Webinar recording: www.nginx.com/resources/webinars/how-to-adopt-infrastructure-as-code Modern applications are increasingly deployed in containers and virtual machines on clusters of dozens, hundreds, and even thousands of servers – in private data centers and in the public cloud. Managing complex applications like these puts more demands than ever on infrastructure and the teams managing it. The traditional ways of manually adding, configuring, and modifying infrastructure no longer scale. Infrastructure as Code is a new approach to managing IT infrastructure where you treat infrastructure as if it were software and data, using modern tools like version control systems and deployment orchestration. Based on software development and DevOps best practices, Infrastructure as Code makes deployment and infrastructure management more efficient than ever. Anyone who works with IT infrastructure – system administrators, infrastructure engineers, DevOps engineers, architects, software developers, and others – can implement changes more quickly, easily, and reliably. Join us for this webinar co-hosted by Kief Morris, Cloud Practice Lead at ThoughtWorks and author of Infrastructure as Code, and Floyd Smith of NGINX, Inc. You’ll learn: * Why Infrastructure as Code is a better approach for managing modern infrastructure * Challenges that Infrastructure as Code helps address * Practical examples of using software to control infrastructure * How NGINX Plus can help your Infrastructure as Code efforts

1. MORE INFORMATION AT NGINX.COM

2. MORE INFORMATION AT NGINX.COM
Who Are We?
Kief Morris
Cloud Practice Lead, Thoughtworks
Formerly:
• Sr. Technical Architect, Map of Medicine
• Hosting Operations Manager, Syzygy
• Technical Director, bitBull
Floyd Smith
Technical Marketing Writer
Formerly:
• Sr. Technical Writer, Apple
• Group Channel Manager, Altavista
• Business Site Manager, AOL Netscape

3. MORE INFORMATION AT NGINX.COM
• First OSS release in 2004
• Company founded in 2011
• VC-backed by industry leaders
• 500+ customers
• 75+ employees

4. 160 milliontotal sites
running on NGINX
4Source: Netcraft June 2016 Web Server Survey

5. 51%of the Top 10,000
most visited websites
5Source: W3Techs Web Technology Survey

6. 36%of all sites on
Amazon Web Services
6Source: W3Techs December 2013 Web Server Survey

7. 7

8. Where NGINX Fits
Internet
Webserver
Serve content from disk
Application Gateway
FastCGI, uWSGI, Passenger…
Reverse Proxy
Caching, Load Balancing…
HTTP traffic

9. MORE INFORMATION AT NGINX.COM
Modern Web, Modern Architecture
From Monolithic...
Three-tier, J2EE-style architectures
Complex protocols (HTML, SOAP)
Persistent deployments
Fixed, static Infrastructure
Big-bang releases
Silo’ed teams (Dev, Test, Ops)
...to Dynamic
Microservices
Lightweight (REST, Messaging)
Mutable; Containers, VMs
SDN, NFV, Cloud
Continuous delivery
DevOps Culture

10. Why DevOps + NGINX =
• Software load balancing goes hand-in-hand with cloud
deployments
• Variety of load balancing methods gives flexibility and
performance
• On-the-fly reconfiguration supports service discovery and
uptime
• Application health checks give early warning of problems
• Robust, customizable monitoring increases uptime
10

11. MORE INFORMATION AT NGINX.COM
OPEN SOURCE
PLUS
FEATURES
REQUEST ROUTING COMPRESSION LOAD BALANCING APP HEALTH MONITORING GUI VISUALIZATION
SSL EMBEDDED SCRIPT LANGUAGE EDGE CACHE MEDIA STREAMING MONITORING ANALYTICS CONFIGURATION RESTFUL API
What’s Inside NGINX Plus?
11

12. “NGINX Plus gives us the agility we need
to anticipate and meet customers’ needs as they arise –
without fear of compromising availability or performance.”
-Serge Leschinsky, DevOps engineer at MuleSoft
Results
 Fit right in to current infrastructure
 Simplified security
 Agility
 Around-the-Clock Support
The Challenge
 Wanted greater visibility into
customer traffic
 Needed more configuration
flexibility
 Too much redundant manual work
Solution
 Upgrade from NGINX
to NGINX Plus
 On-the-fly DNS-based
reconfiguration
 Enhanced monitoring and visibility
In Action: MuleSoft moves from open source
to NGINX Plus for greater visibility & control

13. kief@thoughtworks.com
Cloud Practice Lead (UK)
DevOps, Continuous Delivery, Agile Ops
Twitter: @kief
Book: http://oreil.ly/1JKIBVe
Site: http://infrastructure-as-code.com

