How do I update the Nginx configuration file on many identical servers at the same time?












8















We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.



Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?










share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 3





    ansible, saltstack to name a few.

    – poige
    yesterday
















8















We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.



Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?










share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 3





    ansible, saltstack to name a few.

    – poige
    yesterday














8












8








8


2






We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.



Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?










share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.



Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?







amazon-web-services amazon-ec2






share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 8 hours ago









Peter Mortensen

2,11742124




2,11742124






New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked yesterday









BububuBububu

1435




1435




New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 3





    ansible, saltstack to name a few.

    – poige
    yesterday














  • 3





    ansible, saltstack to name a few.

    – poige
    yesterday








3




3





ansible, saltstack to name a few.

– poige
yesterday





ansible, saltstack to name a few.

– poige
yesterday










4 Answers
4






active

oldest

votes


















22














There are a number of concepts that you can leverage.



The key to success is automation



First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




  1. Automatically build a new AMI - one of the most popular tools to do that is Packer

  2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





  • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


  • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



    • Code Commit where you can keep your Nginx configuration files in Git.


    • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




  • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



I hope that helps :)






share|improve this answer


























  • An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.

    – Araho
    4 hours ago



















4














Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.






share|improve this answer

































    1














    AWS Run Command
    https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



    Or you could use Opsworks
    https://aws.amazon.com/opsworks/






    share|improve this answer
























    • This is almost exactly the use-case for Run Command and Systems Manager

      – danimal
      15 hours ago



















    0














    Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.






    share|improve this answer
























    • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

      – Tim
      19 hours ago











    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "2"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });






    Bububu is a new contributor. Be nice, and check out our Code of Conduct.










    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f949082%2fhow-do-i-update-the-nginx-configuration-file-on-many-identical-servers-at-the-sa%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    4 Answers
    4






    active

    oldest

    votes








    4 Answers
    4






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    22














    There are a number of concepts that you can leverage.



    The key to success is automation



    First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



    As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




    1. Automatically build a new AMI - one of the most popular tools to do that is Packer

    2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




    Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





    • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


    • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



      • Code Commit where you can keep your Nginx configuration files in Git.


      • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




    • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


    Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





    There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



    I hope that helps :)






    share|improve this answer


























    • An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.

      – Araho
      4 hours ago
















    22














    There are a number of concepts that you can leverage.



    The key to success is automation



    First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



    As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




    1. Automatically build a new AMI - one of the most popular tools to do that is Packer

    2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




    Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





    • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


    • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



      • Code Commit where you can keep your Nginx configuration files in Git.


      • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




    • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


    Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





    There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



    I hope that helps :)






    share|improve this answer


























    • An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.

      – Araho
      4 hours ago














    22












    22








    22







    There are a number of concepts that you can leverage.



    The key to success is automation



    First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



    As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




    1. Automatically build a new AMI - one of the most popular tools to do that is Packer

    2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




    Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





    • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


    • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



      • Code Commit where you can keep your Nginx configuration files in Git.


      • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




    • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


    Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





    There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



    I hope that helps :)






    share|improve this answer















    There are a number of concepts that you can leverage.



    The key to success is automation



    First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



    As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




    1. Automatically build a new AMI - one of the most popular tools to do that is Packer

    2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




    Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





    • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


    • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



      • Code Commit where you can keep your Nginx configuration files in Git.


      • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




    • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


    Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





    There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



    I hope that helps :)







    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited 8 hours ago









    Peter Mortensen

    2,11742124




    2,11742124










    answered yesterday









    MLuMLu

    7,00711840




    7,00711840













    • An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.

      – Araho
      4 hours ago



















    • An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.

      – Araho
      4 hours ago

















    An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.

    – Araho
    4 hours ago





    An alternative to Ansible or Puppet is Salt, which is designed for a master / minion-type of setup and sort-of optimized for larger-scale deployments.

    – Araho
    4 hours ago













    4














    Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



    When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



    Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



    The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.






    share|improve this answer






























      4














      Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



      When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



      Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



      The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.






      share|improve this answer




























        4












        4








        4







        Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



        When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



        Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



        The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.






        share|improve this answer















        Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



        When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



        Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



        The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.







        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited 8 hours ago









        Peter Mortensen

        2,11742124




        2,11742124










        answered yesterday









        TimTim

        17.2k41847




        17.2k41847























            1














            AWS Run Command
            https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



            Or you could use Opsworks
            https://aws.amazon.com/opsworks/






            share|improve this answer
























            • This is almost exactly the use-case for Run Command and Systems Manager

              – danimal
              15 hours ago
















            1














            AWS Run Command
            https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



            Or you could use Opsworks
            https://aws.amazon.com/opsworks/






            share|improve this answer
























            • This is almost exactly the use-case for Run Command and Systems Manager

              – danimal
              15 hours ago














            1












            1








            1







            AWS Run Command
            https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



            Or you could use Opsworks
            https://aws.amazon.com/opsworks/






            share|improve this answer













            AWS Run Command
            https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



            Or you could use Opsworks
            https://aws.amazon.com/opsworks/







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered 18 hours ago









            Chris_WorkChris_Work

            465




            465













            • This is almost exactly the use-case for Run Command and Systems Manager

              – danimal
              15 hours ago



















            • This is almost exactly the use-case for Run Command and Systems Manager

              – danimal
              15 hours ago

















            This is almost exactly the use-case for Run Command and Systems Manager

            – danimal
            15 hours ago





            This is almost exactly the use-case for Run Command and Systems Manager

            – danimal
            15 hours ago











            0














            Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.






            share|improve this answer
























            • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

              – Tim
              19 hours ago
















            0














            Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.






            share|improve this answer
























            • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

              – Tim
              19 hours ago














            0












            0








            0







            Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.






            share|improve this answer













            Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered yesterday









            I-P-XI-P-X

            1289




            1289













            • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

              – Tim
              19 hours ago



















            • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

              – Tim
              19 hours ago

















            One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

            – Tim
            19 hours ago





            One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

            – Tim
            19 hours ago










            Bububu is a new contributor. Be nice, and check out our Code of Conduct.










            draft saved

            draft discarded


















            Bububu is a new contributor. Be nice, and check out our Code of Conduct.













            Bububu is a new contributor. Be nice, and check out our Code of Conduct.












            Bububu is a new contributor. Be nice, and check out our Code of Conduct.
















            Thanks for contributing an answer to Server Fault!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f949082%2fhow-do-i-update-the-nginx-configuration-file-on-many-identical-servers-at-the-sa%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            GameSpot

            日野市

            Tu-95轟炸機