Hochi Chuang, profile picture
Uploaded byHochi Chuang
PDF, PPTX475 views

2015 jcconf-h2s-devops-practice

Hochi Chuang presented on the DevOps practices at Here2Shop. Here2Shop uses Agile development methods like Scrum and focuses on continuous testing, deployment, and monitoring. They deploy Java applications to AWS using Jenkins, Selenium, and the AWS CLI. Their goals include improving the deployment process, integrating monitoring tools, and addressing security issues like content delivery and cross-site scripting. Chuang shared experiences transitioning to microservices and optimizing performance through caching.

Embed presentation

Download as PDF, PPTX
Here2Shop DevOps Practice Hochi Chuang
Who am I • 熟悉Java相關開發技術 - client & server • ⾃自動化整合與測試 • 雲端系統建置 • Startup 相關經驗 • ⺫⽬目標 -> 打造⼀一個⼤大系統環境,在台灣
About Here2shop • 利⽤用Big Data技術讓商家和消費者更互惠 • 致⼒力達成⼝口碑⾏行銷和顛覆傳統的社交平台 • 你不需要懂電商,因為電商懂你 • 官網 https://www.here2shop.com/
Agenda • DevOps @ Here2Shop • Development • Test • Deployment • Monitoring • EC 平台注意事項與安全性 • 經驗分享
DevOps
@Here2Shop • Java + Spring + Jenkins • Test (JUnit + selenium) • Deploy (AWS) • Monitor (logs + selenium) • Feedback (human involved)
Development
• Agile Development sprint — 2 weeks daily scrum review & planning • Role Scrum master Product owner Team
Case: Agile? • EC — online Web Application Prioritise!! — bugs, features, data, etc… Plan — exceptions… 經營模式、發票、特殊規格、 3rd party API Flexibility — easy to refactor… Code quality & style — peer co-working
• redmine ticket commit subject: “refs|fixes|close #xxx: doing something” • Code github flow @ gitlab • merge request gitlab + jenkins (gitlab merge request builder) • deploy to DEV environment
QA vs master • Every work goes into QA branch first • DEV machine has the latest code • Staging machine has a subset of passed tests code • master branch is always deploy-able
QA vs master • Every work goes into QA branch first • DEV machine has the latest code • Staging machine has a subset of passed tests code • master branch is always deploy-able BUT…
• DEVs be super CAREFUL!!! merged? (QA or master) • Complicated issue state Resolved Verified Feedback • Qualified code? No code review Peer comments
Github flow @Gitlab…
We Expect
Case: in real world • open source tools NOT integrated well a)polling to build periodically… b)cannot auto-update ticket status… c)automation not yet ready… • Keep DEV process in everyone’s mind!!!
• https://about.gitlab.com/2014/09/29/ gitlab-flow/ • http://www.15yan.com/story/ 6yueHxcgD9Z/
Test
Continuous Test • from: Understanding DevOps part 4
• DEV deploy by each merge request junit passed + BVT • Daily automation jenkins + selenium plugin (browse, login, logout, update product, search, purchase, etc…)
• Acceptance Test on Staging - accessible from outside Non RD team member feature as design data validation 3rd API integration - ⾦金流、簡訊 social media integration - Facebook, LINE, etc…
• Production selenium - per hour availability detector - uptimebutler.com, webmon.com change detector site links validation - xenu Vitual Studio Load test
Xenu
Case: sth to know… • wrong CSS layout - Sikuli • Site speed tester Google PageSpeed Insights GTmetrix — https://gtmetrix.com/ • Google webmaster tool Structured Data, Data Highlighter, HTML Improvements
Deployment
to AWS
the first - manually jars bastion scp -r v001_20151203 bastion:~/ Web Server 1 Web Server 2 scp -r v001_20151203 172.1.0.xxx:~/
the first - manually jars bastion scp -r v001_20151203 bastion:~/ Web Server 1 Web Server 2 Painful and Erroneous scp -r v001_20151203 172.1.0.xxx:~/
need to CHANGE!! • static resources CDN, so resources need versioning!! • app server retrieves the latest build by itself jenkins S3 plugin + script • HA without downtime AWS API + script //cdn1r.here2shop.com/00396/css/default.css
AWS CLI • HA of ELB # update service aws autoscaling enter-standby --instance-ids i-dadfc329 --auto- scaling-group-name prod-asg --should-decrement-desired-capacity aws autoscaling exit-standby --instance-ids i-dadfc329 --auto- scaling-group-name prod-asgaws autoscaling describe-auto-scaling-instances --instance-ids i-dadfc329 # create a new instance ec2-run-instances ami-xxxxxxxx -t m3.medium -s subnet-xxxxxxxx - k prod-key -g sg-xxxxxxxx --associate-public-ip-address true aws autoscaling attach-instances --instance-ids i-109228e5 -- auto-scaling-group-name prod-asg
semi-auto jars bastion Web Server 1 Web Server 2 # get latest jars from S3 bucket java -jar latest-build.jar S3 jenkins
Next goals • pack static resources and separate from service jar • one click to deploy make 10+ deploy per day!! • integrate with Hubot + slack • rollback mechanism challenge with Hibernate ORM
Monitoring
• CloudWatch —> alert notification • still in stone age —> login, tail, vi, find & watch… • lots of human involved actions
Tools • PaperTrails / fluentd • nagios
We Hope…
We Hope…
We Hope…
經驗分享
Case I: Spring boot • spring boot is great for micro-service, but large project… • pro ‣ convention over configuration ‣ standalone jar • con ‣ eclipse & standalone jar NOT the same ‣ hard to replace a single static file…
Case II: Security Issue • Redirect security concerns nginx —> origin, md5 checksum by LUA location ~ ^/(ad|edm)/(.*)* { valid_referers none blocked server_names *.here2shop.com; if ($invalid_referer) { return 403; } rewrite_by_lua " HASH_KEY = 'secret_pass'; local redirect_url= ngx.unescape_uri(ngx.var['arg_r']); local arg_checksum = ngx.var['arg_m']; redirect_url_checksum = ngx.md5(redirect_url..HASH_KEY); if(redirect_url_checksum==arg_checksum) then return ngx.redirect(redirect_url, 302); else return ngx.exit(403); end "; }
Case III: more Security • expose iframe all site: specific site: X-Frame-Options: SAMEORIGIN Content-Security-Policy:frame-ancestors http://example.com
Case IV: Facebook • Facebook doesn’t like cloudfront domain… d8adrk2lu91bp.cloudfront.net —> malicious domain cdn1r.here2shop.com
Case V: caching • 10k transactions in 16 hours • concurrent: ~500 • hanging on single table —> move to Redis • transaction: from 5 min to 10 seconds
Thank You https://www.here2shop.com mail to: hochi.chuang@here2shop.com
Q&A

