Más contenido relacionado La actualidad más candente (20) Similar a Container Power Hour with Jess, Clare, and Abby (CON362) - AWS re:Invent 2018 (20) Más de Amazon Web Services (20) Container Power Hour with Jess, Clare, and Abby (CON362) - AWS re:Invent 20181. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Container Power Hour with Jess,
Clare, and Abby
Jess Frazelle, GitHub
Clare Liguori, AWS
Abby Fuller, AWS
C O N 3 6 2
2. Agenda
• Welcome!
• What is GitOps anyways?
• Continuous integration, preview environments, and PR bots
• Demo time! GitHub Actions and AWS Fargate
• Questions?
4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
5. “GitOps: versioned CI/CD on top of
declarative infrastructure. Stop scripting
and start shipping.”
— @kelseyhightower
7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
configuration references to
environment variables (not the actual secret!)
code documentation
With GitOps, this all belongs in version control.
8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Tie work to commits, to pull requests, to merges, to deploys
Easier to debug, review, and roll back
Can view the impact of changes and merge conflicts
Feature-driven development
10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
$ git checkout -b new-branch
Switched to a new branch 'new-branch'
11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
$ git add -a
$ git commit -m “adding support for feature”
$ git push origin new_branch
12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
infrastructure
15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous Integration
+
Containers
=
18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
No CI = Sad Team
#teamchat
abby: Nothing will compile for me
clare: When’s the last time we did a full build?
abby: Three months ago, I think
clare: A lot could have broken since then…
19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Start with Classic CI
20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Start with Classic CI
21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How does Classic CI get better
with containers?
22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How does Classic CI get better
with containers?
It’s easier!
23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Classic CI + Dockerfiles =
FROM python:2.7-alpine
WORKDIR /opt/app
COPY requirements.txt ./
RUN pip install -r requirements.txt
COPY ./app /opt/app
EXPOSE 80
CMD ["python", "service.py"]
24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Classic CI + Dockerfiles =
FROM node:10.12.0-alpine
RUN npm install -g npm@6.4.1
WORKDIR /opt/app
COPY app/package.json app/package-lock.json ./
RUN npm ci
COPY ./app /opt/app
EXPOSE 80
CMD [ "node", "service.js" ]
25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Classic CI + Dockerfiles =
FROM ubuntu:14.04.5
ENV DOCKER_BUCKET="download.docker.com" DOCKER_VERSION="17.09.0-ce" DOCKER_CHANNEL="stable" DOCKER_SHA256="a9e90a73c3cdfbf238f148e1ec0eaff5eb181f92f35bdd938fd7dab18e1c4647"
DIND_COMMIT="3b5fac462d21ca164b3778647420016315289034" DOCKER_COMPOSE_VERSION="1.21.2" GITVERSION_VERSION="3.6.5"
# Install git, SSH, and other utilities
RUN set -ex && echo 'Acquire::CompressionTypes::Order:: "gz";' > /etc/apt/apt.conf.d/99use-gzip-compression && apt-get update && apt install -y apt-transport-https && apt-key adv --keyserver
hkp://keyserver.ubuntu.com:80 --recv-keys 3FA7E0328081BFF6A14DA29AA6A19B38D3D831EF && echo "deb https://download.mono-project.com/repo/ubuntu stable-trusty main" | tee /etc/apt/sources.list.d/mono-
official-stable.list && apt-get update && apt-get install software-properties-common -y --no-install-recommends && apt-add-repository ppa:git-core/ppa && apt-get update && apt-get install git=1:2.*
-y --no-install-recommends && git version && apt-get install -y --no-install-recommends openssh-client=1:6.6* && mkdir ~/.ssh && touch ~/.ssh/known_hosts && ssh-keyscan -t rsa,dsa -H github.com >>
~/.ssh/known_hosts && ssh-keyscan -t rsa,dsa -H bitbucket.org >> ~/.ssh/known_hosts && chmod 600 ~/.ssh/known_hosts && apt-get install -y --no-install-recommends wget=1.15-* python=2.7.* python2.7-
dev=2.7.* fakeroot=1.20-* ca-certificates tar=1.27.* gzip=1.6-* zip=3.0-* autoconf=2.69-* automake=1:1.14.* bzip2=1.0.* file=1:5.14-* g++=4:4.8.* gcc=4:4.8.* imagemagick=8:6.7.* libbz2-dev=1.0.*
libc6-dev=2.19-* libcurl4-openssl-dev=7.35.* libdb-dev=1:5.3.* libevent-dev=2.0.* libffi-dev=3.1~* libgeoip-dev=1.6.* libglib2.0-dev=2.40.* libjpeg-dev=8c-* libkrb5-dev=1.12+* liblzma-dev=5.1.*
libmagickcore-dev=8:6.7.* libmagickwand-dev=8:6.7.* libmysqlclient-dev=5.5.* libncurses5-dev=5.9+* libpng12-dev=1.2.* libpq-dev=9.3.* libreadline-dev=6.3-* libsqlite3-dev=3.8.* libssl-dev=1.0.*
libtool=2.4.* libwebp-dev=0.4.* libxml2-dev=2.9.* libxslt1-dev=1.1.* libyaml-dev=0.1.* make=3.81-* patch=2.7.* xz-utils=5.1.* zlib1g-dev=1:1.2.* unzip=6.0-* curl=7.35.* e2fsprogs=1.42.*
iptables=1.4.* xfsprogs=3.1.* xz-utils=5.1.* mono-devel less=458-* groff=1.22.* liberror-perl=0.17-* asciidoc=8.6.* build-essential=11.* bzr=2.6.* cvs=2:1.12.* cvsps=2.1-* docbook-xml=4.5-*
