More Related Content Similar to Amazon CI-CD Practices for Software Development Teams (20) More from Amazon Web Services (20) Amazon CI-CD Practices for Software Development Teams 1. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Curtis Rissi
Sr. Solutions Architect, Amazon Web Services
SRV320
Amazon CI/CD Practices for Software
Development Teams
2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Agenda
Quick overview of Continuous Integration (CI) and Continuous
Delivery (CD)
Why it matters
CI/CD tooling & techniques
Bringing it all together
High-fives all around
3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous integration (CI)?
4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous integration?
1. Developers regularly check in
code to a shared, central
repository
2. Automated builds run using the
shared code base
3. Tests are run against the code
base giving feedback to the
developers
Develop
BuildTest
5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous integration?
1. Developers regularly check in
code to a shared, central
repository
2. Automated builds run using the
shared code base
3. Tests are run against the code
base giving feedback to the
developers
Develop
BuildTest
6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous integration?
1. Developers regularly check in
code to a shared, central
repository
2. Automated builds run using the
shared code base
3. Tests are run against the code
base giving feedback to the
developers
Develop
BuildTest
7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous delivery (CD)?
8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous delivery?
Develop
BuildTest
Develop
Build
Test
Deploy
Test
Release
9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous delivery?
1. Successful builds are
automatically deployed to
Staging and Pre-Prod
2. Automated and manual
exploratory tests are
completed on each tier
3. Approval needed for release to
Production
Develop
Build
Test
Deploy
Test
Release
10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous delivery?
1. Successful builds are
automatically deployed to
Staging and Pre-Prod
2. Automated and manual
exploratory tests are
completed on each tier
3. Approval needed for release to
Production
Develop
Build
Test
Deploy
Test
Release
11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is continuous delivery?
1. Successful builds are
automatically deployed to
Staging and Pre-Prod
2. Automated and manual
exploratory tests are
completed on each tier
3. Approval needed for release to
Production
Develop
Build
Test
Deploy
Test
Release
12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Why does CI/CD matter?
13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Why does CI/CD matter?
• Find bugs earlier
• Fix bugs faster
• Deliver faster
• Deliver more often
• Unblock developers
• Grow skills faster
Quality
5x
Lower change failure rate
Source: 2017 State of DevOps Report (Puppet)
14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Why does CI/CD matter?
• Find bugs earlier
• Fix bugs faster
• Deliver faster
• Deliver more often
• Unblock developers
• Grow skills faster
Delivery
440x
Faster from commit to deploy
Source: 2017 State of DevOps Report (Puppet)
15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Why does CI/CD matter?
• Find bugs earlier
• Fix bugs faster
• Deliver faster
• Deliver more often
• Unblock developers
• Grow skills faster
Delivery
46x
More frequent deployments
Source: 2017 State of DevOps Report (Puppet)
16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Why does CI/CD matter?
• Find bugs earlier
• Fix bugs faster
• Deliver faster
• Deliver more often
• Unblock developers
• Grow skills faster
Happy teams
44%
More time spent on new
features and code
Source: 2017 State of DevOps Report (Puppet)
17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous Integration Tooling
18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous Integration tools
Monitoring / Events
Amazon CloudWatch
Software development
AWS CodeCommit
GitHub
Build & test
AWS CodeBuild
19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Sample application
Simple Calculator Service
10 2x
Submit
Your result is 20
20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS CodeBuild
• Fully managed build service
• Continuous scaling
• Pay as you go
• Extensible
21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS CodeBuild build spec
version: 0.2
phases:
install:
commands:
- npm install
build:
commands:
- npm test
artifacts:
files:
- '**/*'
26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
So how do we do it?
31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The continuous integration journey
Develop
BuildTest
32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The continuous integration journey
10 mph 65 mph 150 mph
33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The continuous integration journey
Nightly
checks
Branch
checks
Pull request
checks
34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Technique #1: Nightly checks
1. Nightly checks
2. Branch checks
3. Pull request checks
Run a full build and
unit tests every
night to make sure
that application still
compiles and that
tests still pass.
35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Technique #2: Branch checks
1. Nightly checks
2. Branch checks
3. Pull request checks
Run a full build and
unit tests every time
someone pushes a
new change to a
branch in the source
code repo.
36. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Technique #3: Pull request checks
1. Nightly checks
2. Branch checks
3. Pull request checks
Run a full build and
unit tests every time
someone creates a
pull request to get
code reviewed by
the team.
37. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Pull request checks
38. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR checks: AWS CodeCommit
CodeBuild
build
CodeCommit
pull request
Team
members
Propose
Notify Start
CloudWatch
event
NotifyComment
39. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
40. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
41. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
42. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
43. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
44. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
45. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
46. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
47. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
48. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
49. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
50. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
51. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
52. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
53. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
54. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR checks: GitHub
AWS CodeBuild
build
GitHub
pull request
Team
members
Start
Report
Propose
55. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR Checks: GitHub Webhooks
56. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR Checks: GitHub Webhooks
57. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR Checks: GitHub Webhooks
58. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR Checks: GitHub Webhooks
59. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR Checks: GitHub Webhooks
60. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR Checks: GitHub Webhooks
61. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR checks: Speed boosts
1. Integration tests
2. Parallel builds
62. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR checks: Speed boosts
1. Integration tests
2. Parallel builds
63. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
#TeamChat: Test stack failures
Oh no. The last deployment to our test stack failed.
Dave 2:15 pm
Looks like the latest code causes a bunch of null pointer exceptions.
Tim 2:16 pm
Why didn’t we catch this in code review?
Clare 2:17 pm
64. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Speed Boost: Integration tests
AWS CodeBuild
build
Test
Amazon ElasticCache
cluster
65. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
66. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
67. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
68. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
69. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
70. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
71. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
72. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
73. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
74. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR checks: Speed boosts
1. Integration tests
2. Parallel builds
75. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
#TeamChat: Slow checks
Can someone review my pull request?
Clare 2:15 pm
Come back in an hour when the PR build finishes.
Tim 2:16 pm
76. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Speed boost: Parallel builds
GitHub
pull request
Team
members
StartPropose
CodeBuild
builds
77. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
PR Checks: GitHub Webhooks
78. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
79. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
80. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
81. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
82. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
#TeamChat: CI nirvana
Isn’t continuous integration great?
Clare 9:48 am
SO GREAT
Dave 9:50 am
Yeah, I feel so productive!
Tim 11:01 am
83. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Pull request checks summary
Implement: Run a build while code is still in review
Feedback loop: Time it takes to build the code
Team impact: Broken code doesn’t block the team
Speed boosts: Integration tests; parallel builds
84. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous integration speed boosts
1. Automate the boring stuff
Library upgrades
2. Surface failures
Email, Slack
3. Check faster
Caching, parallel builds
4. Check more
Integration tests
85. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
So it builds … now what?
86. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Let’s get it deployed
Develop
Build
Test
Deploy
Test
Release
87. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous delivery tools
Monitoring
Amazon CloudWatch
Software development
Amazon SNS
AWS Lambda
Build & test
AWS CodeBuild
Deployment
AWS CodeDeploy
AWS CodePipeline
88. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous delivery journey
1. Continuous service testing
2. Manage deployment health
3. Segment production
4. Halt promotions
89. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous service testing
90. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Be aware when a service is unavailable
Problem
A service can stop working at any time for reasons inside or
outside of its control
Consequence
Your service may be unavailable without your team’s knowing
about it
91. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Use synthetic traffic to simulate real users
• Test all business critical functionality (UI and APIs)
• Tests must run quickly
• Measure client latencies
• Check for reachability
92. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Synthetic traffic
How synthetic traffic flows
Amazon
CloudWatch
Alarm
CloudWatch
Events (1m)
93. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
CloudWatch
Events (1m)
Synthetic traffic
Synthetic traffic flow. Why two metric streams?