More Related Content

PDF
AtlasCamp 2014: Building a Production Ready Connect Add-on
byAtlassian
 
PDF
Baking Stash in the AWS Cloud at Netflix
byAtlassian
 
PPT
Spring Boot with Quartz
byDavid Kiss
 
PPTX
How we built a job board in one week with JHipster
byKile Niklawski
 
PDF
JHipster
byYuen-Kuei Hsueh
 
PPTX
Java in azure dev ops
byJeffray Huang
 
PPTX
React in production (react global summit 2021)
bySouvik Basu
 
PDF
Digital Success Stack for DCBKK 2018
byKyvio
 
AtlasCamp 2014: Building a Production Ready Connect Add-on
byAtlassian
 
Baking Stash in the AWS Cloud at Netflix
byAtlassian
 
Spring Boot with Quartz
byDavid Kiss
 
How we built a job board in one week with JHipster
byKile Niklawski
 
JHipster
byYuen-Kuei Hsueh
 
Java in azure dev ops
byJeffray Huang
 
React in production (react global summit 2021)
bySouvik Basu
 
Digital Success Stack for DCBKK 2018
byKyvio
 

What's hot

PDF
淺談 Startup 公司的軟體開發流程 v2
byWen-Tien Chang
 
PDF
Full-Stack Development with Spring Boot and VueJS
byVMware Tanzu
 
PPTX
Browser Automation with Playwright – for integration, RPA, UI testing and mor...
byLucas Jellema
 
