Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS Summit

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Jay Yeras
Partner Solutions Architect, Amazon Web Services
SRV320
Amazon CI/CD Practices for Software
Development Teams

What have I done???

What to expect
Overview of continuous integration (CI) and continuous delivery (CD)
• Why it matters
• CI/CD tooling & techniques
Make your pipeline safer by:
1. Automating tests to catch regressions early
2. Identifying production issues quickly
3. Deploying changes safely
4. Automatically deciding when to release changes

Continuous integration

What is continuous deployment?

What is continuous delivery?

Why does CI/CD matter?

• Find bugs earlier
• Fix bugs faster
• Deliver faster
• Deliver more often
• Unblock developers
• Grow skills faster
Quality
5x
Lower change failure rate
Source: 2017 State of DevOps Report (Puppet)

• Fix bugs faster
• Deliver faster
Delivery
440x
Faster from commit to deploy

• Fix bugs faster
• Deliver faster
Delivery
46x
More frequent deployments

• Fix bugs faster
• Deliver faster
Happy teams
44%
More time spent on new
features and code

Techniques
1. Automated testing
2. Continuous production testing
3. Manage deployment health
4. Segment production
5. Halt promotions

Prerequisites
• Versioned source
• Automated build
• Automated deployments
• Deploy to > one instance
• Unit tests
• Integration tests
• Continuous delivery

Prerequisites
• Versioned source
• Automated build
• Automated deployments
• Deploy to > one instance
• Unit tests
• Integration tests
• Continuous delivery
Source
Build
Deploy to
integration stack
integration tests
Deploy to
production

Best practices with your tools
• Focus on best practices
• Keep using your current tools where possible
• Build and testing tools
• Deployment tools
• Continuous integration and continuous delivery tools
• Extend your current tools when needed
• This talk uses AWS tools

Tools used
Monitoring
Amazon CloudWatch
Software development
Amazon SNS
AWS Lambda
Build & test
AWS CodeBuild
Deployment
AWS CodeDeploy
AWS CodePipeline

Model the release process in AWS CodePipeline
Source
Build
Deploy to
integration stack
Integration tests
Deploy to
production
Source
MyAppSource
CodeCommit
Build
Build
CodeBuild
Production
Deploy to Prod
CodeDeploy
Integration
Deploy to Integ
CodeDeploy
IntegTest
End2EndTester

Source
MyAppSource
CodeCommit
Build
Build
CodeBuild
Production
Deploy to Prod
CodeDeploy
Integration
Deploy to Integ
CodeDeploy
IntegTest
End2EndTester
Pipeline
Stage
Action

Source
MyAppSource
CodeCommit
Build
Build
CodeBuild
Production
Deploy to Prod
CodeDeploy
Integration
Deploy to Integ
CodeDeploy
IntegTest
End2EndTester
Change 1 Source change
• Starts a run
• Creates an artifact to be
used by other actions
Pipeline run

Release and deploy process: Starting point
Source
MyAppSource
CodeCommit
Build
Build
CodeBuild
Production
Deploy to Prod
CodeDeploy
Integration
Deploy to Integ
CodeDeploy
IntegTest
End2EndTester
AWS
CodeDeploy

Techniques
1. Automated testing
2. Continuous service testing
3. Manage deployment health
4. Segment production
5. Halt promotions

Be aware when a code change fails tests
Problem
A code change can fail automated tests without developer
knowledge
Consequence
Your pipeline becomes blocked and changes stop flowing to
production

Add notifications to your automated tests
1. Run unit tests during build process
2. Deploy to integration environment
3. Run integration and UI tests
4. Notify developer chat room if the build or tests fail

Configure AWS CodeBuild

Step 1: Build and unit tests
Source
MyAppSource
CodeCommit
Build
Build
CodeBuild
Tests
IntegrationDeploy
CodeDeploy
TestOnChrome
CodeBuild
TestOnChrome
CodeBuild
IntegTest
End2EndTester
1. Trigger pipeline on source change
2. Build and unit tests
3. Deploy to integration environment
4. Execute UI tests
5. Execute integration tests

Step 2: Notify on failed build and test
Source
MyAppSource
CodeCommit
Build
Build
CodeBuild
Tests
IntegrationDeploy
CodeDeploy
TestOnChrome
CodeBuild
TestOnChrome
CodeBuild
IntegTest
End2EndTester
Change 1
CloudWatch
Events
(failed action)
Lambda function
NotifyChimeOnPipelineActionFailure()
Amazon Chime

