Every developer has gone through the frustration of creating new features, fixing bugs, or refactoring beautiful code, and then wait for it to reach the promise land of production. Come and learn how to get your changes in the hands of your customers with more speed, reliability, security and quality.
We will dive deep into architectures for continuous delivery pipelines, apply lean principles, and build intelligence into your pipeline.
Speaker: Shiva Narayanaswamy, Solutions Architect, Amazon Web Services
Featured Customer - REA Group
2. Agenda: Application Delivery Patterns
• Why?
• What?
• How?
• The REA Journey
• What the…?
• X Commandments
• What next?
3. Mission Statement
Deliver better features to customers, quickly, securely,
more reliably and cheaper.
http://www.space.com/images/i/000/034/954/original/blue-origin-test-fires-new-rocket-engine-3.jpg
4. Deliver “Hello World”
package main
import “fmt”
func main() {
fmt.Printf(“Hello, World.n”)
}
#!/path/to/python
print “Hello World!”
using System;
using System.Collections.Generic;
using System.Text;
namespace ConsoleApplication1 {
class Program {
static void Main(string[] args) {
Console.WriteLine("Hello, world!");
Console.ReadLine()
}
}
}
#!/path/to/ruby
puts "Hello World!";
var http = require('http');
http.createServer(function (request, response) {
response.writeHead(200, {'Content-Type': 'text/plain'});
response.end('Hello Worldn');
}).listen(8080);
5. Development Lifecycle
REPOSITORY
PM SYSTEM
CI SYSTEM
DEVELOPER
LOOKUP
TASKS
SUBMIT
CODE
SCHEDULE BUILD
AUTOMATIC
BUILD
BUILD
RESULTS
BUILD
ARTEFACTS
CLOUDFORMATION,
PUPPET,
CHEF,
ANSIBLE.
CONTAINERS,
AMIs
EXE, MSI,
RPM, DEB,
ZIP, TAR
6. Delivery Lifecycle
REPOSITORY
PM SYSTEM
DEPLOYMENT
SYSTEM
DEVELOPER
LOOKUP
TASKS
SUBMIT
CODE
SCHEDULE BUILD
BUILD /
ARTEFACTS
BUILD
RESULTS
CI SYSTEM
ENVIRONMENTS
SYSTEST
PRE-PROD
PRODUCTION
DEPLOYMENT
RESULTS
DEPLOYMENT
CONFIG
TRIGGER A
PUSH / PULL
7. Delivery Lifecycle
REPOSITORY
PM SYSTEM
DEPLOYMENT
SYSTEM
DEVELOPER
LOOKUP
TASKS
SUBMIT
CODE
SCHEDULE BUILD
BUILD /
ARTEFACTS
BUILD
RESULTS
CI SYSTEM
ENVIRONMENTS
SYSTEST
PRE-PROD
PRODUCTION
DEPLOYMENT
RESULTS
DEPLOYMENT
CONFIG
ATOMIC UNIT OF DELIVERY
§ FUNCTIONAL CODE
§ UNIT TESTS
§ API
§ BUILD CONFIG
§ RUNTIME CONFIG
§ INFRASTRUCTURE CODE
§ DELIVERY PIPELINE
PUSH / PULL
8. PUSH / PULL
Delivery Lifecycle
REPOSITORY
PM SYSTEM
DEPLOYMENT
SYSTEM
DEVELOPER
LOOKUP
TASKS
SUBMIT
CODE
SCHEDULE BUILD
BUILD /
ARTEFACTS
BUILD
RESULTS
CI SYSTEM
ENVIRONMENTS
SYSTEST
PRE-PROD
PRODUCTION
DEPLOYMENT
RESULTS
DEPLOYMENT
CONFIG
ATOMIC UNIT OF
DEPLOYMENT
§ DEPLOYABLE ARTEFACT
§ API
§ TEST SCRIPTS
§ BUILD CONFIG
§ RUNTIME CONFIG
§ INFRASTRUCTURE CODE
§ DELIVERY PIPELINE
§ ENVIRONMENT CONFIG
§ SECURITY CONFIG
§ MONITORING CONFIG
§ BACKUP CONFIG
§ AVAILABILITY CONFIG
§ SLA CONFIG
9. Application Deployment Patterns
Arbitrary Snowflakes Periodic deployments Blue Green Deployments
Canary Deployment Dark Launch /
Feature Toggle
Environment Promotion
10. Orchestrate Delivery with Pipelines
A pipeline models your release process as a series of stages that promote
changes along a set of environments into the hands of your customers.
A pipeline is a model of your standard procedure for deploying software.
11. Pipeline
Stage
Action
Pipeline
Run
Source change
• starts a run;; and
• creates an artifact to be used by other actions.
