Production deployment with your build script – Part 3

In the first post I gave a quick overview of what our deployment script does and why you’d want one, then the second post went over pre-deployment steps. This post will go over the actual deployment steps we take to publish our site. Like the last post, most all of this code will probably be pretty self explanatory.

function deploy_and_prime_site
{
	modify_web_config_for_production
	precompile_site
 
	archive_site
	delete_extra_live_site_backups
 
	try
	{
		stop_dns_caching
 
		foreach ($server in $servers_production)
		{
			deploy_site_to $server
			preload_site_on $server
		}
 
		foreach ($server in $servers_production)
		{
			ensure_error_emails_are_working_on $server $live_url
		}
	}
	finally
	{
		remove_hosts_file_entries
		start_dns_caching
	}
}

This is the function the build target actually calls into. The part you’ll care about here is where it loops through the known production servers and deploys the site to each one in tern. The “preloading” of the site, checking for functioning error emails, and DNS caching stuff is some of the post-deployment steps we take, which I’ll discuss in the next post.

IIS Remote Control

Here’s how we control IIS remotely (this is IIS7 on Windows 2008 R2 – not sure how much changes for different versions):

function execute_on_server($target_server, [scriptblock]$script_block)
{
	$secure_password = ConvertTo-SecureString $security_password -AsPlainText -Force
	$credential = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $security_full_user, $secure_password
 
	Invoke-Command -ComputerName $target_server -Credential $credential -ScriptBlock $script_block
}
 
function stop_iis_on($target_server)
{
	echo "Stopping IIS service on $target_server..."
 
	execute_on_server $target_server { & iisreset /stop }
}
 
function start_iis_on($target_server)
{
	echo "Starting IIS service on $target_server..."
 
	execute_on_server $target_server { & iisreset /start }
}

The secret sauce to getting this to work is the execute_on_server function. The actual stop & start methods just execute standard iisreset commands (which is a built-in command line tool w/IIS). So the top function converts our plain text server username & passwords in the build script into a SecureStringPSCredential object. Not the most secure way to do this, I’m sure (hence the -Force parameter), but it’s working for us. After connecting to the remote machine, it executes the given script block with those credentials (like the execute_with_secure_share function from the last post). In order to make this work though, you’ll need to give some lovin’ on your build server and web servers:

  • Make sure all boxes have at least PowerShell 2.0 with WinRM 2.0 (which is what allows the remote machine command execution)
  • On each web server, you’ll need to run this one time command from a PowerShell prompt: Enable-PSRemoting

Deployment

With that out of the way, the actual deployment part is pretty easy – it’s just copying files after all:

properties {
	$siteWebFolder_name = $solution_name
 
	$ident_file = "Content\ident.txt"
}
 
function pause_for($seconds)
{
	sleep -s $seconds
}
 
function deploy_site_to($server)
{
	echo "*** Beginning site deployment to $server."
 
	$compiled_site = "$compiled_site\*"
	$web_share = "\\$server\$share_web"
	$live_site_path = "$web_share\$siteWebFolder_name"
 
	stop_iis_on $server
 
	pause_for 10 #seconds, to give IIS time to release file handles.
 
	execute_with_secure_share $web_share {
		echo "Deleting the existing site files on $server ($live_site_path )."
		delete_directory_with_errors "$live_site_path \*"
 
		echo "Copying the new site files (from $compiled_site) to $server."
		copy_directory $compiled_site $live_site_path 
 
		echo "Creating ident file at $live_site_path."
		"$server" > "$live_site_path\$ident_file"
	}
 
	start_iis_on $server
}

Stop IIS, give it a few seconds, copy files, start IIS. Like I said – simple. If your situation can’t allow this for some reason (perhaps you have a more complicated load balancing scheme or whatever), you can expand as needed. We actually deploy several sites and a few console apps at the same time so everything’s in sync. The ident file is a simple way for us to find out which server a user’s on for troubleshooting purposes. We can navigate to the url + /Content/ident.txt and it’ll have the server’s name.

Conclusion

Other than the actual remote manipulation of the servers, which we keep to a pretty minimum IIS start & stop, there’s not much to this part of the build either. This code provides a good jumping off point for customization to your setup, as well as some helper methods you can hopefully make use of. The next post will wrap up this series by showing some of the post-deployment steps we take.

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.