Using Octopus, Cloud Formation and Powershell DSC to build immutable phoenix environments in AWS
AutomatingAWS
View Slide
Part 1AutomatingInfrastructure
PageBirds-eye view/ Copyright ©2014 by Readify Pty Ltd3Step 1: Deploy infrastructureStep 2: Bootstrap instancesStep 3: Deploy software
PageThe infrastructure/ Copyright ©2014 by Readify Pty Ltd4
Page / Copyright ©2014 by Readify Pty Ltd5Deploy InfrastructureBootstrapInstancesRegister TentacleDeploy SoftwareFire ProjectTriggerNothing up my sleeve…
Page / Copyright ©2014 by Readify Pty Ltd6Deploy InfrastructureBootstrapInstancesRegister TentacleDeploy SoftwareFire ProjectTriggerNothing up my sleeve…
PageStep 1: Deploy infrastructure› Deploy.ps1› Package and upload bootstrapping resources to S3› Package and upload configuration variables to S3› Do we need to deploy a new stack?› Yes - New-CFNStack› No - New-CFNChangeSet› CloudFormation resource creation based on template/ Copyright ©2014 by Readify Pty Ltd7
Page / Copyright ©2014 by Readify Pty Ltd8Deploy InfrastructureBootstrapInstancesRegister TentacleDeploy SoftwareFire ProjectTriggerNothing up my sleeve…
PageStep 2: Bootstrap instances› EC2 userdata› cfn-init.exe› AWS::CloudFormation::Init› Powershell DSC› Octopus tentacle› tentacle.exe --register-with/ Copyright ©2014 by Readify Pty Ltd9
Page / Copyright ©2014 by Readify Pty Ltd10Deploy InfrastructureBootstrapInstancesRegister TentacleDeploy SoftwareFire ProjectTriggerNothing up my sleeve…
PageStep 3: Deploy software› Prior to Octopus 3.4 => DSC› Octopus 3.4 => Project Triggers› Software is deployed by Octopus via the Project Trigger› DSC polls a local health check endpoint› ASG waits to be signalled before completion› DSC => cfn-signal.exe› fin/ Copyright ©2014 by Readify Pty Ltd11
Page / Copyright ©2014 by Readify Pty Ltd12Deploy InfrastructureBootstrapInstancesRegister TentacleDeploy SoftwareFire ProjectTriggerNothing up my sleeve…
Part 2Immutableinfrastructure
PageUpdating CF stacksWhat updating stacksused to be like/ Copyright ©2014 by Readify Pty Ltd14Are you feeling lucky?
Page / Copyright ©2014 by Readify Pty Ltd15
PageCloudFormation Change Sets› Supply your updated template to a Change Set viaNew-CFNChangeSet› AWS diffs the updated template against the currentstack› A detailed list of what changes and what doesn’t isprovided› Details the dependency chain and how it is effected/ Copyright ©2014 by Readify Pty Ltd16
PageImmutability› Rev infrastructure package => refresh instances› CI + CloudFormation can do this for us› Inject version into Launch configuration userdata› Triggers a replacement of the launch configuration› How do we stay HA while our infrastructure refreshes?/ Copyright ©2014 by Readify Pty Ltd17
PageAutoScaleGroup Update Policies› Allows an ASG to stay HA while undergoing a refresh› Keeps a number of instances in service whileterminating stale and creating fresh instances› Works with cfn-signal.exe to ensure updates aresuccessful› Rolls back on failure/ Copyright ©2014 by Readify Pty Ltd18
Part 3PhoenixenvironmentsThe really really cool part!
PageDeploying feature branches› The Dream:› Developer checks in code on a feature branch› The feature branch is built by our CI service of choice› Once complete, our CI service then invokes Octopus andtriggers an isolated stack of hardware to be deployed for it› Once the hardware is ready, the feature branch’s payload isautomatically deployed to it by Octopus› From check-in to our feature running on new, isolatedcompute. Ready to test and destroy when we are done/ Copyright ©2014 by Readify Pty Ltd20
PageOctopus 3.4› Introduces new features that allow us to work with atonne more flexibility in elastic environments› Multi-tenancy› Project Triggers / Auto Deploy Overrides› Machine Policies/ Copyright ©2014 by Readify Pty Ltd21
PageSetup› We have built a new feature ryan on an isolated featurebranch! We push the code up to our repository› Our CI service notices this and creates a release for ourfeature branch package, with a semver version number1.0.0-ryan0001/ Copyright ©2014 by Readify Pty Ltd22
PageOcto 3.4 – Multi-tenancy› We created a tenant ryan0001for our feature branch –we areusing the semver from the built package as a namingconvention› Allows us to isolate and group sets of machines within anenvironment› Allows us to configure projects with tenant-specific variables› Allows us to control what software gets deployed to what setsof machines via triggers within an environment/ Copyright ©2014 by Readify Pty Ltd23
PageOcto 3.4 – Auto Deploy Overrides› We created an auto deploy override for our featurebranch tenant ryan0001 for the feature branchpackage version 1.0.0-ryan0001› Part of Project Triggers› Auto Deploy Overrides allow us to say ‘when a projecttrigger fires, and the machine that triggered it is for agiven tenant, deploy an explicit version of the project tothe machine, not the default’/ Copyright ©2014 by Readify Pty Ltd24
PageOcto 3.4 – Machine Policies› When our instances register with Octopus viatentacle.exe, they indicate a machine policy› When we clean up our CloudFormation, how do weensure Octopus is cleaned up as well?› Old way: AWS Lambda› New way: Octopus Machine Policies› Healthchecks and unavailable machines› Cleanup unavailable machines/ Copyright ©2014 by Readify Pty Ltd25
PageLiving The Dream26
Thank youAndrew Best | @_andrewb | [email protected]