• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Death to Manual Deployments
 

Death to Manual Deployments

on

  • 1,733 views

Manual deployments of software are slow, error prone, and generally miserable. Let's talk about getting rid of them and replacing them with automation.

Manual deployments of software are slow, error prone, and generally miserable. Let's talk about getting rid of them and replacing them with automation.

Statistics

Views

Total Views
1,733
Views on SlideShare
1,696
Embed Views
37

Actions

Likes
1
Downloads
50
Comments
0

2 Embeds 37

https://twitter.com 36
http://paper.li 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Death to Manual Deployments Death to Manual Deployments Presentation Transcript

    • Death to Manual Deployments! Implementing Reliably Consistent Deployments Across Environments1
    • Eric MinickTechnical Evangelistetm@urbancode.com • Background as a developer, tester and tools guy • Helping customers implement build & deploy for the past 8 years2
    • We hate manual deployments• They’re slow• They aren’t consistent across environments• You fail in production• You don’t know who deployed what, where or when3
    • Why do people like manual deployments?• I feel more in control from the command line• It’s how we’ve always done it• I know what I did and see the output of the commands I ran• When something goes wrong, I can be the hero and fix it4
    • What about scripts?• I don’t have a manual deployment: I have scripts! – How many scripts? – What order? – Who has permissions to run them? – Are they the same across environments? – What else do you need to do?• Scripts are only part of a fully automated deployment.5
    • We love automated deployments• They’re NOTslow• They ARE consistent across environments• You DON’T fail in production• You DO know who deployed what, where or when6
    • Automated deployments provide benefits• Provide a platform you can build on – continuous deploys, smoke tests, other goodies• Empower people while increasing control – stop waiting on other people – stop being harassed by other people• Better, Faster, Cheaper (Pick any 3)7
    • The Program• Today’s Manual Deployments• Elements of an Automated Solution• Best Practices with Automated Deployments8
    • The Program• Today’s Manual Deployments• Elements of an Automated Solution• Best Practices with Automated Deployments9
    • … you might have a manual deployment• Hand-offs are through email (or file shares)• Developers, QA, and Ops deploy differently• Tweaks communicated on an as-broken basis• Deployments steps are a hugedocument• The term “deployment weekend” is used• Developers have production passwords10
    • Hand-offs are through email (or file shares)• They’re slow• They aren’t consistent across environments• You fail in production• You don’t know who deployed what, where or when11
    • Developers, QA, and Ops deploy differently• They’re slow• They aren’t consistent across environments• You fail in production• You don’t know who deployed what, where or when12
    • Tweaks communicated on an as-broken basis• They’re slow• They aren’t consistent across environments• You fail in production• You don’t know who deployed what, where or when13
    • Deployments steps are a huge document• They’re slow• They aren’t consistent across environments• You fail in production• You don’t know who deployed what, where or when14
    • The term “deployment weekend” is used• They’re slow• They aren’t consistent across environments• You fail in production• You don’t know who deployed what, where or when15
    • Developers have production passwords• They’re slow• They aren’t consistent across environments• You fail in production• You don’t know who deployed what, where or when16
    • If only people were more disciplined…• We could make deployment docs – we could capture everything – we could update them – we could follow them, perfectly, every time.• We could have audit spreadsheets – we could capture everything – we could update them17
    • People aren’t machines• People: good at using creative judgment• Machines: good atconsistency Automated deployments leverage the strengths of people and machines. Alistar Cockburn, “Characterizing People as Non-Linear, First-Order Components in Software Development”18
    • DevOps isn’t natural• Conway’s Law: organizations are constrained to produce solutions that copy the structure of their organization• Ops wants to maintain control – doesn’t care about DEV, can’t keep up with the frequent changes• Development doesn’t want responsibility for production deployments• QA lacks influence in DEV & PROD19
    • The Program• Today’s Manual Deployments• Elements of an Automated Solution• Best Practices with Automated Deployments20
    • Elements of an automated solution• Automated process• Coordinating tiers• Environment definitions• Artifact repository• Access control• Audit trail21
