How do I update the Nginx configuration file on many identical servers at the same time?












8















We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.



Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?










share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 3





    ansible, saltstack to name a few.

    – poige
    yesterday
















8















We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.



Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?










share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 3





    ansible, saltstack to name a few.

    – poige
    yesterday














8












8








8


2






We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.



Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?










share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












We've got a fleet of Nginx servers on Amazon EC2 where we occasionally need to update the configuration files to implement new settings.



Currently we have the configurations in a custom AMI and if we need to update we have to rebuild the AMI and then EC2 instances. We've got some helper scripts, but it's still quite an effort to do that. Is there is some better way?







amazon-web-services amazon-ec2






share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 52 mins ago









Peter Mortensen

2,11742124




2,11742124






New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked yesterday









BububuBububu

1434




1434




New contributor




Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Bububu is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 3





    ansible, saltstack to name a few.

    – poige
    yesterday














  • 3





    ansible, saltstack to name a few.

    – poige
    yesterday








3




3





ansible, saltstack to name a few.

– poige
yesterday





ansible, saltstack to name a few.

– poige
yesterday










4 Answers
4






active

oldest

votes


















20














There are a number of concepts that you can leverage.



The key to success is automation



First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




  1. Automatically build a new AMI - one of the most popular tools to do that is Packer

  2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





  • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


  • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



    • Code Commit where you can keep your Nginx configuration files in Git.


    • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




  • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



I hope that helps :)






share|improve this answer

































    3














    Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



    When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



    Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



    The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.






    share|improve this answer

































      1














      AWS Run Command
      https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



      Or you could use Opsworks
      https://aws.amazon.com/opsworks/






      share|improve this answer
























      • This is almost exactly the use-case for Run Command and Systems Manager

        – danimal
        7 hours ago



















      0














      Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.






      share|improve this answer
























      • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

        – Tim
        11 hours ago











      Your Answer








      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "2"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: true,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: 10,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });






      Bububu is a new contributor. Be nice, and check out our Code of Conduct.










      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f949082%2fhow-do-i-update-the-nginx-configuration-file-on-many-identical-servers-at-the-sa%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      4 Answers
      4






      active

      oldest

      votes








      4 Answers
      4






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      20














      There are a number of concepts that you can leverage.



      The key to success is automation



      First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



      As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




      1. Automatically build a new AMI - one of the most popular tools to do that is Packer

      2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




      Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





      • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


      • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



        • Code Commit where you can keep your Nginx configuration files in Git.


        • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




      • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


      Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





      There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



      I hope that helps :)






      share|improve this answer






























        20














        There are a number of concepts that you can leverage.



        The key to success is automation



        First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



        As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




        1. Automatically build a new AMI - one of the most popular tools to do that is Packer

        2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




        Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





        • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


        • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



          • Code Commit where you can keep your Nginx configuration files in Git.


          • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




        • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


        Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





        There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



        I hope that helps :)






        share|improve this answer




























          20












          20








          20







          There are a number of concepts that you can leverage.



          The key to success is automation



          First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



          As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




          1. Automatically build a new AMI - one of the most popular tools to do that is Packer

          2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




          Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





          • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


          • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



            • Code Commit where you can keep your Nginx configuration files in Git.


            • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




          • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


          Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





          There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



          I hope that helps :)






          share|improve this answer















          There are a number of concepts that you can leverage.



          The key to success is automation



          First option is to keep doing what you're doing now, i.e. rebuild the EC2s with every configuration change. Just in a fully automated way.



          As you're now doing configuration updates through AMIs you take this one step further and create a pipeline that, upon a configuration file change in some repository, will:




          1. Automatically build a new AMI - one of the most popular tools to do that is Packer

          2. Automatically rebuild your Nginx fleet - you should already have all the Nginx servers in an Auto-Scaling Group with an Application Load Balancer in front. If you don't you should as it will make the update as simple as updating the ASG Launch Configuration and waiting for the instances to get re-built from the new AMI.




          Second option is to keep the instances in place and only deploy the configuration files, without rebuilding them. Generally you can treat configuration files as code and deploy your configuration changes the same way you would deploy code releases. AWS has many tools to help with that.





          • AWS Elastic Beanstalk that uses Chef internally and you can script your Nginx updates this way.


          • AWS Code Deploy which is a fully scriptable deployment tool that integrates well with other parts of the AWS Code Suite:



            • Code Commit where you can keep your Nginx configuration files in Git.


            • Code Pipeline that can automatically trigger the deployment whenever a configuration file is updated in Code Commit.




          • Ansible or Puppet which are popular non-AWS tools that can help you keep all the servers configured the same way.


          Once you're comfortable with automating these Nginx configuration updates you may want to extend the automation to the rest of your infrastructure.





