Under a DevOps model, development and operations are no longer siloed. Sometimes, these two functions are merged into a single team where engineers work across the entire application lifecycle, from development and test to deployment to operations, and develop a range of skills not limited to a single function. Quality assurance and security teams may also become more tightly integrated with development and operations throughout the application lifecycle.
The goal of DevOps is a continuous delivery model that is repeatable, reliable, stable, resilient, and secure, and that improves operational efficiency. The underlying principle of DevOps is people over process over tools. That means people—relationships—are the most important factor to consider, followed by process, followed by tools.
Benefits of DevOps:
Speed: Move at high velocity so you can innovate for customers faster, adapt to changing markets better, and grow more efficient at driving business results. The DevOps model enables your devops teams to achieve these results.
Rapid Delivery: Increase the frequency and pace of releases so you can innovate and improve your product faster. The quicker you can release new features and fix bugs, the faster you can respond to your customers’ needs and build competitive advantage. Continuous integration and delivery are practices that automate the software release process, from build to deploy.
Reliability: Ensure the quality of application updates and infrastructure changes so you can reliably deliver at a more rapid pace while maintaining a positive experience for end users. Use practices like continuous integration and continuous delivery to test each change is functional and safe.
Scale: Operate and manage your infrastructure and development processes at scale. Automation and consistency help you manage complex or changing systems efficiently and with reduced risk
Improved Collaboration: Build more effective teams under a DevOps cultural model, which emphasizes values such as ownership and accountability. Developers and operations teams collaborate closely, share many responsibilities, and combine their workflows. This reduces inefficiencies and saves time.
Security: Move quickly while retaining control and preserving compliance. You can adopt a DevOps model without sacrificing security by using automated compliance policies, fine-grained controls, and configuration management techniques.
AWS DevOps Services
- CodeCommit – Version Control
- CI/CD – CodePipeline, CodeBuild, CodeDeploy, CodeStar
- Microservices – ECS, Lambda
- PaaS – Elastic Beanstalk
- IaC – CloudFormation, OpsWorks, Systems Manager
- Monitoring and Logging – CloudWatch, CloudTrail, Config, XRay
DevOpsSec
DevSecOps – the union of Development, Operations and Security. It is a team/community effort that exercises automation and autonomous security that scales.
DevOps = Efficiencies that speed up the lifecycle
DevSecOps = Validate building blocks without slowing lifecycle
DevSecOps is responsible for security of the pipeline and security in the pipeline.
Code Services
The following services can be used for code deployment
AWS CloudFormation: Create and manage an entire infrastructure or components of a larger infrastructure.
AWS Elastic Beanstalk: Quickly deploy and manage applications in the AWS Cloud without worrying about the infrastructure that runs those applications.
AWS OpsWorks: Use Chef to automate operational tasks such as code deployment, software configurations, package installations, database setups, and server scaling.
Docker containers: Lightweight, isolated containers include your application, its resources, and dependencies.
AWS CodeDeploy: Quick in-place updates on live EC2 instances.
AWS Cloud9: AWS Cloud9 is a cloud-based integrated development environment (IDE) that lets you write, run, and debug your code with only a browser. It includes a code editor, debugger, and terminal. AWS Cloud9 comes pre-packaged with essential tools for popular programming languages including JavaScript, Python, PHP, and more, such as:
- Full-featured editor
- Integrated tools for serverless development
- Direct terminal access to AWS
- Broad selection of run configurations
AWS CodeCommit: With AWS CodeCommit, you can commit, diff, and merge your code, allowing you to easily maintain control of your team’s projects. You can create a repository from the AWS Management Console, AWS CLI, or AWS SDKs, and start working with the repository using Git.
- Managed source control service
- Collaborative software development
- High availability and durability
AWS CodeBuild: With AWS CodeBuild you can run builds in preconfigured build environments that contain the operating system, programming language runtime, and build tools. It provides build environments for Java, Python, Node.js, Ruby, Go, Android, Docker etc.
- Managed build service
- Compiles source code
- Runs tests
- Produces software packages
AWS CodeDeploy: With AWS CodeDeploy, you can automate deployment across development, test, and production environments running on any instance. Applications can be upgraded to a new revision with minimal downtime.
