More Related Content

Similar to Experts Live Europe 2017 - VSTS / TFS automated Release Pipelines for Web Applications with Docker(20)


More from Marc Müller(20)


Experts Live Europe 2017 - VSTS / TFS automated Release Pipelines for Web Applications with Docker

  1. VSTS / TFS automated Release Pipelines for Web Applications with Docker Marc Müller Principal Consultant @muellermarc
  2. Marc Müller Principal Consultant @muellermarc
  3. Agenda ▪ Intro Docker Cluster ▪ Kubernetes ▪ Kubernetes Infrastructure in Azure ▪ Demo: Setup Kubernetes with ACS ▪ Demo: Setup Container Registry ▪ VSTS Build and Release ▪ Demo: Build Infrastructure ▪ Demo: Build Process / Release Process ▪ Optional: Let’s Encrypt Controller
  4. Intro
  5. Environments – Hosting / Cloud
  6. Cluster Management App1 App2
  7. Build/CI, Integrate, Test 3. 1. Containerized Workflow Monitor and Diagnose Outer-Loop Push Code Production environments Run, Manage 5. 6. Container Service Service Fabric Batch App Services Coming soon … … Code Run Validate Debug Inner-Loop CD, Deploy 4. Visual Studio Team Services Source Code Control (SCC) 2. Azure Container Registry Image Source:
  8. Docker CI / CD VSTS Build VSTS Release Management Docker Registry Build App Test Build Container Repo Container Info Publish to Target Host Container Info Push Host Pull Config Artifact
  9. ▪ Docker Swarm ▪ DC/OS ▪ Kubernetes Based on Azure Container Service Engine ▪ generates ARM (Azure Resource Manager) templates ▪ for Docker enabled clusters Azure Container Services
  10. ACS with Kubernetes
  11. Kubernetes Components ▪ Master(s) ▪ API Server Frontend into the Kubernetes control plane. ▪ Cluster Store (etcd) Persistent storage for cluster configuratoin (k/v) ▪ Controller Manager Makes sure the actual state of the cluster matches the desired state. ▪ Scheduler Watches for workloads and assigns them to nodes. ▪ Nodes ▪ Kubelet Kubernetes Agent (the actual node) ▪ Container Runtime Docker / CoreOS rkt ▪ Kube-Proxy “Network Brain” of the node – makes sure every Pod gets it’s own unique IP address
  12. Kubernetes – Desired State ▪ Declarative Model and Desired State ▪ Declare the desired state in manifest file ▪ Feed the manifest to the API Server ▪ Kubernetes implements it on the cluster ▪ Watches that the cluster doesn’t vary from the desired state ▪ Manifests are written in YAML or JSON ▪ kubectl is the CLI to Kubernetes
  13. Pods and Containers ▪ You cannot run a container directly in Kubernetes ▪ Containers run always in a Pod Pod Container Pod Container Container localhost Multi container Pods should only be used for highly coupled containers! Pod Container
  14. Deploy Pods ▪ We don’t deploy Pods directly ▪ Replication Controller ▪ Deployment / Replication Set Replication Controller / Deployment (Replication Set) Pod Container Pod Container Pod Container
  15. Deployments ▪ Deployment adds new features to replica sets ▪ Powerful update model ▪ Rolling Updates ▪ Simple version-controlled rollbacks
  16. Services ▪ Pods are mortal ▪ IP Addresses of Pods may change ▪ Services provide stable networking abstraction for multiple Pods ▪ Stable network endoint ▪ Loadbalancing ▪ Labels are used to attach Pods to Services Service Pod Container Pod Container Pod Container A 1.2 A 1.2 A 1.2 A 1.2
  17. Kubernetes Features ▪ Automatic binpacking ▪ Self-healing ▪ Horizontal scaling ▪ Service discovery and load balancing ▪ Automated rollouts and rollbacks ▪ Secret and configuration management ▪ Storage orchestration ▪ Batch execution
  18. Infrastructure Azure Container Services
  19. Azure Container Service ▪ ACS = ARM Templates ▪ 3 types of Orchestrators ▪ DC/OS with Marathon ▪ Docker Swarm ▪ Kubernetes Image Source:
  20. Simplified ACS Kubernetes Setup VSTS Azure Resource Group DCOS Master DCOS Master Master Agent VSTS Agent App1 App1 App1 App1 App1 App2 Git Build Release Internet AzureLoadBalancer Ingress LeGo
  21. Demo ACS Infrastructure
  22. Setup Azure Resource Group ▪ Use Azure CLI ▪ Create Keys on the fly (just for Demo) ▪ View generated resources
  23. Setup KubeCTL Authentication ▪ Use CLI to generate a local configuration file ▪ Use KubeCTL for all management tasks
