Slides from a talk given at the Toronto HashiCorp User Group monthly meetup held on March 14, 2018 at Street Contxt.
Abstract:
Street Contxt is a global knowledge exchange for institutional finance, with their SaaS platform delivering smart, actionable insights customers all over the globe.
They have been working with Packer, Consul, and Terraform for a year now in their rapidly changing production environment. In this "stories from the road" style talk, we'll take a look at the process of adopting these tools and how they've managed to safely begin to move away from a central monolith to a service-based architecture, while bringing about repeatability, testability, and audibility across their infrastructure via Infrastructure as Code and Service Discovery.
Building Immutable Machine Images with Packer and AnsibleJason Harley
Slides from a talk given at DevOps Toronto's monthly meetup held on Nov. 7, 2017 at Indigo Digital.
Abstract:
Immutable Infrastructure promises stability and repeatability for your environment and is considered by many to be the "enlightened stage" of an Infrastructure as Code practice. The benefits of immutability in infrastructure seem obvious: if you know a system has been created via automation that you trust, and hasn't been changed since creation, then making changes quickly seems far less risky. In a cloud-based environment, Immutable Infrastructure starts with trusted, immutable machine images. Building these images can quickly outgrow bespoke scripts, and this bespoke tooling quickly begins to feel you're duplicating effort if you already have configuration management in house.
In this talk, HashiCorp's Packer will be paired with Ansible to iteratively build and test an immutable AWS AMI. The techniques and workflow should be transferrable to other configuration management tools (Chef, Puppet, Salt, et cetera) or cloud platforms (GCP, Azure, OpenStack, et cetera).
Developing, building, testing and deploying react native appsLeena N
React Native is gaining maturity as a cross-platform mobile app development solution. With a strong community around the ecosystem, mobile app development is all set to become simpler and enjoyable.
This talk is about various techniques and tools that are available for building, testing and deploying React Native apps for Android and iOS platforms.
Michael North "Ember.js 2 - Future-friendly ambitious apps, that scale!"Fwdays
Ember.js is being adopted more and more broadly as time passes, and is an excellent choice for highly complex data-driven UIs. With the recent release of the "2.0" version of the framework, things are faster, smarter, and easier than ever. With a focus on productivity and reducing the number of trivial decisions developers must make while building an app, it's astonishing how quickly one can get up and running, and how well the abstractions hold up as the codebase scales in size and complexity.
I'd like to give a general overview of Ember, and pause to reflect on some important differences that may be important when considering what the best tool is for your project.
Write Once, Run Everywhere - Ember.js MunichMike North
Ember.js is an opinionated web framework, that allows developers to focus less on boilerplate, and focus more on what makes their app unique. We’ll go over some of the best practices of using Ember for cross-device development, introduce Cordova and NW.js, and then discuss modular design, testing, encapsulation of native functionality in the context of an open source case study project.
An Overview of the Javascript Ecosystem in 2015. Slides from this talk given at San Diego Javascript on June 2: https://www.youtube.com/watch?v=CGkPsNyI07A
Building Immutable Machine Images with Packer and AnsibleJason Harley
Slides from a talk given at DevOps Toronto's monthly meetup held on Nov. 7, 2017 at Indigo Digital.
Abstract:
Immutable Infrastructure promises stability and repeatability for your environment and is considered by many to be the "enlightened stage" of an Infrastructure as Code practice. The benefits of immutability in infrastructure seem obvious: if you know a system has been created via automation that you trust, and hasn't been changed since creation, then making changes quickly seems far less risky. In a cloud-based environment, Immutable Infrastructure starts with trusted, immutable machine images. Building these images can quickly outgrow bespoke scripts, and this bespoke tooling quickly begins to feel you're duplicating effort if you already have configuration management in house.
In this talk, HashiCorp's Packer will be paired with Ansible to iteratively build and test an immutable AWS AMI. The techniques and workflow should be transferrable to other configuration management tools (Chef, Puppet, Salt, et cetera) or cloud platforms (GCP, Azure, OpenStack, et cetera).
