How do I update the Nginx configuration file on many identical servers at the same time?
We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.
Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?
amazon-web-services amazon-ec2
New contributor
add a comment |
We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.
Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?
amazon-web-services amazon-ec2
New contributor
3
ansible, saltstack to name a few.
– poige
yesterday
add a comment |
We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.
Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?
amazon-web-services amazon-ec2
New contributor
We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.
Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?
amazon-web-services amazon-ec2
amazon-web-services amazon-ec2
New contributor
New contributor
edited 8 hours ago
Peter Mortensen
2,11742124
2,11742124
New contributor
asked yesterday
BububuBububu
1435
1435
New contributor
New contributor
3
ansible, saltstack to name a few.
– poige
yesterday
add a comment |
3
ansible, saltstack to name a few.
– poige
yesterday
3
3
ansible, saltstack to name a few.
– poige
yesterday
ansible, saltstack to name a few.
– poige
yesterday
add a comment |
4 Answers
4
active
oldest
votes
There are a number of concepts that you can leverage.
The key to success is automation
First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.
As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:
- Automatically build a new AMI - one of the most popular tools to do that is Packer
- Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.
Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.
AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.
AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:
Code Commit where you can keep your Nginx configuration files in Git.
Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.
Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.
Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.
There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.
I hope that helps :)
An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.
– Araho
4 hours ago
add a comment |
Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).
When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.
Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.
The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.
add a comment |
AWS Run Command
https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html
Or you could use Opsworks
https://aws.amazon.com/opsworks/
This is almost exactly the use-case for Run Command and Systems Manager
– danimal
15 hours ago
add a comment |
Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.
One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.
– Tim
19 hours ago
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "2"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Bububu is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f949082%2fhow-do-i-update-the-nginx-configuration-file-on-many-identical-servers-at-the-sa%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
4 Answers
4
active
oldest
votes
4 Answers
4
active
oldest
votes
active
oldest
votes
active
oldest
votes
There are a number of concepts that you can leverage.
The key to success is automation
First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.
As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:
- Automatically build a new AMI - one of the most popular tools to do that is Packer
- Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.
Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.
AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.
AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:
Code Commit where you can keep your Nginx configuration files in Git.
Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.
Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.
Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.
There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.
I hope that helps :)
An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.
– Araho
4 hours ago
add a comment |
There are a number of concepts that you can leverage.
The key to success is automation
First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.
As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:
- Automatically build a new AMI - one of the most popular tools to do that is Packer
- Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.
Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.
AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.
AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:
Code Commit where you can keep your Nginx configuration files in Git.
Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.
Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.
Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.
There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.
I hope that helps :)
An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.
– Araho
4 hours ago
add a comment |
There are a number of concepts that you can leverage.
The key to success is automation
First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.
As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:
- Automatically build a new AMI - one of the most popular tools to do that is Packer
- Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.
Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.
AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.
AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:
Code Commit where you can keep your Nginx configuration files in Git.
Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.
Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.
Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.
There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.
I hope that helps :)
There are a number of concepts that you can leverage.
The key to success is automation
First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.
As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:
- Automatically build a new AMI - one of the most popular tools to do that is Packer
- Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.
Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.
AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.
AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:
Code Commit where you can keep your Nginx configuration files in Git.
Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.
Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.
Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.
There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.
I hope that helps :)
edited 8 hours ago
Peter Mortensen
2,11742124
2,11742124
answered yesterday
MLuMLu
7,00711840
7,00711840
An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.
– Araho
4 hours ago
add a comment |
An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.
– Araho
4 hours ago
An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.
– Araho
4 hours ago
An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.
– Araho
4 hours ago
add a comment |
Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).
When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.
Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.
The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.
add a comment |
Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).
When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.
Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.
The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.
add a comment |
Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).
When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.
Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.
The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.
Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).
When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.
Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.
The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.
edited 8 hours ago
Peter Mortensen
2,11742124
2,11742124
answered yesterday
TimTim
17.2k41847
17.2k41847
add a comment |
add a comment |
AWS Run Command
https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html
Or you could use Opsworks
https://aws.amazon.com/opsworks/
This is almost exactly the use-case for Run Command and Systems Manager
– danimal
15 hours ago
add a comment |
AWS Run Command
https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html
Or you could use Opsworks
https://aws.amazon.com/opsworks/
This is almost exactly the use-case for Run Command and Systems Manager
– danimal
15 hours ago
add a comment |
AWS Run Command
https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html
Or you could use Opsworks
https://aws.amazon.com/opsworks/
AWS Run Command
https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html
Or you could use Opsworks
https://aws.amazon.com/opsworks/
answered 18 hours ago
Chris_WorkChris_Work
465
465
This is almost exactly the use-case for Run Command and Systems Manager
– danimal
15 hours ago
add a comment |
This is almost exactly the use-case for Run Command and Systems Manager
– danimal
15 hours ago
This is almost exactly the use-case for Run Command and Systems Manager
– danimal
15 hours ago
This is almost exactly the use-case for Run Command and Systems Manager
– danimal
15 hours ago
add a comment |
Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.
One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.
– Tim
19 hours ago
add a comment |
Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.
One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.
– Tim
19 hours ago
add a comment |
Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.
Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.
answered yesterday
I-P-XI-P-X
1289
1289
One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.
– Tim
19 hours ago
add a comment |
One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.
– Tim
19 hours ago
One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.
– Tim
19 hours ago
One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.
– Tim
19 hours ago
add a comment |
Bububu is a new contributor. Be nice, and check out our Code of Conduct.
Bububu is a new contributor. Be nice, and check out our Code of Conduct.
Bububu is a new contributor. Be nice, and check out our Code of Conduct.
Bububu is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Server Fault!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f949082%2fhow-do-i-update-the-nginx-configuration-file-on-many-identical-servers-at-the-sa%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
3
ansible, saltstack to name a few.
– poige
yesterday