DEV2704BU Delivering Infrastructure as Code: Practical Tips and Advice Peg Eaton #VMworld #DEV2704BU
Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitment from VMware to deliver these features in any generally available product. Features are subject to change, and must not be included in contracts, purchase orders, or sales agreements of any kind. Technical feasibility and market demand will affect final delivery. Pricing and packaging for any new technologies or features discussed or presented have not been determined. #DEV2704BU CONFIDENTIAL 2
Session Objectives Create common understanding of DevOps & IaC Tips and advice from the trenches Examples #DEV2704BU CONFIDENTIAL 3
Queue: 30 days The Downward Spiral real world example Development Test UAT Stage Unplanned work: 62% Minimum service delivery time: 60 days. SLA: 30 days. Queue: 5 days Task: 15 days Task: 5 days Task: 5 days Manual deployments to each environment Load Test 80%+ deployment failure rate Production Time spent patching systems: 20% Time delivering new services: 10% #DEV2704BU CONFIDENTIAL 4
DevOps Principles to Keep in Mind Speed up Flow through the Value Stream Make All Work Visible Limit Work in Progress Smaller Releases automate to reduce risk Reduce Hand-Offs Cross-Functional Teams Two Pizza Teams Address Constraints Fast Feedback Loops Visibility instrumentation and central information See problems as they occur Swarm based solve problems Push quality closer to the source; review process VMworld 2017 Continuous Improvement and Experimentation High-Trust, Learning Culture Learning every day reserve time for learning and improvements Content: Not for publication #DEV2704BU CONFIDENTIAL 5
DevOps Pipeline Code Commit Plan Continuous Integration Test Artifact Management Feedback Continuous Deployment Configuration Management Control #DEV2704BU CONFIDENTIAL 6
Infrastructure Development Lifecycle - Overview Get best practices from Software Development and apply them to Infrastructure Development Changing image, deployment descriptor or/and configuration code, all have to go through the same pipeline Vanilla Image Image built scripts Deployment Descriptor Repository Source Control Team Code Collaboration Continuous Integration Test Profile Continuous Deployment Prod Profile Test Infrastructure Production Infrastructure Testing Configuration Management Feedback Loop #DEV2704BU CONFIDENTIAL 7
Infrastructure Development Lifecycle Code Organization IaC Code is the glue sticking the all the components together Each one of the images, infrastructure or configuration management code could have independent lifecycle Images Vanilla image Image built artifacts Image build scripts IaC Code Infrastructure Management Code Image CRUD Compute CRUD Network CRUD Infrastructure profiles - DEV/QA/PROD Configuration Management Code Service / Role lifecycle management code Applications Code Applications code itself Orchestrator Code Orchestration code itself #DEV2704BU CONFIDENTIAL 8
Agile, Automated Software Development Developers Test Automation Reviewers & Stakeholders Continuous Deploy Test Builds Test Commits Promote & Deploy #DEV2704BU CONFIDENTIAL 9
Code Stream Export, version, test and release content across vra/vro/vrops & vcenter instances VMworld 2017 1. Content (blueprints, workflows, actions, etc.) is exported from DEV instance, packaged, versioned and stored in Artifactory 2. Content is deployed and tested in multiple TEST instances 3. Ability to inject approval policies 4. Content is pushed to PRODUCTION instance Content: Not for publication Pre-built pipeline template, including all low-level object dependency logic! #DEV2704BU CONFIDENTIAL 10
Code Stream Architecture Capture to repository Management Appliance(s) XaaS VMworld 2017 + + + vrcs vro Xenon Repository vrealize Appliance Primary Content Server Deploy to Test Env and Run Unit Tests This is where the Management Pack gets deployed Primary Content Server is for content transfers and persistent storage of large files Release to Prod Env(s) Content: Not for publication DEV TEST These can be different vra/vro instances or different vra tenants PRODUCTION #DEV2704BU CONFIDENTIAL 11
Code Stream Request Capture, Test and Release of Content Packages 1. Run Request Single Package or Request Group Package from catalog to trigger capture, test and release 2. User can view content on a particular endpoint and add multiple content types to a group for easy management of related SDDC content #DEV2704BU CONFIDENTIAL 12
Use Packer to Develop Images
Keep VM/Container Description Code in SCM #DEV2704BU CONFIDENTIAL 14
Turn Code into VM Using Packer https://github.com/vmware-pso-devops-cna/packer-samples #DEV2704BU CONFIDENTIAL 15
Develop and Deploy Infrastructure Code
Keep Code in SCM #DEV2704BU CONFIDENTIAL 17
Turn Code into vra Blueprint #DEV2704BU CONFIDENTIAL 18
Catalog Item Created from Blueprint and Deployed #DEV2704BU CONFIDENTIAL 19
Develop and Deploy Applications
Application Is Code #DEV2704BU CONFIDENTIAL 21
Code Change Triggers Jenkins to Rebuild Blueprint #DEV2704BU CONFIDENTIAL 22
Blueprint Updated by Code: #DEV2704BU CONFIDENTIAL 23
And Re-deployed #DEV2704BU CONFIDENTIAL 24
Questions