Can we get rid of Ansible after moving the digital collections to Heroku? What’s standing in our way?
Things we have to keep
...
Things we eliminated
S3 bucket management (see issue #1023). We may want to use are using Terraform for this instead.
Notably, we need to keep
create_kithe_s3.yml
.
Building ArchivesSpace (details).
Building the management server itself.
Currently the only place from which we can run Ansible scripts. If we can run Ansible from our laptops, we can get rid of the management server.
Building and maintaining the Voices in Biotech servers.
Things we can eliminate
Playbooks
create_kithe.yml
restore_kithe.yml
sync_kithe.yml
update_kithe.yml
We can also remove those parts of
create_manage.yml
that deal exclusively with updating the digital collections servers.
Roles
These roles are only used by the playbooks (or parts of playbooks) mentioned above, so they can be eliminated once we move to Heroku.
capistrano_setup
ffmpeg
kithe
passenger
redis
resque
management_scripts
No longer needed since we switched to a third-party host in 2021.
Encrypted information
We’ve used Ansible (specifically, the vault
files) as a default place to store encrypted information (e.g. ssl certs, etc.). playbooks can then copy that info onto new servers.
We have moved sensitive information that is no longer required by any playbooks to a secure spot on a shared drive, so we aren’t relying on Ansible for that function anymore. Accordingly, we are moving that info out of Ansible as we move it.
Playbooks and roles
This diff gives a rough idea of the playbooks and roles we have eliminated since the switch.