          There is a great whitepaper Overview of Deployment Options on AWS that will give you a nice overview.



          I hope that helps :)







          share|improve this answer














          share|improve this answer



          share|improve this answer








          edited 49 mins ago









          Peter Mortensen

          2,11742124




          2,11742124










          answered yesterday









          MLuMLu

          6,96211840




          6,96211840

























              3














              Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



              When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



              Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



              The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.






              share|improve this answer






























                3














                Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



                When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



                Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



                The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.






                share|improve this answer




























                  3












                  3








                  3







                  Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



                  When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



                  Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



                  The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.






                  share|improve this answer















                  Store your configurations on EFS, and mount EFS in the location Nginx configurations are expected. Alternately put them on Amazon S3 and run a sync occasionally, or use s3fs (beware s3fs may not be good enough for production use).



                  When you need change your configuration, increase your autoscaling group desired size to double what you need to trigger new instances with the new configuration, and then back down to what you need which will remove the old instances. Alternately just do a rolling reboot of the servers.



                  Another option is to just push the new configurations to your server using a basic automation tool, like AWS code deploy.



                  The fully automated options above are technically better and cleaner, but if you rarely change configurations and want an easy solution this could help.







                  share|improve this answer














                  share|improve this answer



                  share|improve this answer








                  edited 47 mins ago









                  Peter Mortensen

                  2,11742124




                  2,11742124










                  answered 21 hours ago









                  TimTim

                  17.2k41847




                  17.2k41847























                      1














                      AWS Run Command
                      https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



                      Or you could use Opsworks
                      https://aws.amazon.com/opsworks/






                      share|improve this answer
























                      • This is almost exactly the use-case for Run Command and Systems Manager

                        – danimal
                        7 hours ago
















                      1














                      AWS Run Command
                      https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



                      Or you could use Opsworks
                      https://aws.amazon.com/opsworks/






                      share|improve this answer
























                      • This is almost exactly the use-case for Run Command and Systems Manager

                        – danimal
                        7 hours ago














                      1












                      1








                      1







                      AWS Run Command
                      https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



                      Or you could use Opsworks
                      https://aws.amazon.com/opsworks/






                      share|improve this answer













                      AWS Run Command
                      https://docs.aws.amazon.com/systems-manager/latest/userguide/execute-remote-commands.html



                      Or you could use Opsworks
                      https://aws.amazon.com/opsworks/







                      share|improve this answer












                      share|improve this answer



                      share|improve this answer










                      answered 10 hours ago









                      Chris_WorkChris_Work

                      465




                      465













                      • This is almost exactly the use-case for Run Command and Systems Manager

                        – danimal
                        7 hours ago



















                      • This is almost exactly the use-case for Run Command and Systems Manager

                        – danimal
                        7 hours ago

















                      This is almost exactly the use-case for Run Command and Systems Manager

                      – danimal
                      7 hours ago





                      This is almost exactly the use-case for Run Command and Systems Manager

                      – danimal
                      7 hours ago











                      0














                      Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.






                      share|improve this answer
























                      • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

                        – Tim
                        11 hours ago
















                      0














                      Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.






                      share|improve this answer
























                      • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

                        – Tim
                        11 hours ago














                      0












                      0








                      0







                      Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.






                      share|improve this answer













                      Rebuilding the AMIs or creating a fully fledged deployment pipelines like the others suggest just for a config file change seems like an overkill. You should use Ansible to push out changes and to keep all your nodes in sync. There are many Ansible modules that can help you automate the common tasks.







                      share|improve this answer












                      share|improve this answer



                      share|improve this answer










                      answered 19 hours ago









                      I-P-XI-P-X

                      1289




                      1289













                      • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

                        – Tim
                        11 hours ago



















                      • One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

                        – Tim
                        11 hours ago

















                      One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

                      – Tim
                      11 hours ago





                      One benefit of immutable infrastructure is you know that you don't have any "pet" servers that are fragile and must be maintained. That gives you confidence that you can create more servers in prod / DR / testing without issue.

                      – Tim
                      11 hours ago










                      Bububu is a new contributor. Be nice, and check out our Code of Conduct.










                      draft saved

                      draft discarded


















                      Bububu is a new contributor. Be nice, and check out our Code of Conduct.













                      Bububu is a new contributor. Be nice, and check out our Code of Conduct.












                      Bububu is a new contributor. Be nice, and check out our Code of Conduct.
















                      Thanks for contributing an answer to Server Fault!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f949082%2fhow-do-i-update-the-nginx-configuration-file-on-many-identical-servers-at-the-sa%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      flock() on closed filehandle LOCK_FILE at /usr/bin/apt-mirror

                      Mangá

                      Eduardo VII do Reino Unido