CloudWatch
Alarm
94. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Building a synthetic traffic test
95. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Building a synthetic traffic test
• Keep it simple
• Build logic in Lambda (invoke with CloudWatch Events)
• Capture data in CloudWatch metrics
96. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Lambda synthetic traffic blueprint
97. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Scheduling the synthetic traffic test
98. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Building a synthetic traffic test: Code
99. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Building a synthetic traffic test: Alarming
100. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Release and deploy process: Synthetic traffic
DeployToProd
CodeDeploy
Production
Synthetic traffic
CodeDeploy
101. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Managing deployment health
102. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
V1V1 V1 V1 V1 V1 V1 V1 V1 V1V2 V2 V2 V2 V2V2 V2 V2 V2 V2
Rolling deployments: Success
Production fleet
Elastic Load Balancing
103. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
V1V1 V1 V1 V1 V1 V1 V1 V1 V1V2 V2 V2 V2 V2V2 V2 V2 V2 V2
Rolling deployments: Fail
Production fleet
Elastic Load Balancing
104. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Check for deployment failures in production
Problem
There are no automated tests to verify that a service is working
after a new deployment
Consequence
Each production deployment needs to be checked manually
105. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Add safety to rolling deployments
1. Validate each host’s health
2. Ensure that a minimum percentage of the fleet is healthy
3. Roll back if the deployment failed
106. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Configure AWS CodeDeploy
107. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Step 1: Deployment validation – AppSpec.yml
108. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
V1V1 V1 V1 V1 V1 V1 V1 V1 V1V2 V2 V2 V2 V2V2
Step 1: Working tests raises more issues
Production Fleet
Elastic Load Balancing
Failed Deployment
109. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
4 failures – 60% healthy
MHH 70%, 10 hosts:
V1V2 V1V1 V1 V1 V1 V1 V1 V1 V1V2 V2 V2 V2V2 V2 V2 V2 V2
Step 2: Use minimum healthy hosts
Production Fleet
Elastic Load Balancing
1 failure – 90% healthy
110. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Step 2: Use minimum health hosts: AWS CodeDeploy
111. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Step 3: Roll back when a deployment fails
• AWS CodeDeploy: Configured in deployment group
112. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Release and deploy: Deployment health
DeployToProd
AWS CodeDeploy
Production
Synthetic traffic
AWS CodeDeploy
113. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Segment production
114. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Bad changes must not affect all customers
Pipeline Problem
When a critical issue reaches production, all hosts are affected
Consequence
Bad changes impact all customers
115. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Lower deployment risk by segmenting
1. Break production into multiple segments
2. Deploy to a segment
3. Test a segment after a deployment
4. Repeat 2 & 3 until done
116. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Step 1: Break production into multiple segments
Typical segment types
• Region
• Availability Zone
• Subzonal
• Single host (canary)
US-EAST-1
US-EAST-1A US-EAST-1B
117. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
V2 V2 V2V2V1 V1V1
Step 1: Typical deployment segmentation
Availability Zone-based
deployment
Availability Zone-based
deployment
Availability Zone-based
deployment
V2 V2V2V1 V1V1 V2 V2V2V1 V1V1
Production fleet
Post-deployment test
Canary
deployment
V1
Region-based deployment
118. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Step 1: Use deployment groups as segments
Create deployment groups per segment using:
• Tags
• Auto Scaling groups
119. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Production
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
Deploy-AZ-3
CodeDeploy
DeployToInteg
CodeDeploy
Integration
IntegTest
End2EndTester
Step 2: Deploy to each segment
1. Deploy to smallest segment
2. Post-deployment tests
3. Deploy to one Availability Zone
4. Post-deployment tests
5. Deploy to remaining Availability
Zones
120. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Step 3: Test each segment
A deployment is valid if:
• The test has gathered enough data to gain confidence
• CloudWatch metrics
• No service alarms have fired
• CloudWatch alarms
• The test has not timed out
• Code
121. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Add segment tests to your pipeline
Extend AWS CodePipeline with:
• Test Actions
• Lambda Invoke Actions
• Custom Actions
• Approval Actions
1-hour timeout
7-day timeout
122. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Use AWS CodePipeline approvals to trigger tests
Source
MyAppSource
CodeCommit
Deploy
DeployToSegment
CodeDeploy
ValidateSegment
Approval
putApprovalResult
Approval
message
DeployToSegment
CodeDeploy
SNS topic
123. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Use SNS to start an automated approval check
124. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Creating a post-deployment test
