Tweet
Tweet

Slide 1

Slide 1 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved. Introduction to DevOps on AWS Sébastien Stormacq Senior Developer Advocate Amazon Web Services, EMEA

Slide 2

Slide 2 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

How it all started?

Slide 5

Slide 5 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 6

Slide 6 text

Cloud benefits

Slide 7

Slide 7 text

References architectures VPC AWS Cloud Availability Zone 1 Auto Scaling group Availability Zone 2 NAT Gateway NAT Gateway Amazon EC2 instance Master database Replica database Application Load Balancer Amazon EC2 instance

Slide 8

Slide 8 text

Infrastructure as click

Slide 9

Slide 9 text

You choose your IDE Python Java, Python .NET, Node .NET

Slide 10

Slide 10 text

You choose your IDE Python Java, Python .NET, Node .NET Node.js .NET New

Slide 11

Slide 11 text

No content

Slide 12

Slide 12 text

Your IDE is in the cloud A cloud IDE for writing, running, and debugging code

Slide 13

Slide 13 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 14

Slide 14 text

You move your code to a code repository EBS volumes SSH or HTTPS Secure, scalable, and managed Git source control git push Amazon EC2

Slide 15

Slide 15 text

You move your code to a code repository Git objects in Amazon S3 Git index in Amazon DynamoDB Encryption keys in AWS KMS SSH or HTTPS Secure, scalable, and managed Git source control git push AWS CodeCommit

Slide 16

Slide 16 text

Getting started with CodeCommit & ssh $ ssh-keygen $ vi ~/.ssh Host git-codecommit.*.amazonaws.com User APKAEiBAERJR2EXAMPLE identityFile ~/.ssh/codecommit_rsa $ git clone \ ssh://git-codecommit..amazonaws.com/v1/repos/ \

Slide 17

Slide 17 text

Branching strategy Whole dev team share a branch called Trunk (or Master)

Slide 18

Slide 18 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 19

Slide 19 text

Continuous integration workflow Version control Continuous integration server Commit to dev branch Pull code Send build report to development team; stop everything if build fails Distributed builds; run tests in parallel Hook Developer Test types Integration Unit Code coverage

Slide 20

Slide 20 text

Continuous integration workflow Commit to dev branch Pull code Send build report to development team; stop everything if build fails Distributed builds; run tests in parallel Hook Test types Integration Unit Code coverage Developer AWS CodeCommit AWS CodeBuild

Slide 21

Slide 21 text

Anatomy of a buildspec file version: 0.2 phases: pre_build: commands: - echo Logging in to Amazon ECR... - aws --version - $(aws ecr get-login --region eu-west-1 --no-include-email) - REPOSiTORY_URi=486652066693.dkr.ecr.eu-west-1.amazonaws.com/nginx - iMAGE_TAG=$(echo $CODEBUiLD_RESOLVED_SOURCE_VERSiON | cut -c 1-7) build: commands: - echo Build started on `date` - echo Building the Docker image... - docker build -t $REPOSiTORY_URi:latest nginx/. - docker tag $REPOSiTORY_URi:latest $REPOSiTORY_URi:$iMAGE_TAG post_build: commands: - echo Build completed on `date` - echo Pushing the Docker images... - docker push $REPOSiTORY_URi:latest - docker push $REPOSiTORY_URi:$iMAGE_TAG - echo Writing image definitions file... - printf '[{"name":"nginx","imageUri":"%s"}]’ $REPOSiTORY_URi:$iMAGE_TAG > imagedefinitions.json artifacts: files: imagedefinitions.json

Slide 22

Slide 22 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 23

Slide 23 text

One dev environment does not scale

Slide 24

Slide 24 text

One dev/integration environment per developer

Slide 25

Slide 25 text

Infrastructure as code—avoid snowflakes

Slide 26

Slide 26 text

Cloud Development Kit (CDK) AWS CloudFormation template Resources AWS CDK application Stack(s) Construct Construct

Slide 27

Slide 27 text

CDK: Package your application CDK: Create a VPC // // create VPC w/ public and private subnets in 2 AZ // this also creates a NAT Gateway // const vpc = new ec2.Vpc(this, 'NewsBlogVPC', { maxAzs : 2 }); // // create static web site as S3 assets // var path = require('path'); const asset = new assets.Asset(this, ’YourSampleApp', { path: path.join(__dirname, '../html') }); // define a user data script to install & launch our app const userData = UserData.forLinux(); userData.addCommands('yum install -y nginx’, 'chkconfig nginx on', 'service nginx start’); userData.addCommands(`aws s3 cp s3://${asset.s3BucketName}/${asset.s3ObjectKey} .`, `unzip *.zip`, `/bin/cp -r -n ${env}/* /usr/share/nginx/html/`); CDK: Bootstrap your servers // create an auto scaling group for each environment const asg = new autoscaling.AutoScalingGroup(this, 'YourAppgAutoScalingGroup ' , { vpc, instanceType: ec2.instanceType.of(ec2.instanceClass.BURSTABLE3, ec2.instanceSize.MiCRO), machineimage: new ec2.AmazonLinuximage(), desiredCapacity: 2, role: role, userData: userData }); CDK: Create an Auto Scaling group

