Pipeline as Code for your IAC. Kris

Similar documents
Continuous Delivery of your infrastructure. Christophe

Monitoring (with) Puppet. PuppetCamp

Automating MySQL operations with Puppet. Kris Buytaert &

Deploy Stuff, Run Stuff Jax Devops London Kris

Building and Deploying a Saas platform On Prem

AEM Code Promotion and Content Synchronization Best Practices

Jenkins: A complete solution. From Continuous Integration to Continuous Delivery For HSBC

Code Review for DevOps

I keep hearing about DevOps What is it?

Orchestrating the Continuous Delivery Process

7 Tools for your devops stack. Kris Buytaert European Tour April 2012

Seven Habits of Highly Effective Jenkins Users

Jenkins User Conference Israel. #jenkinsconf. CI / Liveperson. Gidi Samuels. July 16, #jenkinsconf

ITIL isn t evil Most people who implement it are

We are ready to serve Latest Testing Trends, Are you ready to learn?? New Batches Info

#jenkinsconf. Managing jenkins with multiple components project. Jenkins User Conference Israel. Presenter Name Ohad Basan

Advanced Continuous Delivery Strategies for Containerized Applications Using DC/OS

Treating Deployments as Code with Puppet and the Atlassian Toolsuite Puppet Camp, Geneva

EVERYTHING AS CODE A Journey into IT Automation and Standardization. Raphaël Pinson

Start Building CI/CD as Code The 7 Lessons Learnt from Deploying and Managing 100s of CI Environments

From Dev/Ops to devops

DevOps Course Content

CloudCenter for Developers

Continuous Integration using Docker & Jenkins

JenkinsPipelineUnit. Test your Continuous Delivery Pipeline. Ozan Gunalp - Emmanuel Quincerot

DevOps Online Training

This tutorial provides a basic understanding of the infrastructure and fundamental concepts of managing an infrastructure using Chef.

Aspirin as a Service: Using the Cloud to Cure Security Headaches

Tools for Distributed, Open Source Systems Administration

Chapter 1 - Continuous Delivery and the Jenkins Pipeline

TM DevOps Use Case. 2017TechMinfy All Rights Reserved

How to Take the CI/CD Plunge

How Can Testing Teams Play a Key Role in DevOps Adoption?

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

Developing and Testing Java Microservices on Docker. Todd Fasullo Dir. Engineering

There Should be One Obvious Way to Bring Python into Production. Sebastian Neubauer

Linux System Management with Puppet, Gitlab, and R10k. Scott Nolin, SSEC Technical Computing 22 June 2017

Continuous integration & continuous delivery. COSC345 Software Engineering

Microservice Deployment. Software Engineering II Sharif University of Technology MohammadAmin Fazli

TM DevOps Use Case TechMinfy All Rights Reserved

DEVOPS TRAINING COURSE CONTENT

Azure DevOps. Randy Pagels Intelligent Cloud Technical Specialist Great Lakes Region

DEVOPS COURSE CONTENT

Accelerate at DevOps Speed With Openshift v3. Alessandro Vozza & Samuel Terburg Red Hat

Continuous Integration / Continuous Testing

From Continuous Integration To Continuous Delivery With Jenkins

DevOps Technologies. for Deployment

TM DevOps Use Case. 2017TechMinfy All Rights Reserved

Testing your puppet code

Building an Effective Cloud Operating Model on AWS

Build & Launch Tools (BLT) Automating best practices for enterprise sites

OPENSTACK BEIJING CONFERENCE. by: Steven Hallett Head of Cloud Infrastructure Engineering and Operations

Elizabeth Lawler CEO & Co-Founder Conjur,

CONTINUOUS DELIVERY IN THE ORACLE CLOUD

Sunil Shah SECURE, FLEXIBLE CONTINUOUS DELIVERY PIPELINES WITH GITLAB AND DC/OS Mesosphere, Inc. All Rights Reserved.

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

JetBrains TeamCity Comparison

Configuration Management

Infrastructure-as-Code and CI Infrastructure at Open Stack A look at one of the largest CI systems and system administration

EPHEMERAL DEVOPS: ADVENTURES IN MANAGING SHORT-LIVED SYSTEMS

Teaching Elephants to Dance (and Fly!)

ContainerOps - DevOps Orchestration. Quanyi Ma

Continuous Integration and Delivery with Spinnaker

Monitoring MySQL with Prometheus & Grafana

DevOps Agility in the Evolving Cloud Services Landscape

DevOps and Maven. Eamonn de Leastar Dr. Siobhán Drohan Produced by:

Best Practices for a Mission- Critical Jenkins

Enabling Developers with Open Source Nicholas Parks, Cloud Architect, Kenzan

Continuous integration for databases using Red Gate tools

CONTINUOUS DELIVERY WITH DC/OS AND JENKINS

Containers & Microservices For Realists. Karthik

CORD How to build a POD and automate deployments. #OpenCORD

How to Setup a Development Environment for ONAP

The OpenStack Project Continuous Integration System. Elizabeth K.

