Question
devops with deployment manager or using prpcserviceutils
Hi,
1) What options do we have to implement devops with deployment manager if the dev and qa systems are located in one zone and production is in a separate zone so that dev/qa servers are not reachable to the Production server. Only possibility is to publish the package into production repository from the qa system through the dev pipeline. The dev pipeline wilI be triggered by branch merge in dev system and I understand this feature is well supported in deployment manager. I want to understand if the production pipeline can be triggered automatically as soon as the package is published in production repository by the dev pipeline ? As the dev pipeline and production pipeline will be hosted in two different servers in separate zones, it won't be possible to use "trigger deployment" task in the dev pipeline.
As far as I have checked, pipelines in deployment manager starts with "generate artifact" step. However, our requirement is to start with "deploy" in the production pipeline which will be hosted within production zone. Can a production pipeline start with "deploy" step ?
2) If the above requirement is not supported by deployment manager, then the other option would be to use a third party orchestration service like jenkins or bamboo which will be triggered from the production repository as and when a package is added. The pipeline in jenkins/bamboo will perform the package import to the production pega server. I understand the only option to import/export packages(without using deployment manager) is to use prpcserviceutil.
Do we know if the operator credentials to connect to dev/prod servers in jenkins/bamboo be encrypted ? I could find in community that there should exist an improvement item(FDBK-24070 ) but not sure if this is already available -
https://collaborate.pega.com/question/prpcserviceutils-encrypt-pegarestserverurl-operator-passwords
3) Does anyone have step-by-step guideline how bamboo can be configured with prpcserviceutils ? Does bamboo support the operator credentials encryption using any other approach/plugin ?
Thanks.
Hi,
Production and non-prod servers would be located in two different zones with no accessibility to each other and hence we would have to create two different pipelines for dev and production as a single pipeline won't be able to connect to all candidate systems.
It won't be possible to trigger the prod pipeline from the dev pipeline as the dev and prod pipelines will be hosted in two different servers(with separate DB) e.g. dev pipeline would be in dev orchestration server and prod pipeline in prod orchestration server in separate zones.
Only common access point for both the systems would be the access to prod repository. We would like to propagate the packages from dev pipeline to prod pipeline seamlessly without any manual steps in between.
Thanks,
Sayantan
Hi Satyantan,
You can use Jenkins server to orchestrate between Development and Production pipelines.
Deployment manager supports Jenkins job configuration in the pipeline. For your scenario, you need the pipeline name and archive path to trigger the production pipeline from Jenkins job. In latest version of deployment manager, archive name is by default passed to Jenkins job.as input parameter.
Below link gives you details on adding Jenkins task and configuring it:
Deployment Manager provides rest API's through which you can trigger a pipeline from Jenkins job: Below link provides details on the same:
https://community.pega.com/knowledgebase/articles/devops/84/accessing-api-documentation
Thanks,
Srikanth
Thanks Srikanth for your input.
I have the following additional comments -
1) the production orchestration server(jenkins/bamboo) may not be reachable from the dev orchestration server. Hence, calling the jenkins job on the prod jenkins server may not be feasible from the dev pipeline. Can the production pega pipeline(in production pega deployment manager) have only one stage(production) and deploy the archive in production, if we are able to start the production pipeline using the API from a separate production orchestration server(jenkins/bamboo) upon an automatic trigger based on polling the production archive ?
2) In case the above settings are not possible, is it possible to use Bamboo as the DevOps orchestration server to import/export. I understand it would be possible to configure Bamboo with PRPCServiceUtils. However, I could not find any example in the community. Could you please let us know if there is any shareable document/manual available on Bamboo-Pega config with PRPCServiceUtils.
Thanks,
Sayantan
Hi Satyanan,
Pipeline will have "Development" and "Production" stages, but you are deploying an existing artifact, so it indirectly means only one stage. But, there would be a manual step in Development stage which can be cleared off using an API.
For reference i am attaching the pipeline model which i explained above. And you can find the API docs as mentioned in below link
https://community.pega.com/knowledgebase/articles/devops/84/accessing-api-documentation
Hope this helps.
Thanks Srikanth.
I am assuming the attached model refers to the production pipeline model as it would require two different pipelines for dev and prod environments as per my earlier comments in this post. I am also assuming that the following API would be used to trigger the production pipeline -
/pipeline/{pipelineid}/builds
The understanding is that the params SourcePipelineName and SourceDeploymentName will contain the dev pipeline model details so that the existing artifacts from the dev pipeline will be deployed and the "Development" stage of the production pipeline will be skipped. (Please correct me if I am wrong)
But, the dev pipeline(specified in the above mentioned params) won't be actually reachable to the production pipeline as the production pipeline will be in separate zone from the dev pipeline. Neither the dev candidate system would be reachable to the production pipeline model. Would these points cause any issue in execution of the production pipeline model from the API ?
Please let me know your comments.
Best Regards,
Sayantan
Hi Satyanan,
As specified in my first post, you first need to identify a way to orchestrate between your development and production environment pipelines. I gave an example of Jenkins or Bamboo to use if it is possible for you, if you use any of these kind, i proposed to use API's to trigger the build.
Hope this clears your doubts.
Thanks,
Srikanth
Hi Srikanth,
I understand the overall approach but not sure if the deployment manager pipelines would work if the dev pipeline and prod pipeline model are not reachable from one another.
I believe the only API available to trigger deployment is - /pipeline/{pipelineid}/builds
It expects the params SourcePipelineName and SourceDeploymentName to be passed to be able to deploy existing artifacts. These params seems to be the dev pipeline details.
My specific question is - will the production pipeline work if the dev pipeline/dev orchestration server isn't reachable to the prod pipeline ?
Best Regards,
Sayantan
Hi SayantanC3655,
Deployment Manager requires every environment in pipeline to be able to connect to Orchestrator and vice versa. It does not require connectivity in-between Dev, QA, Staging and/or Prod environments. And all the environments in the pipeline should have access to Dev and Prod repositories configured in the pipeline.
If I understood correctly, considering above points if you have Dev pipeline you can configure trigger deployment task at the end of pipeline to start Prod pipeline by checking deploy current artifact if you want Prod pipeline to use the artifact from the Dev pipeline and if you uncheck new artifact will be generated in Prod pipeline.
Refer: https://collaborate.pega.com/question/deployment-manager-trigger-deployment-option
Note: Deployment Manager pipelines are enforced to follow the practice of generating the artifact from Dev env and carry that till deployment to production environment.