Slide 28

Slide 28 text

CDK: Deploy your own dev environment CloudFormation Template “compiler” CDK CLI “processor” “assembly language” “source” synthesize deploy executes

Slide 29

Slide 29 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 30

Slide 30 text

Continuous deployment Merge PR into trunk Hook pull code Developer

Slide 31

Slide 31 text

Complex pipeline example—Trek10

Slide 32

Slide 32 text

IaC also for dev infrastructure // create the source action (github) const sourceOutput = new pipeline.Artifact(); const sourceAction = new pipeline_actions.GitHubSourceAction({ actionName: "GitHubTrigger", owner: github.owner, repo: github.repo, oauthToken: cdk.SecretValue.secretsManager(github.secret_manager_secret_name), output: sourceOutput, branch: 'master' }); // create the build action const buildProject = new codebuild.PipelineProject(pipelineStack, 'CodeBuildProje ct', { projectName: 'DockerBuild', buildSpec: BuildSpec.fromSourceFilename('nginx/buildspec.yml'), environment: { buildimage: codebuild.LinuxBuildimage.STANDARD_2_0, privileged: true } }); // add codebuild permissions to access ECR (to push the image to the repo) const role = buildProject.role; role.addManagedPolicy(ManagedPolicy.fromAwsManagedPolicyName('AmazonEC2ContainerR egistryPowerUser')); const buildOutput = new pipeline.Artifact(); const buildAction = new pipeline_actions.CodeBuildAction({ actionName: 'CodeBuildDockerimage', project: buildProject, input: sourceOutput, outputs: [buildOutput] }); const deployAction = new irEcsDeployAction({ actionName: 'Deploy', serviceName: ecs.serviceName, clusterName: ecs.clusterName, input: buildOutput, }); // finally, create the pipeline const codePipeline = new pipeline.Pipeline(pipelineStack, 'Pipeline', { pipelineName: 'ECSDeploy', stages: [ { stageName: 'GetSource', actions: [sourceAction], }, { stageName: 'BuildDockerimage', actions: [buildAction] }, { stageName: 'DeployToEcs', actions: [deployAction] } ], });

Slide 33

Slide 33 text

Blue-green deployment 100% Prod traffic

Slide 34

Slide 34 text

Blue-green deployment Target group 2 100% Prod traffic

Slide 35

Slide 35 text

Blue-green deployment Green tasks: v2 code Provision green tasks 100% Prod traffic

Slide 36

Slide 36 text

Blue-green deployment Run hook against test endpoint before green tasks receive prod traffic 0% Prod traffic 100% Prod traffic

Slide 37

Slide 37 text

Blue-green deployment Flip traffic to green tasks, rollback in case of alarm 80% Prod traffic 20% Prod traffic

Slide 38

Slide 38 text

Blue-green deployment Drain blue tasks 0% Prod traffic 100% Prod traffic

Slide 39

Slide 39 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 40

Slide 40 text

No content

Slide 41

Slide 41 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 42

Slide 42 text

Debugging modern apps locally is hard New developer patterns Mockups are not perfect Applications are large

Slide 43

Slide 43 text

You are debugging in the cloud AWS Cloud

Slide 44

Slide 44 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 45

Slide 45 text

No content

Slide 46

Slide 46 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 47

Slide 47 text

ChatOps

Slide 48

Slide 48 text

AWS Chatbot Receive notifications from AWS services about infrastructure events, billing, security, and more Easily integrate with Slack Built-in security templates for common use cases simplify configuration and enable best practices AWS Chatbot Events

Slide 49

Slide 49 text

AWS Chatbot can now run commands Interactive agent for ChatOps

Slide 50

Slide 50 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 51

Slide 51 text

No content

Slide 52

Slide 52 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 53

Slide 53 text

How Amazon does DevOps? (microservices, 2 pizza teams) (governance, templates)

Slide 54

Slide 54 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.

Slide 55

Slide 55 text

What we built Trunk-based source code control AWS CDK Developers Services Delivery pipelines Monitor Build Test Release Monitor Build Test Release Monitor Build Test Release Monitor Build Test Release Monitor Build Test Release

Slide 56

Slide 56 text

Think big—impossibly big Start small Iterate

Slide 57

Slide 57 text

impact on dev hiring and retention

Slide 58

Slide 58 text

Start anywhere but start somewhere

Slide 59

Slide 59 text

Thank you! © 2019, Amazon Web Services, inc. or its affiliates. All rights reserved. Sébastien Stormacq @sebsto

Slide 60

Slide 60 text

© 2019, Amazon Web Services, inc. or its affiliates. All rights reserved.