Developing, building, testing and deploying react native appsLeena N
React Native is gaining maturity as a cross-platform mobile app development solution. With a strong community around the ecosystem, mobile app development is all set to become simpler and enjoyable.
This talk is about various techniques and tools that are available for building, testing and deploying React Native apps for Android and iOS platforms.
Michael North "Ember.js 2 - Future-friendly ambitious apps, that scale!"Fwdays
Ember.js is being adopted more and more broadly as time passes, and is an excellent choice for highly complex data-driven UIs. With the recent release of the "2.0" version of the framework, things are faster, smarter, and easier than ever. With a focus on productivity and reducing the number of trivial decisions developers must make while building an app, it's astonishing how quickly one can get up and running, and how well the abstractions hold up as the codebase scales in size and complexity.
I'd like to give a general overview of Ember, and pause to reflect on some important differences that may be important when considering what the best tool is for your project.
Write Once, Run Everywhere - Ember.js MunichMike North
Ember.js is an opinionated web framework, that allows developers to focus less on boilerplate, and focus more on what makes their app unique. We’ll go over some of the best practices of using Ember for cross-device development, introduce Cordova and NW.js, and then discuss modular design, testing, encapsulation of native functionality in the context of an open source case study project.
An Overview of the Javascript Ecosystem in 2015. Slides from this talk given at San Diego Javascript on June 2: https://www.youtube.com/watch?v=CGkPsNyI07A
Dim the lights and queue the music. The stage has been set, and the virtual actors are soon to arrive. Come join an engaging discussion on Project Orleans and how it will create for us a world that transcends traditional three-tier architecture and truly achieves solutions with a high degree of performance, reliability, and scalability.
In this discussion, Chris will provide an overview of actor model theory and discuss how Orleans leverages virtual actors in order to provide a high throughput, low latency, and high availability solution architecture. You will also learn how this tried and tested framework has been successfully leveraged in Azure in order to provide the extremely scalable and performant platform that has brought you some of your favorite online Xbox games and Microsoft products.
RubyConf Taiwan 2016 - Large scale Rails applicationsFlorian Dutey
Rails application have this tendency of becoming super messy and hard to maintain very quickly. This talk covers simple principles that you can apply to avoid traps.
Rails is at best a Web framework, maybe a prototyping framework but not an application framework. Stop using it this way
Paul Graham, the founder of startup incubator YCombinator, put it best when he described LISP as his old company's secret weapon. Think about, if you use all of the same tools as everyone else, how do you expect to achieve better results?
Clojure is a LISP language created in 2009 by Rich Hickey. Built initially on the Java Virtual Machine (JVM) it has since been ported to run on Microsoft and JavaScript. (That's right the browser). Clojure gives you all of the power and stability of the JVM without the clunkiness of Java.
Most developers have never worked with a functional language before and many who have found the use of parenthesis instead of braces intimidating. Don't worry. Once it is broken down to you, I think you will see the beauty of it.
In this fast and fun session, we will build an app using Clojure. We will enhance it, test it and explore why functional is a better programming model than OOPs. We will even explore why such programs are better at multitasking than object oriented ones.
Flexible UI Components for a Multi-Framework WorldKevin Ball
Slides from Flexible UI Components talk given at Web Unleashed 2017
Build UI components that work seamlessly in every JavaScript Framework.
Your core UI elements shouldn’t have to be different for your marketing site than they are in your application just because the former uses jQuery while the latter is built using Angular or React.
Lessons learned from work on ZURB Foundation 7.
The Dark Side of Single Page ApplicationsDor Kalev
The story of all the pitfalls we had while transferring FTBpro.com from the good old web to a Backbone single page application... and all the great solutions we've came up with
Microservices with Apache Camel, Docker and Fabric8 v2Christian Posta
My talk from Red Hat Summit 2015 about the pros/cons of microservices, how integration is a strong requirement for doing distributed systems designs, and how open source projects like Apache Camel, Docker, Kubernetes, OpenShift and Fabric8 can help simplify and manage microservice environments
I've been working a lot with React lately and thought it would be a good idea to share what I've learned with the group.