PDF
The WordPress Performance Team
byFelix Arntz
 
PDF
Intro to Node.js (for .NET Developers)
byDavid Neal
 
PDF
Continuous Delivery with Sitecore
byCode Computerlove
 
PDF
Deployment Pipeline for databases (Azure SQL Database, SQL Server)
byEduardo Piairo
 
PPTX
Tc open-doors-day-speech
byEvgeniy Koshkin
 
PDF
Node.js for .NET Developers
byDavid Neal
 
PDF
Grails in 5mins (2010-v0.3)
byDavid Trattnig
 
PDF
Azureサーバーレスで行う情報のスクリーニング
byryosuke matsumura
 
PDF
Continuous integration and delivery for java based web applications
bySunil Dalal
 
PDF
Fine-Tuning of Agile Development
byThoughtworks
 
PDF
Devoxx : being productive with JHipster
byJulien Dubois
 
PPTX
Azure devops
byMohit Chhabra
 
PDF
Contract-based Testing Approach as a Tool for Shift Lef
byKatherine Golovinova
 
PPTX
An Angular developer moving to React
bySouvik Basu
 
PDF
Evolutionary infrastructure agile 2018 - kief morris
byKief Morris
 
PPTX
All Things Jenkins and Cloud Foundry (Cloud Foundry Summit 2014)
byVMware Tanzu
 
PDF
Unleashing Docker with Pipelines in Bitbucket Cloud
byAtlassian
 
淺談 Startup 公司的軟體開發流程 v2
byWen-Tien Chang
 
Full-Stack Development with Spring Boot and VueJS
byVMware Tanzu
 
Browser Automation with Playwright – for integration, RPA, UI testing and mor...
byLucas Jellema
 
The WordPress Performance Team
byFelix Arntz
 
Intro to Node.js (for .NET Developers)
byDavid Neal
 
Continuous Delivery with Sitecore
byCode Computerlove
 
Deployment Pipeline for databases (Azure SQL Database, SQL Server)
byEduardo Piairo
 
Tc open-doors-day-speech
byEvgeniy Koshkin
 
Node.js for .NET Developers
byDavid Neal
 
Grails in 5mins (2010-v0.3)
byDavid Trattnig
 
Azureサーバーレスで行う情報のスクリーニング
byryosuke matsumura
 
Continuous integration and delivery for java based web applications
bySunil Dalal
 
Fine-Tuning of Agile Development
byThoughtworks
 
Devoxx : being productive with JHipster
byJulien Dubois
 
Azure devops
byMohit Chhabra
 
Contract-based Testing Approach as a Tool for Shift Lef
byKatherine Golovinova
 
An Angular developer moving to React
bySouvik Basu
 
Evolutionary infrastructure agile 2018 - kief morris
byKief Morris
 
All Things Jenkins and Cloud Foundry (Cloud Foundry Summit 2014)
byVMware Tanzu
 
Unleashing Docker with Pipelines in Bitbucket Cloud
byAtlassian
 

Similar to 2015 jcconf-h2s-devops-practice

PDF
Getting to Walk with DevOps
byEklove Mohan
 
PDF
Simplified DevOps Bliss -with OpenAI API
byVictorSzoltysek
 
ODP
Deploying your SaaS stack OnPrem
byKris Buytaert
 
PPTX
Scaling Magento
byCopious
 
PDF
Advanced Topics in Continuous Deployment
byMike Brittain
 
PPTX
The eBay-Way Meetup IL - CI/CD with Microservices
byyinonavraham
 
PDF
Deployment Tactics
byIan Barber
 
PPTX
High Performance Cloud Computing
byNephoScale
 
DOCX
DevOps.docx
bySmritiSingh439780
 
PDF
Continuous delivery with Jenkins Enterprise and Deployit
byXebiaLabs
 
PDF
Microservices @ Work - A Practice Report of Developing Microservices
byQAware GmbH
 
