CI/CD lessons learned in open space networking

Transcript

1. 2017 Adriano Vieira adriano.svieira adriano_vieira adrianosvieira CI/CD lessons learned in

   open space networking

2. Source: http://fr.forwallpaper.com/wallpaper/turn-tunnel-light-speed-abstract-wallpaper-265535.html <2000 <2008 ! Continuous integration Continuous deployment •

   Vertical systems • Client-server apps • Monolithic systems • Distributed systems • Microservices Complexity

3. Source: http://fr.forwallpaper.com/wallpaper/turn-tunnel-light-speed-abstract-wallpaper-265535.html speed fastness celerity velocity rapidness swiftness nimbleness agility

4. Source: http://fr.forwallpaper.com/wallpaper/turn-tunnel-light-speed-abstract-wallpaper-265535.html Digital transformation Digital business • Common pressures from

   everywhere • Transform your organization to take advantages of what new technologies provides • Re-envision customer experience, operational process, business model • The to key to digital transformationis re- envisioning and driving transitions in how the company operates. A management and people challenges. Leadership is essential

5. Source: http://fr.forwallpaper.com/wallpaper/turn-tunnel-light-speed-abstract-wallpaper-265535.html Digital transformation Digital business Test-driven DevOps Extreme programming

   Agile Scrum Kanban Continuous Integration Continuous Delivery Continuous Deployment Pipeline Behavior-driven Infrastructure as code Configuration managnment Infrastructure tests Containerization Lean Technical debt Microservices API IoT Blockchain

6. K e e p C A L M S a

   n d h a v i n g f u n QA Sec Mkt/... DevOps team

7. K e e p C A L M S a

   n d h a v i n g f u n DevOps • Absenteeism • turnover • capability • Response time • Collaboration champions

8. K e e p C A L M S a

   n d h a v i n g f u n DevOps • frequency of deployment • Spending – Change/deploy lead time – Change failure rate • Platform diversity • Quality assurance • Compliance

9. K e e p C A L M S a

   n d h a v i n g f u n DevOps • The bads – Turnover – Internal turnover – Boundaries “well” established – Time to change/deploy – No (or manual) infra tests

10. K e e p C A L M S a

    n d h a v i n g f u n • The goods – “champions” helping in breaking boundaries – Projects tests & QA – Infra tests is in the beginning – Collaboration increasing – Tools as a great support DevOps

11. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment

12. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Rancher – Environments

13. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Rancher – Environment hosts and stacks

14. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Gitlab (gitlab.com) – Cycle analitics (ex: plan, test, prod)

15. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Gitlab (gitlab.com) – Boards “kanban”

16. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Gitlab (gitlab.com) – Commands / (on “comments”) – Time tracking issues

17. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Gitlab (gitlab.com) – MR approval – Git LFS – Docker images registry * – Pipeline CI/CD *

18. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • .gitlab-ci.yml – Simple or complex as you which – Choose your building tool (maven, grunt, gradle etc) – Artifacts disposal on it’s pipeline/build – Embeded docker use in all jobs – can use more then one template or images by job

19. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • .gitlab-ci.yml – N stages – N environments – run profiling and other tests (unit, DB etc) – Delivery or Deployment

20. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment

21. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment Demonstration

22. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Containers best practices – Optimize image building • + app sharing base image • Better pipeline performance • Better deploy performance • Optimize storage use

23. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Containers best practices – Scan images • Content (e.g.: microbadger)

24. K e e p C A L M S a

    n d h a v i n g f u n • App base image (15 layers, 105MB/253MB) • App (19 layers, 118MB/293MB) Containerizing Continuous Deployment

25. K e e p C A L M S a

    n d h a v i n g f u n • pytest image (13 layers, 85MB/253MB) Containerizing Continuous Deployment

26. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • Containers best practices – Scan images • security (ex: open-scap*, coreos clair, docker bench)

27. K e e p C A L M S a

    n d h a v i n g f u n • SCAP (CVE) Containerizing Continuous Deployment

28. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment QA? https://speakerdeck.com/adrianovieira

29. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment • References – Jez Humble, Chris Read, Dan North (2006). "The Deployment Production Line". IEEE Computer Society. Proceedings of Agile 2006. – Daniels, Katherine; Davis, Jennifer. Effective DevOps. O'Reilly. 2016 – Morris, Kief. Infrastructure as Code. O'Reilly. 2015 – Get Started with DevOps: A Guide for IT Managers. Rushgrove, Gareth. Puppet. 2016 – GitLab Continuous Integration. Gitlab. Disponível em: https://about.gitlab.com/gitlab-ci – CIS Docker 1.11.0 Benchmark. Pravin Goyal. CIS. 2016. disponível em: https://benchmarks.cisecurity.org/tools2/docker/CIS_Docker_1.11.0_Benchmark_v1.0. 0.pdf – CIS Docker 1.13.0 Benchmark. Pravin Goyal. CIS. 2017. disponível em: https://benchmarks.cisecurity.org/tools2/docker/CIS_Docker_1.13.0_Benchmark_v1.0. 0.pdf • Tools – Used in the demonstration: • Gitlab-CI+runners (http://gitlab.com) • Pytest (www.pytest.org) • Rancher (http://rancher.com) • Open-scap (https://www.open-scap.org)

30. K e e p C A L M S a

    n d h a v i n g f u n Containerizing Continuous Deployment Adriano Vieira adriano.svieira adriano_vieira adrianosvieira