14. SERVER SPRAWL
Creating new servers is the easy part

15. CONFIGURATION DRIFT
Servers start
out identical
But changes
accumulate
over time

16. AUTOMATION FEAR CYCLE

17. INFRASTRUCTURE
AS CODE
“Applying software engineering tools and practices to
infrastructure”

18. UNATTENDED AUTOMATION
Tools run on a
schedule to apply, re-
apply, and update
configuration
BENEFITS OF UNATTENDED:
●Discover problems quickly
●Force yourself to fix those
problems
●Force yourself to improve
your tools and processes
●Discourages “out of band”
changes

19. AUTOMATE SERVER UPDATES
Automation isn’t just for new servers!
Configuration
synchronization
Run Chef, Puppet, Ansible, etc. on a
schedule
Immutable servers Apply changes by rebuilding servers
Containerized
servers
Apply changes by deploying new
container instances

20. RE-USE & PROMOTE DEFINITIONS
Re-use the same definition files across environments for a
given application or service
DEV STAG
E
PROD
Playbooks,
Cookbooks,
Manifests,
templates, etc.

21. TEST INFRASTRUCTURE CHANGES
Preventing DevOops
INFRA
TEST
DEV
TEST
PROD

22. PIPELINES
Using Continuous Delivery pipelines to manage
infrastructure

23. WHAT?
Terraform,
Puppet, etc.
Changes are
made and
committed to
VCS
Tools are run on
agents to apply
changes to
environments
Changes are only
promoted after
passing tests &
authorization

24. WHY?
Validates changes to
infrastructure before
applying them to
production
Confidence for
frequent, small
improvements to
infrastructure
Limit direct
changes to
infrastructure

25. TESTING
Correctness
Security policies
Performance
Stability

26. GOVERNANCE
The process for applying changes is auditable
Changes can be traced back to commits
Automation ensures processes are followed
Authorization can be required as needed

27. VPC
Subnet
10.0.0.0/16
Security Group
1.1.1.0/16 -> :443
DEFINING A SIMPLE ENVIRONMENT
ANSIBLE PLAYBOOK
Server configuration
TERRAFORM FILE
Environment structure
APPLICATION
SOURCE
Deployable application

28. SIMPLE PIPELINE DESIGN
BUILD
STAGE
TEST
STAGE
QA
STAGE
PROD
STAGE
Application Ansible Terraform
Deploy application, configuration, and infrastructure

29. ALIGN INFRASTRUCTURE DESIGN
TO TEAMS
Ensure teams can
make the changes
they need easily
and safely

30. COMPLEX ENVIRONMENTS
Infrastructure involving multiple teams

31. FAN-IN PIPELINE
ServiceA
ServiceB
ServiceC
SYSTE
M TEST
QA PROD
BUILD
BUILD
BUILD
SERVIC
E
TEST
SERVIC
E
TEST
SERVIC
E
TEST

32. DECOUPLED PIPELINES
ServiceA
TESTBUILD
ServiceB
TESTBUILD
ServiceC
TESTBUILD
QA PROD
QA PROD
QA PROD

33. DEPENDENCIES
ServiceA
TESTBUILD
ServiceB
QA PROD
TESTBUILD QA PROD
Create test
instance of
provider
Implement
Consumer
Driven Contract
(CDC) Tests
Use mocks
and stubs

34. ISSUE: SHARED ELEMENTS
NGINX
ServiceA
vhost
ServiceB
vhost
Shared
infrastructure
definitions
Service-specific
infrastructure
definitions

35. SHARING ELEMENTS
Avoid monoliths - optimize to simplify making changes
NGINX

36. OUTCOMES ● Quickly provision and
evolve infrastructure
● Effortlessly roll out fixes
● Keep systems consistent
and up to date
● Spend time on high value
work

37. Book: http://oreil.ly/1JKIBVe
Site: http://infrastructure-as-code.com
Twitter: @kief
kief@thoughtworks.com
Cloud Practice Lead (UK)
, Continuous Delivery, Agile Ops

38. Links
38
NGINX
1. MuleSoft case study
2. Doing DevOps blog post
3. How to Manage Your Control
Issues
4. Reconfiguring NGINX on the
fly
5. nginx.conf 2016
6. All NGINX DevOps blog posts
ThoughtWorks
1. Infrastructure as Code – Amazon
2. Effective DevOps – Amazon
3. State of DevOps survey at
ThoughtWorks
4. “Infrastructure as Code” articles
at ThoughtWorks

39. MORE INFORMATION AT NGINX.COM

40. Questions?

41. Thank You
nginx.com | @nginx