Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Fast, Secure Deployments with Docker on AWS

2.098 visualizaciones

Publicado el

Today, it is critical that IT teams are able to easily, consistently deploy to production. Running Docker containers on Amazon Web Services makes it possible to engineer a compliant and DevOps-friendly environment from the ground up. Spring Venture Group successfully migrated to AWS with Docker containers and leveraged Logicworks to migrate to AWS and automate infrastructure build-out and deployment. Join our webinar to learn how Spring Venture Group, an innovative insurance brokerage, reduced risk and improved deployment velocity with Logicworks, AWS, and Docker.

Publicado en: Tecnología
  • Sé el primero en comentar

Fast, Secure Deployments with Docker on AWS

  1. 1. Fast, Secure Deployments with Docker on AWS Ronald Widha Sunarno, Solutions Architect, AWS Chuck Price, VP of Professional Services, Logicworks Jerry Hagedorn, VP of Information Technology, Spring Venture Group
  2. 2. DevOps on the AWS Cloud Ronald Widha Sunarno, Solutions Architect, AWS
  3. 3. Traditional IT Delivery Models are Obsolete  Business is increasingly software-driven  End-users expect both continuous improvement and stability from applications  IT needs to be able to provision infrastructure as rapidly as developers demand it  An organization’s pace of innovation is largely constrained by their ability to develop applications
  4. 4. DevOps Can Help Increase Decrease  Length of delivery cycles  Time to value  Deployment failures and rollbacks  Time to recover upon failure  Operational overhead DevOps practices enable companies to innovate at a higher velocity for customers  Business agility  Application stability  Ability to meet customer demand  Time spent on innovation  Security
  5. 5. Infrastructure as Code Microservices Logging and Monitoring Continuous Integration/ Continuous Delivery DevOps on AWS AWS provides on-demand infrastructure resources and tooling built to enable common DevOps practices
  6. 6.  Provision the server, storage, and networking capacity you need on demand  Deploy independently, as a single service, or a group of services  Make configuration changes repeatable and standardized  Build custom templates to provision resources in a controlled and predictable way  Use version control to keep track of all changes made to your infrastructure and application stack Infrastructure as Code Replace traditional infrastructure provisioning and management with code- based techniques
  7. 7.  Build services around the business capabilities you require  Scale up and down as required with virtually no notice  Make configuration code changes repeatable and standardized  API-driven model enables management of infrastructure with language typically used in application code  Free developers from manually configuring operating systems, system applications, and server software Microservices Build applications as a set of small services that communicates with other services through APIs
  8. 8.  Maintain visibility and auditability of activity in your application infrastructure  Assess how application and infrastructure performance impact end-user experience  Gain insight into the root causes of problems or unexpected changes  Support services that must be available 24/7 as a result of continuous integration/ continuous delivery  Create alerts based on thresholds you define Logging and Monitoring Capture, categorize, and analyze data and logs generated by applications and infrastructure
  9. 9.  Model and visualize your own custom release workflow  Automate deployments of new code  Improve developer productivity and deliver updates faster  Find and address bugs quicker with more frequent and comprehensive testing  Store anything from source code to binaries using existing Git tools Continuous Integration and Continuous Delivery Rapidly and reliably build, test, and deploy your applications, while improving quality and reducing time to market.
  10. 10. Logicworks Chuck Price, VP of Professional Services, Logicworks
  11. 11. About Logicworks  AWS Premier Partner with the DevOps Competency  Leader in the 2017 Gartner Magic Quadrant for Public Cloud MSPs  Specializes in high-risk, compliant workloads for healthcare and financial services Cloud Strategy 24/7 Management Cloud Automation Cloud Security
  12. 12. Agenda 1. DevOps From the Ops Side 2. Why People Love Docker 3. Understanding Security + Automation on AWS Next Up: Jerry Hagedorn, Spring Venture Group Real-Life Docker Deployment & DevOps from the Dev Side
  13. 13. Quick Poll (1 of 2) Who is currently living the dream of Cloud-based DevOps? A. Me & My Company B. Just Me C. Just My Company D. Neither Me nor My Company
