I helped deploy Ansible Tower. At the time of writing Tower was being used to apply configurations to more than 150
servers every day. These configurations consist of self-written ‘roles’ aswell as the playbooks
themselves. I deployed many different server setups, all using ansible playbooks, such as:
- Magento setup:
- This setup hosts Magento-based CMS sites.
- Nginx is optimized with Magento-specific settings.
- It uses NFS shared storage on a NetApp cluster.
- Backups are made amongst others with Bacula.
- PHP is running in php-fpm mode.
- There is a Redis instance per website for caching.
- Trytond setup:
- This setup uses nginx with gunicorn as backends.
- PostgreSQL is used as a databasebackend and Sphinx / searchd for the search functionalities.
- Python Trytond is installed into a virtualenv.
- Redis is used as a caching backend.
- Every service is controlled with systemd templates.
- Plone CMS setup:
- This setup is load-balanced using HAProxy on a number of Zope workers and Zope database hosts.
- Each worker runs Varnish with a number of backends for each site. These are all periodically probed and removed from the pool if they are no longer responding.
- The customer requested ansible playbooks on one of the worker to easily deploy and update sites.
- Docker setup:
- This customer uses docker extensively for deploying and automatically scaling websites.
- Containers are limited to customer-specific networks.
- Docker networks and nginx are managed with Ansible.
- ElasticSearch / MongoDB / PostgreSQL / RabbitMQ / Redis cluster:
- This setup contains a number of database servers and worker servers.
- All services are running in either cluster mode or master/slave mode.
- Workers run apps, written in go, that are exposed to the internet via nginx.
Besides engineering new setups and clusters, customers often requested a way of testing their
software on their servers, without using the “live” servers. I used Packer to create Vagrant boxes
that are identical to their production servers.
I also wrote a number of tools in Python:
Other duties include customer contact via phone and e-mail (3rd line support), configuring Cisco /
NetApp infrastructure, implement firewalling and VPN using Juniper and pfSense appliances and implementing two-factor authentication for SSH.