SlideShare a Scribd company logo
Who Am I?
 Engineer<T> where T : Azure | DevOps | C#
 Microsoft® Most Valuable Professional
 Solutions Architect @ SoftServe, Inc.
 Spend time in the cloud
 More… go to https://ifesenko.com
Agenda  DNS
 Versioning
 GitOps & ArgoCD
 GitHub Actions for CI/CD
Context
DNS
It’s Always DNS
DNS. Lessons Learned
 Do NOT use {env}.{app}.company.com as a naming convention
 Do {app}.{env}.company.com
 Use {internal}.{env}.company.com DNS zone if you have resources
that are not exposed to public internet
 CNAME records will help during potential migration if you use them
Versioning
Versioning
Semantic Versioning (SemVer) & Branch Strategy
 Given a version number MAJOR.MINOR.PATCH, increment the:
 MAJOR version when you make incompatible API changes
 MINOR version when you add functionality in a backwards compatible manner
 PATCH version when you make backwards compatible bug fixes
Calendar-Based Versioning (CalVer)
 YYYY.MM.Sequence(.Patch)
 Breaking changes are for changelog
 Ship feature and fix as soon as possible
 Gregorian calendar and UTC time are only dependencies
 If you have support cycle each user can easily check if it is supported
Versioning. Lessons Learned
 Ensure calendar-based version is generated per a run and only once
 Always leave traces to correlate build number with commit id
 Git tag
 Version metadata
 You should be able to generate new version number on any platform
GitOps & ArgoCD
GitOps
GitOps. Repository Layout
 .github/
 azure/ - definitions related to policy as code
 cluster/ - all files related to AKS
 argocd/ - Application of Applications (cluster bootstrapping)
 non-prod/
 apps/
 projects/
 prod/
 apps/
 projects/
 rabbitmq/ - RabbitMQ Helm chart
 stunnel/ - stunnel Helm chart
 docs/ - runbooks, scripts, decision records, etc.
 terraform/ - Terraform files to manage infrastructure
ArgoCD. App Of Apps Pattern
 When ArgoCD is deployed
 create a new app “root”
 that consists other apps and projects
 PATH: cluster/argocd/non-prod
 Apps
 definitions of 1st party and 3rd party apps
 Projects
 we use ArgoCD projects as environments
projects/dev.yaml
apiVersion: argoproj.io/v1alpha1
kind: AppProject
metadata:
name: dev
spec:
clusterResourceWhitelist:
- group: "*"
kind: "*"
description: Dev Environment
destinations:
- name: "*"
namespace: "*-dev"
server: "*"
sourceRepos:
- "*"
status: {}
apps/rabbitmq.yaml
apiVersion: argoproj.io/v1alpha1
kind: ApplicationSet
metadata:
name: rabbitmq
spec:
generators:
- list:
elements:
- env: dev
- env: sqa
- env: uat
template:
metadata:
name: "rabbitmq-{{env}}"
spec:
project: "{{env}}"
source:
repoURL: git@github.com:org/ops-product.git
targetRevision: HEAD
path: cluster/rabbitmq
helm:
valueFiles:
- common/values-common.yaml
- variants/non-prod/values-non-prod.yaml
- "envs/{{env}}-eastus/values-settings.yaml"
- "envs/{{env}}-eastus/values-replicas.yaml"
destination:
namespace: "rabbitmq-{{env}}"
server: https://kubernetes.default.svc
syncPolicy:
syncOptions:
- CreateNamespace=true
ArgoCD. Helm Chart Layout
 common/ - configuration which is common to all envs
 envs/ - holds environment specific configuration
 templates/ - Helm chart files
 variants/ - holds characteristics between similar envs
GitHub Actions for CI/CD
GitHub Actions or “Count to 10”
GitHub Actions Layout
 Build
 Code Analysis
 Deploy
 PRs
 *Reusable workflows to build,
test and publish
“CommitOps” in Action
skip-ci skip-tests
“EmojiOps” in Action
 Use as a symbol system to highlight important steps
GitHub Actions & Release Management
deploy.yaml
deploy:
runs-on: ubuntu-latest
name: deploy to ${{ inputs.env-id }}
environment:
name: ${{ inputs.env-id }}
env:
VERSION_FILE_PATH: cluster/product-services/envs/${{ inputs.env-id }}-eastus/values-version.yaml
steps:
- name: Checkout org/ops-product repository
uses: actions/checkout@v3
with:
repository: org/ops-product
path: ops-product
ssh-key: ${{ secrets.OPS_PRODUCT_SSH_PRIVATE_KEY }}
- name: Update container image version to ${{ inputs.build-version }}
uses: fjogeleit/yaml-update-action@main
with:
valueFile: ${{ env.VERSION_FILE_PATH }}
propertyPath: "image.tag"
value: "${{ inputs.build-version }}"
commitChange: false
updateFile: true
workDir: ops-product
branch: deployment
masterBranchName: main
targetBranch: dev
repository: org/ops-product
- name: Commit and push changes
run: |
git config user.name "${GITHUB_ACTOR}"
git config user.email "${GITHUB_ACTOR}@users.noreply.github.com"
git add .
git commit -m "Bump image version to ${{ inputs.build-version }} for ${{ inputs.env-id }} environment"
git push
working-directory: ops-product
Keep Up To Date Your Actions & Charts
 Dependabot or Renovate
GitHub Actions. Lessons Learned
 Be careful when sharing state between Jobs via GitHub Artifacts
 Do not publish build artifacts to GitHub Artifacts
 Allow a subsequently queued workflow run to interrupt previous
runs. GitHub Docs
 Limit number of open pull requests for version updates
 Cache dependencies
 Nested workflows and secrets scope
Questions?
@ky7m | ifesenko.com

