Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Programming Infrastructure with AWS CDK

Donnie Prakoso
November 11, 2019
Technology
1
240

Programming Infrastructure with AWS CDK

Initially presented at AWS User Group Meetup Surabaya, Indonesia.

The AWS Cloud Development Kit is an open source software development framework to model and provision your cloud application resources using familiar programming languages. In this session, we will start with why IaC (Infrastructure as Code) is a good practice and explore various ways on its implementation. Then, we'll do a live coding as a step-by-step guidance on how you can use AWS CDK to programmatically provision a serverless APIs system.

Donnie Prakoso

November 11, 2019
Tweet

More Decks by Donnie Prakoso

See All by Donnie Prakoso
A Pragmatic Introduction to Microservices
donnie
0
130
Accelerate Modern Application Development with Containers
donnie
0
64
Let's Build Serverless Apps. Wait, why?
donnie
0
83
Infrastructure as Code and CI/CD in Practice with AWS CDK
donnie
1
170
Infrastructure as --> is Code with AWS CDK
donnie
0
52
Building Modern Application with Containers
donnie
0
150
Operating Microservices at Hyperscale
donnie
0
71
Get Started with Your Serverless API
donnie
0
53
Get Started with Your Serverless API
donnie
1
470

Other Decks in Technology

See All in Technology
OCI Network Firewall 概要
oracle4engineer
PRO
0
4.1k
ハイパーパラメータチューニングって何をしているの
toridori_dev
0
140
テストコード品質を高めるためにMutation Testingライブラリ・Strykerを実戦導入してみた話
ysknsid25
7
2.6k
強いチームと開発生産性
onk
PRO
34
11k
ドメインの本質を掴む / Get the essence of the domain
sinsoku
2
150
BLADE: An Attempt to Automate Penetration Testing Using Autonomous AI Agents
bbrbbq
0
300
10XにおけるData Contractの導入について: Data Contract事例共有会
10xinc
6
620
ExaDB-D dbaascli で出来ること
oracle4engineer
PRO
0
3.8k
サイバーセキュリティと認知バイアス:対策の隙を埋める心理学的アプローチ
shumei_ito
0
380
障害対応指揮の意思決定と情報共有における価値観 / Waroom Meetup #2
arthur1
5
470
隣接領域をBeyondするFinatextのエンジニア組織設計 / beyond-engineering-areas
stajima
1
270
OCI 運用監視サービス 概要
oracle4engineer
PRO
0
4.8k

Featured

See All Featured
Practical Orchestrator
shlominoach
186
10k
Put a Button on it: Removing Barriers to Going Fast.
kastner
59
3.5k
Six Lessons from altMBA
skipperchong
27
3.5k
Speed Design
sergeychernyshev
25
620
The Language of Interfaces
destraynor
154
24k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
Documentation Writing (for coders)
carmenintech
65
4.4k
Building Your Own Lightsaber
phodgson
103
6.1k
Optimising Largest Contentful Paint
csswizardry
33
2.9k
Into the Great Unknown - MozCon
thekraken
32
1.5k
Optimizing for Happiness
mojombo
376
70k
Code Review Best Practice
trishagee
64
17k

Transcript

  1. © 2019, Amazon Web Services, Inc. or its Affiliates. All

    rights reserved. Amazon Confidential Programming Infrastructure with AWS CDK Donnie Prakoso Senior Technical Evangelist, ASEAN Amazon Web Services @donnieprakoso donnieprakoso https://donnie.id

  2. > hello, world Donnie Prakoso, MSc Senior Technical Evangelist, ASEAN

    @donnieprakoso • 15+ years in software development and system operations • Banking industry, telco to startups • From software developer to R&D manager to CTO • I talk a lot about microservices and machine learning • Self-proclaimed Barista and Café Racer enthusiasts donnieprakoso

  3. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark Introduction to infrastructure as code

  4. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Level 0: Creating infrastructure by hand Your organization’s infrastructure

  5. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Manual Easy to get started Not reproducible Error prone Time consuming Manual High level Low level

  6. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Level 1: Imperative infrastructure as code Your organization’s infrastructure deploy.script AWS SDK