Be aware when a service is unavailable
Problem
A service can stop working at any time for reasons inside or
outside of its control
Consequence
Your service may be unavailable without your team knowing
about it

Use synthetic traffic to simulate real users
• Test all business-critical functionality (UI and APIs)
• Tests must run quickly
• Measure client latencies
• Check for reachability

Synthetic traffic
How synthetic traffic flows
CloudWatch
Alarm
CloudWatch
Events (1m)

CloudWatch
Events (1m)
Synthetic traffic
Synthetic traffic flow: Why two metric streams?
CloudWatch
Alarm

Building a synthetic traffic test

Building a synthetic traffic test
• Keep it simple
• Build logic in Lambda (invoke with CloudWatch Events)
• Capture data in CloudWatch metrics

AWS Lambda synthetic traffic blueprint

Scheduling the synthetic traffic test

Building a synthetic traffic test: Code

Building a synthetic traffic test: Alarming

Release and deploy process: Synthetic traffic
DeployToProd
CodeDeploy
Production
Synthetic traffic
AWS
CodeDeploy

V1V1 V1 V1 V1 V1 V1 V1 V1 V1V2 V2 V2 V2 V2V2 V2 V2 V2 V2
Rolling deployments: Success
Production fleet
Elastic Load Balancing

V1V1 V1 V1 V1 V1 V1 V1 V1 V1V2 V2 V2 V2 V2V2 V2 V2 V2 V2
Rolling deployments: Fail
Production fleet

Check for deployment failures in production
Problem
There are no automated tests to verify that a service is working
after a new deployment
Consequence
Each production deployment needs to be checked manually

Add safety to rolling deployments
1. Validate each host’s health
2. Ensure that a minimum percentage of the fleet is healthy
3. Rollback if the deployment failed

Configure AWS CodeDeploy

Step 1: Deployment validation – AppSpec.yaml

V1V1 V1 V1 V1 V1 V1 V1 V1 V1V2 V2 V2 V2 V2V2
Step 1: Working tests raises more issues
Production fleet
Failed deployment

4 failures – 60% healthy
MHH 70%, 10 hosts:
V1V2 V1V1 V1 V1 V1 V1 V1 V1 V1V2 V2 V2 V2V2 V2 V2 V2 V2
Step 2: Use minimum healthy hosts
Production fleet
1 failure – 90% healthy

Step 2: Use minimum health hosts: AWS CodeDeploy

Step 3: Rollback when a deployment fails
• AWS CodeDeploy: Configured in deployment group

Release and deploy: Deployment health
DeployToProd
AWS CodeDeploy
Production
Synthetic traffic
AWS CodeDeploy
3 of 5 – Manage deployment health

Bad changes must not affect all customers
Pipeline Problem
When a critical issue reaches production, all hosts are affected
Consequence
Bad changes impact all customers

Lower deployment risk by segmenting
1. Break production into multiple segments
2. Deploy to a segment
3. Test a segment after a deployment
4. Repeat 2 & 3 until done

Step 1: Break production into multiple segments
Typical segment types
• Region
• Availability Zone
• Subzonal
• Single host (canary)
US-EAST-1
US-EAST-1A US-EAST-1B

V2 V2 V2V2V1 V1V1
Step 1: Typical deployment segmentation
Availability Zone-based
deployment
deployment
deployment
V2 V2V2V1 V1V1 V2 V2V2V1 V1V1
Production fleet
Post-deployment test
Canary
deployment
V1
Region-based deployment

Step 1: Use deployment groups as segments
Create deployment groups per segment using:
• Tags
• Auto Scaling groups

Production
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
Deploy-AZ-3
CodeDeploy
DeployToInteg
CodeDeploy
Integration
IntegTest
End2EndTester
Step 2: Deploy to each segment
1. Deploy to smallest segment
2. Post-deployment tests
3. Deploy to one Availability Zone
4. Post-deployment tests
5. Deploy to remaining Availability
Zones

Step 3: Test each segment
A deployment is valid if:
• The test has gathered enough data to gain confidence
• CloudWatch metrics
• No service alarms have fired
• CloudWatch alarms
• The test has not timed out
• Code

Add segment tests to your pipeline
Extend AWS CodePipeline with:
• Test actions
• Lambda Invoke actions
• Custom actions
• Approval actions
1-hour timeout
7-day timeout

