Link
Embed
Share
Beginning
This slide
Copy link URL
Copy link URL
Copy iframe embed code
Copy iframe embed code
Copy javascript embed code
Copy javascript embed code
Share
Tweet
Share
Tweet
Slide 1
Slide 1 text
State of the Onion Application Deployment Noah Kantrowitz
Slide 2
Slide 2 text
Me •PSF + PyCon •Balanced •Chef •Making things
Slide 3
Slide 3 text
Platform Web Server Database App Code Configuration Orchestration
Slide 4
Slide 4 text
No content
Slide 5
Slide 5 text
Application Code
Slide 6
Slide 6 text
No content
Slide 7
Slide 7 text
•Simple •Everywhere •Repetitive Tar
Slide 8
Slide 8 text
•Efficient •Everywhere •Many options Rsync
Slide 9
Slide 9 text
•Common SCM •Push or pull •Single truth Git
Slide 10
Slide 10 text
•Pull based •Simple server •Solid tools Packages
Slide 11
Slide 11 text
•Build packages •No moving parts •See also: depot Omnibus
Slide 12
Slide 12 text
Configuration Management
Slide 13
Slide 13 text
No content
Slide 14
Slide 14 text
•Versioned •Readable •Inflexible Flat Files
Slide 15
Slide 15 text
•Ruby-based •Declarative-ish •Big ecosystem Chef
Slide 16
Slide 16 text
•Custom DSL •Declarative •Big ecosystem Puppet
Slide 17
Slide 17 text
•YAML + Jinja •Second wave •Growing SaltStack
Slide 18
Slide 18 text
•YAML + Jinja •Very new •Agent-less Ansible
Slide 19
Slide 19 text
No content
Slide 20
Slide 20 text
Orchestration
Slide 21
Slide 21 text
No content
Slide 22
Slide 22 text
•for x in ... •ssh $x ... •knife ssh SSH Loop
Slide 23
Slide 23 text
•Python •Task based •Parallel Fabric
Slide 24
Slide 24 text
•Ad-hoc shell •Dynamic nodes •Accelerated Ansible
Slide 25
Slide 25 text
•ZeroMQ •Minions only •Modules SaltStack
Slide 26
Slide 26 text
•AMQP bus •Limited ad-hoc •Live discovery MCollective
Slide 27
Slide 27 text
•API-driven •Centralized •Workflows Rundeck
Slide 28
Slide 28 text
•Hubot •Visibility •Emerging trend Chatops
Slide 29
Slide 29 text
Database
Slide 30
Slide 30 text
No content
Slide 31
Slide 31 text
•Relational •ACID •Add-ons galore Postgres
Slide 32
Slide 32 text
•Relational •Mostly ACID •Many forks MySQL
Slide 33
Slide 33 text
No content
Slide 34
Slide 34 text
•Key/value store •In-memory •Limited HA Redis
Slide 35
Slide 35 text
•Distributed •Big Table •CQL Cassandra
Slide 36
Slide 36 text
•Distributed •2i, Search, MR •CRDTs Riak
Slide 37
Slide 37 text
•MongoDB •Couch* •Interns Others
Slide 38
Slide 38 text
•Consistent •Slow •Paxos ZooKeeper
Slide 39
Slide 39 text
Web Server
Slide 40
Slide 40 text
No content
Slide 41
Slide 41 text
•Battle tested •Flexible MPMs •mod_wsgi Apache
Slide 42
Slide 42 text
•Concurrent •Simple config •Proxy Nginx
Slide 43
Slide 43 text
•Pure Python •Simple •Fast Gunicorn
Slide 44
Slide 44 text
•C extension •Extra features •Config soup Uwsgi
Slide 45
Slide 45 text
•Really fast •Mix w/ async •Complex Twisted
Slide 46
Slide 46 text
•Fastly •CloudFront •Varnish CDNs
Slide 47
Slide 47 text
Server Provisioning
Slide 48
Slide 48 text
No content
Slide 49
Slide 49 text
•knife ec2 •novaclient •Web UI Manual
Slide 50
Slide 50 text
•Vendor lock-in •Limited triggers •Easy AWS ASGs
Slide 51
Slide 51 text
•Whole infra •Fragile state •Very powerful CloudFormation
Slide 52
Slide 52 text
•OpenStack •Yaml format •Limited compat Heat
Slide 53
Slide 53 text
•Expensive •Cross-cloud •Chef RightScale
Slide 54
Slide 54 text
•Netflix stack •AWS ASGs •Deployment Asgard
Slide 55
Slide 55 text
Secrets Management
Slide 56
Slide 56 text
No content
Slide 57
Slide 57 text
•Existing tools •Versioned •Insecure Config
Slide 58
Slide 58 text
•Encrypted bags •Ansible Vault •Unwise Encryption
Slide 59
Slide 59 text
•Vendor lock in •Moving pieces •Relatively safe S3+IAM
Slide 60
Slide 60 text
•OpenStack(ish) •Very new •Promising Barbican
Slide 61
Slide 61 text
•N-of-M •Cold storage •GPG-based Red October
Slide 62
Slide 62 text
Other services
Slide 63
Slide 63 text
•Statsd •Collectd •Graphite Metrics
Slide 64
Slide 64 text
•Logstash •Kibana •Sentry Logs
Slide 65
Slide 65 text
Platform as a Service
Slide 66
Slide 66 text
•Easy •No really, easy •Inflexible & $$$ Heroku
Slide 67
Slide 67 text
•Mild lock-in •Scalable •Few users GAE
Slide 68
Slide 68 text
•Open-source •No lock-in •Difficult deploy OpenShift
Slide 69
Slide 69 text
•Docker-based •Very young •Promising Deis/Flynn
Slide 70
Slide 70 text
Attribution Some images copyright Florida Center for Instructional Technology. All logos are property of their respective owners.
Slide 71
Slide 71 text
Thank you