  7. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Level 1: Imperative infrastructure as code • Lots of boilerplate • What if something fails and we need to retry? • What if two people try to run the script at once? • Race conditions? resource = getResource(xyz) if (resource == desiredResource) { return } else if (!resource) { createResource(desiredResource) } else { updateResource(desiredResource) } deploy.script

  8. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Scripted What happens if an API call fails? How do I make updates? How do I know a resource is ready? How do I roll back? Scripted Manual High level Low level

  9. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Level 2: Declarative infrastructure as code Your organization’s infrastructure infrastructure.txt AWS CloudFormation HashiCorp Terraform AWS SDK

  10. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Level 2: Declarative infrastructure as code infrastructure.txt • Just a list of each resource to create and its properties, in this case YAML format • Some minor helper functions may be built in to aid in fetching values dynamically Resources: # VPC in which containers will be networked. # It has two public subnets # We distribute the subnets across the first two available subnets # for the region, for high availability. VPC: Type: AWS::EC2::VPC Properties: EnableDnsSupport: true EnableDnsHostnames: true CidrBlock: !FindInMap ['SubnetConfig', 'VPC', 'CIDR'] # Two public subnets, where containers can have public IP addresses PublicSubnetOne: Type: AWS::EC2::Subnet Properties: AvailabilityZone: Fn::Select: - 0 - Fn::GetAZs: {Ref: 'AWS::Region'} VpcId: !Ref 'VPC' CidrBlock: !FindInMap ['SubnetConfig', 'PublicOne', 'CIDR'] MapPublicIpOnLaunch: true PublicSubnetTwo: Type: AWS::EC2::Subnet Properties: AvailabilityZone: Fn::Select: - 1 - Fn::GetAZs: {Ref: 'AWS::Region'} VpcId: !Ref 'VPC' CidrBlock: !FindInMap ['SubnetConfig', 'PublicTwo', 'CIDR'] MapPublicIpOnLaunch: true

  11. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Resource provisioning engines AWS CloudFormation template (JSON/YAML) HashiCorp Configuration Language (HCL) Desired state configuration Declarative Scripted Manual High level Low level Easy to automate Reproducible Configuration syntax No abstraction, lots of details

  12. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Document Object Models (DOMs) Troposphere Python SparkleFormation Ruby GoFormation Go … if statements, for loops, IDE benefits Ex: 218 lines of Troposphere for a VPC AWS CloudFormatio n Template Real code ♥ Desired state Abstraction is not built-in DOMs Declarative Scripted Manual High level Low level

  13. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Level 3: AWS Cloud Development Kit (AWS CDK) Your organization’s infrastructure app.js AWS CloudFormation AWS SDK AWS CDK

  14. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Developer preview AWS CloudFormation template AWS CDK application Stack(s) Construct Construct AWS CDK Componentized DOMs Declarative Scripted Manual High level Low level Resources

  15. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. Level 3: AWS CDK • Write in a familiar programming language • Create many underlying AWS resources at once with a single construct • Each stack is made up of “constructs,” which are simple classes in the code • Still declarative, no need to handle create vs update app.js app.py class MyService extends cdk.Stack { constructor(scope: cdk.App, id: string) { super(scope, id); // Network for all the resources const vpc = new ec2.Vpc(this, 'MyVpc', { maxAzs: 2 }); // Cluster to hold all the containers const cluster = new ecs.Cluster(this, 'Cluster', { vpc: vpc }); // Load balancer for the service const LB = new elbv2.ApplicationLoadBalancer(this, 'LB', { vpc: vpc, internetFacing: true }); } }

  16. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. VPC Public Subnet in Availability Zone Public Subnet in Availability Zone 2 Private Subnet in Availability Zone Private Subnet in Availability Zone 2 Internet gateway NAT gateway NAT gateway One CDK construct expands to many underlying resources cdk deploy // Network for all the resources const vpc = new ec2.Vpc(stack, 'MyVpc', { maxAzs: 2 });

  17. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. One CDK construct expands to many underlying resources 270 lines of AWS CloudFormation YAML I don’t have to write! cdk synth // Network for all the resources const vpc = new ec2.Vpc(stack, 'MyVpc', { maxAzs: 2 });

  18. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved.

  19. © 2019, Amazon Web Services, Inc. or its affiliates. All

    rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark Go Build! @donnieprakoso donnieprakoso https://donnie.id