Use AWS CodePipeline approvals to trigger tests
Source
MyAppSource
CodeCommit
Deploy
DeployToSegment
CodeDeploy
ValidateSegment
Approval
putApprovalResult
Approval
message
DeployToSegment
CodeDeploy
SNS topic

Use SNS to start an automated approval check

Creating a post-deployment test
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
Deploy
CanaryDeploy
CodeDeploy
ValidateCanary
Approval
Lambda function
registerDeployTest()
Lambda function
evaluateDeploy()
Amazon
DynamoDB
CloudWatch
Events (1m)
Change 1
Prod-us-east-1a
CodeDeploy AlarmTimeUsage
SNS topic

Post-deployment test – registerDeployTest
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
Deploy
CanaryDeploy
CodeDeploy
ValidateCanary
Approval
Lambda function
Lambda function
evaluateDeploy()
DynamoDB
CloudWatch
Events (1m)
Change 1
Prod-us-east-1a
SNS topic

registerDeployTest function – (Node.js 4.3)

Post-deployment test – evaluateDeployTest
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
Deploy
CanaryDeploy
CodeDeploy
ValidateCanary
Approval
Lambda function
Lambda function
evaluateDeploy()
DynamoDB
CloudWatch
Events (1m)
Change 1
Prod-us-east-1a
SNS topic

approveValidation function (Node.js 4.3)

Canary deployments – they’re different
All production hosts
• Participates in serving production traffic
• Configured as a production instance
• Participates in production metrics stream
Canary hosts
• Has its own metrics stream
• Canary validations use the canary metric stream

Release and deploy: Segment production
Synthetic traffic
AWS CodeDeploy
Production
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
Deploy-AZ-3
CodeDeploy
DeployToProd
CodeDeploy
Production

EC2 instance
Change 2Change 3
Don’t change the system under test
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
DeployToProd
MyApp
CodeDeploy
Deploys
Change 1

Don’t compound problems during an outage
Pipeline problem
The pipeline is unaware of the health of the infrastructure it is
deploying to
Consequence
Production changes, usually deployments, can make it difficult for
an operator to resolve a production event

Build promotion blockers

Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
DeployToProd
MyApp
CodeDeploy
Change 1Change 2
Auto-stop deploying to PRD during an event
CloudWatch
Synthetic
traffic
Deploys
Checks
CloudWatch
Events (1m)
Triggers
EmitsDisables
disableTransition() CloudWatch
alarm
EC2 instance
SNS

disableTransition function (Lambda Node.js 4.3)

Enable production deployments – AWS CodePipeline

Release and deploy: Halt promotions
Synthetic traffic
AWS CodeDeploy
Production
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
Deploy-AZ-3
CodeDeploy

Continuous delivery summary
Goal: Make your pipeline safer
1. Automated testing and notifications
• Keep pipeline unblocked
2. Identify production issues quickly
• Continuous production testing
3. Safely deploy changes
• Manage deployment health
• Segment production
4. Automatically decide when to release changes
• Halt promotions

Release and deploy process: Ending point
DeployToProd
CodeDeploy
Production
AWS CodeDeploy
Synthetic traffic
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
Deploy-AZ-3
CodeDeploy
Production

Code is available online
• https://github.com/aws-samples/aws-codebuild-samples
• https://github.com/awslabs/aws-codepipeline-synthetic-tests
• https://github.com/awslabs/aws-codepipeline-block-production

Submit session feedback
1. Tap the Schedule icon.
2. Select the session you
attended.
3. Tap Session Evaluation to
submit your feedback.

Thank you!
Acknowledgements
• Original 2016 slides written and prepared by Mark
Mansour, Senior Manager, Continuous Delivery, AWS
• This presentation, “DevOps on AWS: Advanced
Continuous Delivery Techniques,” was originally given
at re:Invent 2016 on Nov 30, 2016
• 2017 slides updated by Curtis Bray, Manager, AWS
CodePipeline for DEV324 presentation at re:Invent
2017
• 2018 slides updated by Curtis Rissi, Sr. Solutions
Architect to incorporate “Continuous Integration Best
Practices for Software Development Teams” by Clare
Liguori, AWS Senior Software Engineer, to cover the full
CI/CD process

Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS Summit

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS Summit

Similar to Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS Summit (20)

More from Amazon Web Services

More from Amazon Web Services (20)

Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS Summit