Application Deployment: State of the Onion by Noah Kantrowitz

Transcript

1. State of the Onion Application Deployment Noah Kantrowitz

2. Me •PSF + PyCon •Balanced •Chef •Making things

3. Platform Web Server Database App Code Configuration Orchestration

4. None

5. Application Code

6. None

7. •Simple •Everywhere •Repetitive Tar

8. •Efficient •Everywhere •Many options Rsync

9. •Common SCM •Push or pull •Single truth Git

10. •Pull based •Simple server •Solid tools Packages

11. •Build packages •No moving parts •See also: depot Omnibus

12. Configuration Management

13. None

14. •Versioned •Readable •Inflexible Flat Files

15. •Ruby-based •Declarative-ish •Big ecosystem Chef

16. •Custom DSL •Declarative •Big ecosystem Puppet

17. •YAML + Jinja •Second wave •Growing SaltStack

18. •YAML + Jinja •Very new •Agent-less Ansible

19. None

20. Orchestration

21. None

22. •for x in ... •ssh $x ... •knife ssh SSH

    Loop

23. •Python •Task based •Parallel Fabric

24. •Ad-hoc shell •Dynamic nodes •Accelerated Ansible

25. •ZeroMQ •Minions only •Modules SaltStack

26. •AMQP bus •Limited ad-hoc •Live discovery MCollective

27. •API-driven •Centralized •Workflows Rundeck

28. •Hubot •Visibility •Emerging trend Chatops

29. Database

30. None

31. •Relational •ACID •Add-ons galore Postgres

32. •Relational •Mostly ACID •Many forks MySQL

33. None

34. •Key/value store •In-memory •Limited HA Redis

35. •Distributed •Big Table •CQL Cassandra

36. •Distributed •2i, Search, MR •CRDTs Riak

37. •MongoDB •Couch* •Interns Others

38. •Consistent •Slow •Paxos ZooKeeper

39. Web Server

40. None

41. •Battle tested •Flexible MPMs •mod_wsgi Apache

42. •Concurrent •Simple config •Proxy Nginx

43. •Pure Python •Simple •Fast Gunicorn

44. •C extension •Extra features •Config soup Uwsgi

45. •Really fast •Mix w/ async •Complex Twisted

46. •Fastly •CloudFront •Varnish CDNs

47. Server Provisioning

48. None

49. •knife ec2 •novaclient •Web UI Manual

50. •Vendor lock-in •Limited triggers •Easy AWS ASGs

51. •Whole infra •Fragile state •Very powerful CloudFormation

52. •OpenStack •Yaml format •Limited compat Heat

53. •Expensive •Cross-cloud •Chef RightScale

54. •Netflix stack •AWS ASGs •Deployment Asgard

55. Secrets Management

56. None

57. •Existing tools •Versioned •Insecure Config

58. •Encrypted bags •Ansible Vault •Unwise Encryption

59. •Vendor lock in •Moving pieces •Relatively safe S3+IAM

60. •OpenStack(ish) •Very new •Promising Barbican

61. •N-of-M •Cold storage •GPG-based Red October

62. Other services

63. •Statsd •Collectd •Graphite Metrics

64. •Logstash •Kibana •Sentry Logs

65. Platform as a Service

66. •Easy •No really, easy •Inflexible & $$$ Heroku

67. •Mild lock-in •Scalable •Few users GAE

68. •Open-source •No lock-in •Difficult deploy OpenShift

69. •Docker-based •Very young •Promising Deis/Flynn

70. Attribution Some images copyright Florida Center for Instructional Technology. All

    logos are property of their respective owners.

71. Thank you