ThinkPalm s BreakThrough DevOps Capabilities ThinkPalm

Strengthen and Scale security using DevSecOps

DevOps in the Cloud A pipeline to heaven?! Robert Cowham BCS CMSG Vice Chair

Continuous Delivery for Cloud Native Applications

AALOK INSTITUTE. DevOps Training

A DEVOPS STATE OF MIND. Chris Van Tuin Chief Technologist, West

Deploying a Private OpenStack Cloud at Scale. Matt Fischer & Clayton O Neill

Deploy Early, Deploy Often, Deploy Safely Andy Lowe

Put Security Into Your DevOps NOW. Or Prepare for the Flood Matthew Fisher Solution Architect, Fortify Federal 08MAR2018

ETOOMANYCATS. How we produce OpenStack

CONTINUOUS DELIVERY WITH MESOS, DC/OS AND JENKINS

Sometimes Tools Matter. John E. Vincent DevOpsDays Goteborg 2011

White Paper(Draft) Continuous Integration/Delivery/Deployment in Next Generation Data Integration

Developing Kubernetes Services

Automated Cyber Hardening of Mission Management Systems

Continuous Delivery the hard way with Kubernetes. Luke Marsden, Developer

Con$nuous Deployment with Docker Andrew Aslinger. Oct

l e a n Lean Software Development software development Faster Better Cheaper

Disruptive Technology

OpenStack Enabling DevOps Shannon McFarland CCIE #5245 Distinguished DEVNET-1104

A power point by R Tyler Croy

DevOps. A way to reduce risks for IoT? Hui Song, SINTEF

Continuous Integration. Johannes Seitz

Bitte decken Sie die schraffierte Fläche mit einem Bild ab. Please cover the shaded area with a picture. (24,4 x 7,6 cm)

SECURE PRIVATE VAGRANT BOXES AND MORE WITH A BINARY REPOSITORY MANAGER. White Paper

Who Moved My Module? 1

Transcription:

Pipeline as Code for your IAC Kris Buytaert @krisbuytaert

Kris Buytaert I used to be a Dev, Then Became an Op Chief Trolling Officer and Open Source Consultant @inuits.eu Everything is an effing DNS Problem Building Clouds since before the bookstore Some books, some papers, some blogs Evangelizing devops

Todays Goals Infrastructure as Code A reproducable way to deploy and upgrade /etc/puppet With 10+ environments in /etc/puppet/environments Automatically Fast Consistent Continuously

What's this devops thing anyhow?

C(L)AMS Culture (Lean) Automation Measurement Sharing Damon Edwards and John Willis Gene Kim

devops (<)> continuous delivery

Nirvana An ecosystem that supports continuous delivery, from infrastructure, data and configuration management to business. Through automation of the build, deployment, and testing process, and improved collaboration between developers, testers, and operations, delivery teams can get changes released in a matter of hours sometimes even minutes no matter what the size of a project or the complexity of its code base. Continuous Delivery, Jez Humble

How many times a day? 10 @ Flickr Deployments used to be pain Nobody dared to deploy a site Practice makes perfect Knowing you can vs constantly doing it

" Our job as engineers (and ops, dev-ops, QA, support, everyone in the company actually) is to enable the business goals. We strongly feel that in order to do that you must have the ability to deploy code quickly and safely. Even if the business goals are to deploy strongly QA d code once a month at 3am (it s not for us, we push all the time), having a reliable and easy deployment should be non-negotiable." Etsy Blog upon releasing Deployinator http://codeascraft.etsy.com/2010/05/20/quantum-of-deployment/

For years we've tolerated humans to make structural manual changes to the infrastructure our critical applications are running on. Whilst at the same time demanding those critical applications to go through rigid test scenarios. Who let this happen?

Infrastructure as Code Treat configuration automation as code Development best practices Model your infrastructure Version your cookbooks / manifests Test your cookbooks/ manifests Dev/ test /uat / prod for your infra Model your infrastructure A working service = automated ( Application Code + Infrastructure Code + Security + Monitoring ) PS. Converting Bash to Yaml!= IAC

Version all the things Source code Application Source code Infrastructure Builds Tests Pipelines Scripts Documentation Monitoring scripts No more excuses!