More Related Content

Similar to "Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko

Kubernetes for the PHP developer
Kubernetes for the PHP developerKubernetes for the PHP developer
Kubernetes for the PHP developer
Paul Czarkowski
 
Docker for developers on mac and windows
Docker for developers on mac and windowsDocker for developers on mac and windows
Docker for developers on mac and windows
Docker, Inc.
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with Backstage
Opsta
 
An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)
An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)
An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)
Eric D. Schabell
 
The App Developer's Kubernetes Toolbox
The App Developer's Kubernetes ToolboxThe App Developer's Kubernetes Toolbox
The App Developer's Kubernetes Toolbox
Nebulaworks
 
The GO Language : From Beginners to Gophers
The GO Language : From Beginners to GophersThe GO Language : From Beginners to Gophers
The GO Language : From Beginners to Gophers
Alessandro Sanino
 
Toolbox of a Ruby Team
Toolbox of a Ruby TeamToolbox of a Ruby Team
Toolbox of a Ruby Team
Arto Artnik
 
Easy deployment & management of cloud apps
Easy deployment & management of cloud appsEasy deployment & management of cloud apps
Easy deployment & management of cloud apps
David Cunningham
 
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerSpinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Andrew Phillips
 
DevFest 2022 - GitHub Actions를 활용한 Flutter 배포 자동화하기
DevFest 2022 - GitHub Actions를 활용한 Flutter 배포 자동화하기DevFest 2022 - GitHub Actions를 활용한 Flutter 배포 자동화하기
DevFest 2022 - GitHub Actions를 활용한 Flutter 배포 자동화하기
SuJang Yang
 
Application Lifecycle Management in a Serverless World
Application Lifecycle Management in a Serverless WorldApplication Lifecycle Management in a Serverless World
Application Lifecycle Management in a Serverless World
Amazon Web Services
 
Scaffolding for Serverless: lightning talk for AWS Arlington Meetup
Scaffolding for Serverless: lightning talk for AWS Arlington MeetupScaffolding for Serverless: lightning talk for AWS Arlington Meetup
Scaffolding for Serverless: lightning talk for AWS Arlington Meetup
Chris Shenton
 
Scaleable PHP Applications in Kubernetes
Scaleable PHP Applications in KubernetesScaleable PHP Applications in Kubernetes
Scaleable PHP Applications in Kubernetes
Robert Lemke
 
Deploying Symfony2 app with Ansible
Deploying Symfony2 app with AnsibleDeploying Symfony2 app with Ansible
Deploying Symfony2 app with Ansible
Roman Rodomansky
 
Docker Multi-arch All The Things
Docker Multi-arch All The ThingsDocker Multi-arch All The Things
Docker Multi-arch All The Things
Docker, Inc.
 