- Managed service that automates code deployment
- Performs rolling updates
- Integrates with existing software release process
- Monitors the status of your deployments
AWS CodePipeline: With AWS CodePipeline, you can define stages, e.g., build, test, and deploy which act as logical units in your workflow. It integrates with other AWS services and third-party developer tools, like GitHub or Jenkins.
- CI/CD service to model and automate software release processes
- Integrates with other AWS services
- Enables parallel execution of build, run and test actions.
AWS CodePipeline is what defines and runs the CI/CD pipeline. In this pipeline the sequential process could look like:
AWS CodeCommit -> AWS CodeBuild -> AWS CodeDeploy
AWS CodePipeline is easy to integrate with other tools and AWS services. AWS CodePipeline helps you improve quality by standardizing the release process.
Automating your release workflow with AWS CodePipeline means that your software is getting into your customers hands faster. You can quickly iterate on customer feedback and get new features to customers, faster. With CodePipeline, you can model your release processes. There are no servers for you to provision or set up. CodePipeline is a fully managed, continuous delivery service that connects to your existing tools and systems
AWS CodeStar: With AWS CodeStar, you can create and manage cloud-based AWS projects from a single location. You can choose AWS CodeStar project templates for various project types and programming languages. Because AWS CodeStar takes care of the setup, all your project resources are configured to work together.
- Manage development from a single, centralized dashboard
- Choose project templates
- Monitor the latest project activity
- Track status of code changes, build results, and deployment
Elastic Beanstalk
AWS Elastic Beanstalk is an easier option for developers to quickly deploy and manage applications in the AWS Cloud. Developers simply upload their application, and AWS Elastic Beanstalk automatically handles the deployment details of capacity provisioning, load balancing, automatic scaling, and application health monitoring. We will see how AWS Elastic Beanstalk integrates with Git in subsequent slides.
AWS Elastic Beanstalk is an easy-to-use service for deploying and scaling web applications and services developed with the following:
- Java
- .NET
- PHP
- Node.js
- Python
- Ruby
- Docker on familiar servers such as Apache, NGINX, Passenger, and IIS
You can upload your code and Elastic Beanstalk automatically handles the deployment, from capacity provisioning, load balancing, automatic scaling to application health monitoring. At the same time, you retain full control over the AWS resources powering your application and can access the underlying resources at any time.
By default, your environment uses rolling deployments if you created it with the console or Elastic Beanstalk CLI, or all at once deployments if you created it with a different client (API, SDK, or AWS CLI). Summary of the deployment options:
AllAtOnce – Deploy new version to all instances simultaneously.
Rolling – Deploy new version in batches. The batch which is being updated is out of service.
Rolling with additional batch – Deploy new version in batches. But first launch a new batch of instances to ensure full capacity of instances is maintained.
Batch type – Specify whether you want a number or percentage of instances to be launched.
Batch size – Specify the number or percentage of instances to be launched.
Immutable – Deploy the new version to a fresh group of instances.
Serverless Application Deployment
To set up the source stage, add an index.js file with the serverless application code to your GitHub/AWS CodeCommit repo. Place the samTemplate.yaml file in the same repo. The samTemplate.yaml file is an AWS CloudFormation template with serverless resources conforming to the AWS SAM model. Place the buildspec.yml file in the same folder as your source code repo. Follow the correct folder structure as explained in the AWS CodeBuild slide. The contents of the samTemplate.yaml file, index.js, and buildspec.yml look like below:
index.js : var AWS = require('aws-sdk');
exports.handler = function(event, context, callback) { var bucketName = process.env.S3_BUCKET; callback(null, bucketName);
}
samTemplate.yaml : AWSTemplateFormatVersion: '2010-09-09' Transform: AWS::Serverless-2016-10-31 Resources: TestFunction: Type: AWS::Serverless::Function Properties: Handler: index.handler Runtime: nodejs6.10 Environment: Variables: S3_BUCKET: bucket-name
buildspec.yml : version: 0.1 phases: install: commands: - npm install time - aws cloudformation package --template-file samTemplate.yaml --s3-bucket bucket-name --output-template-file NewSamTemplate.yaml
artifacts: type: zip files: - NewSamTemplate.yaml
References
.