Tale of Two Pizzas: Developer tools @ AWS

Transcript

1. © 2020, Amazon Web Services, Inc. or its Affiliates. Tale

   of Two Pizzas! Developer Tools @ AWS Darko Meszaros Developer Advocate – Amazon Web Services @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve

2. © 2020, Amazon Web Services, Inc. or its Affiliates. https://secure.flickr.com/photos/mgifford/4525333972

3. © 2020, Amazon Web Services, Inc. or its Affiliates. What

   we'll cover • What is DevOps? • The Amazon DevOps story • The Modern Application • Demo

4. © 2020, Amazon Web Services, Inc. or its Affiliates.

5. What is DevOps?

6. © 2020, Amazon Web Services, Inc. or its Affiliates. What

   is DevOps? • Cultural philosophies • Practices • Tools

7. © 2020, Amazon Web Services, Inc. or its Affiliates. Listen

   Iterate Experiment Innovation Flywheel Experiments power the engine of rapid innovation

8. © 2020, Amazon Web Services, Inc. or its Affiliates. What

   changes do you need to make to adopt these best practices? Serverless No provisioning/management Automatic scaling Pay for value billing Availability and resiliency Microservices Componentization Business capabilities Products not projects Infrastructure automation DevOps Cultural philosophies Cross-disciplinary teams CI/CD Automation tools DEV OPS Architectural patterns Operational Model Software Delivery

9. © 2020, Amazon Web Services, Inc. or its Affiliates. What

   is serverless? No infrastructure provisioning, no management Automatic scaling Pay for value Highly available and secure

10. © 2020, Amazon Web Services, Inc. or its Affiliates. Comparison

    of operational responsibility AWS Lambda Serverless functions AWS Fargate Serverless containers ECS/EKS Container-management as a service EC2 Infrastructure-as-a-Service More opinionated Less opinionated AWS manages Customer manages • Data source integrations • Physical hardware, software, networking, and facilities • Provisioning • Application code • Container orchestration, provisioning • Cluster scaling • Physical hardware, host OS/kernel, networking, and facilities • Application code • Data source integrations • Security config and updates, network config, management tasks • Container orchestration control plane • Physical hardware software, networking, and facilities • Application code • Data source integrations • Work clusters • Security config and updates, network config, firewall, management tasks • Physical hardware software, networking, and facilities • Application code • Data source integrations • Scaling • Security config and updates, network config, management tasks • Provisioning, managing scaling and patching of servers

11. © 2020, Amazon Web Services, Inc. or its Affiliates. Approaches

    to modern application development • Simplify environment management • Reduce the impact of code changes • Automate operations • Accelerate the delivery of new, high-quality services • Gain insight across resources and applications • Protect customers and the business

12. © 2020, Amazon Web Services, Inc. or its Affiliates. Approaches

    to modern application development • Simplify environment management with serverless technologies • Reduce the impact of code changes with microservice architectures • Automate operations by modeling applications & infrastructure as code • Accelerate the delivery of new, high-quality services with CI/CD • Gain insight across resources and applications by enabling observability • Protect customers and the business with end-to-end security & compliance

13. © 2020, Amazon Web Services, Inc. or its Affiliates. Approaches

    to modern application development • Simplify environment management with serverless technologies • Reduce the impact of code changes with microservice architectures • Automate operations by modeling applications & infrastructure as code • Accelerate the delivery of new, high-quality services with CI/CD • Gain insight across resources and applications by enabling observability • Protect customers and the business with end-to-end security & compliance

14. © 2020, Amazon Web Services, Inc. or its Affiliates. $(whoami)

    Darko Mesaroš / Darko Meszaros / Дарко Месарош Berlin ! @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve

15. © 2020, Amazon Web Services, Inc. or its Affiliates. https://secure.flickr.com/photos/pixelthing/15806918992/

16. © 2020, Amazon Web Services, Inc. or its Affiliates. Development

    transformation at Amazon: 2001–2002 monolithic application + teams 2001 Lesson learned: decompose for agility 2002 microservices + 2 pizza teams

17. © 2020, Amazon Web Services, Inc. or its Affiliates. Amazon

    Retail Platform (2009)

18. © 2020, Amazon Web Services, Inc. or its Affiliates. Full

    ownership Full accountability “DevOps” Focused innovation Two-pizza teams

19. © 2020, Amazon Web Services, Inc. or its Affiliates. Things

    went much better under this model and teams were releasing faster than ever, but we felt that we could still improve.

