[2018.12 Meetup] [TALK #3] Hugo Almeida - A greenfield love story @aws

Transcript

1. Greenfield AWS and A love story

2. Whos me? Failed Accountant Helpdesk Windows NT 4.0; 2k; 2k3

   Sys Admin

3. Who have we worked with:

4. Our clients =>> Developers!

5. None

6. Serverless and managed aws services… very little ec2...

7. • Current AWS user, existing pool of skills - One

   of the first AWS clients. ◦ New department new requirements. ◦ Architect that understands Cloud Serverless and DevOps. ◦ Existing in-house team lacks bandwidth. • Data Team - Clean slate ◦ New Leadership. ◦ No thinking vices and eagerness to learn - Architect and Tech Lead!! ◦ No compromises. • Developers think Elastic Beanstalk is a good idea... ◦ But we went for AWS ECS instead. ◦ Docker everything. ◦ 12 Factor applications.

8. Our Philosophy and Principles 1. If someone else built it

   we use it, ex Aurora; RDS; Secrets Manager; ECS 2. One Docker image for all environments 3. One environment = One AWS Account = Complete PROD isolation! a. Dev AWS account is free land for creativity and ACCIDENTS!! 4. Serverless pipelines triggers ETL 5. Jenkins (with ansible) a. Job-DSL b. Groovy Pipeline + multibranch pipelines c. Jcasc + docker (soon) https://jenkins.io/projects/jcasc/ . 6. Everything as code a. IaC b. Script everything else

9. Outcomes • Deliver multiple environments all through IaC: ◦ IaC

   is used to deploy core infra ▪ VPC’s; Route53; ASG; ECS; Jenkins; etc ◦ IaC is used to deploy App infrastructure ▪ ALB; SG’s IAM ▪ Developers write the App infra code • Fully coded and scripted deployment process: ◦ Jenkins-as-code. ◦ Developer controls ECS service/task definition. ◦ Repeatable and consistent behaviour. • Full admin @Dev Account ◦ Happier developers!

10. Thank You ! [email protected]