aws in sw project · kubernetes is an open-source system for automa%ng deployment, scaling, and...
TRANSCRIPT
AWS in SW ProjectIndustry case: Microservices Deployment into AWS
Anna Ruokonen / [email protected] / 11.10.2019
11.10.2019
We change the world for the be1er through digitalisa5on and by renewing ways of working
Gofore OyjEstablished 2001
Strongly growing company:• Turnover 2018 n. 50 M€ (+49%)• 558 professioanls (6/2019)• 170+ clients• Four acquisition (Leadin, Solinor,
Silver Planet, Mangodesign)• Listed in First North 2017
2007-2014
We build the change with you
C L O U D
– ensure agile
development and light
maintenance.
L E A D
the digital change.
D E S I G N
new, user-oriented
digital services.
B U I L D
digital services and
service architecture of
the future .
Gofore infrastucture
Helsinki, Jyväskylä, Munchen, Swansea, Tampere, Turku, Tallinn
Javascript/Node.js29%
Java23 %
C#13 %
Python13 %
O ther9 %
PH P6 %
Scala4 %
Kotlin3 %
Clo jure1 %
BACKEND
React46%
O ther24 %
A ngular13 %
Vue.js8 %
A ngular js4 %
React N ative
3 %jQ uery3 %
React.js1 %
JSP1 %
FRONTEND
USED TECHNOLOGIES MOBILE DEVELOPMENT PROJECT LENGTH
44% 33% 22% 11%
11%
React NaPve PWA Android Flutter iOS
DEVELOPERS PER TEAM
13%
52%
19%
16%
<3months
3 – 12m onths
1 – 3years
> 3years
27%
10%
46%18%
LOCATION OF WORK
At G ofore’s office & rem otely
At client prem ises Com bination ofboth
61% 19% 20%
LANGUAGE USED IN PROJECT
FI EN
Finnish68%
English32%
CI / CD PLATFORMS IN PROJECTS ABSTRACTION LEVEL FOR INFRASTRUCTURE ORCHESTRATION TECHNOLOGIES IN PROJECTS
DEPLOYMENT FREQUENCY
44%
29%
13%
14%3 – 12months > 3years
41% 33% 17% 9%
NO OF PROJECTS PER DEVELOPER
47% 25%
Jenkins VSTSCircle
13%15% 3%
Travis
Bamboo
LOCATION OF INFRA IN PROJECTS
46% 33%
AWS Datacenter
Azure
4%23% 1%
Googlecloud
Heroku
54%
50%
22%
8%
V i r t u a l M a c h i n e s
C o n t a i n e r s
S e r v e r l e s s
P h y s i c a l h a r d w a r e
Infrequently
Every few w eeks
W eekly
D aily
29% 16%
Customscripts ECSKubernetes
11% 3%
Marathon
Dockerswarm
3%
Agenda● AWS Cloud infrastructure and core services
● Microservices
● How to manage your cloud infrastructure?
● Industry case: Microservices Deployment into AWS
Regions and availability zones
The AWS Cloud spans 69 Availability Zones within 22 geographic Regions around the
world
● Performance
● Availability
● Security
● Reliability
● Scalability
● Low-Cost
hEps://aws.amazon.com/about-aws/global-infrastructure/
Simple Storage Service - S3
● Object storage● Amazon S3 automatically scales to high request rates.● Used to store and retrieve any amount of data (files)● Data is stored as objects within resources called “buckets”, and a single object can
be up to 5 terabytes in size.● Static website hosting
Other storages EBS, databases,..
Elas%c Compute Cloud - EC2● Virtual machines● Prizing: On-Demand, Reserved, and Spot● Host type: Shared HW, Dedicated Host, and Dedicated Instance ● Amazon Machine Image● Security Groups act as instance level firewall
Elastic Load Balancer - ELB
Application Load Balancer
● HTTP and HTTP● Distributes incoming application traffic multiple targets
○ EC2 instance, container, IP, and Lambda● Path-based routing ● SSL termination● Authentication● AWS WAF
Network Load Balancer
● TCP
Virtual Private Cloud - VPC● Enables you to launch AWS resources into a virtual network that you've defined. Your
data center in the cloud.● A subnet is a range of IP addresses in your VPC● You define internet connecCvity: Private or Public subnet● Network Access Control Lists (ACLs)
Use cases:
● Separate dev/test/prod: mulCple VPCs● N-Cer architecture (mulCple subnets)
Databases● Relational Databases
○ RDS - (MySQL, MariaDB, PostgreSQL, Oracle, and Microsoft SQL Server DB)○ Aurora - serverless
● NoSQL○ DynamoDB - serverless○ DocumentDB
Microservices● Applications composed of independent services that communicate over well-defined
APIs● Autonomous● Specialized
Containers
● Repeatable● Self-contained execution environments● Lightweight
Elastic Container Service (ECS)● Orchestrates the execution of containers● Maintains and scales the fleet of nodes running your containers● Removes the complexity of standing up the infrastructure
Fargate● Fully managed container service● Provisioning and managing clusters● Management of runtime environment● Scaling
Elas%c Container Service (ECS)
