Rackspace Fanatical Support for AWS™, with our army of AWS experts, can help implement the ideal combination of cultural philosophies, practices, and tools which enable an organization to deliver applications and services at high velocity. This speed enables organizations to better serve their customers and compete more effectively in the market by allowing them to evolve and improve products at a faster pace than organizations using traditional software development and infrastructure management processes. Join our upcoming webinar to learn how ScriptDrop leveraged Rackspace to develop a best practices DevOps pipeline utilizing the latest AWS technologies, quickly and efficiently.
1. Rackspace Best Practices
for DevOps on AWS
Lex Crosett • Solutions Architect, AWS
Larry Scott • CTO, ScriptDrop
Eric Johnson • AWS Evangelist & Cloud Architect, Rackspace
Jerry Hargrove • Sr. Solutions Architect, Rackspace
2. Agenda
AWS DevOps Solution Overview
AWS DevOps Tools
DevOps in New Technologies
ScriptDrop Use Case
Q & A
3. DevOps on the AWS Cloud
Lex Crosett • Solutions Architect, AWS
4. Traditional Development Models are Obsolete
Business is increasingly software-driven
End-users expect both continuous improvement and stability from
applications
IT needs to be able to provision infrastructure as rapidly as developers
demand it
An organization’s pace of innovation is largely constrained by their
ability to develop applications
5. Increase
Business agility
Application stability
Ability to meet customer
demand
Time spent on innovation
Security
Decrease
Length of development cycles
Time to market
Deployment failures and
rollbacks
Time to recover upon failure
Operational overhead
DevOps Can Help
DevOps practices enable companies to innovate at a higher velocity
for customers
6. Infrastructure
as Code
Microservices Logging and
Monitoring
Continuous Integration/
Continuous Delivery
DevOps on AWS
AWS provides on-demand infrastructure resources and tooling built to
enable common DevOps practices
7. Provision the server, storage, and networking capacity you
need on demand
Deploy independently, as a single service, or a group of
services
Make configuration changes repeatable and standardized
Build custom templates to provision resources in a controlled
and predictable way
Use version control to keep track of all changes made to your
infrastructure and application stack
Infrastructure as Code
Replace traditional infrastructure provisioning and management with
code-based techniques
8. Build services around the business capabilities you require
Scale up and down as required with virtually no notice
Make configuration code changes repeatable and
standardized
API-driven model enables management of infrastructure
with language typically used in application code
Free developers from manually configuring operating
systems, system applications, and server software
Microservices
Build applications as a set of small services that communicates with other
services through APIs
9. Maintain visibility and auditability of activity in your
application infrastructure
Assess how application and infrastructure performance
impact end-user experience
Gain insight into the root causes of problems or
unexpected changes
Support services that must be available 24/7 as a result of
continuous integration/ continuous delivery
Create alerts based on thresholds you define
Logging and Monitoring
Capture, categorize, and analyze data and logs generated by applications
and infrastructure
10. Model and visualize your own custom release workflow
Automate deployments of new code
Improve developer productivity and deliver updates faster
Find and address bugs quicker with more frequent and
comprehensive testing
Store anything from source code to binaries using existing
Git tools
Continuous Integration and Continuous Delivery
Rapidly and reliably build, test, and deploy your applications, while
improving quality and reducing time to market.
