1. CI/CD and AWS Cloud
Chandra Babu Athuluri
Telefónica
22.10.2019
2. CI / CD and AWS Cloud Folie 2
CI/CD and AWS Cloud
“The most powerful tool we have as developers is automation.”
Scott Hanselman
3. CI / CD and AWS Cloud Folie 3
The Project‘s Goals
Introduce a single scalable API Gateway
• Central place where all APIs are managed
• Teams are enabled to easily find and test useful APIs
• Nobody wants to think about capacity
4. CI / CD and AWS Cloud Folie 4
Requirements for Success
Standards
API development teams should use
common standards. Therefore the
OpenAPI/Swagger definitions are
introduced.
Additionally best practices are
established how APIs should be
named, versioned and deprecated.
Independance
There can be no bottleneck. Each
team needs to be able to deploy and
debug it‘s APIs on their own. There
can be no dependency on a central
team in such a huge enterprise.
Reduce Overhead
The individual teams should not need
to know about API Gateways or the
cloud. Only the central DevOps team
needs to acquire those skills and
enable the users to focus solely on
their core competencies.
This means, that all user oriented
tasks need to be automated.
5. CI / CD and AWS Cloud Folie 5
CI / CD
Why do we automate?
• Continuous Integration / Continuous Delivery
• Fast feed-back
• Automated tests
• Static code analysis
• Automated deployment on different stages
• Less manual work
Confidence when deploying in production environment
6. CI / CD and AWS Cloud Folie 6
CI / CD – How we automate
Jenkins
• Flexible Pipelines
• Knowledge in House
• Application code in versioning system
• On commit…
• … the tests are run
• …an artifact is built
• …and everything is deployed into different stages to the Cloud
7. CI / CD and AWS Cloud Folie 7
Why do we deploy to the Cloud?
On Demand Services
Massive Scalability
DevOps Enabler
8. CI / CD and AWS Cloud Folie 8
Infrastructure as Code (IaC)
How do we benefit from IaC?
• Infrastructure creation can be automated
• Changes can be easily deployed
• Changes can versioned and audited
• Enables disaster recovery of whole infrastructure
• Consistency of changes from DEV to PROD
Infrastructure as code (IaC) is the process of managing and provisioning computer data
centers through machine-readable definition files, rather than physical hardware
configuration or interactive configuration tools
9. CI / CD and AWS Cloud Folie 9
Infrastructure as Code (IaC)
How do we do it?
• Yaml files in versioning System
• On commit Jenkins is triggered
• AWS CLI deploys CloudFormation Templates
• Only changes are deployed
• The whole infrastructure is now code
10. KinesisFirehouse
Security Policies
LoadBalancers
Lambdas
Route 53
Simple Notification Service
Monitoring
Authorizers
Resource Manager
Swagger
S3
Cloudwatch
Cloud Trail
Target Groups
CloudTrail
MySQL
Cognito
Elastic ComputeUser Pools VPC Endpoints
SimpleEmailService
Usage Plans
Alerting
Splunk
VPCLinks
Logging Agent
IAM
RDS
DNSProxies
VPC Links
API Stages
VPCs
PrivateAPIs
11. CI / CD and AWS Cloud Folie 11
Pipelines for Users
How do we do it?
• Automatic deployment of API’s in multiple
Account using one Jenkins Pipelines per team
• Validate API’s Swaggers Definitions
• Replace variables in Swagger definition
• Upload Swagger definition to AWS API Gateway
• Configure Payload, Throttling and more
• Configure Load Balancer and set API as private
• Create usage plans
• Send notification mails to users
The API Provider simply uploads a swagger definition and a parameter file
to the versioning system.
That’s it.
12. CI / CD and AWS Cloud Folie 12
Final Thoughts
Thanks to CI/CD…
• Everything is automated
• Product teams benefit of cloud automatically
• Enables fast and independent development
• Faster time to market
13. CI / CD and AWS Cloud Folie 13
Lessons Learned
Automate from the start
Testing is key
Establish coding standards for IaC
Evaluate your options
Build a strong team