Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Cloud, Microservices & DevOps
Enterprise-level implementation best practices
Introducing Grid Dynamics technology services
Digital transformation Big data, real time analytics, ML & AI
Microservices ...
10 years of
experience in cloud,
DevOps and digital
transformation
Agility
Cost reduction
Flexibility
On-demand capacity
Pay as you go
Microservices
Continuous Delivery
Time to market
Speed...
Enterprise journey to
cloud, DevOps and SRE*
6
* based on a true story.
Infrastructure
Architecture
Platform
Process Organization
Datacenter
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
te...
Datacenter
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
te...
Datacenter
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
te...
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Can I ha...
Infrastructure team
(as seen by a developer)
Developer
(came to ask for a VM)
Cloud VMs
(carefully managed by infrastructu...
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Can I ha...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Application teams access
No access
• Cloud projects
• Access policies
• Core networks
• IAM policies
Debatable
• Subnets
•...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
auto-scale
self-heal
canary
release
rolling upgrade
fin...
Packaging Package
repo
Deployment
Logging & monitoring
Provisioning
Load balancing
Lifecycle management
(scaling, failover...
Microservices platform reference technology stack
Feature Container-based VM-based
Packaging
Artifact repository
Deploymen...
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Production traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Order
Cart
Se...
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Application deployment package
Environment
Deployable unit
Build-time dependencies
Configuration
Deployment
scriptApplicat...
Application deployment package
Environment
Deployable unit
Build-time dependencies
Configuration
Deployment
scriptApplicat...
Application deployment package
Environment
Platform
team
Application
team
Data
Business
configuration
Microservices
platfo...
Application configuration
(static, built into package)
1. Resource requirements (CPU, RAM).
2. Vertical scalability.
3. Ap...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Microservices platformUps...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Deploy
Instance group
Loa...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Infrastructure
Instance group
Load balan...
Release
Engineer
Dev
QA
DevOps
Perf QA
Business
Test environment
Production
deployment CR
sign offs
Dev Lead
QA Lead
Perf ...
All changes to production should be authorized
All changes to production should be authorized
1. Development lead should sign off
2. Functional QA lead should sign off
3...
Source
code
Production
Web UI
Search
v1.1
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product ...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Web UI
Search
Profile
Cart
Order
v1.1
Price
Product
v1.1
Production traffic
Web UI
Search
Profile
Cart
Order
v1.1
Price
Product
v2.3
Production traffic Canary traffic
Product
v2.4 Order
v1.2
Test tr...
Requirements
management
Project
management
Source code
repository
Continuous integration and delivery pipeline
Approvals a...
CICD platform sample technology stack
Feature Technology options
Requirements and project management
SCM and code review
S...
Digital organization service architecture
Infrastructure
Storage Networking
Base OS
Security
Logging &
Monitoring
Business...
Digital organization team structure
Infrastructure (IaaS)
Business domain (applications)
Business
domain
PMO
VP
Architectu...
Back-end
developers
Front-end
developers
Performance
engineers
Quality
engineers
Deployment
engineers
CI
engineers
Complet...
Back-end
developers
Front-end
developers
Performance
engineers
Quality
engineers
Deployment
engineers
CI
engineers
Complet...
Back-end
developers
Front-end
developers
Performance
engineers
Quality
engineers
Deployment
engineers
CI
engineers
Complet...
Full-stack
developer
Quality
engineer
Source code
and tests
Full-stack
developer
Source code
and tests
Full-stack
develope...
Closing notes
72
Capabilities for enterprise cloud, DevOps, and SRE
Organization Technology Process
Service-oriented organization
Cross-fun...
www.griddynamics.com
Thank you!
Upcoming SlideShare
Loading in …5
×

2

Share

Download to read offline

Best practices for enterprise-grade microservices implementations with Google Cloud: Dynamic Talks Milwaukee 4/11/19

Download to read offline

When migrating to cloud and microservices architecture, companies need to invest in foundational capabilities, such as a microservices platform, continuous delivery, and an immutable infrastructure. In this talk, we will discuss our experience implementing these capabilities on the enterprise scale with Google Cloud, Kubernetes, Istio, Envoy, Spinnaker, and Hashicorp stack. We will also discuss best practices of onboarding the cloud to facilitate DevOps, SRE without sacrificing quality or control.