  14. 14. What’s Next? DevOps “It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.” – Charles Darwin
  15. 15. DevOps Ops Struggles Pockets of developers using their favorite (not well-integrated) tools Infrastructure is always “on fire”, time-consuming, custom built for each project Ops is an afterthought in Agile transformation projects
  16. 16. Great Ops in a DevOps World  Make it easy for developers to launch “approved” infrastructure  Create a clear line between responsibilities of Ops and Dev  Design for constant change  Treat infrastructure as code and issues as regressions  Reduce human effort to reduce security risks  Use fully-managed cloud resources whenever possible
  17. 17. DevOps in Action AWS Platform Infrastructure Automation (AWS CloudFormation, Amazon ECS, Puppet, etc.) Self-Service Portal (AWS Service Catalog) Deployment Automation — CI/CD Pipeline Application Developers Operations
  18. 18. Case Study: Spring Venture Group AWS Platform Infrastructure Automation (AWS CloudFormation, Amazon ECS, Puppet, etc.) Self-Service Portal (AWS Service Catalog) Deployment Automation — CI/CD Pipeline Application
  19. 19. AWS Platform Infrastructure Automation (AWS CloudFormation, Amazon ECS, Puppet, etc.) Self-Service Portal (AWS Service Catalog) Deployment Automation — CI/CD Pipeline Application Case Study: Spring Venture Group
  20. 20. Most robust, mature, largest IaaS platform in the world Better security than you could afford in your own data center Dozens of services to support any application, not just “cloud-ready” ones Many DevOps-friendly services, ready to support containers AWS Platform
  21. 21. Cloud-First vs Traditional App Dev KPIs Without AWS With AWS Difference Benefit Average time to deploy new application (weeks) 13.4 8.5 4.9 36.7% # of business apps deployed per year 22.2 48.5 26.3 118.4% Equivalent size of app dev team 146.8 114.1 32.7 22.3% Unplanned downtime incidents per year 10.6 2.1 8.5 79.8% Source: IDC, 2015
  22. 22. Case Study: Spring Venture Group AWS Platform Infrastructure Automation (AWS CloudFormation, Amazon ECS, Puppet, etc.) Self-Service Portal (AWS Service Catalog) Deployment Automation — CI/CD Pipeline Application
  23. 23. Who is currently leveraging “Infrastructure as Code”? A. All Day Every Day! B. Minimally Deployed / POC’ing Now C. Learning more now and hope to start this year… D. Not sure what that even means…seems contradictory?! Quick Poll (2 of 2)
  24. 24. Why Infrastructure Automation?  Every environment is a snowflake  High chance of forgetting something important (i.e., security)  Slow  Can’t rollback  Change code, not servers  Quickly replicate environments  Easily update environments  Every instance gets configured in same way Manual Automated
  25. 25. Infrastructure Automation Pipeline “Raw” AWS Services Amazon EC2, Amazon S3, Amazon RDS, AWS ELB, etc. Create Architectures Design cloud architecture for your applications. Templatize your architecture so that you can easily replicate/update. Create Templates Configure OS Create a consistent way to get instances ready to receive code.
  26. 26.  Builds network foundation  Configures gateways and access points  Installs management services, like Puppet  Allocates Amazon S3 buckets  Attaches encrypted volumes  Controls and manages access though AWS IAM  Registers DNS names with Amazon Route 53  Configures log shipping and retention AWS CloudFormation What AWS CloudFormation does for Spring Venture Group:
  27. 27.  What CM Does:  Configures hostnames  Binds instances to central auth  Requires MFA on bastion  Installs NTP, MTA, other essentials  Installs log shipping and monitoring software  Provisions machine for deploy Configuration Management The goal of configuration management (CM) is to create and maintain OS configurations.
  28. 28. Case Study: Spring Venture Group AWS Platform Infrastructure Automation (AWS CloudFormation, Amazon ECS, Puppet, etc.) Self-Service Portal (AWS Service Catalog) Deployment Automation — CI/CD Pipeline Application
  29. 29.  Developers get to choose from available templates  Instantly build out “approved” environments  Systems team maintains templates  Developers are responsible for making code “work”  Interface between Dev and Ops Service Catalog
  30. 30. What is the Impact on Security? You have less direct human interaction in your environment, but you still need 24/7 human monitors. Controlled Build Process No ad hoc environments that lead to an unknown risk profile Controlled Update Process All changes are documented Reduced Human Effort …But 24x7 human monitors are still important!
  31. 31. Key Takeaways Building a fully- automated cloud environment is complex, but crucial Invest in infrastructure automation as the foundation for DevOps We would love to help! Contact Logicworks or visit our website to learn more.