During this talk we'll take a look at Facebook's React library while drawing comparisons to frameworks like Angular. We'll see how we can use React and friends to create a fast and efficient single page app. Attendees are expected to have some familiarity with ES6/ES7 since we the codebase we will be looking at leverages features from the spec.
What we'll be taking a look at:
• React
• React Router
• Redux
• Redux Sagas
• Webpack
• Babel
Npm, bower, Angular, jQuery, grunt, gulp, browserify, requirejs, ember, backbone, requirejs, amd .... thousands of micro frameworks, libraries and tools.
The question is how do you avoid getting lost within the jungle of modern JS frameworks, libraries and tools? How to be effective and actually deliver while every day there is a new cool framework or tool coming out and one of the developers in your team would love to try it. In production.
In this talk I will explain the right strategy for dealing with the rapid changes in JS landscape and choosing the right set of tools for doing the job.
Key takeaways:
Get to know which js tools/libraries works well together.
Which tools/libraries are not cool anymore and why?
How to deal with library/tool dependency conflicts?
How to find good quality tools and frameworks?
(DVO308) Docker & ECS in Production: How We Migrated Our Infrastructure from ...Amazon Web Services
This session will introduce you to Empire, a new self-hosted PaaS built on top of Amazon’s EC2 Container Service (ECS). Empire is a recently open-sourced project that provides a mostly Heroku-compatible API. It allows engineering teams to deploy and manage applications in a method similar to Heroku, but with the added flexibility and control of running your own ECS container instances. We'll talk about why Remind decided to move its infrastructure from Heroku to AWS, introduce you to ECS and the open source platform we built on top of it to make migration easier, and then we'll demo Empire to show you how you can try it today.
Dim the lights and queue the music. The stage has been set, and the virtual actors are soon to arrive. Come join an engaging discussion on Project Orleans and how it will create for us a world that transcends traditional three-tier architecture and truly achieves solutions with a high degree of performance, reliability, and scalability.
In this discussion, Chris will provide an overview of actor model theory and discuss how Orleans leverages virtual actors in order to provide a high throughput, low latency, and high availability solution architecture. You will also learn how this tried and tested framework has been successfully leveraged in Azure in order to provide the extremely scalable and performant platform that has brought you some of your favorite online Xbox games and Microsoft products.
RubyConf Taiwan 2016 - Large scale Rails applicationsFlorian Dutey
Rails application have this tendency of becoming super messy and hard to maintain very quickly. This talk covers simple principles that you can apply to avoid traps.
Rails is at best a Web framework, maybe a prototyping framework but not an application framework. Stop using it this way
Paul Graham, the founder of startup incubator YCombinator, put it best when he described LISP as his old company's secret weapon. Think about, if you use all of the same tools as everyone else, how do you expect to achieve better results?
Clojure is a LISP language created in 2009 by Rich Hickey. Built initially on the Java Virtual Machine (JVM) it has since been ported to run on Microsoft and JavaScript. (That's right the browser). Clojure gives you all of the power and stability of the JVM without the clunkiness of Java.
Most developers have never worked with a functional language before and many who have found the use of parenthesis instead of braces intimidating. Don't worry. Once it is broken down to you, I think you will see the beauty of it.
In this fast and fun session, we will build an app using Clojure. We will enhance it, test it and explore why functional is a better programming model than OOPs. We will even explore why such programs are better at multitasking than object oriented ones.
Flexible UI Components for a Multi-Framework WorldKevin Ball
Slides from Flexible UI Components talk given at Web Unleashed 2017
Build UI components that work seamlessly in every JavaScript Framework.
Your core UI elements shouldn’t have to be different for your marketing site than they are in your application just because the former uses jQuery while the latter is built using Angular or React.
Lessons learned from work on ZURB Foundation 7.
