Slide 1

Slide 1 text

AWS Design Patterns at Anki Advanced AWS Meetup 1/21/2014 Ben Whaley | @iAmTheWhaley | [email protected]

Slide 2

Slide 2 text

Work for Anki! Anki needs beta testers!

Slide 3

Slide 3 text

● Anki and AWS ● Application and Systems design ● Deployment and Provisioning ● Demo ● Partnerships Overview

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

Services, analytics and infrastructure ● Provides web & analytics services for Anki ● Example services: ○ Gameplay diagnostics ○ Game replays ○ Customer service platform ○ Future Anki DRIVE enhancements

Slide 6

Slide 6 text

Application design

Slide 7

Slide 7 text

● Application processes are stateless Application design

Slide 8

Slide 8 text

● Application processes are stateless ● Loose coupling among services Application design

Slide 9

Slide 9 text

● Application processes are stateless ● Loose coupling among services ● Configuration is in the environment Application design

Slide 10

Slide 10 text

● Application processes are stateless ● Loose coupling among services ● Configuration is in the environment ● Built for continuous deployment Application design

Slide 11

Slide 11 text

Systems design

Slide 12

Slide 12 text

● n+2 redundancy Systems design

Slide 13

Slide 13 text

Systems design ● n+2 redundancy ● Compute resources are ephemeral

Slide 14

Slide 14 text

Systems design ● n+2 redundancy ● Compute resources are ephemeral ● Managed services preferred

Slide 15

Slide 15 text

Systems design ● n+2 redundancy ● Compute resources are ephemeral ● Managed services preferred ● Infrastructure as code

Slide 16

Slide 16 text

Systems design ● n+2 redundancy ● Compute resources are ephemeral ● Managed services preferred ● Infrastructure as code ● Single purpose VPCs

Slide 17

Slide 17 text

Systems design ● n+2 redundancy ● Compute resources are ephemeral ● Managed services preferred ● Infrastructure as code ● Single purpose VPCs ● Contract between backing resources and applications

Slide 18

Slide 18 text

Backing resources Public Web Services ELBs Infrastructure Services Bastion, NAT, CM, Metrics Private Web Services Persistence VPC External AWS Services S3, SQS, SNS Inbound requests from clients

Slide 19

Slide 19 text

Deployment and Provisioning

Slide 20

Slide 20 text

Goal: Continuous deployment Source Repo commit GitHub Web Hook Deploy Worker Old Release Remains Running Integration Tests Deploy to Integration Deploy to Production Integration tests pass SQS New Release Live Integration tests fail Notify Check for commits Commit found DNS Change

Slide 21

Slide 21 text

Deployment and Provisioning ● New code, new instances

Slide 22

Slide 22 text

Deployment and Provisioning ● New code, new instances ● Instance store-backed AMIs built with Packer

Slide 23

Slide 23 text

● New code, new instances ● Instance store-backed AMIs built with Packer ● AMIs ship with base Docker containers Deployment and Provisioning

Slide 24

Slide 24 text

Deployment and Provisioning ● New code, new instances ● Instance store-backed AMIs built with Packer ● AMIs ship with base Docker containers ● Instances provisioned with Ansible

Slide 25

Slide 25 text

Userdata: 1. Sets configuration variables 2. Downloads ansible playbooks 3. Runs ansible 3-step provisioning pipeline Deploy tool: 1. Loads configuration from S3 2. Sets EC2 userdata bash script 3. Launches instances Ansible: 1. Configures supporting software 2. Downloads application code 3. Builds & runs Docker containers 4. Sends notifications

Slide 26

Slide 26 text

● Base container, service container, release container ● Local dev == Production ● Exceptional community ● Challenges ○ Rapidly changing ○ Logging ○ Debugging

Slide 27

Slide 27 text

● Uses troposphere library to create CloudFormation templates ● Reusable resource templates ● Saves app configuration as json files in S3 ● Creates CF stacks & kicks off instance provisioning ● Supports multiple deployments & releases Custom deployment tool

Slide 28

Slide 28 text

● IAM roles and policies created via CloudFormation ● Intra-VPC traffic authorized by SG ID ● Precise subnetting allows for future network ACLs ● … some credentials still laying around in plain text On security

Slide 29

Slide 29 text

VPC Persistence Persistence Persistence RDS Multi-AZ Persistence Persistence Private Web Services Queue Processor Query Tool Persistence Persistence Public Web Services ELB Persistence Persistence Infrastructure Services Bastion NAT SQS Inbound Requests Flickr Demo App

Slide 30

Slide 30 text

Deployment Demo

Slide 31

Slide 31 text

Tooling & design limitations ● Blue/Green deployment & ELB pre-warming ● “Static” infrastructure templates ● Higher latency for requests between VPCs ● Ephemeral instance tradeoffs ○ Slower to boot than EBS ○ Slower to build AMIs ● Incomplete functionality (for now)

Slide 32

Slide 32 text

No content

Slide 33

Slide 33 text

VPC Persistence Persistence Persistence Persistence Persistence Private Web Services Persistence Persistence Public Web Services Persistence Persistence Collector Log collection and analytics

Slide 34

Slide 34 text

Credits ● The 12 Factor App - http://12factor.net ● Werner Vogels 2012 re:Invent Keynote ● Resty - https://github.com/micha/resty ● Troposphere Python cloudformation library ○ https://github.com/cloudtools/troposphere/ ● Continuous deployment at Quora ○ http://engineering.quora.com/Continuous- Deployment-at-Quora