PDF
KubeCon 2017: Kubernetes from Dev to Prod
bySubhas Dandapani
 
PDF
London Atlassian User Group - February 2014
bySteve Smith
 
PPTX
devops_
byflopaconsult
 
PPTX
Devops services
byRomexsoft
 
PDF
Heroku to Kubernetes & Gihub to Gitlab success story
byJérémy Wimsingues
 
PDF
Be DevOps Ready
byMalinda Kapuruge
 
PDF
Modern Web development and operations practices
byGrig Gheorghiu
 
PDF
Continuous Deployment at Scale, Rootconf 2016
byPremshree Pillai
 
PDF
Scaling Without Expanding: a DevOps Story
byAtlassian
 
Getting to Walk with DevOps
byEklove Mohan
 
Simplified DevOps Bliss -with OpenAI API
byVictorSzoltysek
 
Deploying your SaaS stack OnPrem
byKris Buytaert
 
Scaling Magento
byCopious
 
Advanced Topics in Continuous Deployment
byMike Brittain
 
The eBay-Way Meetup IL - CI/CD with Microservices
byyinonavraham
 
Deployment Tactics
byIan Barber
 
High Performance Cloud Computing
byNephoScale
 
DevOps.docx
bySmritiSingh439780
 
Continuous delivery with Jenkins Enterprise and Deployit
byXebiaLabs
 
Microservices @ Work - A Practice Report of Developing Microservices
byQAware GmbH
 
KubeCon 2017: Kubernetes from Dev to Prod
bySubhas Dandapani
 
London Atlassian User Group - February 2014
bySteve Smith
 
devops_
byflopaconsult
 
Devops services
byRomexsoft
 
Heroku to Kubernetes & Gihub to Gitlab success story
byJérémy Wimsingues
 
Be DevOps Ready
byMalinda Kapuruge
 
Modern Web development and operations practices
byGrig Gheorghiu
 
Continuous Deployment at Scale, Rootconf 2016
byPremshree Pillai
 
Scaling Without Expanding: a DevOps Story
byAtlassian
 

Recently uploaded

PDF
From Experiment to Enterprise: Scaling AI Coding Assistants Across Engineerin...
byMaxim Salnikov
 
PDF
Microservices-Final !!!!!!!!!!!!!!!!.pdf
bydoquangminh962004
 
PDF
DSD-INT 2025 Latest Developments for HydroMT and wflow - Meshgi
byDeltares
 
PPTX
Computer_Virus_Presentation_With_Slide7.pptx
byHEVISLIVE
 
PPTX
SNG460-CNG489_Week8_17-21Nov25_Chp8-OdtuClass.pptx
byberayseray382
 
PDF
Using Agentic RAG for Research - Demonstration of NotebookLM
byRathish Chandra Gatti,Ph.D
 
PPTX
SNG460-CNG489_Week6_3-7Nov25_Chp6-Part1.pptx
byberayseray382
 
PPTX
Modern P&C Insurance Software for Smarter, Faster Operations.pptx
byInsurance Tech Services
 
PPTX
application security presentation 2 by harman
byharmanideapad
 
PPTX
Lecture 3 - Scheduling - Operating System
bynurulalomador
 
PDF
nsfconvertersoftwaretoconvertNSFtoPST.pdf
byNSF Converter Software
 
PDF
Kiến trúc hướng dịch vụ UET!!!!!!!!!!!!!!!!!!!!!!!
bydoquangminh962004
 
PPTX
Custom chat gpt integration services.pptx
byChetu
 
PPTX
Python-Functions-A-Comprehensive-Overview.pptx
byMuhammad Fahad Bashir
 
PPTX
AI Agent Overview - Why we need AI Agent
byAlokGope
 
PDF
Virtual Study Circles Innovative Ways to Collaborate Online.pdf
byExplain Learning
 
PDF
DSD-INT 2025 Stochastic flood event generation using wflow and a diffusion do...
byDeltares
 
PDF
DSD-INT 2025 Hydrological response of the Puget Sound area to a changing clim...
byDeltares
 
PDF
DSD-INT 2025 Managing low flows in the International Meuse Basin with Nature-...
byDeltares
 
PPTX
1_MIL_Introduction_Influence-of-Media-and-Information-on-Communication (1).pptx
byDeltaDomsMamas1
 
From Experiment to Enterprise: Scaling AI Coding Assistants Across Engineerin...
byMaxim Salnikov
 