The Dark Side of Single Page ApplicationsDor Kalev
The story of all the pitfalls we had while transferring FTBpro.com from the good old web to a Backbone single page application... and all the great solutions we've came up with
Microservices with Apache Camel, Docker and Fabric8 v2Christian Posta
My talk from Red Hat Summit 2015 about the pros/cons of microservices, how integration is a strong requirement for doing distributed systems designs, and how open source projects like Apache Camel, Docker, Kubernetes, OpenShift and Fabric8 can help simplify and manage microservice environments
I've been working a lot with React lately and thought it would be a good idea to share what I've learned with the group.
During this talk we'll take a look at Facebook's React library while drawing comparisons to frameworks like Angular. We'll see how we can use React and friends to create a fast and efficient single page app. Attendees are expected to have some familiarity with ES6/ES7 since we the codebase we will be looking at leverages features from the spec.
What we'll be taking a look at:
• React
• React Router
• Redux
• Redux Sagas
• Webpack
• Babel
Npm, bower, Angular, jQuery, grunt, gulp, browserify, requirejs, ember, backbone, requirejs, amd .... thousands of micro frameworks, libraries and tools.
The question is how do you avoid getting lost within the jungle of modern JS frameworks, libraries and tools? How to be effective and actually deliver while every day there is a new cool framework or tool coming out and one of the developers in your team would love to try it. In production.
In this talk I will explain the right strategy for dealing with the rapid changes in JS landscape and choosing the right set of tools for doing the job.
Key takeaways:
Get to know which js tools/libraries works well together.
Which tools/libraries are not cool anymore and why?
How to deal with library/tool dependency conflicts?
How to find good quality tools and frameworks?
(DVO308) Docker & ECS in Production: How We Migrated Our Infrastructure from ...Amazon Web Services
This session will introduce you to Empire, a new self-hosted PaaS built on top of Amazon’s EC2 Container Service (ECS). Empire is a recently open-sourced project that provides a mostly Heroku-compatible API. It allows engineering teams to deploy and manage applications in a method similar to Heroku, but with the added flexibility and control of running your own ECS container instances. We'll talk about why Remind decided to move its infrastructure from Heroku to AWS, introduce you to ECS and the open source platform we built on top of it to make migration easier, and then we'll demo Empire to show you how you can try it today.
Kubernetes and Terraform in the Cloud: How RightScale Does DevOpsRightScale
Kubernetes adoption is growing and more companies are leveraging Terraform. At RightScale, we combine Kubernetes, Terraform, RightScale, and cloud. In this webinar, find out how we are combining these solutions to create a fully automated DevOps process.
Новый InterSystems: open-source, митапы, хакатоныTimur Safin
Presentation for the 1st InterSystems Meetup in the Minsk:
- New and better InterSystems changes their practice.
- open-source repositories, meetups, and hackathon;
- CPM (package manager) as a good example of open-source project
Amazon EC2 Container Service: Manage Docker-Enabled Apps in EC2Amazon Web Services
Amazon EC2 Container Service (Amazon ECS) is a new AWS service that makes it easy to run and manage Docker-enabled applications across a cluster of Amazon EC2 instances. Amazon ECS lets you define, schedule, and stop sets of containers. You have access to the state of your resources, making it easy to confirm that tasks are running or view the utilization of EC2 instances in your cluster. This session will describe the benefits of containers, introduce ECS, and demonstrate how to use ECS for your applications.
My @TriangleDevops talk from 2013-10-17. I covered the work that led us to @NetflixOSS (Acme Air), the work we did on the cloud prize (NetflixOSS on IBM SoftLayer/RightScale) and the @NetflixOSS platform (Karyon, Archaius, Eureka, Ribbon, Asgard, Hystrix, Turbine, Zuul, Servo, Edda, Ice, Denominator, Aminator, Janitor/Conformity/Chaos Monkeys of the Simian Army).
Rackspace::Solve NYC - The Future of Applications with Ken Cochrane, Engineer...Rackspace
What does intermodal shipping have to do with managing your app’s components in different environments? Ken Cochrane, Engineering Manager at Docker, explains in this presentation from Rackspace::Solve NYC. For more information about Rackspace::Solve, visit http://www.rackspacesolve.com.