Puppet Open Source Config Management Tool Ecosystem 10y old ; very mature Ruby, Clojure, Jruby, C++,... Large community Lots of open source modules (code shared by other people to automate things)

Puppet in short You define the desired state of your infra Puppet looks at the current state and takes actions to get to the final state You have the report of what has been changed/errored/ It is declarative

How Puppet Works Puppet works by default on a server/agent model Agents fetch their catalog (= final desired state) from the master and apply that locally Then they report back to the server The catalog is computed depending on facts the machine sends to the server, user input (parameters) and modules (source code)

A random project [sdog@mine vagrant-graphite]$ ls manifests modules README TODO Vagrantfile [sdog@mine vagrant-graphite]$ tree -dl 2. manifests hosts modules apache collectd graphite jmxtrans logster statsd tattle 10 directories

Manage the modules Insert ugly shell script Librarian Puppet R10k...

Librarian Puppet / R10k Hides complexity of submodules Easy if you use Forge Modules Does anyone? Do you trust the internet to be around? Branching is considered the antipattern in a CI/CD Environment Librarian = Old English for can't use submodules And hmm... which customer uses which patched version again?

Software Release management is not a solved problem

Unless you understand Git Submodules Basic git, No extra tools required Integrates with other projects too. (No need for *-librarian etc..)

Continuous Integration Continuous integration (CI) is the practice, in software engineering, of merging all developer working copies with a shared mainline several times a day. It was first named and proposed as part of extreme programming (XP). Its main aim is to prevent integration problems, referred to as "integration hell" (WikiPedia) Does the app you are deploying still work? Did you break your puppet / chef code?

Jenkins Open Source Continuous Integration Server A zillion plugins (400) Have developers build stable and deployable code Test Infra code

Jenkins Pipeline

What's in your Pipeline?

A pipeline Checkout code Syntax Style Code Coverage Tests Build More Tests Package

Syntax and Style Initially, all code, all the time Now, only the changed code Why not in post Commit Hooks?

Package all the things

Artifacts: Tested artifacts that go through a pipeline application code, Infra code metadata tests

Why ops like to package Packages give you features Consistency, security, dependencies Uniquely identify where files come from Package or cfg-mgmt Source repo not always available Firewall / Cloud etc.. Weird deployment locations, no easy access Little overhead when you automate

Jordan Sissel is a Hero!

#packaginlove

It's not really packaging It's an immutable branch It's a tracable release artefact

A pipeline Checkout code Syntax Style Code Coverage Tests Build More Tests Package Upload to Repo

Repository Management Pulp Pro : MirroringLove Con : Mongo, Stability,.deb Aptly (deb only) Prm (missing snapshot features for.rpm)

Repository Management

A pipeline Checkout code Upload to Repo Syntax Deploy on Test Style Code Coverage Tests Build More Tests Package

Repos are SLOW Createrepo is slow. Pulp is slow Bypass repos, upload straight to appropriate PuppetMaster Upload to repo for rebootstrapping

A pipeline Checkout code Upload to Repo Syntax Deploy on Test Style Check Puppetruns Code Coverage Check Monitoring Tests Build More Tests Package

Testing = Monitoring Deploy a host, Add it to the monitoring framework Add collection tools Add check definitions Update the monitoring tool config FULLY AUTOMATED

e.g. Stored Configs

A pipeline Checkout code Upload to Repo Syntax Deploy on Test Style Check Puppetruns Code Coverage Check Monitoring Tests Promote to UAT Build More Tests Package

Jenkins Promotion

Pipelines Lots of them Similar ones, but not identical ones One project = different deployment targets People move teams expect same patterns Mostly unmaintaned

Dirty Clickers

Complex Pipelines

Scaling Pipelines Create a Pipeline, For job in Pipeline Create new Job Based on OldJob Update One Job Never refactor the rest

Generating Jenkins Pipelines Template the XML Put it in Puppet Worked for stable pipelines Kinda XML gets rewritten on the fly

JenkinsJobBuilder First Usable Attempt Python Based Openstack Community Limited Functionality Little Adoption / Openstack Abandonned it

PipelineDSL Jenkinsfile Inside a repo Groovy Limited functionality Initially buggy Popular for Easy tasks (straight, no splits etc)

Jenkins Job DSL Groovy Flexible Well Supported Suitable for more complex Pipelines https://jenkinsci.github.io/job-dslplugin/

Seedjobs Groovy Git Rebuild jobs on commit Projects in folders

Larger CI Stacks Generate Pipelines / Jobs based on config files, Build libraries CheckoutJob DeployJob PackageJob Use Groovy / JobDSL to generate PipelineDSL

Testing Multiple Versions Initial stage tests code on multiple versions e.g current puppet version Next puppet version Bleeding Edge version Only current version breaks build Goal = get all versions green

Problems solved One job per task, no reuse of jobs with different parameters All Jobs are in sync, update one = update all Centrally managed jobs (git)

Stop Clicking, Write Code

Contact Kris Buytaert kris.buytaert@inuits.eu Further Reading @krisbuytaert http://www.krisbuytaert.be/blog/ https://inuits.eu/ Inuits Essensteenweg 31 Brasschaat Belgium 891.514.231 +32 475 961221

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback