Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

There and Back Again (My DevOps journey) - LDNA 01-2018

114 views

Published on

Limerick DotNet-Azure User Group (LDNA) 18 Jamuary 2018 Meetup (https://www.meetup.com/Limerick-DotNet/events/246446337/)
There and Back Again (My DevOps journey)

Talking about my company's DevOps journey, from the initial brown-field all-manual state, to our current partially automated situation and the strategic destination of a fully automated and monitored process.

Published in: Software
  • Be the first to comment

  • Be the first to like this

There and Back Again (My DevOps journey) - LDNA 01-2018

  1. 1. There and Back Again a DevOps journey Giulio Vian 18th January 2018 giulio.dev@casavian.eu @giulio_vian
  2. 2. Welcome to the show…
  3. 3. What we will talk about? Introduction Initial state Infrastructure-as-Code Mindset Terraform IaaS in the Cloud Configuration Management Continuous Delivery Recap 3 200-level Visual and practical Deck on SlideShare Bibliography at the end
  4. 4. Which kind do you like?
  5. 5. I love questions…
  6. 6. …but I have 41 slides more
  7. 7. No green-field 3 Active Directory domains 3 test environments 2 production environments All manually built TeraByte-size SQL instances VPN connections Centralized version control
  8. 8. Issues Downtime New releases Windows Update Lack of Scalability Don’t touch it mindset
  9. 9. Technology soup Hosting OS & DB Language
  10. 10. Infrastructure-as-Code mindset No manual changes Replace hand built resources with automation Source control
  11. 11. Investment Takes more time Until you are proficient
  12. 12. Automation Pillars Infrastructure Application stack
  13. 13. What? No ARM? Doctor Who © BBC Story 178 Series 3, Christmas Episode
  14. 14. JSON is sooo cute
  15. 15. Remember the hosting tier
  16. 16. A taste of Terraform
  17. 17. Terraform peculiarities Folder organization Import Names are immutable State management
  18. 18. Stay organized / repo root modules terraform modules utility general purpose shared common to multiple applications or environments application_name internal or public application non-production can be rebuilt any moment shared common to multiple environments e.g. deploy agents, jumpbox qa Integration test uat User acceptance test perf Load testing production everything here is critical legacy hand made infrastructure e.g. TFS shared common to main and dr e.g. networking live PRODUCTION ENVIRONMENTS dr Disaster recovery site
  19. 19. Three steps to import Define as regular resources Add safety clause lifecycle { prevent_destroy = true } Include in state terraform import
  20. 20. Changing names TF deletes and rebuild resource There can be more than one? Consider: Security Group Rules Virtual Machine Extensions More is better environment-tier-role-instance
  21. 21. State management Myth: State is map of reality Setup in shared, locked place Azure Storage or AWS S3 Some changes not sensed Learn to use terraform state
  22. 22. Terraform tips Static addresses cidrsubnet cidrhost HCL parser idiosyncrasies Regex might be troublesome is not unusual Study the book
  23. 23. Better luck next time Error: Error applying plan: azurerm_lb_probe.lb_probe_http: Error Creating/Updating LoadBalancer network.LoadBalancersClient#CreateOrUpdate : Failure sending request: StatusCode=0 -- Original Error: Put https://management.azure.com/subscriptions /12345678-9abc-def0-1234- 56789abcdef0/resourceGroups/qa/providers/M icrosoft.Network/loadBalancers/qa- loadbalancer?api-version=2017-09-01: http: ContentLength=1655 with Body length 0
  24. 24. Active Directory is a gift and a curse Monk © USA networks
  25. 25. Domain creation Azure Quickstart active-directory-new-domain-ha-2-dc- zones Wait until domain is ready provisioner "local-exec" { command = "" verify = "(88,135,389,445,3268 | foreach { Test- NetConnection $dcIpAddress -Port $_ -InformationLevel Quiet } | measure -Minimum).Minimum“ interpreter = ["PowerShell", "-Command"] }
  26. 26. Machine join JsonADDomainExtension Hardcode DNS bootstrap $ix = (Get-DnsClientServerAddress -AddressFamily IPv4 | where { $_.InterfaceAlias -like "*Ethernet*" }).InterfaceIndex Set-DnsClientServerAddress -InterfaceIndex $ix - ServerAddresses ($dcIpAddress,"168.63.129.16") Set-DnsClient -InterfaceIndex $ix - ConnectionSpecificSuffix $domainName Add-Content -Path "${env:windir}System32driversetchosts" -Value "`r`n`r`n${dcIpAddress}`t${domainName}`r`n${dcIpAddress}`t ${dcComputerName}.${domainName}" -Encoding Ascii
  27. 27. Avoid getting lost [Environment]::SetEnvironmentVariab le("prompt", "[%USERNAME%@%COMPUTERNAME%] `$p`$g","Machine") Set-ItemProperty -Path "HKLM:SOFTWAREMicrosoftCommand Processor" -Name "AutoRun" -Value "echo Hi %USERNAME%, welcome to %COMPUTERNAME%"
  28. 28. Fake it and retry Powershell Remote Powershell DSC
  29. 29. Powershell Search, search, search Careful with StackOverflow Desired State Configuration Declarative configuration Module management Install-Module is just the first step Testing Pester Limited use
  30. 30. Desired State Configuration (DSC) Configuration FourthCoffee { # Install the IIS role WindowsFeature IIS { Ensure = "Present" Name = "Web-Server" } # Install the ASP .NET 4.5 role WindowsFeature AspNet45 { Ensure = "Present" Name = "Web-Asp-Net45" } #... } Reboots Modes Local / Push Pull ConfigurationMode ApplyOnly ApplyAndMonitor  ApplyAndAutocorrect PowerShell Gallery
  31. 31. a sip of DSC
  32. 32. Working together (upload local scripts) Public repo Orchestrating tool data "external" "uploader_data" { program = ["powershell", "${path.module}/uploader.ps1 -Folder "${var.folder}" -StorageAccount ${var. storage_account} -Container ${var. storage_container} -StorageKey ${var. storage_key}"] } Deploy pipeline step DSC Pull Server
  33. 33. Architecture won’t emerge Easy VM Size* VM replicas Disk size Hard Networks Load balancers DNS names it will stand on your path
  34. 34. Architecture Tips Hard isolation Multiple Subscriptions Disaster recovery Paired Regions
  35. 35. Pipelines unfolding one pipeline is not enough for all of us… Integral deploy Über-arching test and deploy Partial paths Just DB or App Hotfix path Other operations Disaster Recovery
  36. 36. It is your duty to make it robust
  37. 37. Agents Network VSTS/TFS on sight Security Power user in environment AD Domain Restricted pools/queue access Yes, docker
  38. 38. Some Team Services to finish
  39. 39. Wrap-up 39
  40. 40. Unexplored paths SQL Clusters Database Migrate production Feature Toggles Containers
  41. 41. DevOps
  42. 42. To know more Terraform - Up and Running: Writing Infrastructure as Code — Y.Brikman (O′Reilly) https://www.amazon.co.uk/gp/product/14 91977086/ The DSC Book — Don Jones and Melissa Januszko (O′Reilly) https://leanpub.com/the-dsc-book 42
  43. 43. To know more Continuous Delivery: Reliable Software Releases through Build, Test, and Deployment Automation — J.Humble, D.Farley (Addison-Wesley) https://www.amazon.com/Continuous- Delivery/dp/0321601912/ The DevOps Handbook — G.Kim, P.Debois, J.Willis, J.Humble (IT Revolution Press) https://www.amazon.com/DevOps-Handbook- World-Class-Reliability- Organizations/dp/1942788002/ 43
  44. 44. To know more (cont’d) DevOps on the Microsoft Stack — Wouter de Kort (Apress) https://www.amazon.com/DevOps-Microsoft-Stack-Wouter- Kort/dp/1484214471/ Beginning Build and Release Management with TFS 2017 and VSTS — Chandrasekara, Chaminda (Apress) http://www.apress.com/gp/book/9781484228104 Refactoring Databases — Scott J Ambler and Pramod J. Sadalage (Addison-Wesley) https://www.amazon.com/Refactoring-Databases- Evolutionary-paperback-Addison-Wesley/dp/0321774515/ 44
  45. 45. Links https://continuousdelivery.com/ https://www.terraform.io/ https://azure.microsoft.com/en-us/services/key-vault/ https://docs.microsoft.com/en-us/azure/best-practices-availability-paired-regions https://martinfowler.com/articles/evodb.html http://databaserefactoring.com/ http://agiledata.org/essays/databaseRefactoring.html http://martinfowler.com/articles/feature-toggles.html https://launchdarkly.com/ https://blogs.msdn.microsoft.com/buckh/2016/09/30/controlling-exposure-through-feature-flags-in-vs-team-services/ https://azure.microsoft.com/en-us/features/storage-explorer/ http://www.powershellgallery.com/ https://docs.microsoft.com/en-us/powershell/dsc/overview 45
  46. 46. Bene+dic, Domine, creaturam istam cerevisae, quam ex adipe frumenti producere dignatus es: ut sit remedium salutare humano generi: et praesta per invocationem nominis tui sancti, ut, quicumque ex ea biberint, sanitatem corporis, et animae tutelam percipiant. Beer is a blessed thing

×