20. © 2020, Amazon Web Services, Inc. or its Affiliates. In

    2009, we ran a study to find out where inefficiencies might still exist

21. © 2020, Amazon Web Services, Inc. or its Affiliates. We

    were just waiting. Wait Write Code Wait Build Code Wait Deploy to Test Deploy to Prod

22. © 2020, Amazon Web Services, Inc. or its Affiliates. We

    were just waiting. Wait Write Code Wait Build Code Wait Deploy to Test Deploy to Prod Mins Days Mins Days Mins Days Mins

23. © 2020, Amazon Web Services, Inc. or its Affiliates. We

    were just waiting. Wait Write Code Wait Build Code Wait Deploy to Test Deploy to Prod Weeks Mins Days Mins Days Mins Days Mins

24. © 2020, Amazon Web Services, Inc. or its Affiliates. We

    were just waiting. Wait Write Code Wait Build Code Wait Deploy to Test Deploy to Prod Weeks Mins Days Mins Days Mins Days Mins Hours

25. © 2020, Amazon Web Services, Inc. or its Affiliates. https://secure.flickr.com/photos/lindseygee/5894617854/

26. © 2020, Amazon Web Services, Inc. or its Affiliates. Automated

    actions and transitions; from check-in to production Development benefits: • Faster • Safer • Simplification & standardization • Visualization of the process

27. © 2020, Amazon Web Services, Inc. or its Affiliates. This

    has continued to work out really well: In 2014: • Thousands of service teams across Amazon • Building microservices • Practicing continuous delivery • Many environments (staging, beta, production) 50 million deploys

28. © 2020, Amazon Web Services, Inc. or its Affiliates. Monolith

    development lifecycle monitor release test build developers delivery pipelines services

29. © 2020, Amazon Web Services, Inc. or its Affiliates. Microservice

    development lifecycle ??? developers delivery pipelines services

30. © 2020, Amazon Web Services, Inc. or its Affiliates. Microservice

    development lifecycle developers services monitor release test build delivery pipelines monitor release test build monitor release test build monitor release test build monitor release test build monitor release test build

31. © 2020, Amazon Web Services, Inc. or its Affiliates. This

    has continued to work out really well: Every year at Amazon, we perform a survey of all our software developers. The 2014 results found only one development tool/service could be correlated statistically with happier developers: Our pipelines service! continuous delivery == happier developers!

32. © 2020, Amazon Web Services, Inc. or its Affiliates. Release

    process stages Source Build Test Production

33. © 2020, Amazon Web Services, Inc. or its Affiliates. Release

    process stages Source Build Test Producti on • Integration tests with other systems • Load testing • UI tests • Security testing • Check-in source code such as .java files • Peer review new code • Compile code • Unit tests • Style checkers • Create container images and function deployment packages • Deployment to production environments • Monitor code in production to quickly detect errors

34. © 2020, Amazon Web Services, Inc. or its Affiliates. Release

    process stages Source Build Test Production

35. © 2020, Amazon Web Services, Inc. or its Affiliates. Release

    process stages Source Build Test Production

36. © 2020, Amazon Web Services, Inc. or its Affiliates. Pillars

    of releasing modern applications

37. © 2020, Amazon Web Services, Inc. or its Affiliates. Pillars

    of releasing modern applications Infrastructure as code

38. © 2020, Amazon Web Services, Inc. or its Affiliates. Infrastructure

    as code Declarative I tell you what I need I tell you what to do Imperative

39. © 2020, Amazon Web Services, Inc. or its Affiliates. Infrastructure

    as code goals 1. Make infrastructure changes repeatable and predictable 2. Release infrastructure changes using the same tools as code changes 3. Replicate production environment in a staging environment to enable continuous testing