Rackspace (NYSE: RAX) is the #1 managed cloud company. Our technical expertise and Fanatical Support® allow companies to tap the power of the cloud without the pain of hiring experts in dozens of complex technologies. Rackspace is also the leader in hybrid cloud, giving each customer the best fit for its unique needs — whether on single- or multi-tenant servers, or a combination of those platforms. Rackspace is the founder of OpenStack®, the open-source operating system for the cloud. Headquartered in San Antonio, we serve more than 200,000 business customers from data centers on four continents. We rank 29th on Fortune’s list of 100 Best Companies to Work For. For more information, visit www.rackspace.com.
Evolution of a cloud start up: From C# to Node.jsSteve Jamieson
ComputeNext started 3 years ago to develop the first open marketplace for cloud computing services.
We started by using the technologies we were most familiar with - C# and SQL Server, and our initial architecture and implementation was based on these technologies.
Over time, we have progressively introduced more open source elements, including MongoDB, RabbitMQ and Node.js.
Now we are at the point where most of our back-end services rely on Node.js. The talk will talk about why we did this, how we did this, and discuss our experiences - both good and bad.
Clocker: Managing Container Networking and PlacementDocker, Inc.
This talk introduces Clocker and shows how to bootstrap a Docker Cloud that is responsive and scalable, across a dynamic cluster of hosts and cloud providers. Clocker is an Apache licensed open source project that demonstrates intelligent placement, on-demand provisioning and autonomic management of containers using Apache Brooklyn as the central nervous system. The Clocker stack enhances the standard Docker installation using best practices for configuration and integrates Weave networking capabilities plus Apache jclouds for provisioning on any infrastructure. We will show how to use Clocker to deploy, monitor and scale complex applications defined using Brooklyn blueprints across a network of Docker containers in the cloud.
The challenge of application distribution - Introduction to Docker (2014 dec ...Sébastien Portebois
Live recording with the demos: https://www.youtube.com/watch?v=0XRcmJEiZOM
Contents
- The application distribution challenge
- The current solutions
- Introduction to Docker, Containers, and the Matrix from Hell
- Why people care: Separation of Concerns
- Technical Discussion
- Ecosystem, momentum
- How to build Docker images
- How to make containers talk to each other, how to handle data persistence
- Demo 1: isolation
- Demo 2: real case - installing Go Math! Academy, tail –f containers, unit tests
Choosing PaaS: Cisco and Open Source Options: an overviewCisco DevNet
A session in the DevNet Zone at Cisco Live, Berlin. Confused by all the open source PaaS options out there? What criteria should you use to evaluate them? We seek to answer these questions in a systematic manner and will explore top technologies such as Mesos, Apprenda, Cloud Foundry and Kubernetes along with Cisco's Project Shipped and open source Mantl. The aim of this session will be to shed light on which platforms add value to your needs, applications and workloads.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
4. Agenda
• Initial state
• Packer
• Containerization and Terraform
• Discovery and Visibility and Consul
• Iterations and Improvements
• Reflection
@redmind
5. Street Contxt: Jan ‘17
• AWS as VMWare
Five separate AWS accounts, running manually created resources
A brief exploration into CloudFormation
• Ubuntu 14.04 based environment
Some upgraded from 12.04 by hand
• Lovingly, hand-tended “pets”
• Distributed Monolith
Play<>Wildfly<>PostgreSQL
Apache Solr
AWS ElasticMapReduce (EMR)
A few containers running back-office stuff on “service” boxes
• Desire to move to Immutable Infrastructure
@redmind
6. Packer and Ansible
• Ansible was already in use at Street Contxt
Reasonably complicated, single-purpose (use?) playbooks using a static inventory to
manage machines
Developing a practice of writing reusable, immutable roles was needed
• Started carving out a “base” Ansible role with help from test-kitchen and
InSpec
@redmind
7. Mission: critical path containers?!
• Data Science team was developing two Tensorflow-based services, which
were nicely packaged as Docker containers and exposed an HTTP interface
• We needed a way to deploy, manage and route traffic to these service
… on the cheap
• ECS looked like a decent candidate for a Proof of Concept (PoC)
Rolling upgrades weren’t going to be an issue, really
The price was right
You only pay for EC2, *LB, and network traffic
@redmind
8. Introducing Terraform (March ’17)
• Starting from scratch current
We had just closed-out a decent year.. we’re at our highest usage as a company
• Terraform 0.8.8 had just been released
• You don’t need to import everything(!)