Elas%c Kubernetes Service (EKS)● Kubernetes is an open-source system for automa%ng deployment, scaling, and
management of containerized applica%ons
● Makes it easy to deploy, manage, and scale containerized applica%ons
● Amazon EKS runs the Kubernetes management infrastructure for you
● Amazon ECR for container images
● Elas%c Load Balancing for load distribu%on
Elastic Kubernetes Service (EKS)
Lambda
● Fully managed compute service ● Runs stateless code ● Supports Node.js, Java, Python, C# , Go, and Ruby● Runs your code on a schedule or in response to events● You are charged based on the number of requests for your functions and the
duration
● You can build Serverless microservices with Lambda● Integrated with API Gateway: Serverless APIs● Integrated with ALB
Infrastructure as a Code (IaaC)Versioning, Code review
Cloudformation
● AWS solution● manages the state for you● JSON or YAML
Terraform
● 3rd party● complex logic● flexible
IaaC: Cloudforma-on exampleResources:Ec2Instance:Type: 'AWS::EC2::Instance'Properties:SecurityGroups:- !Ref InstanceSecurityGroup- MyExistingSecurityGroup
KeyName: mykeyImageId: ami-7a11e213
InstanceSecurityGroup:Type: 'AWS::EC2::SecurityGroup'Properties:GroupDescription: Enable SSH access via port 22SecurityGroupIngress:- IpProtocol: tcpFromPort: '22'ToPort: '22'CidrIp: 0.0.0.0/0
CI/CD pipelinesAWS Tools
● Code Commit● Code Build● Code Deploy● Elastic Container Registry (ECR)
Other tools
● GitLab CI/CD (https://docs.gitlab.com/ee/ci/README.html)
● Jenkins
Case: IIoT pla,orm - (Apps and Microservices)
API Gateway
MonitoringAnalytics Process
/devices /metadata
/processes
/performance
/customers
AWS Application Load Balancer
/users
/signalData
Case: IIoT pla,orm - (Apps and Microservices) ● GitLab CI/CD pipelines
● Microservices are deployed as Docker containers into Kubernetes cluster (EKS + EC2)
● Front-end applicaHons are deployed into S3 bucket
● Build pipeline and Deploy pipeline
● Dev/test deployment is automaHc
● ProducHon deployment needs manual trigger
● DownHme close to zero
Build
Review
Dev
Staging
Production
Deploy
GitlabGitlab CI/CD
S3/k8s
git push
npmregistry (nexus)
Docker registry (Gitlab)
automatic
manual
Pipeline Overview
GitLab CI/CD● GitLab CI/CD is configured by a file called .gitlab-ci.yml placed at the
repository’s root
● The scripts set in this file are executed by the GitLab Runner
● GitLab CI/CD builds, tests, and deploys your applications to any AWS infrastructure whether you are using EC2, ECS, or EKS.
CI/CD Pipeline Structure
CI/CD Pipeline Structure
analytics deploy_analytics
Front-end applica/ons - Serverless● React and Angular applica/ons are deployed into S3 bucket● Copy compiled bundle in S3 bucket● Kubernetes handles incoming traffic
variables:S3_BUCKET_NAME: "yourbucket"
build:..
deploy:image: python:latestscript:- pip install awscli- aws s3 cp ./dist s3://$S3_BUCKET_NAME/ --recursiveonly:- master
Microservices - EKS● Microservices are deployed on EKS cluster● Gitlab Pipeline: Build - Publish - Deploy● Deployment.yaml
○ Replicas○ Strategy (e.g. rolling, recreate, blue/green, canary)○ Containers○ Probes: readiness, healthy
● kubectl: kubectl apply -f deployment.yaml
apiVersion: apps/v1kind: Deploymentmetadata:name: hello-world
spec:replicas: 3strategy:type: RollingUpdaterollingUpdate:maxSurge: 1maxUnavailable: 33%
deployment.yaml
template:spec:containers:- name: helloimage: hello-world:<VERSION>ports:- containerPort: 8080
readinessProbe:httpGet:path: /healthyport: 8080
initialDelaySeconds: 2periodSeconds: 2
build:...publish:...deploy:stage: deployimage: helm-kubectlscript:- kubectl config set-cluster k8s --server="${SERVER}"- kubectl config set clusters.k8s.certificate-authority-data ${CERTIFICATE_AUTHORITY_DATA}- kubectl config set-credentials gitlab --token="${USER_TOKEN}"- kubectl config set-context default --cluster=k8s --user=gitlab- kubectl config use-context default- sed -i "s/<VERSION>/${CI_COMMIT_SHORT_SHA}/g" deployment.yaml- kubectl apply -f deployment.yaml
.gitlab-ci.yml
Pipeline Philosophy
● Separation of concerns (build, deploy)● Reusability (shared pipeline code)● Build/Generate only once● Aim for "internal open-source model" (e.g. shared npm packages)● Aim for best practices and standard conventions used by open-source communities
(Javascript/Typescript)
(Aki Mäkinen, Gofore)
Thank You
Anna Ruokonen [email protected]