11. Get started quickly
and pay as you go
Automate systems
operations
Scale without
infrastructure constraints
Improve visibility
and security
Leverage fully
managed services
Benefits of DevOps on AWS
13. Infrastructure as Code
Supports a wide range of AWS services
Declarative & Flexible
JSON & YAML Support
AWS CloudFormation
14. Fully Managed Repo Service
Private Repositories secured through AWS IAM access
control
GIT Compatible
AWS CLI accessible
AWS CodeCommit
15. Workflow Modeling
Secured with AWS Identity and Access Management
AWS Integrations
Third party integrations
AWS CodePipeline
16. Build and tests code
Preconfigured build environments
Customizable build environments
Configurable
Centralized monitoring
If you can do it from a command line, you can do it in code
build
AWS CodeBuild
17. Automated, repeatable deployments
AWS & on-premises deployments
Rolling and Blue/Green updates
Easy to rollback
Centralized monitoring
AWS CodeDeploy
18. DevOps in New Technologies
Jerry Hargrove • Sr. Solutions Architect, Rackspace
Best Practices for Containers
20. History
Containers & DevOps – Best Practices
20
Provide Fanatical Support on the World’s Leading Clouds
2008
Mar 2013
AWS Container History
Mar 2014 Jun 2014
Nov 2014
Nov 2015
Dec 2015BC
chroot, BSD jails,
Solaris Zones,
Google process
containers
Linux containers,
LXC (Docker's
origins) LXC
dotCloud releases
Docker to open
source
v0.9 released
by Docker
Amazon Linux
AMI includes
Docker v0.9
Apr 2014
AWS includes
Docker support in
Elastic beanstalk
1.0 released
by Docker
(production ready)
Amazon ECS
(GA Apr 2015)
Multi-container
Elastic Beanstalk
using ECS
EC2 Container
Registry, service
scaling, Application
Load Balancer, Blox,
Windows containers,
Container instance
draining
22. Minimize Image Size
Containers & DevOps – Best Practices
22
Large containers take longer to deploy,
slow down CI/CD pipelines
Keep images as small as possible
– Use small base images like Debian or
Alpine
– Don’t install unnecessary packages
– Use .dockerignore
Copy On Write (COW) behavior
https://docs.docker.com/engine/userguide/storagedriver/imagesandcontainers/
23. Don’t Run Containers as Root
Containers & DevOps – Best Practices
23
Default: Docker containers run with root
privileges
More specifically, the default user is that
of the parent image
Most containers do not need root access
on the host
The Docker daemon itself requires root
privileges and runs as root
Namespaces now provide daemon /
container privilege separation
Check public repo images and verify user
FROM node:latest
WORKDIR /usr/src
COPY package.json /usr/src/package.json
RUN npm install
COPY app.js /usr/src/
COPY test /usr/src/test
COPY script /usr/src/script
# user to non-privileged user
USER nobody
EXPOSE 5000
CMD [“node”,”app.js”]
Sample Dockerfile:
24. php:
build: ./php
...
backend:
build: ./backend
links:
- php:php
...
varnish:
build: ./varnish
links:
- backend:backend
...
frontnginx:
build: ./frontnginx
links:
- varnish:varnish
...
Limit Container Scope
Containers & DevOps – Best Practices
24
One container, one purpose (or
role)
Facilitates horizontal scaling and
reuse
Allows decoupled containers to
vary independently
Dependent containers may be
linked together
docker-compose.yml
30. About ScriptDrop
Prescription (Rx) delivery service based
out of New York
Small team startup
3 total members
Early employees of CoverMyMeds
(Recently sold for $1.4 billion)
31. Evaluating the Solutions
Why ScriptDrop chose Rackspace
– Felt secure with Rackspace’s AWS Knowledge
– Felt confident in the plan proposed by Rackspace
– Competitive pricing
32. Why Rackspace on AWS?
Why ScriptDrop chose to work with Rackspace on AWS
– Chose AWS because of the ease of use
– AWS seemed overwhelming
– Rackspace had the required knowledge
– Ability to support HIPAA Compliant workloads sealed the deal!
34. Initial Process
Steps
1. BitBucket Git Repo
2. CodeShip for Build and Test
3. Manually drop prepared
artifacts in CodeCommit
4. Monitor and deploy with
CodePipeline and CodeDeploy
Issues
Manual steps required
Requires multiple repos storing
unneeded code
Multiple pipelines to manage
36. Steps
Move to GitHub for Source
Control
CodeBuild replaced CodeShip
Pipeline Orchestration
Deploy with CodeDeploy
Improvements
One Pipeline
Fully Automated
One Code Repo
Rackspace Proposed Story
38. Why Containers?
Consistent Environments from
Development to Production
Separation of Concerns
Insects vs. Cattle vs. Pets
Rackspace Enablement
Recognizing the want to go to
Containers
Designing a best-practices AWS
infrastructure for containers
Designing a best-practices AWS
DevOps process for containers
The Pivot to Containers