  24. Start KubeCTL Proxy ▪ SSH Proxy to management API ▪ SSH Proxy to management UI
  25. Create an Azure Container Registry ▪ Store generated Container Images in Registry ▪ Use registry to deploy Pods (Containers)
  26. Setup Credentials for Azure Container Registry ▪ Registry is private and needs authentication ▪ Kubernetes Secrets can be used to access the registry.
  27. Setup Namespaces in Kubernetes ▪ Instead of different clusters, we will use namespaces to distinguished between the different stages (dev, test, prod) ▪ Each stage corresponds to a namespace
  28. Namespaces.yaml
  29. Setup Ingress Load Balancer ▪ Load balancer for Services ▪ Default Backend (Web-Server)
  30. nginx-ingress-defaultbackend.yaml
  31. nginx-ingress-controller.yaml
  32. nginx-ingress-service.yaml
  33. Setup DNS records ▪ Azure Load Balancer ▪ Ingress Service
  34. Setup load balancer for stages ▪ Dev/ Test / Prod
  35. devfun_ingress-dev|test|prod.yaml
  36. Infrastructure Azure Container Registry
  37. Docker Registry im Azure Portal
  38. Docker Registry API Image Source:
  39. Docker Registry API - Samples ▪ List Repositories: /v2/_catalog ▪ List Tags: /v2/<repository>/tags/list
  40. Container Registry Pull Images ▪ Login to your registry docker login <registry> -u <user> -p <pwd> ▪ Pull the desired image docker pull <registry>/<repository>:<tag> ▪ Run the container docker run… Push Images ▪ Login to your registry docker login <registry> -u <user> -p <pwd> ▪ Build the image docker build –t <reponame>:<tag> <dockerfile> ▪ Push the image docker push <reponame>:<tag>
  41. Build / Release
  42. Release Cycle
  43. Build Steps / Build Tasks ▪ Large catalogue of tasks ▪ Marketplace ▪ Extensions ▪ Configurable by variables ▪ Can be used to build or deploy software ▪ Cross-Plattform (JS) Windows-Only (PowerShell)
  44. Build vs Release Management ▪ Build – Compile and Package the Application ▪ Release Management - Deploy the Application
  45. Release Management ▪ Input Artifacts ▪ Define Environents (Stages) ▪ Run Tasks ▪ Manage Variables ▪ Manage Triggers ▪ Pre- and Post-Deployment Conditions ▪ Traceability ▪ Logging / Test Results
  46. VSTS / TFS Build Agent VSTS Build Agent Build Pool Build Pool Build Pool Build Definition Build Definition Build Queue Docker Engine Build Agent
  47. Custom Docker Build Agent
  48. Demo Build Infrastructure
  49. Setup Build Agent Containers ▪ Use dedicated namespace ▪ Use secrets for VSTS credentials ▪ Create a deployment
  50. vsts_namespaces.yaml
  51. vsts_agent.yaml
  52. Demo VSTS Build and Release Automation
  53. Setup VSTS Services ▪ Docker Registry Connection ▪ Kubernetes Connection
  54. Demo Build / Release Process
  55. Build and Release Definition ▪ Build Tasks ▪ Release Tasks ▪ Environment Variables
  56. Build and Release Process (Run) ▪ Compile the application ▪ Create Docker Image ▪ Upload Docker Image ▪ Create Kubernetes Artifacts ▪ Apply new Kubernetes Deployments in Namespace
  57. Kubernetes Controller – Let’s Encrypt Certificates
  58. Create Certificates on the Fly ▪ kube-lego requests certificates for Kubernetes Ingress resources ▪ Automatic checking for certificates ▪ Available for ▪ Nginx Ingress Controller ▪ GCE Loadbalancers ▪ !!! Non-production use cases !!!
  59. Demo Let’s Encrypt Controller
  60. Setup Let’s Encrypt Controller ▪ Use dedicated namespace ▪ Create the controller
  61. lego_namespaces.yaml
  62. lego_configmap.yaml
  63. lego_deployment.yaml
  64. Recap
  65. Recap ▪ Microservice Architecture ▪ Reduction of complexity ▪ Simple and fast deployments ▪ Automated Build and Release Pipelines ▪ Docker ▪ Isolation in Containers ▪ Ease of deployment ▪ Fast Startup ▪ Orchestration ▪ Enterprise Grade Hosting Environments ▪ Simple Scaling and Failover ▪ Abstration at Container Level
  66. Thank you for your attention! If you have any questions do not hesitate to contact us: 4tecture GmbH Marc Müller Aathalstrasse 84 Principal Consultant CH-8610 Uster +41 44 508 37 00 @muellermarc
  67. We are looking for great talents to join our team! Apply to