This seems to be the biggest initial failing point for Terraform adoption
You might not need to import anything…
• For each of our environments, we setup static variables for the critical
ARNs/IDs of VPCs, subnets, Availability Zones, and Route53 zones
@redmind
10. Introducing Terraform (March ’17)
• We decided on an environment-based directory structure
Heavily influenced by a Charity Majors blog post about separating your Terraform
into per-environment state
Workspaces (nee Environments) didn’t yet exist
Released in Terraform 0.9.0
• We decided to store and share state in versioned S3 buckets, with an
encryption policy configured
• To save us from ourselves… we wrote a Makefile
Commands were starting to look potentially complicated
Had to have the right environment variable set
Had to pass the correct vars file
Had to make sure you were using the right version of Terraform
We make use of tfenv
Notably, there is no make destroy
@redmind
12. Introducing Terraform (March ’17)
@redmind
• Setup environments
• Built a module to create an ECS cluster with
all related policies and resources
• AMI created with Packer using an
Ansible role and built off the base image
• Didn’t terraform import anything…
13. Terraform and CloudFormation(?!)
• We hand bombed the pair of
Tensorflow services into existence
• Quickly realized we had a “fleet
management” issue
• Terraform doesn’t do rolling updates
CloudFormation does
• Discovered an example from
AWSLabs using Lambda, SNS and
Cloudformation
• Simple enough to refactor the module
to setup a CFN stack to manage the
AutoscalingGroup
@redmind
Source: https://github.com/awslabs/ecs-cid-sample
14. Discovery and Visibility and Consul
• Visibility into the health and location of services
Especially these new Tensorflow services in ECS
talk of wanting an easy KV-store for a few projects
• Wrote a new Ansible role with the help of test-kitchen and InSpec
• Built an AMI with Packer and Ansible
• Wrote a Terraform consul_cluster module
three node autoscaling group
solved Consul bootstrapping via userdata and a Route53 record
called it a “soft lock”
• Ansible role made use of EC2 tag-based discovery, configured dnsmasq to
redirect “*.consul” lookups to the Consul agent
• Successfully launched a cluster with a make apply(!)
… and was quickly reminded we had zero Consul clients
@redmind
15. Our Ansible role was written to
support clients and servers
Quick and dirty script to add
the Consul client security group
to EC2 instances
Rolled out the Consul agents
with ansible-playbook and
watched everyone report in
@redmind
Discovery and Visibility and Consul
16. Discovery and Visibility and Consul
• Now… we needed Dockerized-services to register themselves as Consul
Services
• Came across a great article from ZenDesk Engineering on using
Registrator from Gliderlabs
• Registrator automatically registers and deregisters services for any Docker
container by inspecting containers as they come online.