Tutorial 1: Your First Science App - Araport Developer Workshop
Tutorial 1: Your First Science App - Araport Developer WorkshopTutorial 1: Your First Science App - Araport Developer Workshop
Tutorial 1: Your First Science App - Araport Developer Workshop
Vivek Krishnakumar
 
carrow - Go bindings to Apache Arrow via C++-API
carrow - Go bindings to Apache Arrow via C++-APIcarrow - Go bindings to Apache Arrow via C++-API
carrow - Go bindings to Apache Arrow via C++-API
Yoni Davidson
 
Introduzione a GitHub Actions (beta)
Introduzione a GitHub Actions (beta)Introduzione a GitHub Actions (beta)
Introduzione a GitHub Actions (beta)
Giulio Vian
 
Solum - OpenStack PaaS / ALM - Austin OpenStack summit
Solum - OpenStack PaaS / ALM - Austin OpenStack summitSolum - OpenStack PaaS / ALM - Austin OpenStack summit
Solum - OpenStack PaaS / ALM - Austin OpenStack summit
devkulkarni
 
Kubernetes Overview - Deploy your app with confidence
Kubernetes Overview - Deploy your app with confidenceKubernetes Overview - Deploy your app with confidence
Kubernetes Overview - Deploy your app with confidence
Omer Barel
 

Similar to "Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko (20)

Kubernetes for the PHP developer
Kubernetes for the PHP developerKubernetes for the PHP developer
Kubernetes for the PHP developer
 
Docker for developers on mac and windows
Docker for developers on mac and windowsDocker for developers on mac and windows
Docker for developers on mac and windows
 
Let's build Developer Portal with Backstage
Let's build Developer Portal with BackstageLet's build Developer Portal with Backstage
Let's build Developer Portal with Backstage
 
An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)
An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)
An OpenShift Primer for Developers to get your Code into the Cloud (PTJUG)
 
The App Developer's Kubernetes Toolbox
The App Developer's Kubernetes ToolboxThe App Developer's Kubernetes Toolbox
The App Developer's Kubernetes Toolbox
 
The GO Language : From Beginners to Gophers
The GO Language : From Beginners to GophersThe GO Language : From Beginners to Gophers
The GO Language : From Beginners to Gophers
 
Toolbox of a Ruby Team
Toolbox of a Ruby TeamToolbox of a Ruby Team
Toolbox of a Ruby Team
 
Easy deployment & management of cloud apps
Easy deployment & management of cloud appsEasy deployment & management of cloud apps
Easy deployment & management of cloud apps
 
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with SpinnakerSpinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
Spinnaker Summit 2018: CI/CD Patterns for Kubernetes with Spinnaker
 
DevFest 2022 - GitHub Actions를 활용한 Flutter 배포 자동화하기
DevFest 2022 - GitHub Actions를 활용한 Flutter 배포 자동화하기DevFest 2022 - GitHub Actions를 활용한 Flutter 배포 자동화하기
DevFest 2022 - GitHub Actions를 활용한 Flutter 배포 자동화하기
 
Application Lifecycle Management in a Serverless World
Application Lifecycle Management in a Serverless WorldApplication Lifecycle Management in a Serverless World
Application Lifecycle Management in a Serverless World
 
Scaffolding for Serverless: lightning talk for AWS Arlington Meetup
Scaffolding for Serverless: lightning talk for AWS Arlington MeetupScaffolding for Serverless: lightning talk for AWS Arlington Meetup
Scaffolding for Serverless: lightning talk for AWS Arlington Meetup
 
Scaleable PHP Applications in Kubernetes
Scaleable PHP Applications in KubernetesScaleable PHP Applications in Kubernetes
Scaleable PHP Applications in Kubernetes
 
Deploying Symfony2 app with Ansible
Deploying Symfony2 app with AnsibleDeploying Symfony2 app with Ansible
Deploying Symfony2 app with Ansible
 
Docker Multi-arch All The Things
Docker Multi-arch All The ThingsDocker Multi-arch All The Things
Docker Multi-arch All The Things
 
