4**)
rc=2 ;;
*)
rc=3 ;;
esac

# hab error codes
# 0- ok
# 1- warning
# 2- critical
# 3- unknown

echo "healthcheck return code: $rc"
exit $rc
4 changes: 4 additions & 0 deletions habitat/hooks/init
Original file line number Diff line number Diff line change
@@ -1,9 +1,13 @@
#!/bin/bash -x

echo "clean up after a previous pacakge"
rm -rf {{pkg.svc_var_path}}/tc

echo "Preparing TOMCAT_HOME..."
# Move directories that ship in the package into place
cp -a {{pkgPathFor "core/tomcat8"}}/tc {{pkg.svc_var_path}}/

#NOTE comment the next line out to create/demo a bad package
cp {{pkg.path}}/*.war {{pkg.svc_var_path}}/tc/webapps

# Following lines are to copy project tomcat configs to run time tomcat8 directory
Expand Down
5 changes: 3 additions & 2 deletions habitat/hooks/run
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
#!/bin/bash
exec 2>&1

{{#if bind.database ~}}
export CATALINA_OPTS="-DMONGODB_SERVICE_HOST={{bind.database.first.sys.ip}}
Expand All @@ -7,6 +8,6 @@ export CATALINA_OPTS="-DMONGODB_SERVICE_HOST={{bind.database.first.sys.ip}}
{{/if ~}}

export JAVA_HOME="{{pkgPathFor "core/corretto"}}"
export TOMCAT_HOME="{{pkgPathFor "core/tomcat8"}}/tc"
cp {{pkg.path}}/*.war $TOMCAT_HOME/webapps
export TOMCAT_HOME="{{pkg.svc_var_path}}/tc"

