The document discusses DevOps practices at Amazon Web Services (AWS). It begins with an overview of DevOps and how it has helped Amazon deploy code faster and more frequently. It then discusses specific DevOps tools and services offered by AWS, including AWS CodeCommit for source control, AWS CodeBuild for builds, AWS CodeDeploy for deployments, AWS CodePipeline for release orchestration, and AWS CodeStar for application development. The document explains how these services work together to enable continuous integration and continuous delivery workflows. It also discusses how AWS has implemented DevOps practices like infrastructure as code and monitoring within its own systems to deploy millions of times per day while maintaining quality, security and reliability.
9. DevOps Culture
• Dev & Ops coming together
• No more “silos”
• Shared responsibility
• Ownership
• Visibility and communication
10. What is continuous integration?
1. Developers regularly check
in code to a shared, central
repository
2. Automated builds run using
the shared code base
3. Tests are run against the
code base giving feedback
to the developers
Develop
BuildTest
11. What is continuous integration?
1. Developers regularly check
in code to a shared, central
repository
2. Automated builds run using
the shared code base
3. Tests are run against the
code base giving feedback
to the developers
Develop
BuildTest
12. What is continuous integration?
1. Developers regularly check
in code to a shared, central
repository
2. Automated builds run using
the shared code base
3. Tests are run against the
code base giving feedback
to the developers
Develop
BuildTest
14. What is continuous delivery?
Develop
BuildTest
Develop
Build
Test
Deploy
Test
Release
15. What is continuous delivery?
1. Successful builds are
automatically deployed to
Staging and Pre-Prod
2. Automated and Manual
exploratory tests are
completed on each tier
3. Approval needed for
release to Production
Develop
Build
Test
Deploy
Test
Release
16. What is continuous delivery?
1. Successful builds are
automatically deployed to
Staging and Pre-Prod
2. Automated and Manual
exploratory tests are
completed on each tier
3. Approval needed for release
to Production
Develop
Build
Test
Deploy
Test
Release
17. What is continuous delivery?
1. Successful builds are
automatically deployed to
Staging and Pre-Prod
2. Automated and Manual
exploratory tests are
completed on each tier
3. Approval needed for
release to Production
Develop
Build
Test
Deploy
Test
Release
21. DevOps Practices
• Monitoring and Logging
• Track and analyze metrics and logs
• Understand real-time performance of
infrastructure and application
28. = 60 million deployments a year
= 1.9 deployments / second
Thousands of teams +
Microservices architectures +
Multiple environments +
Continuous delivery?
29. But how do you maintain quality, consistency,
security and reliability in a world moving so fast?
30. In Amazon, we prefer to distribute
capabilities into teams rather than
having a centralized team with that
capability
31. First, we have practices that focus on
enabling each team to have that
capability, and we provide access to
experts who ensure that teams raise
the bar on the standards they need to
meet.
32. Second, we put in place mechanisms
that carry out automated checks to
ensure standards are being met.
33. “Good intentions never work, you need good
mechanisms to make anything happen” - Jeff
Bezos.
This means replacing humans best efforts with
mechanisms (often automated) that check for
compliance with rules or process.
34. To help new teams gain these capabilities or
existing teams to raise their bar, we enable access
to a virtual community of principal engineers who
can review their designs and help them understand
what AWS best practices are. The principal
engineering community works to make best
practices visible and accessible.
35. This works as teams have end-to-end
ownership,
but also as teams are encouraged to
embrace failures, and share the learnings.
36. Weekly Ops Meeting
For more than 10 years, AWS has run a regular operations
review meeting. It includes over 100 service owners and
engineers and runs for 2 hours every Wednesday.
• Share successes and failings
• Review service metrics
• Identify new best practices
• Minimize time on team-specific items
37. “Invention requires two
things: the ability to try a
lot of experiments, and
not having to live with
the collateral damage of
failed experiments”
Andy Jassy, CEO, Amazon Web Services
38. … experiment patiently, accept
failures, plant seeds, protect
saplings, and double down when
you see customer delight.
A customer-obsessed culture best
creates the conditions where all of
that can happen.
39. Things went much
better under this
model and teams
were releasing faster
than ever, but we felt
that we could still
improve.