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Best practices for enterprise-grade microservices implementations with Google Cloud: Dynamic Talks Milwaukee 4/11/19

  1. 1. Cloud, Microservices & DevOps Enterprise-level implementation best practices
  2. 2. Introducing Grid Dynamics technology services Digital transformation Big data, real time analytics, ML & AI Microservices replatforming DevOps & cloud enablement Open Source Cloud-ready Scalable Automated
  3. 3. 10 years of experience in cloud, DevOps and digital transformation
  4. 4. Agility Cost reduction Flexibility On-demand capacity Pay as you go Microservices Continuous Delivery Time to market Speed Automation SRE DevOps
  5. 5. Enterprise journey to cloud, DevOps and SRE* 6 * based on a true story.
  6. 6. Infrastructure Architecture Platform Process Organization
  7. 7. Datacenter Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team RE team
  8. 8. Datacenter Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team RE team Can I have a VM please?
  9. 9. Datacenter Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team RE team Can I have a VM please? Sure. Tomorrow.
  10. 10. Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team RE team Can I have a VM please? Sure. Tomorrow. Cloud
  11. 11. Infrastructure team (as seen by a developer) Developer (came to ask for a VM) Cloud VMs (carefully managed by infrastructure)
  12. 12. Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team RE team Can I have a VM please? Sure. Tomorrow. Cloud
  13. 13. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API
  14. 14. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API Policy (cost, access, security, other)
  15. 15. Application teams access No access • Cloud projects • Access policies • Core networks • IAM policies Debatable • Subnets • Firewalls • OS • Base VM images Has access • VMs based on preapproved images • Storage buckets • Load balancers • Firewalls within preapproved limits • Other preapproved cloud services
  16. 16. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API Policy (cost, access, security, other) Something is missing
  17. 17. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) auto-scale self-heal canary release rolling upgrade find new version of price Refresh username/password of database route 5% traffic to price 1.2 register new nodes in load balancer
  18. 18. Packaging Package repo Deployment Logging & monitoring Provisioning Load balancing Lifecycle management (scaling, failover, etc.) Service mesh Service registry & discovery, secret management Business configuration management Microservices platform
  19. 19. Microservices platform reference technology stack Feature Container-based VM-based Packaging Artifact repository Deployment and provisioning Load balancing and routing Service mesh Service registry and discovery Secret management Feature flags management Resource management Auto-scaling, self-healing Logging and monitoring Spinnaker Spinnaker
  20. 20. Web UI Search Profile Cart Order Price (v1.1) Product Production traffic
  21. 21. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  22. 22. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic Order Cart Search Product Web UI
  23. 23. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  24. 24. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  25. 25. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  26. 26. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  27. 27. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  28. 28. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API Microservices platform API Platform team Policy (cost, access, security, other)
  29. 29. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API Microservices platform API Platform team Policy (cost, access, security, other)
  30. 30. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API Microservices platform API Platform team applications deploy themselves? Policy (cost, access, security, other)
  31. 31. Application deployment package Environment Deployable unit Build-time dependencies Configuration Deployment scriptApplication artifact Platform & infra teams Development engineers QA engineers Deployment engineers Application can deploy itself
  32. 32. Application deployment package Environment Deployable unit Build-time dependencies Configuration Deployment scriptApplication artifact Platform & infra teams Development engineers QA engineers Deployment engineers Application can deploy itself
  33. 33. Application deployment package Environment Platform team Application team Data Business configuration Microservices platform Run-time dependencies Infrastructure Infrastructure team
  34. 34. Application configuration (static, built into package) 1. Resource requirements (CPU, RAM). 2. Vertical scalability. 3. Application container settings (JVM, GC). 4. Cluster settings. Environment configuration (dynamic, updated in run-time) 1. Horizontal scalability. 2. Pre-tested feature flags. 3. Business configuration. 4. Upstream components endpoints. Risky to change, needs testing. Same as code. Low-risk of change, pre-tested. Same as data.
  35. 35. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Microservices platformUpstream services
  36. 36. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Deploy Instance group Load balancer VM image Microservices platformUpstream services
  37. 37. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  38. 38. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  39. 39. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  40. 40. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services Rolling upgrade
  41. 41. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  42. 42. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  43. 43. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  44. 44. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  45. 45. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Microservices platformUpstream services