Tutorial 1: Your First Science App - Araport Developer Workshop
Tutorial 1: Your First Science App - Araport Developer WorkshopTutorial 1: Your First Science App - Araport Developer Workshop
Tutorial 1: Your First Science App - Araport Developer Workshop
 
carrow - Go bindings to Apache Arrow via C++-API
carrow - Go bindings to Apache Arrow via C++-APIcarrow - Go bindings to Apache Arrow via C++-API
carrow - Go bindings to Apache Arrow via C++-API
 
Introduzione a GitHub Actions (beta)
Introduzione a GitHub Actions (beta)Introduzione a GitHub Actions (beta)
Introduzione a GitHub Actions (beta)
 
Solum - OpenStack PaaS / ALM - Austin OpenStack summit
Solum - OpenStack PaaS / ALM - Austin OpenStack summitSolum - OpenStack PaaS / ALM - Austin OpenStack summit
Solum - OpenStack PaaS / ALM - Austin OpenStack summit
 
Kubernetes Overview - Deploy your app with confidence
Kubernetes Overview - Deploy your app with confidenceKubernetes Overview - Deploy your app with confidence
Kubernetes Overview - Deploy your app with confidence
 

More from Fwdays

"What I learned through reverse engineering", Yuri Artiukh
"What I learned through reverse engineering", Yuri Artiukh"What I learned through reverse engineering", Yuri Artiukh
"What I learned through reverse engineering", Yuri Artiukh
Fwdays
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
Fwdays
 
"Micro frontends: Unbelievably true life story", Dmytro Pavlov
"Micro frontends: Unbelievably true life story", Dmytro Pavlov"Micro frontends: Unbelievably true life story", Dmytro Pavlov
"Micro frontends: Unbelievably true life story", Dmytro Pavlov
Fwdays
 
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
Fwdays
 
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
Fwdays
 
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y..."How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
Fwdays
 
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
Fwdays
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
Fwdays
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
Fwdays
 
"What is a RAG system and how to build it",Dmytro Spodarets
"What is a RAG system and how to build it",Dmytro Spodarets"What is a RAG system and how to build it",Dmytro Spodarets
"What is a RAG system and how to build it",Dmytro Spodarets
Fwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
Fwdays
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
Fwdays
 
"Distributed graphs and microservices in Prom.ua", Maksym Kindritskyi
"Distributed graphs and microservices in Prom.ua",  Maksym Kindritskyi"Distributed graphs and microservices in Prom.ua",  Maksym Kindritskyi
"Distributed graphs and microservices in Prom.ua", Maksym Kindritskyi
Fwdays
 
"Rethinking the existing data loading and processing process as an ETL exampl...
"Rethinking the existing data loading and processing process as an ETL exampl..."Rethinking the existing data loading and processing process as an ETL exampl...
"Rethinking the existing data loading and processing process as an ETL exampl...
Fwdays
 
"How Ukrainian IT specialist can go on vacation abroad without crossing the T...
"How Ukrainian IT specialist can go on vacation abroad without crossing the T..."How Ukrainian IT specialist can go on vacation abroad without crossing the T...
"How Ukrainian IT specialist can go on vacation abroad without crossing the T...
Fwdays
 
"The Strength of Being Vulnerable: the experience from CIA, Tesla and Uber", ...
"The Strength of Being Vulnerable: the experience from CIA, Tesla and Uber", ..."The Strength of Being Vulnerable: the experience from CIA, Tesla and Uber", ...
"The Strength of Being Vulnerable: the experience from CIA, Tesla and Uber", ...
Fwdays
 
"[QUICK TALK] Radical candor: how to achieve results faster thanks to a cultu...
"[QUICK TALK] Radical candor: how to achieve results faster thanks to a cultu..."[QUICK TALK] Radical candor: how to achieve results faster thanks to a cultu...
"[QUICK TALK] Radical candor: how to achieve results faster thanks to a cultu...
Fwdays
 
"[QUICK TALK] PDP Plan, the only one door to raise your salary and boost care...
"[QUICK TALK] PDP Plan, the only one door to raise your salary and boost care..."[QUICK TALK] PDP Plan, the only one door to raise your salary and boost care...
"[QUICK TALK] PDP Plan, the only one door to raise your salary and boost care...
Fwdays
 
