Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Moving a Windows environment to the cloud


Published on

Incontro DevOps Italia 2019
Bologna, 8 March 2019

About the DevOps journey in our company, from the initial brown-field all-manual state, to our current situation where we migrated (almost) everything to the cloud using automation in a few months. Not a migration but rebuilding the environment using Infrastructure-as-Code tools: Terraform, Powershell, Ansible, TFS/Azure DevOps. In equilibrium between an high-level view and useful practical tips, we will touch on what informed our decisions, in terms of priorities and technologies, some lessons learned, and how the legacy constraints helped or hindered.

Published in: Software
  • Be the first to comment

  • Be the first to like this

Moving a Windows environment to the cloud

  1. 1. Moving a Windows environment to the cloud Giulio Vian – DevOps Lead – Glass, Lewis & Co. 8 March 2019
  2. 2. Road song Roads go ever ever on, Over rock and under tree, By caves where never sun has shone, By streams that never find the sea J.R.R. Tolkien
  3. 3. Session frame Introductury level (no demo) Presentation deck on SlideShare Questions at the end Bibliography included Is timer running?
  4. 4. “As the leading independent provider of global governance services, Glass Lewis helps institutional investors understand and connect with the companies in which they invest.” San Francisco, New York, Kansas City, Sydney, Limerick, London, Karlsruhe
  5. 5. Before…
  6. 6. Green-field 3 Active Directory domains + workgroup 3 test environments 2 production environments All manually built Mainly manual deployments TeraByte-size SQL instances VPN connections Centralized version control 4 source code branches
  7. 7. Initial State Hosting DB LanguagesOS Tools
  8. 8. Issues Problems Rare and troublesome releases Incongruent environments Resistance to change ‘Don’t touch it’ mindset Lack of Scalability
  9. 9. Technical debt
  10. 10. The slow march in the marshes © Lara Paulussen
  11. 11. Change People VP of Technology +1/-1 DevOps Lead +1 Scrum Master +1 SW Dev Manager -1 Developers +4/-3 Agile training
  12. 12. IaaS Rebuild
  13. 13. Automation Pillars Infrastructure Application stack Pipelines
  14. 14. To your inner geek…
  15. 15. Unique naming Storage Accounts Key Vaults Function Apps Data Lake Store Container Registries SQL Server Names
  16. 16. Seclude Subscription Isolation Accounting Resource Groups Security
  17. 17. Regions idiosyncrasies Paired regions VM families and size Available features
  18. 18. Central US Environments 18 East US 2 West EU Central US East US 2 West EU C E Sandbox LegacySandbox U Q D I
  19. 19. Control costs Contracts Enterprise Agreement Enterprise Dev/Test Visual Studio Enterprise Reserved Instances Tools Billing, EA portal Azure Cost Management
  20. 20. Tips Blob & File Storage bootstrapping Key Vault Terraform DSC Azure DevOps Pipelines
  21. 21. Summary Cloud works Plan Design Control
  22. 22. Provisioning Infrastructure Pillar
  23. 23. Terraform DSL resource "azurerm_virtual_machine" "vm_demo" { name = "demovm" location = “northeurope" resource_group_name = "tf-demo" network_interface_ids = ["${}"] vm_size = "Standard_B2s" storage_image_reference { publisher = "MicrosoftWindowsServer" offer = "WindowsServerSemiAnnual" sku = "Datacenter-Core-1803-smalldisk" version = "latest" } storage_os_disk { name = "demovm-osdisk" caching = "ReadWrite" create_option = "FromImage" } storage_data_disk { name = "demovm-datadisk" create_option = "Empty" lun = 0 disk_size_gb = "10" } os_profile { computer_name = "DEMOVM" admin_username = "${var.vm_admin_username}" admin_password = "${var.vm_admin_password}" } os_profile_windows_config { provision_vm_agent = true enable_automatic_upgrades = false } }
