Considerations in Cloud DevOps

Transcript

1. Considerations in Cloud DevOps. Ben Whaley @iAmTheWhaley

2. Mobile Scale

3. 0 900000000 1800000000 2700000000 3600000000 PCs Mobile Phones Connected Clients

   3.5 billion 1.8 billion Source: Andreessen Horowitz

4. Growth in Connected Client Devices Units (millions) 0 400 800

   1,200 1,600 Jun 07 Jun 08 Jun 09 Jun 10 Jun 11 Jun 12 Jun 13 Tablets iPhone & Android PCs Source: Andreessen Horowitz

5. 0 400000000000 800000000000 1200000000000 1600000000000 Photos Taken 2014 1999 1.5

   trillion 80 billion Source: Andreessen Horowitz

6. ~1.3 Million Apps

7. Revisions measured in days or weeks.

8. IoT

9. Mobile is powered by APIs.

10. Mature Mobile • Use the cloud to enable rich native

    apps • Blur the line between apps and the web • Hyperlocal via iBeacons & NFC • Mobile != Smartphone

11. Business Benefits • APIs engage customers, partners • Data pipelines

    for business analytics • Improved availability • Elasticity for • Cost savings • Capacity on demand • Focus on core competencies

12. Systems

13. Systems • n+2 redundancy n n+1 n+2 Load Balancer

14. Systems • n+2 redundancy • Compute is ephemeral n n+1

    n+2 n+3 n+4 n+5 Load Balancer

15. Systems • n+2 redundancy • Compute is ephemeral • Infrastructure

    is code resource "digitalocean_droplet" "www-1" {! image = "ubuntu-14-04-x64"! name = "www-1"! region = "nyc2"! size = "512mb"! private_networking = true! ssh_keys = [! "${var.ssh_fingerprint}"! ]! }!

16. Systems • n+2 redundancy • Compute is ephemeral • Infrastructure

    is code • Less is more

17. Systems • n+2 redundancy • Compute is ephemeral • Infrastructure

    is code • Less is more • Ubiquitous monitoring

18. Systems • n+2 redundancy • Compute is ephemeral • Infrastructure

    is code • Less is more • Ubiquitous monitoring • Service discovery

19. Applications

20. Applications • Loosely coupled

21. Applications • Loosely coupled • Deeply instrumented

22. Applications • Loosely coupled • Deeply instrumented • Lean

23. Applications • Loosely coupled • Deeply instrumented • Lean •

    Built to be disabled

24. Applications • Loosely coupled • Deeply instrumented • Lean •

    Built to be disabled • Stateless

25. Applications • Loosely coupled • Deeply instrumented • Lean •

    Built to be disabled • Stateless • Robustly implemented “Be conservative in what you send, be liberal in what you accept”

26. Applications • Loosely coupled • Deeply instrumented • Lean •

    Built to be disabled • Stateless • Robustly implemented • Continuously integrated

27. Delivery

28. Delivery Commit Test Build Deploy

29. Delivery Build server Commit Site Deploy

30. Delivery

31. Delivery Challenges

32. Delivery Challenges 1. Zero downtime

33. Zero Downtime Green/Blue www.example.com Old Code

34. Zero Downtime Green/Blue www.example.com Old Code New Code

35. Zero Downtime Rolling Upgrade www.example.com Old Old Old

36. Zero Downtime Rolling Upgrade www.example.com New Old Old

37. Zero Downtime Rolling Upgrade www.example.com New New Old

38. Zero Downtime Rolling Upgrade www.example.com New New New

39. Zero Downtime Replacement www.example.com Old Old Old

40. Zero Downtime Replacement www.example.com New New New

41. Delivery Challenges 1. Zero downtime 2. Distributing credentials

42. Distributing Credentials 1. Seed credentials in the OS image Pros

    Cons Simpler bootstrap process Must load credential to image initially May be more difficult to modify Credentials in plain text in stored image

43. Distributing Credentials 1. Seed credentials in the OS image! 2.

    Commit encrypted config data to DVCS repository Pros Cons Data stored alongside code in version control Distributing decryption key to nodes varies by tool Easily updated Key distribution

44. Distributing Credentials 1. Seed credentials in the OS image! 2.

    Commit encrypted config data to DVCS repository! 3. Asymmetric encryption Pros Cons Public/Private key pair may already exist Requires mature, possibly automated cert infrastructure Easy rotation and revocation Limited implementations No shared secret

45. Delivery Challenges 1. Zero downtime 2. Distributing credentials 3. Database

    migrations

46. Database Migrations 1. NoSQL vs Relational!

47. Database Migrations 1. NoSQL vs Relational! 2. Multi-stage! a. Make

    backward compatible DB changes ! b. Run new code that is both backward and forward compatible! c. Migrate old data to new schema! d. Remove code that understands old schema! e. Clean up old schema

48. Delivery Challenges 1. Zero downtime! 2. Distributing credentials! 3. Database

    migrations! 4. Distributing the code! 5. Updating the config! 6. Rollbacks

49. Thanks! ! Ben Whaley ! bwhaley.com @iAmTheWhaley