From Code to a running container | AWS Summit Tel Aviv 2019

© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
From Code to a Running Container
Alexei Ledenev
Solutions Architect
Amazon Web Services
C O N 4 0 4
Gal Marder
VP DevOps Consulting
JForg Ltd

What to expect from this session
• Microservice Architecture
• AWS Developer Tools for CI/CD
• Docker and Kubernetes Continuous Integration
• Kubernetes Continuous Deployment

When the impact of change is small,
release velocity can increase
Monolith
Does everything
Microservices
Does one thing

Monolith development lifecycle
monitorreleasetestbuild
developers
delivery pipelines
services

Microservice development lifecycle
???
developers
delivery pipelines
services

Microservice development lifecycle
developers services
delivery pipelines

Source Build Test Deploy
• Version Control
• Branching
• Code Review
• Compilation
• Linting
• Unit Tests
• Packaging
• Integration Tests
• Load Tests
• Security Tests
• Acceptance Tests
• Deployment
• Monitoring
• Measuring
• Validation

Release process automation models
Source Build Test Deploy Monitor

CI/CD with AWS Developer Tools
AWS CodeBuild +
Third Party
AWS CodeCommit AWS CodeBuild AWS CodeDeploy AWS X-Ray
Source Build Test Deploy Monitor
AWS CodePipeline
Amazon
CloudWatch

AWS CodeBuild
• Fully managed build service
• Continuous scaling
• Pay as you go
• Extensible
• Secure: encrypt build artifacts, access control
• Integrated with AWS services

AWS CodeBuild: Features
• Build source from CodeCommit, S3, Bitbucket
and GitHub/GitHub Enterprise
• Build inside your VPC
• Use secrets from Amazon Parameter Store
• Amazon S3 build cache
• Debug locally with CodeBuild Agent

AWS CodePipeline
• Automate your release processes
• Consistent release process
• Speed up delivery while improving quality
• Use your favorite tools
• View progress at-a-glance

Amazon Elastic Container Service for Kubernetes
mycluster.eks.amazonaws.com
EKS workers
Kubectl
AZ 1 AZ 2 AZ 3
Your AWS account
VPC

Building Docker image
Dockerfile
Docker image
docker build

Build specification – Docker
version: 0.2
phases:
pre_build:
commands:
- $(aws ecr get-login --no-include-email)
build:
commands:
- docker build --tag “${ECR}:${COMMIT}” -–tag “${ECR}:${TAG}” .
post_build:
commands:
- docker push "${ECR}:${COMMIT}”; docker push “${ECR}:${TAG}”

Amazon EC2 Container Registry (ECR)
• Fully managed private Docker Registry
• Supports Docker Registry HTTP API V2
• Scalable, available, durable architecture
• Secure: encrypt at rest, control access with IAM
• Manage image lifecycle
• Integrated with other AWS services

Docker Continuous Integration pipeline
AWS Cloud
AWS CodeBuild Multi-Stage
Docker Build
3rd party Git repository
Git users
git push
webhook
Amazon EC2
Container Registry
AWS CodeCommit
git push
docker push
AWS CodeBuild

Kubernetes application

Amazon EKS – Helm/Package management
• Helm helps you manage K8s apps via Helm charts
• K8s Application Helm charts
• Define – templates and values (for multiple environments)
• Install – create a new release
• Upgrade – create a new release revision (rollback to previous revision)
• Create, version, share and publish – Important for regulation!
• Release management for Kubernetes application
• Runs on CI/CD or dev laptops

Kubernetes configuration development tools
• Helm CLI commands
• template – render Helm templates locally and display output
• lint – runs a series of tests to verify that the Helm chart is well-formed
• Kubeval
• https://github.com/garethr/kubeval
• validate Kubernets YAML/JSON files against Kubernetes JSON schema
• Kubetest
• https://github.com/garethr/kubetest
• unit test for Kubernetes configurations
• write tests in Skylark (Python dialect) configuration language

Helm chart Continuous Integration pipeline
AWS Cloud
AWS CodeBuild Helm Dev Tools
- helm lint
- kubeval
- kubetest
- package
3rd party Git repository
<Helm Chart>
Git users
git push
webhook
AWS CodeCommit
<Helm Chart>
git push
helm s3 push
AWS CodeBuild
Amazon Simple
Storage Service (S3)

EKS Continuous Delivery pipeline
AWS Cloud
AWS CodeBuild Amazon Elastic
Container Service
for Kubernetes
helm upgrade --install
AWS CodePipeline
AWS CodePipeline
helm test & helm rollback (on error)
Amazon EC2
Container Registry
Amazon Simple
source
source
Helm Repository

EKS Continuous Deployment pipeline
AWS
CodeBuild
Amazon Elastic
Container Service
for Kubernetes
helm upgrade --install
AWS CodePipeline
AWS
CodePipeline
helm test & helm rollback (on error)
Amazon EC2
Container
Registry
Amazon Simple
source
source
Helm Repository
AWS
CodeBuild
Helm Dev Tools
- helm lint
- kubeval
- kubetest
3rd
party Git
repository
<Helm Chart>
Git users
git push
webhook
AWS CodeCommit
<Helm Chart>
git push
helm s3 push
AWS CodeBuild
AWS CodeBuild Multi-Stage
Docker Build
3rd
party Git
repository
Git users
git push
webhook
AWS CodeCommit
git push
docker push
AWS CodeBuild

Key takeaways
1. Breaking monolith into microservices helps to achieve business agility
2. Build Continuous Deployment pipelines to speedup development flows
3. Combine power of AWS Developer Tools, 3rd party tools and open
source tools to achieve 100% automation

Thank you!
Alexei Ledenev
AWS Solutions Architect
Amazon Web Services
Gal Marder
VP DevOps Consulting
JForg Ltd
http://bit.ly/2SJ6SkU

From Code to a running container | AWS Summit Tel Aviv 2019

More Related Content

Similar to From Code to a running container | AWS Summit Tel Aviv 2019

More from AWS Summits

From Code to a running container | AWS Summit Tel Aviv 2019