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
Deploy
CanaryDeploy
CodeDeploy
ValidateCanary
Approval
Lambda function
registerDeployTest()
Lambda Function
evaluateDeploy()
Amazon
DynamoDB
CloudWatch
Events (1m)
Change 1
Prod-us-east-1a
CodeDeploy AlarmTimeUsage
SNS topic
125. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Post-deployment test – registerDeployTest
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
Deploy
CanaryDeploy
CodeDeploy
ValidateCanary
Approval
Lambda function
registerDeployTest()
Lambda function
evaluateDeploy()
DynamoDB
CloudWatch
Events (1m)
Change 1
Prod-us-east-1a
CodeDeploy AlarmTimeUsage
SNS topic
126. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
registerDeployTest function – (Node.js 4.3)
127. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Post-deployment test – evaluateDeployTest
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
Deploy
CanaryDeploy
CodeDeploy
ValidateCanary
Approval
Lambda function
registerDeployTest()
Lambda function
evaluateDeploy()
DynamoDB
CloudWatch
Events (1m)
Change 1
Prod-us-east-1a
CodeDeploy AlarmTimeUsage
SNS topic
128. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
approveValidation function (Node.js 4.3)
129. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Canary deployments – They’re different
All production hosts
• Participates in serving production traffic
• Configured as a production instance
• Participates in production metrics stream
Canary hosts
• Has its own metrics stream
• Canary validations use the canary metric stream
130. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Release and deploy: Segment production
Synthetic traffic
AWS CodeDeploy
Production
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
Deploy-AZ-3
CodeDeploy
DeployToProd
CodeDeploy
Production
131. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Halt promotions
132. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
EC2 instance
Change 2Change 3
Don’t change the system under test
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
DeployToProd
MyApp
CodeDeploy
Deploys
Change 1
133. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Don’t compound problems during an outage
Pipeline problem
The pipeline is unaware of the health of the infrastructure it is
deploying to
Consequence
Production changes, usually deployments, can make it difficult for
an operator to resolve a production event
134. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Build promotion blockers
135. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Source
MyAppSource
CodeCommit
Build
MyAppBuild
CodeBuild
DeployToProd
MyApp
CodeDeploy
Change 1Change 2
Auto stop deploying to PRD during an event
CloudWatch
Synthetic
traffic
Deploys
Checks
CloudWatch
Events (1m)
Triggers
EmitsDisables
disableTransition() CloudWatch alarm
EC2 instance
SNS
136. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
disableTransition function (Lambda Node.js 4.3)
137. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Enable production deployments – AWS CodePipeline
138. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Summary: Halt promotions
• Halt promotions to production when your production
environment has “issues”
• Automate by disabling stage transitions
139. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Release and deploy: Halt promotions
Synthetic traffic
AWS CodeDeploy
Production
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
Deploy-AZ-3
CodeDeploy
140. Release and deploy process: Ending point
DeployToProd
CodeDeploy
Production
AWS CodeDeploy
Synthetic traffic
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
CanaryDeploy
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-1
CodeDeploy
PostDeployTest
Approval
Deploy-AZ-2
CodeDeploy
Deploy-AZ-3
CodeDeploy
Production
141. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous delivery summary
Goal: Make your pipeline safer
1. Automated testing and notifications
• Keep pipeline unblocked
2. Identify production issues quickly
• Continuous Production Testing
3. Safely deploy changes
• Manage deployment health
• Segment production
4. Automatically decide when to release changes
• Halt promotions
142. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Bringing it all together…
Develop
Build
Test
Deploy
Test
Release
143. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Code is available online
• https://github.com/aws-samples/aws-codebuild-samples
• https://github.com/awslabs/aws-codepipeline-synthetic-tests
• https://github.com/awslabs/aws-codepipeline-block-production
144. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Submit session feedback
1. Tap the Schedule icon.
2. Select the session you
attended.
3. Tap Session Evaluation to
submit your feedback.
145. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Thank you!
146. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Acknowledgements
• Original 2016 slides written and prepared by Mark Mansour, Senior Manager,
Continuous Delivery, AWS
• This presentation, “DevOps on AWS: Advanced Continuous Delivery
Techniques,” was originally given at re:Invent 2016 on Nov 30, 2016
• 2017 slides updated by Curtis Bray, Manager, AWS CodePipeline for DEV324
presentation at re:Invent 2017
• 2018 slides updated by Curtis Rissi, Sr. Solutions Architect to incorporate
“Continuous Integration Best Practices for Software Development Teams” by
Clare Liguori, AWS Senior Software Engineer to cover the full CI/CD process