Manual trigger
Stage transition
Parallel Actions
Pipeline Concepts – AWS CodePipeline
12. Characteristics of a Good Pipeline
Fast Feedback Validation Idempotent
SecureDesired State
Consistency
Roll Forward API Driven Visualization ExtensibleAs Code
13. Pipeline Design
Blockers
Simple Integral Security
Metrics Driven
Chained
Andon Cord Process Events
Loosely Coupled
Corollary to Conways Law :
Your pipelines design will be a copy of your organisation's communication structure.
14. Pipeline metrics
• Number of Builds
• Number of Deployments
• Average Time For Changes to Reach Production
• Average Time From First Pipeline Stage to Each Stage
• Number of Changes Reaching Production
• Average Build Time
15. Let us Deliver a Polyglot Beast
Packer/Puppet/Chef scripts
Foundation SOE pipeline
Foundation SOE AMI/Container
Nginx SOE
pipeline
Java SOE
pipeline
Tomcat SOE
pipeline
Developer
SOE pipeline
Nginx SOE Java SOE Tomcat SOE Developer
Workstation
16. Nginx SOE Java SOE Tomcat SOE HAProxy SOE
Let us Deliver a Polyglot Beast
IIS SOE
Application 1
on EC2
Application 2
on ECS
Application 3
on Beanstalk
19. Opportunities
• Not a nuclear facility
• Move fast, fail fast &
cheap
• Fail fast & cheap = learn
fast & cheap
• Tight feedback loops =
higher quality
20. History – 2010 and before
• All tin, all the time
• Co-tenant apps to improve
utilisation
• Coupled monoliths
• Inconsistent environments
• Infrequent deployments,
expensive discovery
21. History – Moving to AWS
• Early 2011: one dev acct.
• Early 2012: prod & staging
accounts
• Environment consistency
• (Trusted) Dev access to
staging and prod!
• Early microservices, layer 3
coupling:
• microliths
22. History – Managing the Blast Radius
• IAM Users means
persistent credentials
• Useful if you build
components outside AWS
• Credential management is
hard
• Federated identity, EC2
Instance Roles, build inside
AWS
23. History – Isolation vs Overhead
A few big accounts:
• IAM policy management
overhead
• Blast radius
• Tragedy of the commons
So: many small accounts
24. Evolution of Delivery Artifacts
• Code blobs/tarballs via
Puppet or manual
• Dependencies
(RPM/DEB)
• Externalised config
• Fully resolved artifacts
(Docker, AMI)
25. Evolution of Delivery Patterns
• Pets: “Chuck it over the
wall”
• Push via SSH/pull via
agent
• Cattle, not pets: re-
provision to deploy
• Blue/Green
• Rolling update
26. Challenges with Deployments across Multiple Accounts
• Layer 3 coupling
• Decouple along
boundaries of data
responsibility, SLA
• Managing secrets and
keys
• Consistency across
environments
27. Operational Challenges & Resolutions in Multiple Accounts
• Push vs Pull models of
deployment:
• where's the trust?
• signaling patterns
• Manual intervention for
artifact promotion
• Monitoring and alerting
29. Metrics – How will You Know when you've Succeeded?
• Time To Deliver (commit
-> live)
• Deployments per X
• 95%-ile Deltas Delivered
(lower is better)
• Exclude human factors
…
30. Key Lessons Learned
• Multiple accounts over
managing fine-grained
IAM policies
• Decouple across
boundaries of
responsibility or SLA, not
org structure
• Trust your tests
31. Key Lessons Learned (more)
• Deploy fully-resolved
artifacts
• Decouple deployment
tooling from apps
• Put your delivery teams
on pager, give them the
power to respond
• Keep metrics!
35. Commandments for Application Delivery
I. Acknowledge time. Version control everything
II. Be the master of your dependencies
III. Externalising configurations shall set you free
IV. Don’t be a prisoner of state
V. Loosely couple
VI. Audits that don’t kill you, make you stronger
VII. Everyone sees everything, all the time
VIII. Measure success
IX. Continuous practice
X. Own your Destiny, end to end
37. AWS Training & Certification
Intro Videos & Labs
Free videos and labs to
help you learn to work
with 30+ AWS services
– in minutes!
Training Classes
In-person and online
courses to build
technical skills –
taught by accredited
AWS instructors
Online Labs
Practice working with
AWS services in live
environment –
Learn how related
services work
together
AWS Certification
Validate technical
skills and expertise –
identify qualified IT
talent or show you
are AWS cloud ready
Learn more: aws.amazon.com/training
38. Your Training Next Steps:
ü Visit the AWS Training & Certification pod to discuss your
training plan & AWS Summit training offer
ü Register & attend AWS instructor led training
ü Get Certified
AWS Certified? Visit the AWS Summit Certification Lounge to pick up your swag
Learn more: aws.amazon.com/training