  46. 46. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  47. 47. Application deployment package Environment Deployable unit (VM) Deployment script Infrastructure Instance group Load balancer VM image Instance Instance Instance Microservices platformUpstream services
  48. 48. Release Engineer Dev QA DevOps Perf QA Business Test environment Production deployment CR sign offs Dev Lead QA Lead Perf Lead Business Ops Lead Security Lead
  49. 49. All changes to production should be authorized
  50. 50. All changes to production should be authorized 1. Development lead should sign off 2. Functional QA lead should sign off 3. Performance QA lead should sign off 4. Security lead should sign off 5. Operations lead should sign off 6. Artifact deployed to production should be the same as tested in QA environment
  51. 51. Source code Production Web UI Search v1.1 Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with All changes to production should be authorized
  52. 52. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Code review All changes to production should be authorized
  53. 53. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Code review Build, code analysis, unit testing All changes to production should be authorized
  54. 54. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Code review Build, code analysis, unit testing Service testing All changes to production should be authorized Small QA environment
  55. 55. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Small QA environment
  56. 56. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing Small QA environment
  57. 57. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing UAT Small QA environment
  58. 58. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing UAT Canary release (1% traffic) Small QA environment
  59. 59. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing UAT Canary release (1% traffic) Full release Small QA environment 1 hour
  60. 60. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing UAT Canary release (1% traffic) Full release Small QA environment 1 hour Spinnaker
  61. 61. Web UI Search Profile Cart Order v1.1 Price Product v1.1 Production traffic
  62. 62. Web UI Search Profile Cart Order v1.1 Price Product v2.3 Production traffic Canary traffic Product v2.4 Order v1.2 Test traffic Spinnaker
  63. 63. Requirements management Project management Source code repository Continuous integration and delivery pipeline Approvals and audit log Change management dashboard Release notes generation Functional testing platform Performance testing platform Security testing platform Code review Code analysis CICD platform components
  64. 64. CICD platform sample technology stack Feature Technology options Requirements and project management SCM and code review Static code analysis and scanning CICD pipeline Functional testing platform Performance testing platform Approvals and audit log Change management dashboard Release notes generation Spinnaker
  65. 65. Digital organization service architecture Infrastructure Storage Networking Base OS Security Logging & Monitoring Business domain (applications) Support (SRE) Microservices platform Security Logging & Monitoring Support (SRE) Databases, caches, message queues, load balancers CICD pipeline, self-service Microservices Compute
  66. 66. Digital organization team structure Infrastructure (IaaS) Business domain (applications) Business domain PMO VP Architecture & security Service(s) Service Release engineering Support (SRE) Director/Manager/Lead QADev Deployment VP Cloud API Base OS Networking Release engineering Architecture & security Support (SRE)
  67. 67. Back-end developers Front-end developers Performance engineers Quality engineers Deployment engineers CI engineers Complete specialization
  68. 68. Back-end developers Front-end developers Performance engineers Quality engineers Deployment engineers CI engineers Complete specialization No division of labor Engineers (each writes back-end and front-end code, tests, and deployment scripts)
  69. 69. Back-end developers Front-end developers Performance engineers Quality engineers Deployment engineers CI engineers Complete specialization Balanced No division of labor Full-stack developers Quality engineers Deployment and CI engineers Engineers (each writes back-end and front-end code, tests, and deployment scripts)
  70. 70. Full-stack developer Quality engineer Source code and tests Full-stack developer Source code and tests Full-stack developer Pair programming App code Test code App code Test codeVersus
  71. 71. Closing notes 72
  72. 72. Capabilities for enterprise cloud, DevOps, and SRE Organization Technology Process Service-oriented organization Cross-functional teams DevOps culture and skills Infrastructure as a service Site reliability engineering Microservices architecture Continuous delivery platform Chaos engineering Immutable infrastructure AI/ML for operations Microservices platform Policy-driven CICD Testing in production Single environment Ultra-light change management Change-driven design Covered Not covered
  73. 73. www.griddynamics.com Thank you!
  • evstigneev

    Apr. 29, 2019
  • venkypayasam

    Apr. 26, 2019

When migrating to cloud and microservices architecture, companies need to invest in foundational capabilities, such as a microservices platform, continuous delivery, and an immutable infrastructure. In this talk, we will discuss our experience implementing these capabilities on the enterprise scale with Google Cloud, Kubernetes, Istio, Envoy, Spinnaker, and Hashicorp stack. We will also discuss best practices of onboarding the cloud to facilitate DevOps, SRE without sacrificing quality or control.

Views

Total views

356

On Slideshare

0

From embeds

0

Number of embeds

0

Actions

Downloads

8

Shares

0

Comments

0

Likes

2

×