40. © 2020, Amazon Web Services, Inc. or its Affiliates. Release

    infrastructure-as-code “Master” branch Prepare template Create & execute change set Create & execute change set

41. © 2020, Amazon Web Services, Inc. or its Affiliates. Model

    function environments with AWS Serverless Application Model (SAM) • Open source framework for building serverless applications on AWS • Shorthand syntax to express functions, APIs, databases, and event source mappings • Transforms and expands SAM syntax into AWS CloudFormation syntax on deployment • Supports all AWS CloudFormation resource types https://aws.amazon.com/serverless/sam/

42. © 2020, Amazon Web Services, Inc. or its Affiliates. SAM

    template AWSTemplateFormatVersion: '2010-09-09’ Transform: AWS::Serverless-2016-10-31 Resources: GetFunction: Type: AWS::Serverless::Function Properties: Handler: index.get Runtime: nodejs8.10 CodeUri: src/ Policies: - DynamoDBReadPolicy: TableName: !Ref MyTable Events: GetResource: Type: Api Properties: Path: /resource/{resourceId} Method: get MyTable: Type: AWS::Serverless::SimpleTable Just 20 lines to create: • Lambda function • IAM role • API Gateway • DynamoDB table

43. © 2020, Amazon Web Services, Inc. or its Affiliates. Use

    SAM CLI to package and deploy SAM templates pip install --user aws-sam-cli sam logs sam validate sam local sam init sam build sam package New

44. © 2020, Amazon Web Services, Inc. or its Affiliates. Model

    container environments with AWS Cloud Development Kit (CDK) • Open source framework to define cloud infrastructure • JavaScript, TypeScript, and Python, (Java, and C# in developer preview) • Provides library of higher-level resource types (“construct” classes) that have AWS best practices built in by default • Provisions resources with CloudFormation • Supports all CloudFormation resource types AWS CDK https://awslabs.github.io/aws-cdk

45. © 2020, Amazon Web Services, Inc. or its Affiliates. CDK

    template import ec2 = require('@aws-cdk/aws-ec2'); import ecs = require('@aws-cdk/aws-ecs'); import cdk = require('@aws-cdk/cdk'); class BonjourFargate extends cdk.Stack { constructor(parent: cdk.App, name: string, props?: cdk.StackProps) { super(parent, name, props); const vpc = new ec2.VpcNetwork(this, 'MyVpc', { maxAZs: 2 }); const cluster = new ecs.Cluster(this, 'Cluster', { vpc }); new ecs.LoadBalancedFargateService( this, "FargateService", { cluster, image: ecs.DockerHub.image("amazon/amazon-ecs-sample"), }); } }

46. © 2020, Amazon Web Services, Inc. or its Affiliates. import

    ec2 = require('@aws-cdk/aws-ec2'); import ecs = require('@aws-cdk/aws-ecs'); import cdk = require('@aws-cdk/cdk'); class BonjourFargate extends cdk.Stack { constructor(parent: cdk.App, name: string, props?: cdk.StackProps) { super(parent, name, props); const vpc = new ec2.VpcNetwork(this, 'MyVpc', { maxAZs: 2 }); const cluster = new ecs.Cluster(this, 'Cluster', { vpc }); new ecs.LoadBalancedFargateService( this, "FargateService", { cluster, image: ecs.DockerHub.image("amazon/amazon-ecs-sample"), }); } } CDK template

47. © 2020, Amazon Web Services, Inc. or its Affiliates. CDK

    template import ec2 = require('@aws-cdk/aws-ec2'); import ecs = require('@aws-cdk/aws-ecs'); import cdk = require('@aws-cdk/cdk'); class BonjourFargate extends cdk.Stack { constructor(parent: cdk.App, name: string, props?: cdk.StackProps) { super(parent, name, props); const vpc = new ec2.VpcNetwork(this, 'MyVpc', { maxAZs: 2 }); const cluster = new ecs.Cluster(this, 'Cluster', { vpc }); new ecs.LoadBalancedFargateService( this, "FargateService", { cluster, image: ecs.DockerHub.image("amazon/amazon-ecs-sample"), }); } }