exec ${TOMCAT_HOME}/bin/catalina.sh run
2 changes: 1 addition & 1 deletion habitat/plan.sh
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ pkg_origin=scottford
pkg_version=7.0.0
pkg_maintainer="Scott Ford <[email protected]>"
pkg_license=('Apache-2.0')
pkg_deps=(core/tomcat8 core/corretto core/mongo-tools)
pkg_deps=(core/tomcat8 core/corretto core/mongo-tools core/curl)
pkg_build_deps=(core/corretto core/maven)
pkg_svc_user="root"
pkg_binds=(
Expand Down
20 changes: 10 additions & 10 deletions terraform/aws/national-parks.tf
Original file line number Diff line number Diff line change
Expand Up @@ -67,8 +67,8 @@ resource "aws_instance" "permanent_peer" {
"sudo /sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0",
"sudo cp /home/${var.aws_ami_user}/audit_linux.toml /hab/user/audit-baseline/config/user.toml",
"sudo cp /home/${var.aws_ami_user}/config_linux.toml /hab/user/config-baseline/config/user.toml",
"sudo hab svc load effortless/config-baseline --group ${var.group} --strategy at-once --channel stable",
"sudo hab svc load effortless/audit-baseline --group ${var.group} --strategy at-once --channel stable",
"sudo hab svc load ${var.effortless_origin}/${var.effortless_infra} --group ${var.group} --strategy at-once --channel ${var.effortless_infra_channel}",
"sudo hab svc load ${var.effortless_origin}/${var.effortless_inspec} --group ${var.group} --strategy at-once --channel ${var.effortless_inspec_channel}",
]
}
}
Expand Down Expand Up @@ -152,8 +152,8 @@ resource "aws_instance" "mongodb" {
"sudo cp /home/${var.aws_ami_user}/audit_linux.toml /hab/user/audit-baseline/config/user.toml",
"sudo cp /home/${var.aws_ami_user}/config_linux.toml /hab/user/config-baseline/config/user.toml",
"sudo cp /home/${var.aws_ami_user}/mongo.toml /hab/user/mongodb/config/user.toml",
"sudo hab svc load effortless/config-baseline --group ${var.group} --strategy at-once --channel stable",
"sudo hab svc load effortless/audit-baseline --group ${var.group} --strategy at-once --channel stable",
"sudo hab svc load ${var.effortless_origin}/${var.effortless_infra} --group ${var.group} --strategy at-once --channel ${var.effortless_infra_channel}",
"sudo hab svc load ${var.effortless_origin}/${var.effortless_inspec} --group ${var.group} --strategy at-once --channel ${var.effortless_inspec_channel}",
"sudo hab svc load core/mongodb/3.2.10/20171016003652 --group ${var.group}",
]
}
Expand Down Expand Up @@ -210,7 +210,7 @@ resource "aws_instance" "national_parks" {
inline = [
"sudo rm -rf /etc/machine-id",
"sudo systemd-machine-id-setup",
"sudo hostname national-parks-${var.node_count}",
"sudo hostname national-parks-${count.index}",
"sudo groupadd hab",
"sudo adduser hab -g hab",
"chmod +x /tmp/install_hab.sh",
Expand All @@ -230,9 +230,9 @@ resource "aws_instance" "national_parks" {
"sudo /sbin/sysctl -w net.ipv4.conf.all.accept_redirects=0",
"sudo cp /home/${var.aws_ami_user}/audit_linux.toml /hab/user/audit-baseline/config/user.toml",
"sudo cp /home/${var.aws_ami_user}/config_linux.toml /hab/user/config-baseline/config/user.toml",
"sudo hab svc load effortless/config-baseline --group ${var.group} --strategy at-once --channel stable",
"sudo hab svc load effortless/audit-baseline --group ${var.group} --strategy at-once --channel stable",
"sudo hab svc load ${var.origin}/national-parks --group ${var.group} --channel ${var.prod_channel} --strategy ${var.update_strategy} --update-condition ${var.update_condition} --bind database:mongodb.${var.group}",
"sudo hab svc load ${var.effortless_origin}/${var.effortless_infra} --group ${var.group} --strategy at-once --channel ${var.effortless_infra_channel}",
"sudo hab svc load ${var.effortless_origin}/${var.effortless_inspec} --group ${var.group} --strategy at-once --channel ${var.effortless_inspec_channel}",
"sudo hab svc load ${var.origin}/national-parks --group ${var.group} --channel ${var.prod_channel} --strategy ${var.update_strategy} --update-condition ${var.update_condition} --health-check-interval ${var.health_check_interval} --bind database:mongodb.${var.group}",
]
}
}
Expand Down Expand Up @@ -312,8 +312,8 @@ resource "aws_instance" "haproxy" {
"sudo cp /home/${var.aws_ami_user}/audit_linux.toml /hab/user/audit-baseline/config/user.toml",
"sudo cp /home/${var.aws_ami_user}/config_linux.toml /hab/user/config-baseline/config/user.toml",
"sudo cp /home/${var.aws_ami_user}/haproxy.toml /hab/user/haproxy/config/user.toml",
"sudo hab svc load effortless/config-baseline --group ${var.group} --strategy at-once --channel stable",
"sudo hab svc load effortless/audit-baseline --group ${var.group} --strategy at-once --channel stable",
"sudo hab svc load ${var.effortless_origin}/${var.effortless_infra} --group ${var.group} --strategy at-once --channel ${var.effortless_infra_channel}",
"sudo hab svc load ${var.effortless_origin}/${var.effortless_inspec} --group ${var.group} --strategy at-once --channel ${var.effortless_inspec_channel}",
"sudo hab svc load core/haproxy --group ${var.group} --bind backend:national-parks.${var.group}",
]
}
Expand Down
3 changes: 3 additions & 0 deletions terraform/aws/templates.tf
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ data "template_file" "permanent_peer" {
template = file("${path.module}/../templates/peer-sup.service")

vars = {
HAB_AUTH_TOKEN ="${var.HAB_AUTH_TOKEN}"
flags = "--auto-update --listen-gossip 0.0.0.0:9638 --listen-http 0.0.0.0:9631 --permanent-peer --event-stream-application=${var.event-stream-application} --event-stream-environment=${var.event-stream-environment} --event-stream-site=${var.aws_region} --event-stream-url=${var.automate_ip}:4222 --event-stream-token=${var.automate_token}"
}
}
Expand All @@ -13,6 +14,8 @@ data "template_file" "sup_service" {
template = file("${path.module}/../templates/hab-sup.service")

vars = {
HAB_AUTH_TOKEN ="${var.HAB_AUTH_TOKEN}"
UPDATE_STRATEGY_FREQUENCY_MS ="${var.UPDATE_STRATEGY_FREQUENCY_MS}"
flags = "--auto-update --peer ${aws_instance.permanent_peer.private_ip} --listen-gossip 0.0.0.0:9638 --listen-http 0.0.0.0:9631 --event-stream-application=${var.event-stream-application} --event-stream-environment=${var.event-stream-environment} --event-stream-site=${var.aws_region} --event-stream-url=${var.automate_ip}:4222 --event-stream-token=${var.automate_token}"
}
}
Expand Down
31 changes: 31 additions & 0 deletions terraform/aws/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,26 @@ variable "node_count" {
variable "origin" {
}