    • Automated processFast, consistent and repeatableStatus Quo What we need• Don’t exist • Single script reused across• Incomplete environments• Multiple order-dependent • Controlled access to scripts deployment steps• Multiple versions per • Auto record what happened environment (or machine)• Uncontrolled22
    • Coordinating Tiers / ComponentsMove all tiers, services, config etc togetherStatus Quo What we need• Based on oral history • A model for whole systems• In a Release Manager’s • Standard deployment based spreadsheet on changes to all pieces and• Total plan based on parts documented changes for • Actual deployment runs the each release needed subset. – Redesign every time23
    • Environment definitionsPer-environment configuration and passwordsStatus Quo What we need• Configured manually • Environments a first-level• Details embedded in entity binaries, scripts, property • Properties controlled at the files, ini files environment level• Environment information • Secure storage of sensitive either uncontrolled or in values (passwords) source control24
    • Artifact repositoryKnow what you’re gettingStatus Quo What we need• Is email a repository • Definitive Software Library• File share on the network • Consistent set of artifacts across• Source control for binary control environments• Uncontrolled • Tamper-proof artifacts• Crude control over what to keep • Automated retention policies based on deployments25
    • Access controlWho can deploy to which environmentStatus Quo What we need• Controlled by who can log • Role-based access control onto the machine • Access control by• Access tends to grow over environment time in response to crisis • Single source of access• Access control distributed control across machines • LDAP / Active Directory authentication (or authorization)26
    • Audit trailKnow what happenedStatus Quo What we need• What audit trail? • Win at Clue:• I have the spreadsheet – Who – What• Our Change Management – Where System has what we think – When (better than Clue!) we did• Audit trail starts at PROD • Require no additional work • End-to-end traceability27
    • Solution Benefits• We have confidence that our production deployments will succeed• QA can take new builds faster• DEV deployments fast enough to keep up with our rate of change• We have an audit trail from day one• We have separation of duties28
    • The Program• Today’s Manual Deployments• Elements of an Automated Solution• Best Practices with Automated Deployments29
    • Best Practices with Automated Deployments• Deferred deployments• Self-service deployments• Automatic deployment• Automatic smoke-test• Automated rollbacks• Continuous production deployment30
    • Deferred deployments• Story: I want to do my deployment at 11 pm on Friday after my users are offline.• Solution: Schedule deployment for desired time, go home. Wait for notification of success or failure.31
    • Self-service deployments• Story: QA wants to be able to take a new build when they need one.• Solution: Use per-environment access control to allow the QA people to deploy on- demand, but only to the test environment.32
    • Automatic deployment• Story: Want to keep the development test server in sync with the latest changes in source control.• Solution: After building, automatically deploy to the development server.33
    • Automatic smoke-test• Story: I want to know if something breaks immediately.• Solution: After deploying, automatically trigger a suite of automated tests and report the results.34
    • Automated rollback• Story: If my deployment fails I want to restore the previous build.• Solution: When a deployment step fails, trigger the restoration of the last successfully deployed build.35
    • Continuous production deployments• Story: When a change is committed it should be deployed to production if it doesn’t break anything.• Solution: After deployment to test environment run automated test suites. If they all pass, trigger a deployment to production, then test that production deploy was successful. Rollback on failure.36
    • Summary• Manual deployments are slow and broken because they require people to act like machines• Computers make good machines• Automated deployments provide a solid foundation for further improvement37
    • References http://urbancode.com/resources• Deployment Automation Basics• Lean Build & Deployment Automation• ITIL Release Management and AutomationBlogs.urbancode.comTwitter.com/UrbanCodeSoftFacebook.com/UrbanCodeSoft38
    • Yes, UrbanCode sells products for this• AnthillPro – Continuous Delivery including build, test and deployment.• uDeploy – Model driven deployments focused on the coordination problem. Integrated with a variety of build tools.39
    • Questions? Eric Minick . eric@urbancode.com @EricMinick40