40. In 2009, we
ran a study to
find out where
inefficiencies
might still exist
41. We were just waiting.
WaitWrite
Code WaitBuild
Code WaitDeploy
to Test
Deploy
to
Prod
42. We were just waiting.
WaitWrite
Code WaitBuild
Code WaitDeploy
to Test
Deploy
to
Prod
Mins Days Mins Days Mins Days Mins
43. We were just waiting.
WaitWrite
Code WaitBuild
Code WaitDeploy
to Test
Deploy
to
Prod
Weeks
Mins Days Mins Days Mins Days Mins
44. We were just waiting.
WaitWrite
Code WaitBuild
Code WaitDeploy
to Test
Deploy
to
Prod
Weeks
Mins Days Mins Days Mins Days Mins
45. We built tools to
automate our software
release process
https://secure.flickr.com/photos/lindseygee/5894617854/
46. Automated actions and
transitions; from check-
in to production
Development benefits:
• Faster
• Safer
• Simplification &
standardization
• Visualization of the
process
Pipelines
47. This has continued to work out really well:
Every year at Amazon, we perform a survey of all our
software developers. The 2014 results found only one
development tool/service could be correlated statistically
with happier developers:
Our pipelines service!
continuous delivery == happier developers!
51. Amazon CloudWatch
AWS CloudTrail
Monitoring
& Logging
AWS DevOps Portfolio
AWS CodeCommit
AWS CodeDeploy
AWS CodePipeline
Software Development and
Continuous Delivery Toolchain
AWS CloudFormation
AWS OpsWorks
AWS Config
Infrastructure
as Code
AWS CodeBuild
AWS CodeStar
AWS OpsWorks for
Chef Automate
AWS X-Ray
52. Secure, scalable, and managed Git source
control
Use standard Git tools
Scalability, availability, and durability of
Amazon S3
Encryption at rest with customer-specific keys
No repo size limit
Post commit hooks to call out to SNS/Lambda
AWS CodeCommit
53. Source control in the cloud
Secure Fully
managed
High
availability
Store
anything
54. AWS CodeCommit
git pull/push CodeCommit
Git objects in
Amazon S3
Git index in
Amazon
DynamoDB
Encryption key
in AWS KMS
SSH or HTTPS
56. Build & test your
application
https://secure.flickr.com/photos/spenceyc/7481166880
57. Fully managed build service that compiles source code,
runs tests, and produces software packages
Scales continuously and processes multiple builds
concurrently
You can provide custom build environments suited to
your needs via Docker images
Only pay by the minute for the compute resources you
use
Launched with CodePipeline and Jenkins integration
AWS CodeBuild
58. How does it work?
1. Downloads source code
2. Executes commands configured in the buildspec in
temporary compute containers (created fresh on every
build)
3. Streams the build output to the service console and
CloudWatch logs
4. Uploads the generated artifact to an S3 bucket
59. buildspec.yml Example
version: 0.1
environment_variables:
plaintext:
JAVA_HOME: "/usr/lib/jvm/java-8-openjdk-amd64"
phases:
install:
commands:
- apt-get update -y
- apt-get install -y maven
pre_build:
commands:
- echo Nothing to do in the pre_build phase...
build:
commands:
- echo Build started on `date`
- mvn install
post_build:
commands:
- echo Build completed on `date`
artifacts:
type: zip
files:
- target/messageUtil-1.0.jar
discard-paths: yes
• Variables to be used by phases of
build
• Examples for what you can do in
the phases of a build:
• You can install packages or run
commands to prepare your
environment in ”install”.
• Run syntax checking,
commands in “pre_build”.
• Execute your build
tool/command in “build”
• Test your app further or ship a
container image to a repository
in post_build
• Create and store an artifact in S3
61. Automates code deployments to any instance
Handles the complexity of updating your
applications
Avoid downtime during application deployment
Rollback automatically if failure detected
Deploy to Amazon EC2 or on-premises
servers, in any language and on any operating
system. Or Lambda functions!
Rolling Deployment, Blue-Green or Canary
AWS CodeDeploy
62. v2 v2 v2 v2 v2 v2
one at a time
half at a time
all at once
v2 v2 v2 v1 v1 v1
v2 v1 v1 v1 v1 v1 Agent Agent
Dev Deployment group
OR
Prod Deployment group
Agent
AgentAgent
Agent Agent
Agent
Choose Deployment Speed and Group
64. Continuous delivery service for fast and
reliable application updates
Model and visualize your software release
process
Builds, tests, and deploys your code every time
there is a code change
Integrates with third-party tools and AWS
AWS CodePipeline