Often enough I have to explain my way of going about setting up a CI/CD pipeline with multiple deployment platforms.Since I am a bit tired of yapping the same every single time,I've decided to write it up and share with the world this way,并派人去读；）。I will explain it on "live-example" of how the Rome got built,basing that current methodology exists only of readme.md and wishes of good luck (as it usually is ;)).
它总是从一个应用程序开始，whatever it may be and reading the readmes available whileVagrant和虚拟机正在安装和更新。Following that is the first hurdle to go over - convert all the instruction/scripts intoAnsible剧本（S）只有在清理时才停止
vagrant reloadwe will have a fully working environment.As ourVagrantenvironment is now functional,it's time to break it!现在是寻找如何做得更好的时候了（太死板/太失去版本控制？Sloppy environment setup?) and replace them with the right way to do stuff,one that won't bite us in the backside.This is the point,and the best opportunity,to upcycle the existing way of doing dev environment to produce a proper,生产级产品。
I should probably digress here for a moment and explain why.我坚信，部署生产的方式与部署开发的方式相同，很少有调试友好的设置。这样可以避免生产方式与开发方式之间的差异，它几乎总是导致颈部后部疼痛，and with use of proper tools should mean no more work for the developers.That's why we start withVagrantas developer boxes should be as easy as
vagrant up，但我们产品的肉在于Ansiblewhich will do meat of the work and can be applied to almost anything: AWS,裸露的金属，docker,LXC,in open net,在VPN后面-你可以命名它。
在这一点上，我们还必须适当考虑监测和记录汽笛。My generic answer here is to grab弹性搜索，基巴纳，和原木.虽然对于不同的用例可能有更好的解决方案，this one is well battle-tested,性能合理，很容易垂直（在某些限制范围内）和水平缩放。Logstash rules are easy to write and are well supported in maintenance throughAnsible，which as I've mentioned earlier,are at the very core of things,基于弹性和Kibana创建触发器/报告和警报通常是轻而易举的，包括一些非常复杂的聚合。
如果我们对Ansibleit's time to move on and put all those roles and playbooks to work.即，我们需要一些东西来管理我们的CI/CD管道。为了我，the choice is obvious:团队城市.It's modern,robust and unlike most of the light-weight alternatives,it's transparent.我的意思是它不会告诉你怎么做，doesn't limit your ways to deploy,或测试，或者包装。相反，它为您的管道提供了一个开发人员友好和丰富的游乐场。You can do most the same withJenkins，but it has a quite dated look and feel to it,同时还缺少一些必须通过插件引入的关键功能（如内置的Quality Rest API团队城市).它还附带了所有常见的便捷插件，比如SlackorApache Maven整合。
从一个应用程序到另一个应用程序，CI和CD之间的确切流变化太大，无法描述，所以我将概述一些指导我的规则：1。使构建步骤尽可能小。This way when something breaks,we know exactly where,而不需要挖和根around.2。除了开发环境之外，所有安全凭证都必须来自个人Vaultinstances.Keys to those containers should exist only on the CI/CD box and accessible by a few people (the less the better).This is pretty self-explanatory,as anything besides dev may contain sensitive data and,有时，面向公众。Because of that appropriate security must be present.团队城市在这个部门有出色的机密管理。构建链的每个部分都将消耗和生成工件。如果它什么都不创造，它可能不应该是它自己建造的。这样，如果在任何环境或版本中出现任何问题，所有开发人员都必须这样做，即获取适当的工件以在本地复制问题。Deployment builds should be directly tied to specificGit分支/标签。这使得更容易跟踪问题的起因，包括自动识别和标记作者（与自动回归测试不同！）.
Speaking of deployments,我通常尽量保持简单，但同时也要密切注意钱包。Because of that,I am more than happy with AWS or another cloud provider,but also constantly peeking at the loads and do we get the value of what we are paying for.Often enough the pattern of use is not constantly erratic,但它有一个坚实的基线，可以从云端迁移到裸金属盒中。That is another part where this approach strongly triumphs over the commonDocker和CircleCI设置，where you are very much tied in to use cloud providers and getting out is expensive.Here to embrace bare-metal hosting all you need is a help of some container-based self-hosting software,我的个人偏好是使用proxmox和LXC.Following that all you must write are ansible scripts to manage hardware of Proxmox,和你一样Amazon EC2（Ansible非常支持这两者）你很高兴去。一个不排除另一个，quite the opposite,as they can live in great synergy and cut your costs dramatically (the heavier your base load,节省的成本越大），同时提供生产级的弹性。