"4 horsemen of the apocalypse of working relationships (+ antidotes to them)"...
"4 horsemen of the apocalypse of working relationships (+ antidotes to them)"..."4 horsemen of the apocalypse of working relationships (+ antidotes to them)"...
"4 horsemen of the apocalypse of working relationships (+ antidotes to them)"...
Fwdays
 

More from Fwdays (20)

"What I learned through reverse engineering", Yuri Artiukh
"What I learned through reverse engineering", Yuri Artiukh"What I learned through reverse engineering", Yuri Artiukh
"What I learned through reverse engineering", Yuri Artiukh
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
"Micro frontends: Unbelievably true life story", Dmytro Pavlov
"Micro frontends: Unbelievably true life story", Dmytro Pavlov"Micro frontends: Unbelievably true life story", Dmytro Pavlov
"Micro frontends: Unbelievably true life story", Dmytro Pavlov
 
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
"Objects validation and comparison using runtime types (io-ts)", Oleksandr Suhak
 
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
"JavaScript. Standard evolution, when nobody cares", Roman Savitskyi
 
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y..."How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
"How Preply reduced ML model development time from 1 month to 1 day",Yevhen Y...
 
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
"GenAI Apps: Our Journey from Ideas to Production Excellence",Danil Topchii
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
"What is a RAG system and how to build it",Dmytro Spodarets
"What is a RAG system and how to build it",Dmytro Spodarets"What is a RAG system and how to build it",Dmytro Spodarets
"What is a RAG system and how to build it",Dmytro Spodarets
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
"Distributed graphs and microservices in Prom.ua", Maksym Kindritskyi
"Distributed graphs and microservices in Prom.ua",  Maksym Kindritskyi"Distributed graphs and microservices in Prom.ua",  Maksym Kindritskyi
"Distributed graphs and microservices in Prom.ua", Maksym Kindritskyi
 
"Rethinking the existing data loading and processing process as an ETL exampl...
"Rethinking the existing data loading and processing process as an ETL exampl..."Rethinking the existing data loading and processing process as an ETL exampl...
"Rethinking the existing data loading and processing process as an ETL exampl...
 
"How Ukrainian IT specialist can go on vacation abroad without crossing the T...
"How Ukrainian IT specialist can go on vacation abroad without crossing the T..."How Ukrainian IT specialist can go on vacation abroad without crossing the T...
"How Ukrainian IT specialist can go on vacation abroad without crossing the T...
 
"The Strength of Being Vulnerable: the experience from CIA, Tesla and Uber", ...
"The Strength of Being Vulnerable: the experience from CIA, Tesla and Uber", ..."The Strength of Being Vulnerable: the experience from CIA, Tesla and Uber", ...
"The Strength of Being Vulnerable: the experience from CIA, Tesla and Uber", ...
 
"[QUICK TALK] Radical candor: how to achieve results faster thanks to a cultu...
"[QUICK TALK] Radical candor: how to achieve results faster thanks to a cultu..."[QUICK TALK] Radical candor: how to achieve results faster thanks to a cultu...
"[QUICK TALK] Radical candor: how to achieve results faster thanks to a cultu...
 
"[QUICK TALK] PDP Plan, the only one door to raise your salary and boost care...
"[QUICK TALK] PDP Plan, the only one door to raise your salary and boost care..."[QUICK TALK] PDP Plan, the only one door to raise your salary and boost care...
"[QUICK TALK] PDP Plan, the only one door to raise your salary and boost care...
 
"4 horsemen of the apocalypse of working relationships (+ antidotes to them)"...
"4 horsemen of the apocalypse of working relationships (+ antidotes to them)"..."4 horsemen of the apocalypse of working relationships (+ antidotes to them)"...
"4 horsemen of the apocalypse of working relationships (+ antidotes to them)"...
 

