Help our Mythical Mysfits find their forever homes. We recently started using microservices as part of our Mythical stack to make it more resilient, but we still need a repeatable way to deploy it. In this workshop, you create a fully managed CI/CD stack to deploy to the service you created using the AWS code suite and AWS Fargate. Then, you build security and deployment checks in Docker to make sure you have a strong security posture when you deploy to production. Basic Docker and AWS experience is required. We guide you through the rest. This is an intermediate-level workshop on AWS Fargate. Consider CON214 for a more foundational workshop and CON322 for a more advanced workshop in the series.

2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Mythical Mysfits: DevSecOps with
Docker and AWS Fargate
Hubert Cheung
Solutions Architect
AWS
C O N 3 2 1 - R 2

3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Agenda
Release processes
CI/CD on AWS
• AWS CodeCommit
• AWS CodePipeline
• AWS CodeBuild
Hands-on lab

4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Release process phases
Source Build Test Production
• Integration
tests with
other
systems
• Load testing
• UI tests
• Penetration
testing
• Check-in
source code
such as
Dockerfiles
• Peer review
new code
• Compile code
• Unit tests
• Style
checkers
• Code metrics
• Create
container
images
• Deployment
to production
environments

6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Release process phases
Source Build Test Production
Continuous integration
Continuous delivery
Continuous deployment

7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Why should I care about CI/CD?
• Velocity
• Improved productivity and efficiency
• Reduced risk
• Shorter feedback loop
• Automation!

8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Challenges
• Automation!
• Metrics and monitoring
• Legacy processes
• Legacy … anything

9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Common patterns and solutions
Automate as much as possible
• Start small. Don’t try to automate everything.
Microservices
Strict API contracts
• Get expected outputs from teams consuming your service
Testing
• Mandate arbitrary number of tests to start

10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automate automate automate!
Source Build Test Production

11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automate automate automate!
Source Build Test Production

12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automate automate automate!
Source Build Test Production
Third-party
tooling

13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automate automate automate!
Source Build Test Production
Third-party
tooling

14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automate automate automate!
Source Build Test Production
Third-party
tooling

15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automate automate automate!
Source Build Test Production
Third-party
tooling

16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Automate automate automate!
Source Build Test Production

17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Mythical Mysfits
www.mythicalmysfits.com

19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Our mission: Ethical, mythical creature care
Our priority: Find homes for the abandoned, and often misunderstood, mythical creatures in our
community
Help us find their forever homes!
Your mission: Modernize and innovate on the Mythical stack
Lab 0: Mythical stack - recap
Lab 1: Starting the DevSecOps journey
Lab 2: Offloading builds from local machines
Lab 3: Automating end-to-end deployments
Lab 4: Implementing container image scanning
Welcome to Mythical Mysfits

20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
VPC
AWS Cloud
Public subnet Public subnet
users
/ + /fulfill-like
/like
/fulfill-like
/fulfill-like
Lab 0: Mythical stack - recap

21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Lab 1: Starting the DevSecOps journey
You

22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Lab 2: Offloading builds from local machines

23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Lab 3: Automating end-to-end deployments
build
pushpublish
pull
deploy

24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Lab 4: Implementing container image scanning
build
pushpublish
pull
deploy

25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Instructions:
http://www.mythicalmysfits.com/fargate-devsecops
Raise your hand if you have any questions. Feel free to work together with folks at
your table. Near the end, we’ll hand out $25 AWS credit codes to cover costs for
the workshop.
High-five your neighbors and have fun! Please fill out feedback forms and follow
the clean-up instructions once you are done!
Email us with comments/questions/feedback:
aws-mythical-mysfits@amazon.com
Logistics

26. Thank you!
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Hubert Cheung
aws-mythical-mysfits@amazon.com

27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.