  24. 24. How it works Command line tool terraform init terraform plan -out temp.json terraform apply temp.json Resource providers State (metadata)
  25. 25. Language Limits (HCL <0.12) If-s are hard Loop-s are hard Nested loop almost impossible HCL parser idiosyncrasies e.g.
  26. 26. Critical or hard Organize code Directory Resource naming State on Azure Storage Source control Key Vault Missing resources Broken resources
  27. 27. Summary Terraform is easy Don’t push too hard Treat as usual code
  28. 28. Configuration Application stack Pillar
  29. 29. Desired State Configuration (DSC) Configuration MyBox { # Install the IIS role WindowsFeature IIS { Ensure = "Present" Name = "Web-Server" } # Install the ASP .NET 4.5 role WindowsFeature AspNet45 { Ensure = "Present" Name = "Web-Asp-Net45" } #... } Reboots Modes Local / Push Pull ConfigurationMode ApplyOnly ApplyAndMonitor  ApplyAndAutocorrect PowerShell Gallery
  30. 30. Ansible --- - hosts: webservers vars: http_port: 80 max_clients: 200 remote_user: root tasks: - name: get latest version yum: name: httpd state: latest - name: write the config file template: src: /srv/httpd.j2 dest: /etc/httpd.conf notify: - restart apache - name: ensure running service: name: httpd state: started handlers: - name: restart apache service: name: httpd state: restarted
  31. 31. Working together Azure VM Extension Terraform triggers Pre-publish in Storage via Deploy pipeline step Azure Automation Custom Pull Server
  32. 32. Environment 32 Grafana Prometheus FShare DFS-R SQL Cluster backup public-ag internal-ag CorpNet
  33. 33. Summary This worked for us There are other ways Biggest effort Ready to host apps Gray area: pipeline deploy
  34. 34. Deployment CI/CD Pipeline Pillar Formerly known as Azure Pipelines
  35. 35. Deployment Groups Local-running Agent Azure DevOps/TFS in sight Service account Enough permissions Azure Pipelines
  36. 36. Configuration Values Variable groups Recursive substitution Secure Variables Azure Key Vault Azure Pipelines
  37. 37. Summary Source control Source control Source control Deployment groups Key Vault
  38. 38. Wrap-up 38
  39. 39. Myth #7 DevOps is Only for Open Source Software
  40. 40. Working software over comprehensive documentation IaC embodies this Agile Principle!
  41. 41. Collaboration Company-wide Initiative Users from all groups testing Cross-department Stand-ups
  42. 42. Money Project approved on cost reduction Estimate an X% saving on operational expenses
  43. 43. Side effects Release frequency More releases Working day releases
  44. 44. Version control migration From TFVC to Git Refactoring Per-component Repo Don’t ask if adopting Git, just when. Azure Repos
  45. 45. and the road goes on…
  46. 46. Bio in pictures 46 @giulio_vian Hardware spec: 1KB RAM (upg. 16KB) 4KB ROM First computer Companies Communities
  47. 47. To know more Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation — J.Humble, D.Farley (Addison-Wesley) Delivery/dp/0321601912/ The DevOps Handbook — G.Kim, P.Debois, J.Willis, J.Humble (IT Revolution Press) World-Class-Reliability- Organizations/dp/1942788002/ 47
  48. 48. To know more (cont’d) Terraform - Up and Running: Writing Infrastructure as Code — Y.Brikman (O′Reilly) 977086/ The DSC Book — Don Jones and Melissa Januszko (O′Reilly) 1491977086/ 48
  49. 49. To know more (cont’d again) Refactoring Databases — Scott J Ambler and Pramod J. Sadalage (Addison-Wesley) Evolutionary-paperback-Addison-Wesley/dp/0321774515/ DevOps on the Microsoft Stack — Wouter de Kort (Apress) Kort/dp/1484214471/ Beginning Build and Release Management with TFS 2017 and VSTS — Chandrasekara, Chaminda (Apress) 49
  50. 50. Links regions 50
  51. 51. The End