Recently uploaded

Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
Kari Kakkonen
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
TIPNGVN2
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems S.M.S.A.
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
DianaGray10
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
SOFTTECHHUB
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Zilliz
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Albert Hoitingh
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
Neo4j
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
DianaGray10
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
名前 です男
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the  Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the  Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
Neo4j
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
Edge AI and Vision Alliance
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
shyamraj55
 

Recently uploaded (20)

Climate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing DaysClimate Impact of Software Testing at Nordic Testing Days
Climate Impact of Software Testing at Nordic Testing Days
 
Data structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdfData structures and Algorithms in Python.pdf
Data structures and Algorithms in Python.pdf
 
Uni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdfUni Systems Copilot event_05062024_C.Vlachos.pdf
Uni Systems Copilot event_05062024_C.Vlachos.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6UiPath Test Automation using UiPath Test Suite series, part 6
UiPath Test Automation using UiPath Test Suite series, part 6
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!
 
TrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc Webinar - 2024 Global Privacy Survey
TrustArc Webinar - 2024 Global Privacy Survey
 
Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...Building RAG with self-deployed Milvus vector database and Snowpark Container...
Building RAG with self-deployed Milvus vector database and Snowpark Container...
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
GraphSummit Singapore | Graphing Success: Revolutionising Organisational Stru...
 
Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1Communications Mining Series - Zero to Hero - Session 1
Communications Mining Series - Zero to Hero - Session 1
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
みなさんこんにちはこれ何文字まで入るの?40文字以下不可とか本当に意味わからないけどこれ限界文字数書いてないからマジでやばい文字数いけるんじゃないの?えこ...
 
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the  Possible with Graph - Q2 2024GraphSummit Singapore | The Art of the  Possible with Graph - Q2 2024
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
“Building and Scaling AI Applications with the Nx AI Manager,” a Presentation...
 
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with SlackLet's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slack
 