docbook-xsl=1.78.* dpkg-dev=1.17.* libdbd-sqlite3-perl=1.40-* libdbi-perl=1.630-* libdpkg-perl=1.17.* libhttp-date-perl=6.02-* libio-pty-perl=1:1.08-* libserf-1-1=1.3.* libsvn-perl=1.8.*
libsvn1=1.8.* libtcl8.6=8.6.* libtimedate-perl=2.3000-* libunistring0=0.9.* libxml2-utils=2.9.* libyaml-perl=0.84-* python-bzrlib=2.6.* python-configobj=4.7.* sgml-base=1.26+* sgml-data=2.0.*
subversion=1.8.* tcl=8.6.* tcl8.6=8.6.* xml-core=0.13+* xmlto=0.0.* xsltproc=1.1.* && rm -rf /var/lib/apt/lists/* && apt-get clean
# Download and set up GitVersion
RUN set -ex && wget "https://github.com/GitTools/GitVersion/releases/download/v${GITVERSION_VERSION}/GitVersion_${GITVERSION_VERSION}.zip" -O /tmp/GitVersion_${GITVERSION_VERSION}.zip && mkdir -p
/usr/local/GitVersion_${GITVERSION_VERSION} && unzip /tmp/GitVersion_${GITVERSION_VERSION}.zip -d /usr/local/GitVersion_${GITVERSION_VERSION} && rm /tmp/GitVersion_${GITVERSION_VERSION}.zip && echo
"mono /usr/local/GitVersion_${GITVERSION_VERSION}/GitVersion.exe $@" >> /usr/local/bin/gitversion && chmod +x /usr/local/bin/gitversion
# Install Docker
RUN set -ex && curl -fSL "https://${DOCKER_BUCKET}/linux/static/${DOCKER_CHANNEL}/x86_64/docker-${DOCKER_VERSION}.tgz" -o docker.tgz && echo "${DOCKER_SHA256} *docker.tgz" | sha256sum -c - && tar -
-extract --file docker.tgz --strip-components 1 --directory /usr/local/bin/ && rm docker.tgz && docker -v && addgroup dockremap && useradd -g dockremap dockremap && echo 'dockremap:165536:65536'
>> /etc/subuid && echo 'dockremap:165536:65536' >> /etc/subgid && wget "https://raw.githubusercontent.com/docker/docker/${DIND_COMMIT}/hack/dind" -O /usr/local/bin/dind && curl -L
https://github.com/docker/compose/releases/download/${DOCKER_COMPOSE_VERSION}/docker-compose-Linux-x86_64 > /usr/local/bin/docker-compose && chmod +x /usr/local/bin/dind /usr/local/bin/docker-
compose && docker-compose version
# Install dependencies by all python images equivalent to buildpack-deps:jessie on the public repos.
RUN set -ex && wget "https://bootstrap.pypa.io/2.6/get-pip.py" -O /tmp/get-pip.py && python /tmp/get-pip.py && pip install awscli==1.* && rm -fr /var/lib/apt/lists/* /tmp/* /var/tmp/*
VOLUME /var/lib/dockeCOPY dockerd-entrypoint.sh /usr/local/bin/
26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Classic CI + Docker + Jenkins =
node {
checkout scm
docker.build("test-image")
}
27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Classic CI + Docker + AWS CodeBuild =
version: 0.2
phases:
build:
commands:
- docker build -t test-image .
28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Start with Classic CI
29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Add CI to Pull Requests
30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How does Pull Request CI get
better with containers?
31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How does Pull Request CI get
better with containers?
It’s built on containers!
32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Pull Request CI + Containers =
FROM docker:dind
RUN apk update && apt upgrade && apt add curl wget bash git
# Install Ruby
RUN apk add ruby ruby-bundler
# Install docker-compose
RUN curl -L
https://github.com/docker/compose/releases/download/1.23.1/docker-compose-
Linux-x86_64 -o /usr/local/bin/docker-compose
33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Pull Request CI + Containers + AWS CodeBuild =
version: 0.2
phases:
install:
commands:
- nohup /usr/local/bin/dockerd --host=unix:///var/run/docker.sock --
host=tcp://127.0.0.1:2375 --storage-driver=overlay&
- timeout 15 sh -c "until docker info; do echo .; sleep 1; done"
build:
commands:
- docker build -t my-app .
- docker-compose up -d
- rake test
34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What’s next for containers + CI?
35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What’s next for containers + CI?
Continuous testing in pull requests:
Use containers and infrastructure-as-code
to validate an environment before merging
36. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The Modern Application
37. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The Modern Application
38. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
The Modern Application
39. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous Testing of Containers
Validate an artifact (Build)
• Build image
• Run unit tests with mocked
dependencies and
environments
• Test image with local
dependencies
Validate an environment (Test)
• Provision containers in
“preview” cloud environment
• Run integration tests against
real dependencies
40. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous Testing of Containers
41. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Continuous Testing of Containers
42. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
43. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo: @clare-bot
44. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
46. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
47. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
48. Thank you!
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
@jessfraz
@clare_Liguori
@abbyfuller
49. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
50. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.