Microservices-Final !!!!!!!!!!!!!!!!.pdf
bydoquangminh962004
 
DSD-INT 2025 Latest Developments for HydroMT and wflow - Meshgi
byDeltares
 
Computer_Virus_Presentation_With_Slide7.pptx
byHEVISLIVE
 
SNG460-CNG489_Week8_17-21Nov25_Chp8-OdtuClass.pptx
byberayseray382
 
Using Agentic RAG for Research - Demonstration of NotebookLM
byRathish Chandra Gatti,Ph.D
 
SNG460-CNG489_Week6_3-7Nov25_Chp6-Part1.pptx
byberayseray382
 
Modern P&C Insurance Software for Smarter, Faster Operations.pptx
byInsurance Tech Services
 
application security presentation 2 by harman
byharmanideapad
 
Lecture 3 - Scheduling - Operating System
bynurulalomador
 
nsfconvertersoftwaretoconvertNSFtoPST.pdf
byNSF Converter Software
 
Kiến trúc hướng dịch vụ UET!!!!!!!!!!!!!!!!!!!!!!!
bydoquangminh962004
 
Custom chat gpt integration services.pptx
byChetu
 
Python-Functions-A-Comprehensive-Overview.pptx
byMuhammad Fahad Bashir
 
AI Agent Overview - Why we need AI Agent
byAlokGope
 
Virtual Study Circles Innovative Ways to Collaborate Online.pdf
byExplain Learning
 
DSD-INT 2025 Stochastic flood event generation using wflow and a diffusion do...
byDeltares
 
DSD-INT 2025 Hydrological response of the Puget Sound area to a changing clim...
byDeltares
 
DSD-INT 2025 Managing low flows in the International Meuse Basin with Nature-...
byDeltares
 
1_MIL_Introduction_Influence-of-Media-and-Information-on-Communication (1).pptx
byDeltaDomsMamas1
 

