The document outlines automation strategies for cloud infrastructure using Amazon Web Services (AWS), focusing on concepts like infrastructure as code, VM images, containers, and deployments. It emphasizes creating repeatable and predictable infrastructure changes and highlights the importance of documentation for developers. The document includes sample code for using AWS CDK and Terraform to build and manage cloud infrastructure.

1. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
O N L I N E - D E V C O N F Z A
Automating your cloud: what are the
building blocks
Cobus Bernard
Senior Developer Advocate
AmazonWeb Services
02.04.20
@cobusbernard
cobusbernard
cobusbernard

2. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Global Infrastructure
• 22 Regions with 70 Availability Zones
• 5 Regions coming soon: Cape Town
Jakarta, Milan, Spain, Osaka

3. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

4. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

5. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
• Developer for 15 years
• AWS Customer for 8 years

6. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

7. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Agenda
• Automation != DevOps 
• Infrastructure as Code
• The Golden Path
• VM images
• Containers
• Deployments
• Configuration management

8. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

9. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

10. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

11. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

12. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

13. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ulture

14. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

15. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ulture
utomation

16. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

17. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
ulture
utomation
easure

18. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

19. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

20. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

21. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

22. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

23. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

24. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

25. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

26. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

27. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

28. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

29. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

30. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Usecodetomodelapplicationsandinfrastructure
Infrastructure ascode
Declarative
I tell you
what I need
I tell you
what to do
Imperative

31. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

32. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
import ec2 = require('@aws-cdk/aws-ec2');
import ecs = require('@aws-cdk/aws-ecs');
import cdk = require('@aws-cdk/cdk');
class BonjourFargate extends cdk.Stack {
constructor(parent: cdk.App, name: string, props?: cdk.StackProps) {
super(parent, name, props);
const vpc = new ec2.VpcNetwork(this, ‘DevConfVpc', { maxAZs: 3 });
const cluster = new ecs.Cluster(this, ‘DevConfCluster', { vpc });
new ecs.LoadBalancedFargateService(
this, "FargateService", {
cluster,
image: ecs.DockerHub.image("amazon/amazon-ecs-sample"),
});
}
}
const app = new cdk.App();
new BonjourFargate(app, 'Bonjour');
app.run();

33. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
import ec2 = require('@aws-cdk/aws-ec2');
import ecs = require('@aws-cdk/aws-ecs');
import cdk = require('@aws-cdk/cdk');
class BonjourFargate extends cdk.Stack {
constructor(parent: cdk.App, name: string, props?: cdk.StackProps) {
super(parent, name, props);
const vpc = new ec2.VpcNetwork(this, ‘DevConfVpc', { maxAZs: 3 });
const cluster = new ecs.Cluster(this, ‘DevConfCluster', { vpc });
new ecs.LoadBalancedFargateService(
this, "FargateService", {
cluster,
image: ecs.DockerHub.image("amazon/amazon-ecs-sample"),
});
}
}
const app = new cdk.App();
new BonjourFargate(app, 'Bonjour');
app.run();

34. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
# Using the module from https://github.com/terraform-aws-
modules/terraform-aws-vpc
module "vpc" {
source = "terraform-aws-modules/vpc/aws"
name = "devconf-za-vpc"
cidr = "10.0.0.0/16"
azs = ["eu-west-1a", "eu-west-1b", "eu-west-1c"]
private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
public_subnets = ["10.0.100.0/24", "10.0.101.0/24", "10.0.103.0/24"]
}

35. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
resource "aws_ecs_cluster" ”devconf_cluster” {
name = ”DevConfCluster"
}

36. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
import ec2 = require('@aws-cdk/aws-ec2');
import ecs = require('@aws-cdk/aws-ecs');
import cdk = require('@aws-cdk/cdk');
class BonjourFargate extends cdk.Stack {
constructor(parent: cdk.App, name: string, props?: cdk.StackProps) {
super(parent, name, props);
const vpc = new ec2.VpcNetwork(this, 'MyVpc', { maxAZs: 2 });
const cluster = new ecs.Cluster(this, 'Cluster', { vpc });
new ecs.LoadBalancedFargateService(
this, "FargateService", {
cluster,
image: ecs.DockerHub.image("amazon/amazon-ecs-sample"),
});
}
}
const app = new cdk.App();
new BonjourFargate(app, 'Bonjour');
app.run();

37. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Usecodetomodelapplicationsandinfrastructure
Infrastructure ascode goals
1. Make infrastructure changes repeatable and predictable
2. Release infrastructure changes using the same tools as code changes
3. Replicate production environment in a staging environment to enable
continuous testing

38. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
“Developers love great documentation.”
Twitter

39. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
“Developers love great documentation.”
“Developers love creating great documentation”
Twitter

40. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
“Developers love great documentation.”
“Developers love creating great documentation”
Only one of these statements is true
Twitter

41. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Usecodetomodelapplicationsandinfrastructure
Documentation
How do you create the
beebop with the
thingy?
Have a look at the
repo, you can see how
it was done.

42. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
TypicalApplicationBuildandRunProcessforCode
Write +
Review
Build +
Test
Deploy Measure Improve

43. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
TypicalApplicationBuildandRunProcessforInfrastructure
Write +
Review
Build +
Test
Deploy Measure Improve

44. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

45. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Things toconsider

46. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Things toconsider

47. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Things toconsider

48. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Things toconsider

49. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Things toconsider

50. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Things toconsider

51. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
If you build it…
You must maintain it

52. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

53. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

54. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Packer – building andAMI
{
"builders": [{
"type": "amazon-ebs", "region": "us-east-1",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "ubuntu/images/*ubuntu-bionic-18.04-amd64-server-*",
"root-device-type": "ebs"
},
"owners": ["099720109477"],
"most_recent": true
},
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": ”DevConf-Golden-Base {{timestamp}}"
}]
}

55. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Packer – building andAMI
{
"builders": [{
"type": "amazon-ebs", "region": "us-east-1",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "ubuntu/images/*ubuntu-bionic-18.04-amd64-server-*",
"root-device-type": "ebs"
},
"owners": ["099720109477"],
"most_recent": true
},
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": ”DevConf-Golden-Base {{timestamp}}"
}]
}

56. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Packer – building andAMI
"provisioners": [
{
"type": "shell",
"script": "sudo apt-get update"
},
{
"type": "shell",
"script": "sudo apt-get upgrade -y"
}
]

57. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Packer – building andAMI
{
"variables": {
”java_version": ”1.9.01b" },
"builders": [{
"type": "amazon-ebs", "region": "us-east-1",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "DevConf-Golden-Base*",
"root-device-type": "ebs"
},
"owners": [”self"],
"most_recent": true
},
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": ”DevConf Java {{java_version}} {{timestamp}}"
}]
}

58. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Packer – building andAMI
{
"variables": {
”java_version": ”1.9.01b" },
"builders": [{
"type": "amazon-ebs", "region": "us-east-1",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "DevConf-Golden-Base*",
"root-device-type": "ebs"
},
"owners": [”self"],
"most_recent": true
},
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": ”DevConf Java {{java_version}} {{timestamp}}"
}]
}

59. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Packer – building andAMI
{
"variables": {
”java_version": ”1.9.01b" },
"builders": [{
"type": "amazon-ebs", "region": "us-east-1",
"source_ami_filter": {
"filters": {
"virtualization-type": "hvm",
"name": "DevConf-Golden-Base*",
"root-device-type": "ebs"
},
"owners": [”self"],
"most_recent": true
},
"instance_type": "t2.micro",
"ssh_username": "ubuntu",
"ami_name": ”DevConf Java {{java_version}} {{timestamp}}"
}]
}

60. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Packer – building andAMI
"provisioners": [
{
"type": "file",
"source": "./welcome.txt",
"destination": "/home/ubuntu/"
},
{
"type": "shell",
"inline":[
"ls -al /home/ubuntu",
"cat /home/ubuntu/welcome.txt"
]
},
{
"type": "shell",
"script": "sudo apt install openjdk-8-jdk"
}
]

61. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
NestedVMImages
└── devconf_golden_base
├── devconf_erlang
├── devconf_java
│ ├── devconf_java_1_11
│ ├── devconf_java_1_6
│ └── devconf_java_1_9
└── devconf_ruby

62. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
A successfulimage

63. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

64. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

65. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

66. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

67. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWSCodeBuild: Build your images
version: 0.2
phases:
build:
commands:
- packer build devconf_golden.json
- packer build devconf_java.json

68. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Updating images
Region
Availability zone a Availability zone b Availability zone c
2020-01-01 2020-01-01 2020-01-01
2020-01-01

69. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Updating images
Region
Availability zone a Availability zone b Availability zone c
2020-01-01 2020-01-01 2020-01-01
2020-01-29

70. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Updating images
Region
Availability zone a Availability zone b Availability zone c
2020-01-01 2020-01-01 2020-01-01
2020-01-29
2020-01-29 2020-01-29 2020-01-29

71. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Updating images
Region
Availability zone a Availability zone b Availability zone c
2020-01-29
2020-01-29 2020-01-29 2020-01-29

72. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

73. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

74. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Multi-AZ architecture
Region
Availability zone a Availability zone b Availability zone c
2019-01-01 2019-01-01 2019-01-01
Elastic Load
Balancing (ELB)

75. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
X
Multi-AZ architecture
Region
Availability zone a Availability zone b Availability zone c
2019-01-01 2019-01-01 2019-01-01
Elastic Load
Balancing (ELB)

76. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Multi-AZ architecture
Region
Availability zone a Availability zone b Availability zone c
2019-01-01 2019-01-01
Elastic Load
Balancing (ELB)

77. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Multi-AZ architecture
Region
Availability zone a Availability zone b Availability zone c
2019-02-02 2019-01-01 2019-01-01
Elastic Load
Balancing (ELB)

78. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Multi-AZ architecture
Region
Availability zone a Availability zone b Availability zone c
2019-02-02 2019-01-01 2019-01-01
Elastic Load
Balancing (ELB)

79. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

80. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

81. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

82. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

83. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

84. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

86. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

87. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Monolith
Does everything
Monoliths are OK

88. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

89. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
NestedVMImagesContainers
└── devconf_golden_base
├── devconf_erlang
├── devconf_java
│ ├── devconf_java_1_11
│ ├── devconf_java_1_6
│ └── devconf_java_1_9
└── devconf_ruby

90. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
A successfulimage container

91. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

92. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

93. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container imagetagging for deployments

94. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container imagetagging for deployments
Build pushes new “latest” image
Image: sha256@22222... (“latest”)

95. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container imagetagging for deployments
Service scales up, launching new tasks
Image: sha256@22222... (“latest”)

96. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container imagetagging for deployments
Deploy using immutable tags
{
"name": "sample-app",
"image": "amazon/amazon-ecs-
sample@sha256:3e39d933b1d948c92309bb583b5a1f3d28f0119e1551ca1fe538ba414a41af48d"
}
{
"name": "sample-app",
"image": "amazon/amazon-ecs-sample:build-b2085490-359f-4eaf-8970-6d1e26c354f0"
}
SHA256 Digest
Build ID

97. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container imagetagging for deployments

98. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container imagetagging for deployments
Build pushes new image tagged with new build ID
Image: sha256@22222... (“build-22222”)

99. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container imagetagging for deployments
Service scales up, launching new tasks
Image: sha256@22222... (“build-22222”)

100. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container imagetagging for deployments
Image: “build-22222” tag
Deployment updates service’s task definition, replacing tasks
Image: sha256@22222... (“build-22222”)

101. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.

102. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
“I would not give a fig for the simplicity
this side of complexity, but I would give
would give my life for the simplicityon
simplicity on the other side of
complexity Oliver Wendell Holmes Jr.

103. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS ECSCLIv2
ecs init
ecs app deploy
ecs pipeline init
ecs pipeline update

104. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWSCodeBuild:Any Project
version: 0.2
phases:
build:
commands:
- make build
- make test
- make package
artifacts:
type: zip
files:
- new_version.json

105. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWSCodeBuild:Any Project
version: 0.2
phases:
build:
commands:
- make build
- make test
- make package
artifacts:
type: zip
files:
- new_version.json

106. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Blue-green deployments

107. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWSCodeBuild:Any Project
version: 0.2
phases:
build:
commands:
- make build
- make test
- make package
artifacts:
type: zip
files:
- new_version.json

108. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWSCodePipeline:AnyProject
stage {
name = "Production"
action {
name = "Deploy"
category = "Deploy"
owner = "AWS"
provider = "ECS"
input_artifacts = ["new_version"]
version = "1"
configuration = {
ClusterName = ”MyCluster"
ServiceName = ”MyService"
FileName = "new_version.json"
}
}
}

109. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Canarydeployments

110. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Canarydeployments

111. © 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Reading homework

112. Thank you!
© 2020, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Cobus Bernard
Senior DeveloperAdvocate
Amazon Web Services
O N L I N E - D E V C O N F Z A
@cobusbernard
cobusbernard
cobusbernard