Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Test in Production: Infrastructure Edition

Rosemary Wang
November 04, 2019
Technology
0
270

Test in Production: Infrastructure Edition

Originally presented at Test in Production (Berlin) MeetUp on November 4, 2019.

How do we feature toggle, canary test, and AB test on production infrastructure? In this talk, we'll give some brief examples on each approach.

CORRECTIONS

- Initial example for talk briefly showed feature toggle for network. Updated example has a more clear framing of what the feature toggle looks like.
- Updated example for canary explicitly calls out a "green" VPC, as denoted in diagram.

Rosemary Wang

November 04, 2019
Tweet

More Decks by Rosemary Wang

See All by Rosemary Wang
Can You Test Your Infrastructure as Code?
joatmon08
1
11
Multi-Account, Multi-Region, Multi-Runtime
joatmon08
1
12
Building a multi-account, multi-runtime service-oriented architecture
joatmon08
0
9
Choose Your Own Abstraction: Iterating on Developer Experience
joatmon08
0
13
Break Glass, Repair Fast, Reconcile Automation
joatmon08
2
24
Building a Developer Platform? Ask these questions.
joatmon08
0
10
From Cloud-Hosted to Cloud-Native
joatmon08
0
41
Refactoring Applications for Dynamic Secrets
joatmon08
1
29
Catching Commits to Secure Infrastructure as Code
joatmon08
1
39

Other Decks in Technology

See All in Technology
「共通基盤」を超えよ! 今、Platform Engineeringに取り組むべき理由
jacopen
25
5.7k
Hands-on / Kaname Frusawa / Cloud Compare Users Meetup 2024 at University of Tokyo on April 17
paraworld
2
460
ビジネスとエンジニアリングの接合点 そしてコード品質がそこに及ぼす影響 v1.1 / The Intersections of Business and Engineering, and The Impact of Code Quality There (v1.1)
mtx2s
11
2.4k
普段有償でサポート業務をしているCSAが技術知見を無料で公開する理由
07jp27
1
610
The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs
inesmontani
PRO
1
630
PHP"オレ"カンファレンスの告知
ysknsid25
0
300
人間の尊厳、幸福、アクセシビリティ / 第116回「WEB TOUCH MEETING」アクセシビリティSP
nulabinc
PRO
2
180
なぜ NOT A HOTEL が Web3 に取り組むのか - NOT A HOTEL TECH TALK
ynunokawa
0
160
2024-04-06 AMeDAS to Lagoon SORACOM UG 2024-04-06
anysonica
0
120
コードを書く隙間を見つけて生きていく技術/Findy 思考の現在地
fujiwara3
23
4.7k
PHPカンファレンス小田原2024
ysknsid25
2
650
マルチアカウント環境への発見的統制の導入
ch1aki
1
1.3k

Featured

See All Featured
Learning to Love Humans: Emotional Interface Design
aarron
266
39k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
185
16k
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
118
38k
Intergalactic Javascript Robots from Outer Space
tanoku
266
26k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
39
4.4k
Ruby is Unlike a Banana
tanoku
95
10k
jQuery: Nuts, Bolts and Bling
dougneiner
59
7.1k
The Invisible Side of Design
smashingmag
293
49k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
18
6.9k
Designing for Performance
lara
601
67k
GraphQLとの向き合い方2022年版
quramy
30
12k
Designing with Data
zakiwarfel
95
4.8k

Transcript

  1. Copyright © 2019 HashiCorp Test in Production: Infrastructure Edition Test

    in Production Berlin | Nov. 4, 2019 Rosemary Wang | @joatmon08

  2. Network engineers live dangerously.

  3. My users = developers ▪ Push and deliver code at

    any time ▪ Availability of application depends on system

  4. How do we change infrastructure without impacting applications?*

  5. * While not spending extra money on staging.

  6. Approaches ▪ Shift-left testing (e.g., staging) ▪ Feature Toggles ▪

    Canary Testing ▪ A/B Testing

  7. Feature Toggles ▪ Preserve state, if possible ▪ Inject with

    roll forward mindset ▪ Don’t write toggles at the start

  8. Feature Toggles CODE EDITOR resource "aws_instance" "example_bionic" { count =

    var.enable_new_ami ? 1 : 0 instance_type = "t2.micro" ami = data.aws_ami.ubuntu_bionic.id vpc_security_group_ids = [aws_security_group.instances.1.id] subnet_id = aws_subnet.public.1.id tags = { Terraform = "true" Owner = var.owner Has_Toggle = var.enable_new_ami } }

  9. Canary Testing ▪ Smoke test before release ▪ Easier with

    container architectures – e.g., VM images for Kubernetes worker nodes

  10. Canary Testing CODE EDITOR resource "aws_instance" "canary" { count =

    var.enable_new_network ? 1 : 0 instance_type = "t2.micro" ami = data.aws_ami.ubuntu.id vpc_security_group_ids = [aws_security_group.instances _green.id] subnet_id = aws_subnet.public_green.id tags = { Name = "${var.prefix}-canary" Owner = var.owner } }

  11. VPC (blue) 10.128.0.0/24 VPC (green) 10.128.0.0/28 APP APP APP APP

    KITCHEN INSTANCE APP APP CANARY CAN I CONNECT?

  12. Kubernetes Control Plane Kubernetes Node Group (Insecure OS) Kubernetes Node

    Group (Secure OS) INTERNAL EXTERNAL EXTERNAL EXTERNAL EXTERNAL INTERNAL INTERNAL kubectl taint nodes external=true:NoExecute

  13. A/B Testing ▪ Infrastructure that affect upstream Service Level Objectives

    ▪ Hypotheses: –Does X batch process more quickly than Y? –Does X cost more than Y?

  14. Kafka FaaS “Data Lake” versus Kafka Spark “Data Lake” APPLICATION

    APPLICATION APPLICATION APPLICATION Does Spark + Kafka architecture process faster with lower cost?

  15. Conclusions ▪ Test in production organizes infrastructure blast radius ▪

    Risk mitigation over risk aversion ▪ “Infrastructure-as-Code” is heuristic

  16. github.com/joatmon08/test-in-production-for-infrastructure Rosemary Wang (she/her) Developer Advocate at HashiCorp @joatmon08 joatmon08

    linkedin.com/in/rosemarywang/ 16