Git Deploy PHP App to MULTIPLE EC2 Nodes

Question

I've been reading a lot of articles that talk about post-update hooks to deploy websites using Git, however I don't understand how this is done on EC2.

I want to use the Auto Scaling feature of EC2 to automatically add micro/small nodes behind my load balancer based off an AMI of my server.

How can I make it so:

1. My nodes automatically fetch the latest version of the site from the repository upon starting

2. Push updates to all nodes (trigger update immediately if possible), even the ones that are dynamically added (therefore no configuration beyond what the AMI already contained).

Answer 1

As far as automation tools are concerned you could use puppet or chef to get the job done. The companies behind those offer hosted services as well:

• http://puppetlabs.com
• http://opscode.com

Personally we use scalarium to deploy our servers and to autoscale them.

If that's not what you want, you could for example write your own scripts for chef to deploy on an instance. There's already a deploy resource which works very well with git. I'd probably recommend chef-solo since this wouldn't require running chef-server (has lots of dependencies and needs management as well) or something like littlechef which allows you to run a chef-server-like setup but without the burdon of running chef-server.

The objective would be to for example setup a private AMI which Amazon uses to autoscale.

This AMI would have your services (HTTP, etc.), ruby and chef installed (gem install chef) and whatever else you need and then in turn run the scripts to further setup your instance and deploy the code from GIT.

If you go down this path you can of course setup as many services as required with the AMI and then you would only need chef to deploy the code.

Here's an example to check out code from GIT using a chef recipe:

git "/var/www/example.org" do
  repository "git://github.com/yourname/example.git"
  revision "production"
  action :sync
end

This would check out your production branch from git.

Since this runs as root by default, you should have your deploykey in /root/.ssh/id_rsa. You could do that before you create the private AMI. You could also fetch the key from a secure location before you deploy:

directory "/root/.ssh/" do
  action :create
end

execute "download my deploy key" do
  command "wget https://secure.location/id_rsa -O /root/.ssh/id_rsa"
  not_if do File.exists?("/root/.ssh/id_rsa") end
end

(I just typed this out, I haven't run this – but I'm almost sure it should work since we do something very similar on non-EC2-hosts.)

If you don't run chef-server or little-chef, I'd use capistrano to execute chef-solo again – e.g. to check out a new revision of the code. Capistrano would send commands to the instance (via ssh), for which I'd probably setup a password-less account with an ssh key, etc..

Let me know if you need more pointers!