"Modern DevOps & Real Life Applications. 3.0.0-devops+20230318", Igor Fesenko

  • 1.
  • 2. Who Am I?  Engineer<T> where T : Azure | DevOps | C#  Microsoft® Most Valuable Professional  Solutions Architect @ SoftServe, Inc.  Spend time in the cloud  More… go to https://ifesenko.com
  • 3. Agenda  DNS  Versioning  GitOps & ArgoCD  GitHub Actions for CI/CD
  • 5. DNS
  • 7. DNS. Lessons Learned  Do NOT use {env}.{app}.company.com as a naming convention  Do {app}.{env}.company.com  Use {internal}.{env}.company.com DNS zone if you have resources that are not exposed to public internet  CNAME records will help during potential migration if you use them
  • 10. Semantic Versioning (SemVer) & Branch Strategy  Given a version number MAJOR.MINOR.PATCH, increment the:  MAJOR version when you make incompatible API changes  MINOR version when you add functionality in a backwards compatible manner  PATCH version when you make backwards compatible bug fixes
  • 11. Calendar-Based Versioning (CalVer)  YYYY.MM.Sequence(.Patch)  Breaking changes are for changelog  Ship feature and fix as soon as possible  Gregorian calendar and UTC time are only dependencies  If you have support cycle each user can easily check if it is supported
  • 12. Versioning. Lessons Learned  Ensure calendar-based version is generated per a run and only once  Always leave traces to correlate build number with commit id  Git tag  Version metadata  You should be able to generate new version number on any platform
  • 15. GitOps. Repository Layout  .github/  azure/ - definitions related to policy as code  cluster/ - all files related to AKS  argocd/ - Application of Applications (cluster bootstrapping)  non-prod/  apps/  projects/  prod/  apps/  projects/  rabbitmq/ - RabbitMQ Helm chart  stunnel/ - stunnel Helm chart  docs/ - runbooks, scripts, decision records, etc.  terraform/ - Terraform files to manage infrastructure
  • 16. ArgoCD. App Of Apps Pattern  When ArgoCD is deployed  create a new app “root”  that consists other apps and projects  PATH: cluster/argocd/non-prod  Apps  definitions of 1st party and 3rd party apps  Projects  we use ArgoCD projects as environments
  • 17. projects/dev.yaml apiVersion: argoproj.io/v1alpha1 kind: AppProject metadata: name: dev spec: clusterResourceWhitelist: - group: "*" kind: "*" description: Dev Environment destinations: - name: "*" namespace: "*-dev" server: "*" sourceRepos: - "*" status: {}
  • 18. apps/rabbitmq.yaml apiVersion: argoproj.io/v1alpha1 kind: ApplicationSet metadata: name: rabbitmq spec: generators: - list: elements: - env: dev - env: sqa - env: uat template: metadata: name: "rabbitmq-{{env}}" spec: project: "{{env}}" source: repoURL: git@github.com:org/ops-product.git targetRevision: HEAD path: cluster/rabbitmq helm: valueFiles: - common/values-common.yaml - variants/non-prod/values-non-prod.yaml - "envs/{{env}}-eastus/values-settings.yaml" - "envs/{{env}}-eastus/values-replicas.yaml" destination: namespace: "rabbitmq-{{env}}" server: https://kubernetes.default.svc syncPolicy: syncOptions: - CreateNamespace=true
  • 19. ArgoCD. Helm Chart Layout  common/ - configuration which is common to all envs  envs/ - holds environment specific configuration  templates/ - Helm chart files  variants/ - holds characteristics between similar envs
  • 21. GitHub Actions or “Count to 10”
  • 22. GitHub Actions Layout  Build  Code Analysis  Deploy  PRs  *Reusable workflows to build, test and publish
  • 24. “EmojiOps” in Action  Use as a symbol system to highlight important steps
  • 25. GitHub Actions & Release Management
  • 26. deploy.yaml deploy: runs-on: ubuntu-latest name: deploy to ${{ inputs.env-id }} environment: name: ${{ inputs.env-id }} env: VERSION_FILE_PATH: cluster/product-services/envs/${{ inputs.env-id }}-eastus/values-version.yaml steps: - name: Checkout org/ops-product repository uses: actions/checkout@v3 with: repository: org/ops-product path: ops-product ssh-key: ${{ secrets.OPS_PRODUCT_SSH_PRIVATE_KEY }} - name: Update container image version to ${{ inputs.build-version }} uses: fjogeleit/yaml-update-action@main with: valueFile: ${{ env.VERSION_FILE_PATH }} propertyPath: "image.tag" value: "${{ inputs.build-version }}" commitChange: false updateFile: true workDir: ops-product branch: deployment masterBranchName: main targetBranch: dev repository: org/ops-product - name: Commit and push changes run: | git config user.name "${GITHUB_ACTOR}" git config user.email "${GITHUB_ACTOR}@users.noreply.github.com" git add . git commit -m "Bump image version to ${{ inputs.build-version }} for ${{ inputs.env-id }} environment" git push working-directory: ops-product
  • 27. Keep Up To Date Your Actions & Charts  Dependabot or Renovate
  • 28. GitHub Actions. Lessons Learned  Be careful when sharing state between Jobs via GitHub Artifacts  Do not publish build artifacts to GitHub Artifacts  Allow a subsequently queued workflow run to interrupt previous runs. GitHub Docs  Limit number of open pull requests for version updates  Cache dependencies  Nested workflows and secrets scope

Editor's Notes

  1. Сучасний ДевОпс та Реальність Його Застосування
  2. ```mermaid sequenceDiagram participant PI as Public Internet participant CF as Cloudflare participant Prod as Azure DNS (Prod) participant NonProd as Azure DNS (Non-Prod) PI->>CF: company.com CF->>Prod: product.company.com Prod->>NonProd: dev.product.company.com Prod->>NonProd: sqa.product.company.com Prod->>NonProd: uat.product.company.com ```
  3. How it works If the current commit has a version tag: The version is used as-is If the current commit does not have a version tag: The commit history is searched for the latest commit with a version tag. If a commit with a version tag is found: If the version is a pre-release: The version is used as-is, with height added. If the version is RTM (not pre-release): The patch number is incremented. Default pre-release identifiers are added. Height is added. If no commit with a version tag is found: The default version0.0.0-preview.0 is used, with height added. Height If the current commit does not have a version tag, another number is added to the pre-release identifiers. This is the number of commits since the latest commit with a version tag or, if no commits have a version tag, since the root commit. This is known as "height". For example, if the latest version tag found is 2022.11.0-rc.1, at a height of 42 commits, the calculated version is 2022.11.0-rc.1.42. Example: 2022.11.1-preview.7+f52c82b -> 2022.11.1-rc.1+e42c32b -> 2022.11.1+9693551