SERVICE_NAME
SERVICE_CHECK_HTTPS
SERVICE_CHECK_INTERVAL
• Back into test-kitchen with our ECS role
Added a registrator systemd unit that started with the Docker unit
@redmind
17. Discovery and Visibility and Consul
• Packer brought us a new AMI and with a make plan and make apply cycle
our registrator-enabled container hosts were in the wild
• Quickly added some ”SERVICE_” environment variables to our ECS Task
definitions, and updated the ECS Service to see registration of services into
Consul
@redmind
18. Consul in the critical path: ElasticSearch
• Up until now, Consul was telling us things... and while the data was useful
the conversation was fairly one sided
• We had a single instance Apache Solr service that needed to become more
critical.. and we decided that SolrCloud wasn't for us
• With our past success with Consul and ECS we dove back into test-kitchen
with a new Ansible role
• With a role we trusted, we could build an AMI, and then a Terraform module
• Instead of using a load balancer (which, many folks seem to use with ES)
Consul service discovery via DNS became the norm
@redmind
19. @redmind
• ElasticSearch clients began accessing
ElasticSearch as
“elasticsearch.service.consul”
• May 23, 2017 Consul became part of
the critical customer path for all
searches
21. Six months in…
• In that time, more containerized services have been written and are ready to
head out the door
• Two new modules to round out our growing library
ecs_task
ecs_service
• Quickly went from the initial 2 Tensorflow services
• 19 services and 4 batch-style tasks today
• More interestingly: these new services are being written using AWS services
• S3, SQS, Kinesis, KMS, Lambda
• We’d shaken off the inertia of the distributed monolith!
• We converted our Ansible inventory to a dynamic inventory driven by Terraform-
managed EC2 Tags in late July
@redmind
22. The latter half
• Started to bring parts of the legacy systems into Terraform and Consul
Backend admin tool containerized and migrated to ECS in late June
Elastic MapReduce (EMR) taken under Terraform control in August
Our Wildfly cluster was turned into a Terraform module in November
We actually imported things here
Our frontend UI moved to ECS in early January ‘18
@redmind
23. Reflection: Imports?
• We still don’t have everything managed by Terraform
• Our “legacy resource” variables for VPC and subnets are still variables
No great urgency or business need to deal with importing them
Data Providers make this a non-issue
We’ll likely go “full Terraform” by the end of 2018
@redmind
24. Reflection: Outages? Uh-ohs?
• We’ve been really fortunate
diligent about running plans and paying attention to the output
• We did lose search one day…
Consul agents didn’t startup on the ElasticSearch instances after a maintenance
script ran
Not Consul’s fault: operator error
@redmind
25. Reflection: Do overs?
• Wish I’d known about Molecule sooner
We’ve yet to move a bunch of test-kitchen projects to it
• Our ecs_task module’s definition of the container’s environment is brittle
We have plans in the works to move to envconsul as an entrypoint to address this
issue
• We love the our environment model (it makes us feel safe :D)... but a single
statefile per-environment is starting to get slow
Plan to breakup this state by the fall
• We wish we already had dynamic secrets...
currently doing some hacky magic with encrypted S3 objects and KMS to deal with
getting secrets into containers
@redmind
27. Addendum: external links
• Building Immutable Machine Images with Packer and Ansible
https://www.slideshare.net/JasonHarley3/building-immutable-machine-images-with-
packer-and-ansible/
• charity.wtf: TERRAFORM, VPC, AND WHY YOU WANT A TFSTATE FILE
PER ENV
https://charity.wtf/2016/03/30/terraform-vpc-and-why-you-want-a-tfstate-file-per-
env/
• tfenv: Terraform version manager inspired by rbenv
https://github.com/kamatama41/tfenv
• AWS Samples: ECS Container draining
https://github.com/awslabs/ecs-cid-sample
@redmind
Editor's Notes
Street Contxt is a global knowledge exchange for institutional finance, with their SaaS platform delivering smart, actionable insights customers all over the globe.
Building Immutable Machine Images with Packer and Ansible: https://www.slideshare.net/JasonHarley3/building-immutable-machine-images-with-packer-and-ansible/
charity.wtf: TERRAFORM, VPC, AND WHY YOU WANT A TFSTATE FILE PER ENV - https://charity.wtf/2016/03/30/terraform-vpc-and-why-you-want-a-tfstate-file-per-env/
tfenv: https://github.com/kamatama41/tfenv
Source: https://github.com/awslabs/ecs-cid-sample
Making Docker and Consul Get Along: https://medium.com/zendesk-engineering/making-docker-and-consul-get-along-5fceda1d52b9
Registrator: http://gliderlabs.github.io/registrator
March 23, 2017: Consul 0.7.5 launched into production with ECS