48. © 2020, Amazon Web Services, Inc. or its Affiliates. Use

    CDK CLI to synthesize and deploy CDK templates npm install -g aws-cdk cdk init app --language typescript cdk synth cdk diff cdk deploy

49. © 2020, Amazon Web Services, Inc. or its Affiliates. Pillars

    of releasing modern applications Infrastructure as code

50. © 2020, Amazon Web Services, Inc. or its Affiliates. Pillars

    of releasing modern applications Continuous integration

51. © 2020, Amazon Web Services, Inc. or its Affiliates. Continuous

    integration goals Sourc e Build Test Produ ction

52. © 2020, Amazon Web Services, Inc. or its Affiliates. Continuous

    integration goals 1. Automatically kick off a new release when new code is checked in 2. Build and test code in a consistent, repeatable environment 3. Continually have an artifact ready for deployment 4. Continually close feedback loop when build fails

53. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodePipeline • Continuous delivery service for fast and reliable application updates • Model and visualize your software release process • Builds, tests, and deploys your code every time there is a code change • Integrates with third-party tools and AWS

54. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodePipeline: Supported sources Pick branch AWS CodeCommit GitHub Pick object or folder Amazon S3 Pick Docker tag Amazon ECR Automatically kick off release and pull latest source code

55. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodePipeline: ECR source action Source code: “master” branch ECR repository: “release” tag

56. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodePipeline: Supported triggers Automatically kick off release Amazon CloudWatch Events • Scheduled (nightly release) • AWS Health events (Fargate platform retirement) Available in CloudWatch Events console, API, SDK, CLI, and AWS CloudFormation Webhooks • DockerHub • Quay • Artifactory Available in CodePipeline API, SDK, CLI, and CloudFormation

57. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodeBuild • Fully managed build service that compiles source code, runs tests, and produces software packages • Scales continuously and processes multiple builds concurrently • No build servers to manage • Pay by the minute, only for the compute resources you use • Monitor builds through CloudWatch Events

58. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodeBuild • Each build runs in a new Docker container for a consistent, immutable environment • Docker and AWS CLI are installed in every official CodeBuild image • Provide custom build environments suited to your needs through the use of Docker images

59. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodeBuild: Lambda buildspec version: 0.2 phases: build: commands: - npm ci - npm test - > aws cloudformation package --template-file template.yaml --output-template packaged.yaml --s3-bucket $BUCKET artifacts:

60. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodeBuild: Lambda buildspec using SAM CLI version: 0.2 phases: install: commands: - pip install --upgrade awscli aws-sam-cli build: commands: - sam build - sam package --s3-bucket $BUCKET --output-template-file packaged.yaml artifacts: type: zip files:

61. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodeBuild: Docker buildspec version: 0.2 phases: build: commands: - $(aws ecr get-login --no-include-email) - docker build -t $IMAGE_REPO_NAME:$IMAGE_TAG . - docker tag $IMAGE_REPO_NAME:$IMAGE_TAG $ECR_REPO:$IMAGE_TAG - docker push $ECR_REPO:$IMAGE_TAG

62. © 2020, Amazon Web Services, Inc. or its Affiliates. Pillars

    of releasing modern applications Continuous integration

63. © 2020, Amazon Web Services, Inc. or its Affiliates. Pillars

    of releasing modern applications Continuous deployment

64. © 2020, Amazon Web Services, Inc. or its Affiliates. Continuous

    deployment goals Sourc e Build Test Produ ction

65. © 2020, Amazon Web Services, Inc. or its Affiliates. Continuous

    deployment goals 1. Automatically deploy new changes to staging environments for testing 2. Deploy to production safely without impacting customers 3. Deliver to customers faster: Increase deployment frequency, and reduce change lead time and change failure rate

66. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS

    CodeDeploy • Automates code deployments to any instance and Lambda • Handles the complexity of updating your applications • Avoid downtime during application deployment • Roll back automatically if failure detected • Deploy to Amazon EC2, Lambda, or on-premises servers

67. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy-Lambda

    deployments • Shifts traffic using Lambda function weighted aliases • Choose canary (“shift 10% of traffic for 10 minutes, then shift rest”) or linear (“shift 10% more traffic every 10 minutes”) • Validation “hooks” enable testing at each stage of the deployment • Fast rollback in seconds if case of hook failure or CloudWatch alarms • Monitor deployment status and history via console, API, Amazon Simple Notification Service (Amazon SNS) notifications, and CloudWatch Events

68. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy

    – Lambda deployments Enable in your serverless application template Resources: GetFunction: Type: AWS::Serverless::Function Properties: DeploymentPreference: Type: Canary10Percent10Minutes Alarms: - !Ref ErrorsAlarm Hooks: PreTraffic: !Ref PreTrafficHook Canary10Percent30Minutes Canary10Percent5Minutes Canary10Percent10Minutes Canary10Percent15Minutes Linear10PercentEvery10Minutes Linear10PercentEvery1Minute Linear10PercentEvery2Minutes Linear10PercentEvery3Minutes AllAtOnce

69. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy

    – Lambda canary deployment API Gateway Lambda function weighted alias “live” v1 Lambda function code 100%

70. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy

    – Lambda canary deployment API Gateway Lambda function weighted alias “live” v1 code 100% Run PreTraffic hook against v2 code before it receives traffic v2 code 0%

71. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy

    – Lambda canary deployment API Gateway Lambda function weighted alias “live” v1 code 90% Wait for 10 minutes, roll back in case of alarm v2 code 10%

72. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy

    – Lambda canary deployment API Gateway Lambda function weighted alias “live” v1 code 0% Run PostTraffic hook and complete deployment v2 code 100%

73. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy-ECS

    blue-green deployments • Provisions “green” tasks, then flips traffic at the load balancer • Validation “hooks” enable testing at each stage of the deployment • Fast rollback to “blue” tasks in seconds if case of hook failure or CloudWatch alarms • Monitor deployment status and history via console, API, Amazon SNS notifications, and CloudWatch Events • Use “CodeDeploy-ECS” deploy action in CodePipeline or “aws ecs deploy” command in Jenkins

74. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy-ECS

    blue-green deployment 100% Prod traffic

75. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy-ECS

    blue-green deployment Target group 2 100% Prod traffic Test traffic listener (port 9000)

76. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy-ECS

    blue-green deployment Green tasks: v2 code 100% Prod traffic Provision green tasks

77. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy-ECS

    blue-green deployment 100% Test traffic 100% Prod traffic Run hook against test endpoint before green tasks receive prod traffic

78. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy-ECS

    blue-green deployment 100% Prod traffic Flip traffic to green tasks, rollback in case of alarm 0% Prod traffic

79. © 2020, Amazon Web Services, Inc. or its Affiliates. CodeDeploy-ECS

    blue-green deployment 100% Prod traffic Drain blue tasks 100% Prod traffic

80. © 2020, Amazon Web Services, Inc. or its Affiliates. Continuous

    deployment goals 1. Automatically deploy new changes to staging environments for testing 2. Deploy to production safely without impacting customers 3. Deliver to customers faster: Increase deployment frequency, and reduce change lead time and change failure rate

81. © 2020, Amazon Web Services, Inc. or its Affiliates. Pillars

    of releasing modern applications Continuous deployment

82. © 2020, Amazon Web Services, Inc. or its Affiliates. Demo

83. © 2020, Amazon Web Services, Inc. or its Affiliates. Takeaways

    1. Manage your infrastructure as code 2. Frequently build and integrate your code to get a first feedback 3. Continuously release in production using canary releases with monitoring and automated rollbacks 4. Use canary releases to get both technical and business feedback

84. © 2020, Amazon Web Services, Inc. or its Affiliates. Darko

    Meszaros @darkosubotica ln/darko-mesaros twitch.tv/ruptwelve