Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Achieving repeatable, extensible and self serve...
Search
Tasdik Rahman
November 16, 2019
Programming
0
2.2k
Achieving repeatable, extensible and self serve infrastructure
Tasdik Rahman
November 16, 2019
Tweet
Share
More Decks by Tasdik Rahman
See All by Tasdik Rahman
Resilient Multi-Cloud Strategies: Harnessing Kubernetes, Cluster API and Cell-Based Architecture
tasdikrahman
0
170
How to make pod assignment to thousands of nodes every day easier
tasdikrahman
0
370
Keeping up with Kubernetes cluster upgrades
tasdikrahman
0
700
TDD: An experience report
tasdikrahman
0
1.5k
Ways of enabling Canary deployments in kubernetes
tasdikrahman
0
4.8k
Kingsly - The Cert Manager
tasdikrahman
0
2.4k
kuberception: Self Hosting kubernetes
tasdikrahman
0
8.4k
Diving deep on how imports work in Python
tasdikrahman
0
3.5k
Introduction to Ansible
tasdikrahman
1
17k
Other Decks in Programming
See All in Programming
Tool Catalog Agent for Bedrock AgentCore Gateway
licux
7
2.5k
FindyにおけるTakumi活用と脆弱性管理のこれから
rvirus0817
0
530
複雑なドメインに挑む.pdf
yukisakai1225
5
1.2k
さようなら Date。 ようこそTemporal! 3年間先行利用して得られた知見の共有
8beeeaaat
3
1.5k
Azure SRE Agentで運用は楽になるのか?
kkamegawa
0
2.5k
CloudflareのChat Agent Starter Kitで簡単!AIチャットボット構築
syumai
2
510
Amazon RDS 向けに提供されている MCP Server と仕組みを調べてみた/jawsug-okayama-2025-aurora-mcp
takahashiikki
1
110
ぬるぬる動かせ! Riveでアニメーション実装🐾
kno3a87
1
230
AIでLINEスタンプを作ってみた
eycjur
1
230
複雑なフォームに立ち向かう Next.js の技術選定
macchiitaka
2
220
パッケージ設計の黒魔術/Kyoto.go#63
lufia
3
440
意外と簡単!?フロントエンドでパスキー認証を実現する WebAuthn
teamlab
PRO
2
770
Featured
See All Featured
Writing Fast Ruby
sferik
628
62k
KATA
mclloyd
32
14k
The Language of Interfaces
destraynor
161
25k
The Straight Up "How To Draw Better" Workshop
denniskardys
236
140k
Speed Design
sergeychernyshev
32
1.1k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
53k
The Cult of Friendly URLs
andyhume
79
6.6k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
The Pragmatic Product Professional
lauravandoore
36
6.9k
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.4k
Why Our Code Smells
bkeepers
PRO
339
57k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
44
2.5k
Transcript
Achieving repeatable, extensible and self serve infrastructure
2 tasdikrahman.me @tasdikrahman • Product Engineer @ Gojek • Contributor
to oVirt • Backpacker • Weekend chef • Chelsea FC!!
What does Gojek do? 3
4 Ref: gojek.io
What am I gonna talk about? 5
6 Ref: shutterstock.com
7 Ref: shutterstock.com Evolution of Infrastructure @ Gojek
Travelling back in time 8
Rapid Demand 9
How to deal with it? 10
Central Infrastructure Team 11
Intent? 12
Abstract out Infrastructure For Product Teams 13
Outcome? 14
Adhoc requests 15
“Measure what is measurable, and make measurable what is not
so” - Galileo 16 Credits: biography.com
Service request tickets 17
18 Example service request in our ticket system by a
team (names redacted)
19 Example service request to increase disk size (names redacted)
Number of service requests kept increasing with scale and more
product groups coming in 20
21 Ref: gunshowcomic.com/648
How does one keep up with service requests? 22
Scale your team vertically and keep doing so 23
Sustainable? 24
Very hard to do, but mostly No 25
Eventually, we noticed we were becoming the bottleneck 26
Give access to someone from the product team? 27
Chances of Security loopholes 28
29 Ref: https://blog.codinghorror.com/the-broken-window-theory/
What do we do then? 30
Quick detour 31
Where did systems administration start? 32
Evolution of Automation at Gojek 33
Evolution of Automation at Gojek 34 • Scripts • Chef-cookbooks
• Rundeck • Deployment scripts
Problems with the earlier solutions 35 • Multiple ways around
building and using automation • Managing dependencies for the automation. Eg: people using gcloud/AWS
Problems with the earlier solutions 36 • Lack of convention
leading to meagre contributions to automation from devs. • Adhoc way of managing access to tools like terraform, knife leading to stray accidents. • No central platform for automation.
Number of tickets getting created still not decreasing 37
Clearing infrastructure debts 38
Moving from maintenance to innovation mode 39
Making infrastructure boring for product teams 40
Proctor: Our automation orchestrator 41 Ref: github.com/gojek/proctor
42
43
Installation 44
45 Helm all the way Reference value: stable/proctor-service/values.yaml
Automation using proctor 46
Sample proc to increase disk 47
Sample proc to increase disk 48
Scripts can be added by developers and they get added
to proctor after our review 49
Sample procs in our ecosystem 50
Demo 51
Profit? 52
Outcome of having proctor? 53
Decrease in number of tickets which were mechanical in nature
54
Having terraform inside CI 55 +
But before that 56
Creating the gcloud project 57
58 Sample directory structure
59 .gitlab-yml for the gcloud project in gitlab
60
61 Plan and apply
Private terraform registry consisting of 90+ modules 62
Outcome? 63
Teams managing and provisioning their own infra with our best
practices baked in terraform modules 64
OSS alternatives? 65
66 Reference: runatlantis.io/
Ideal state? 67
68 Ref: Google SRE book: Eliminating toil
Known caveats? 69
Deletion of infra 70
Teams forget what they are using 71
Lessons learnt? 72
Avoid premature automation 73
High service requests for product teams is a smell 74
No Big bang changes 75
Documentation should go hand in hand, would affect productivity directly
76
Reduce steps for onboarding to your tooling, lesser the better
77
Invisible infrastructure 78
Product managers in Infrastructure teams 79
Prioritizing on innovation 80
Links and References • https://github.com/gojek/proctor • https://blog.gojekengineering.com/olympus-terraforming-repeatabl e-and-extensible-infrastructure-at-go-jek-42ad5b0a4f9a • https://learn.hashicorp.com/terraform/development/running-terrafor
m-in-automation • https://lethain.com/product-management-infra-engineering/ 81
82 @tasdikrahman tasdikrahman.me