  32. 32. Next Up… Spring Venture Group AWS Platform Infrastructure Automation (AWS CloudFormation, Amazon ECS, Puppet, etc.) Self-Service Portal (AWS Service Catalog) Deployment Automation — CI/CD Pipeline Application
  33. 33. Spring Venture Group Jerry Hagedorn, VP of Information Technology
  34. 34. DevOps in Action AWS Platform Infrastructure Automation (AWS CloudFormation, Amazon ECS, Puppet, etc.) Self-Service Portal (AWS Service Catalog) Deployment Automation — CI/CD Pipeline Application
  35. 35. About Spring Venture Group Inside sales and marketing company with a concentration on direct-to-consumer insurance products Mission to operate a world-class distribution platform 2016 Best Insurance Companies to Work For 150% Revenue growth in 2016; IT staff has more than tripled since January 2016
  36. 36. Agenda 1. Our Technology Goals 2. Why Docker? 3. Our Deployment Pipeline 4. Docker Orchestration & Security 5. Infrastructure Automation + Deployment Automation = Efficient Developers
  37. 37. Our Technology Goals Support Business Growth ComplianceAutomationFocus on Development
  38. 38. Our Solution Docker Containers Logicworks Managed AWS Services Migration to the AWS Cloud AWS
  39. 39.  Build once, run anywhere  No worries about missing dependencies and packages  Isolates software  Isolates code failures  Easier to automate testing, integration, packaging Docker Containers
  40. 40. “The real value of Docker is not technology. It’s getting people to agree on something.” -Solomon Hykes
  41. 41. Docker Basics  Docker Hub: A “GitHub” for Docker container images  Dockerfile: Text file that contains commands to build a Docker image  Container: The thing that’s created from a Docker image  Docker daemon: Background service running on the host that manages building, running, and distributing containers APP 1 APP 2 APP 3 BINS/LIBS BINS/LIBS BINS/LIBS DOCKER ENGINE HOST OPERATING SYSTEM INFRASTRUCTURE
  42. 42. Our Deployment Pipeline Build ECS Cluster Commit Pull Base Image Push New Image 2 AWS Service Catalog 1 Build Image4 2 3 5 Place Containers AWS EC2 Container Service 6
  43. 43. AWS Service Catalog from Developers’POV  Consistent, standard Amazon ECS-ready environment  Baked-in security controls for HIPAA compliance  No delay or friction between Ops (Logicworks) and our developers
  44. 44.  Automate, automate, automate  Invest early in a service discovery solution (Eureka, Consul, etc.)  Embrace external configuration  Use the HEALTHCHECK instruction in your Docker file, and implement meaningful health check in your application that it interacts with  Application Load Balancers Key Tips for Adopting Docker
  45. 45. Docker Security Application Segregation Shared Kernel Transient Immutable Resource isolation
  46. 46. Amazon EC2 Container Service  Highly scalable, high performance container management service  Lightweight, eliminates need to install and operate cluster management infrastructure  No charge for ECS (you pay only for AWS resources you create)
  47. 47. Docker Orchestration: Amazon ECS vs. Other Tools  We prefer AWS native solutions whenever possible – Stability – Maintenance covered  AWS ECS met our environment management needs  ECS/Docker provided significant improvement in stability with disposing of containers based on health checks  Logicworks manages our infrastructure including ECS and we leverage it to deploy containers, no overhead of running 3rd party solution
  48. 48. Built AWS environment from the ground up Ongoing expertise and support as our needs change 24x7x365 support Helped us understand HIPAA requirements Deploy AWS with click of button Working with Logicworks
  49. 49. Results of the Project  Started in February 2016  Migration Included – Building out testing region – Automated builds and deployments for each system/service  Migration completed in July 2016 – With minimum business operational impact – While supporting several key business deployments – Nearly doubling the number of users
  50. 50. Key Takeaways for Your Team Automation Drive efficiency of developers Health Checks Dramatically increases overall system stability Partnerships are key to success Allowed us to migrate quickly and continue to be nimble
  51. 51. We’re Hiring!  Looking for a great DevOps Engineer to manage our deployment automation and application monitoring 
  52. 52. Q & A Session Ronald Widha Sunarno, Solutions Architect, AWS Jerry Hagedorn, VP of Information Technology, Spring Venture Group Chuck Price, VP of Professional Services, Logicworks Phil Christensen, Sr Solutions Architect, Logicworks
  53. 53. Resources  Logicworks’ DevOps on AWS Resource Center –  CD Reference Architecture using AWS ECS/Docker: –  AWS Whitepaper: Practicing CI/CD on AWS: – delivery-on-AWS.pdf  AWS Whitepaper: Configuring and Running Jenkins on AWS: –