8. AMI Toolkit
• chef-solo / masterless puppet / ansible etc
• fpm - one line rpm creation
• packer - easy AMI building
• jenkins - trigger ami build every commit
9. chef solo
• I’m not crazy, we use configuration
management to create the master AMIs.
• Keep the instances used in bake process out of
your chef server = 1 less SPOF in your life.
• No need to purge certs from resulting AMI
10. fpm
• Packing your app in rpm/deb files simplifies your
chef recipes - keep the app-specific things in the
app’s git repo
• Creating packages doesn’t have to be a PITA. fpm
reduces package creation to a literal one-liner -
fpm --verbose -s dir -t rpm --architecture
noarch --name yourrpm.rpm --version 1.1.1
—iteration 3 -C /path/to/fakeroot etc
11. packer
• Supports multiple output formats - AWS,
VMWare, etc
• Simple JSON configuration files
• Can automatically copy the resulting AMIs to
the regions you’re deployed in
• Written in Go, no dependency hell to interfere
with the other software installed on your build
box
12. jenkins
• Keep the humans out of the loop
• Generate AMIs every commit
• Integration test every AMI build
Installing at run time means you rely on upstream being performant
SPOF that is out of your control
Immutable instance AMIs = scale any time
The longer your configuration management takes to run, the longer the lag between starting to scale up and seeing actual performance improvement in your infrastructure. Bad enough we have to wait for the instances to start up.
Using rpms lets you minimize what you have to specify in your chef recipes
fpm lets you specify dependencies, versions, all the good stuff without dealing with spec files
One line AMI builds
More often the integration tests run, the less painful fixing the failures becomes
Nobody ever complained that they found a problem too soon after it was introduced