variable "effortless_origin" {
default = "effortless"
}

variable "effortless_infra" {
default = "config-baseline"
}

variable "effortless_inspec" {
default = "audit-baseline"
}

variable "effortless_infra_channel" {
default = "stable"
}

variable "effortless_inspec_channel" {
default = "stable"
}

variable "group" {
default = "default"
}
Expand All @@ -112,9 +132,20 @@ variable "update_condition" {
default = "track-channel"
}

variable "health_check_interval" {
default = "30"
}

variable "sleep" {
default = "60"
}
variable "UPDATE_STRATEGY_FREQUENCY_MS" {
default = "60000"
}

variable "HAB_AUTH_TOKEN" {
default = "blankkey"
}

////////////////////////////////
// Automate Info
Expand Down
2 changes: 1 addition & 1 deletion terraform/azure/main.tf
Original file line number Diff line number Diff line change
Expand Up @@ -672,7 +672,7 @@ resource "azurerm_virtual_machine" "app" {
"sudo cp /home/${var.azure_image_user}/config_linux.toml /hab/user/config-baseline/config/user.toml",
"sudo hab svc load effortless/audit-baseline --channel stable --strategy at-once --group ${var.group}",
"sudo hab svc load effortless/config-baseline --channel stable --strategy at-once --group ${var.group}",
"sudo hab svc load ${var.origin}/national-parks --group ${var.group} --channel ${var.channel} --strategy ${var.update_strategy} --update-condition ${var.update_condition} --bind database:mongodb.${var.group}",
"sudo hab svc load ${var.origin}/national-parks --group ${var.group} --channel ${var.channel} --strategy ${var.update_strategy} --update-condition ${var.update_condition} --health-check-interval ${var.health_check_interval} --bind database:mongodb.${var.group}",
]
}

Expand Down
1 change: 1 addition & 0 deletions terraform/azure/templates.tf
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ data "template_file" "sup_service" {
template = file("${path.module}/../templates/hab-sup.service")

vars = {
UPDATE_STRATEGY_FREQUENCY_MS ="${var.UPDATE_STRATEGY_FREQUENCY_MS}"
flags = "--auto-update --peer ${azurerm_public_ip.permanent-peer-pip.ip_address} --listen-gossip 0.0.0.0:9638 --listen-http 0.0.0.0:9631 --event-stream-application=${var.event-stream-application} --event-stream-environment=${var.event-stream-environment} --event-stream-site=${var.azure_region} --event-stream-url=${var.automate_ip}:4222 --event-stream-token=${var.automate_token}"
}
}
Expand Down
7 changes: 7 additions & 0 deletions terraform/azure/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,13 @@ variable "update_condition" {
default = "track-channel"
}

variable "health_check_interval" {
default = "30"
}
variable "UPDATE_STRATEGY_FREQUENCY_MS" {
default = "60000"
}

////////////////////////////////
// Tags

Expand Down
3 changes: 1 addition & 2 deletions terraform/chef-automate/aws/variables.tf
Original file line number Diff line number Diff line change
Expand Up @@ -136,8 +136,7 @@ variable "automate_password" {
}

variable "automate_token" {
default = "x9GfO534d4mpctuQlKq4TA6SpDE="
description = "default token please change"
description = "no default token"
}

variable "automate_products" {
Expand Down
4 changes: 4 additions & 0 deletions terraform/templates/hab-sup.service
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,10 @@
Description=Habitat Supervisor

[Service]

Environment=HAB_AUTH_TOKEN=${HAB_AUTH_TOKEN}
Environment=HAB_UPDATE_STRATEGY_FREQUENCY_BYPASS_CHECK=1
Environment=HAB_UPDATE_STRATEGY_FREQUENCY_MS=${UPDATE_STRATEGY_FREQUENCY_MS}
ExecStartPre=/bin/bash -c /bin/systemctl
ExecStart=/bin/hab run ${flags}

Expand Down
2 changes: 2 additions & 0 deletions terraform/templates/peer-sup.service
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,8 @@
Description=Habitat Supervisor

[Service]

Environment=HAB_AUTH_TOKEN=${HAB_AUTH_TOKEN}
ExecStartPre=/bin/bash -c /bin/systemctl
ExecStart=/bin/hab run ${flags}

Expand Down