Programming Infrastructure with AWS CDK

Slide 1

Slide 1 text

© 2019, Amazon Web Services, Inc. or its Aﬃliates. All rights reserved. Amazon Conﬁdential Programming Infrastructure with AWS CDK Donnie Prakoso Senior Technical Evangelist, ASEAN Amazon Web Services @donnieprakoso donnieprakoso https://donnie.id

Slide 2

Slide 2 text

> hello, world Donnie Prakoso, MSc Senior Technical Evangelist, ASEAN @donnieprakoso • 15+ years in software development and system operations • Banking industry, telco to startups • From software developer to R&D manager to CTO • I talk a lot about microservices and machine learning • Self-proclaimed Barista and Café Racer enthusiasts donnieprakoso

Slide 3

Slide 3 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark Introduction to infrastructure as code

Slide 4

Slide 4 text

Slide 5

Slide 5 text

Slide 6

Slide 6 text

Slide 7

Slide 7 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Level 1: Imperative infrastructure as code • Lots of boilerplate • What if something fails and we need to retry? • What if two people try to run the script at once? • Race conditions? resource = getResource(xyz) if (resource == desiredResource) { return } else if (!resource) { createResource(desiredResource) } else { updateResource(desiredResource) } deploy.script

Slide 8

Slide 8 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Scripted What happens if an API call fails? How do I make updates? How do I know a resource is ready? How do I roll back? Scripted Manual High level Low level

Slide 9

Slide 9 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Level 2: Declarative infrastructure as code Your organization’s infrastructure infrastructure.txt AWS CloudFormation HashiCorp Terraform AWS SDK

Slide 10

Slide 10 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Level 2: Declarative infrastructure as code infrastructure.txt • Just a list of each resource to create and its properties, in this case YAML format • Some minor helper functions may be built in to aid in fetching values dynamically Resources: # VPC in which containers will be networked. # It has two public subnets # We distribute the subnets across the first two available subnets # for the region, for high availability. VPC: Type: AWS::EC2::VPC Properties: EnableDnsSupport: true EnableDnsHostnames: true CidrBlock: !FindInMap ['SubnetConfig', 'VPC', 'CIDR'] # Two public subnets, where containers can have public IP addresses PublicSubnetOne: Type: AWS::EC2::Subnet Properties: AvailabilityZone: Fn::Select: - 0 - Fn::GetAZs: {Ref: 'AWS::Region'} VpcId: !Ref 'VPC' CidrBlock: !FindInMap ['SubnetConfig', 'PublicOne', 'CIDR'] MapPublicIpOnLaunch: true PublicSubnetTwo: Type: AWS::EC2::Subnet Properties: AvailabilityZone: Fn::Select: - 1 - Fn::GetAZs: {Ref: 'AWS::Region'} VpcId: !Ref 'VPC' CidrBlock: !FindInMap ['SubnetConfig', 'PublicTwo', 'CIDR'] MapPublicIpOnLaunch: true

Slide 11

Slide 11 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Resource provisioning engines AWS CloudFormation template (JSON/YAML) HashiCorp Configuration Language (HCL) Desired state configuration Declarative Scripted Manual High level Low level Easy to automate Reproducible Configuration syntax No abstraction, lots of details

Slide 12

Slide 12 text

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Document Object Models (DOMs) Troposphere Python SparkleFormation Ruby GoFormation Go … if statements, for loops, IDE benefits Ex: 218 lines of Troposphere for a VPC AWS CloudFormatio n Template Real code ♥ Desired state Abstraction is not built-in DOMs Declarative Scripted Manual High level Low level

Slide 13

Slide 13 text

Slide 14

Slide 14 text

© 2019, Amazon Web Services, Inc. or its aﬃliates. All rights reserved. Developer preview AWS CloudFormation template AWS CDK application Stack(s) Construct Construct AWS CDK Componentized DOMs Declarative Scripted Manual High level Low level Resources

Slide 15

Slide 15 text

© 2019, Amazon Web Services, Inc. or its aﬃliates. All rights reserved. Level 3: AWS CDK • Write in a familiar programming language • Create many underlying AWS resources at once with a single construct • Each stack is made up of “constructs,” which are simple classes in the code • Still declarative, no need to handle create vs update app.js app.py class MyService extends cdk.Stack { constructor(scope: cdk.App, id: string) { super(scope, id); // Network for all the resources const vpc = new ec2.Vpc(this, 'MyVpc', { maxAzs: 2 }); // Cluster to hold all the containers const cluster = new ecs.Cluster(this, 'Cluster', { vpc: vpc }); // Load balancer for the service const LB = new elbv2.ApplicationLoadBalancer(this, 'LB', { vpc: vpc, internetFacing: true }); } }

Slide 16

Slide 16 text

© 2019, Amazon Web Services, Inc. or its aﬃliates. All rights reserved. VPC Public Subnet in Availability Zone Public Subnet in Availability Zone 2 Private Subnet in Availability Zone Private Subnet in Availability Zone 2 Internet gateway NAT gateway NAT gateway One CDK construct expands to many underlying resources cdk deploy // Network for all the resources const vpc = new ec2.Vpc(stack, 'MyVpc', { maxAzs: 2 });

Slide 17

Slide 17 text

© 2019, Amazon Web Services, Inc. or its aﬃliates. All rights reserved. One CDK construct expands to many underlying resources 270 lines of AWS CloudFormation YAML I don’t have to write! cdk synth // Network for all the resources const vpc = new ec2.Vpc(stack, 'MyVpc', { maxAzs: 2 });

Slide 18

Slide 18 text

Slide 19

Slide 19 text

© 2019, Amazon Web Services, Inc. or its aﬃliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Confidential and Trademark Go Build! @donnieprakoso donnieprakoso https://donnie.id