2015 jcconf-h2s-devops-practice

  • 1.
  • 2.
    Who am I •熟悉Java相關開發技術 - client & server • ⾃自動化整合與測試 • 雲端系統建置 • Startup 相關經驗 • ⺫⽬目標 -> 打造⼀一個⼤大系統環境,在台灣
  • 3.
    About Here2shop • 利⽤用BigData技術讓商家和消費者更互惠 • 致⼒力達成⼝口碑⾏行銷和顛覆傳統的社交平台 • 你不需要懂電商,因為電商懂你 • 官網 https://www.here2shop.com/
  • 4.
    Agenda • DevOps @Here2Shop • Development • Test • Deployment • Monitoring • EC 平台注意事項與安全性 • 經驗分享
  • 5.
  • 6.
    @Here2Shop • Java +Spring + Jenkins • Test (JUnit + selenium) • Deploy (AWS) • Monitor (logs + selenium) • Feedback (human involved)
  • 7.
  • 8.
    • Agile Development sprint— 2 weeks daily scrum review & planning • Role Scrum master Product owner Team
  • 9.
    Case: Agile? • EC— online Web Application Prioritise!! — bugs, features, data, etc… Plan — exceptions… 經營模式、發票、特殊規格、 3rd party API Flexibility — easy to refactor… Code quality & style — peer co-working
  • 11.
    • redmine ticket commitsubject: “refs|fixes|close #xxx: doing something” • Code github flow @ gitlab • merge request gitlab + jenkins (gitlab merge request builder) • deploy to DEV environment
  • 13.
    QA vs master •Every work goes into QA branch first • DEV machine has the latest code • Staging machine has a subset of passed tests code • master branch is always deploy-able
  • 14.
    QA vs master •Every work goes into QA branch first • DEV machine has the latest code • Staging machine has a subset of passed tests code • master branch is always deploy-able BUT…
  • 16.
    • DEVs besuper CAREFUL!!! merged? (QA or master) • Complicated issue state Resolved Verified Feedback • Qualified code? No code review Peer comments
  • 17.
  • 18.
  • 21.
    Case: in realworld • open source tools NOT integrated well a)polling to build periodically… b)cannot auto-update ticket status… c)automation not yet ready… • Keep DEV process in everyone’s mind!!!
  • 22.
  • 23.
  • 24.
    Continuous Test • from:Understanding DevOps part 4
  • 25.
    • DEV deploy byeach merge request junit passed + BVT • Daily automation jenkins + selenium plugin (browse, login, logout, update product, search, purchase, etc…)
  • 26.
    • Acceptance Teston Staging - accessible from outside Non RD team member feature as design data validation 3rd API integration - ⾦金流、簡訊 social media integration - Facebook, LINE, etc…
  • 27.
    • Production selenium -per hour availability detector - uptimebutler.com, webmon.com change detector site links validation - xenu Vitual Studio Load test
  • 28.
  • 30.
    Case: sth toknow… • wrong CSS layout - Sikuli • Site speed tester Google PageSpeed Insights GTmetrix — https://gtmetrix.com/ • Google webmaster tool Structured Data, Data Highlighter, HTML Improvements
  • 31.
  • 32.
  • 33.
    the first -manually jars bastion scp -r v001_20151203 bastion:~/ Web Server 1 Web Server 2 scp -r v001_20151203 172.1.0.xxx:~/
  • 34.
    the first -manually jars bastion scp -r v001_20151203 bastion:~/ Web Server 1 Web Server 2 Painful and Erroneous scp -r v001_20151203 172.1.0.xxx:~/
  • 35.
    need to CHANGE!! •static resources CDN, so resources need versioning!! • app server retrieves the latest build by itself jenkins S3 plugin + script • HA without downtime AWS API + script //cdn1r.here2shop.com/00396/css/default.css
  • 36.
    AWS CLI • HAof ELB # update service aws autoscaling enter-standby --instance-ids i-dadfc329 --auto- scaling-group-name prod-asg --should-decrement-desired-capacity aws autoscaling exit-standby --instance-ids i-dadfc329 --auto- scaling-group-name prod-asgaws autoscaling describe-auto-scaling-instances --instance-ids i-dadfc329 # create a new instance ec2-run-instances ami-xxxxxxxx -t m3.medium -s subnet-xxxxxxxx - k prod-key -g sg-xxxxxxxx --associate-public-ip-address true aws autoscaling attach-instances --instance-ids i-109228e5 -- auto-scaling-group-name prod-asg
  • 37.
    semi-auto jars bastion Web Server 1 Web Server 2 #get latest jars from S3 bucket java -jar latest-build.jar S3 jenkins
  • 38.
    Next goals • packstatic resources and separate from service jar • one click to deploy make 10+ deploy per day!! • integrate with Hubot + slack • rollback mechanism challenge with Hibernate ORM
  • 39.
  • 40.
    • CloudWatch —>alert notification • still in stone age —> login, tail, vi, find & watch… • lots of human involved actions
  • 42.
    Tools • PaperTrails /fluentd • nagios
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
    Case I: Springboot • spring boot is great for micro-service, but large project… • pro ‣ convention over configuration ‣ standalone jar • con ‣ eclipse & standalone jar NOT the same ‣ hard to replace a single static file…
  • 48.
    Case II: SecurityIssue • Redirect security concerns nginx —> origin, md5 checksum by LUA location ~ ^/(ad|edm)/(.*)* { valid_referers none blocked server_names *.here2shop.com; if ($invalid_referer) { return 403; } rewrite_by_lua " HASH_KEY = 'secret_pass'; local redirect_url= ngx.unescape_uri(ngx.var['arg_r']); local arg_checksum = ngx.var['arg_m']; redirect_url_checksum = ngx.md5(redirect_url..HASH_KEY); if(redirect_url_checksum==arg_checksum) then return ngx.redirect(redirect_url, 302); else return ngx.exit(403); end "; }
  • 49.
    Case III: moreSecurity • expose iframe all site: specific site: X-Frame-Options: SAMEORIGIN Content-Security-Policy:frame-ancestors http://example.com
  • 50.
    Case IV: Facebook •Facebook doesn’t like cloudfront domain… d8adrk2lu91bp.cloudfront.net —> malicious domain cdn1r.here2shop.com
  • 51.
    Case V: caching •10k transactions in 16 hours • concurrent: ~500 • hanging on single table —> move to Redis • transaction: from 5 min to 10 seconds
  • 52.
  • 53.