Resident, an online retailer, scaled their DevOps processes using AWS and CloudShell Colony to provide self-service environments. This allowed development teams to get secure environments in under 5 minutes, removed bottlenecks from static environments, and increased development speed. It also provided accurate cloud cost tracking and role-based access control. Resident aims to further adopt containers and Kubernetes on AWS to continue innovating at scale.
2. Quali
Digital transformation is changing the world
The digital transformation bottleneck is environments
What is an “environment”?
Environments in DevOps
The benefits of EaaS approach
Resident
DevOps Goals
Using CloudShell Colony and AWS to scale DevOps – Solution
Drill Down
Results
Vision
AWS
Kubernetes on AWS with Amazon EKS
Conclusion
Q&A
4. The Digital Transformation Bottleneck is Environments
Approval requests
Stakeholders
Responsible for Infrastructure
Shadow IT
Waiting for
infrastructure kills
innovation
Bottleneck for innovation
Uncontrolled Direct
access to
infrastructure
5. Responsible for
cloud cost,
security and
compliance
DevOps Environment Challenges
Using environments
for development,
testing, support, Ops
• How can I offer self-service?
• How can I scale DevOps when I
integrate open source tools in the
broader toolchain?
• How can I make it easier to maintain
and troubleshoot environments?
Responsible to
provide environments
for DevOps
• How can I get environments fast?
• How can I do my job without
environments being a bottleneck?
• How can I get environments without
being responsible for cloud spend
or security?
• How can we benefit from the power and
flexibility of the cloud without losing
control?
• How can I manage environment cost?
• How can we avoid environment
security and compliance blind spots?
Innovate At Scale Under Control
6. Logging & Monitoring
Data/Service Virtualization
Applications Dev/Test/Sec Tools
Infrastructure
An environment is not about any single technology.
It’s about a business need
Environments Fuel Innovation
All the components you need to get a job done
7. Environments for DevOps
CI/CD
Dev Functional tests ProductionPerformance tests Dynamic security Staging
Source ControlArtifact Repository
Chaos monkey
Consume environments throughout the
value stream
Keep blueprints in your source
control tool
Get application artifacts from
your artifact repository
Integrate with Infrastructure as
Code tools
Infrastructure as Code
8. After
Before
Waiting for
infrastructure kills
innovation
Enabler for innovation
Business is no
longer constrained
by infrastructure
Digital Transformation
Stakeholders Policies and access Control
Blueprints
Approval requests
Stakeholders
Responsible for Infrastructure
Shadow IT
Bottleneck for innovation
Uncontrolled Direct
access to
infrastructure
Responsible for Infrastructure
9. Benefits of Environment as a Service
SERVE A
BUSINESS NEED
an environment
represents a business
need, abstracted from the
technology
SCALE
standardize and re-use
automation across the
value stream
CONTROL
automated cost control,
security and compliance
DRIVE BUSINESS
INSIGHTS
connect infrastructure
consumption data with
business need
10. Environment as a Service with CloudShell Colony
Sign Up
Create an account in
CloudShell Colony and
connect your
cloud-provider
1
Blueprint
Blueprint your
environment
2 Environments at
scale™
Launch environments from a self- service UI
or from the CI/CD pipeline with
Out-of-Box plugins.
All the way from development to production
3
11. Let’s see how Resident turned
this vision into reality with
CloudShell Colony on AWS cloud
Pavel Eliav, Head of DevOps
Resident
12. Introduction to Resident
Resident is an innovative retail ISV managing over 10 online brands
Resident is a house of direct-to-consumer brands in the home
goods space. The company owns and operates multiple brands
catering to different consumer furnishing needs including Nectar
and DreamCloud.
The company is headquartered in San Francisco with a
dedicated New York City office and an R&D facility in Tel
Aviv. Yet, at the heart of the company is the belief in
building a team using the best talent possible, no matter
where they reside. From 15 cities across 5 countries,
Resident also has a diversified virtual workforce of more
than 200 employees.
https://www.residenthome.com
13. Resident’s DevOps Goals
• Support fast growth with multiple globally distributed teams
• Avoid developers sharing static integration and staging environments >
remove bottlenecks and conflicts
• Make it possible to provide fast feedback on new features
• Cut time spent on ongoing environment maintenance and
troubleshooting activity
• Control and secure infrastructure access
• Accurately track AWS usage
14. The Resident Solution
On-Demand Secure Environments throughout the release pipeline.
ProductionQA Staging
Source Control Artifact RepositoryCloud Provider Pipeline
Used for:
Feature Development,
Integration Tests (CI)
https://www.nectarsleep.com/
ChatOps Bot
Used for:
Product Review
Last mile Validation
Security tests
https://www.dreamcloudsleep.com/
https://www.bundleliving.com/
https://www.wovenlyrugs.com/
… and more
Development
Used for:
Manual QA Tests
15. Use Case Drill Down – Self Service Environments
1 2
Environment Ready!
16. Results - Innovating Faster
Self Service in under 5 minutes
Global teams get access to secure https environments
using a self-service slack bot
No Static Environments
Remove conflicts and bottlenecks
100% Role Based Access Control
Access control to cloud accounts
Increased Development Speed
Dynamic environments make it possible to immediately
test new features, Develop more features in parallel.
Visibility on Cloud Utilization
Environments are tagged automatically and tracked.
Scale
Easy to manage standardized environments
17. The Vision
Adopting Containers & Kubernetes
• Launch environments on Amazon EKS Kubernetes Service.
• Migrate existing assets
• Overcome technical & cultural challenges with CloudShell Colony
18. Kubernetes on AWS
with Amazon EKS
Kevin Wall, Partner Solutions Architect
AWS Partner Network
19. • Create a culture of innovation by organizing into small DevOps teams
• Continually evaluate your security posture by automating security
• Componentize applications using microservices
• Update applications & infrastructure quickly by automating CI/CD
• Standardize and automate operations by modeling infrastructure as code
• Simplify infrastructure management with serverless technologies
• Improve application performance by increasing observability
AWS best practices for building modern applications
21. AWS Container Services Landscape
Management
Deployment, Scheduling,
Scaling & Management of
containerized applications
Hosting
Where the containers run
Amazon Elastic
Container Service
Amazon Elastic
Kubernetes
Service
Amazon EC2 AWS Fargate
Image Registry
Container Image Repository
Amazon Elastic
Container Registry
22. Balancing flexibility and simplicity:
Workload-by-workload
Flexibility focused
Low level of opinion
Low level of abstraction
Focus on infrastructure
and configuration
Installing, configuring, and managing
managing my compute environment is
environment is critical to achieving my
achieving my goals
Value simplicity
High level of opinion
High level of abstraction
Focus only on app
and primitive
Having a standardized and
on-demand compute environment
is critical to achieving my goals
28. Amazon EKS
Worker VPC (your account)
Kubectl
Master VPC (AWS account)
etcd
AZ 1
API Server
etcd
API Server
prod-cluster-123.eks.amazonaws.com
EKS-owned ENI
Kubelet
AZ 1
Worker
node
EKS-owned ENI
Kubelet
AZ 2
Worker
node
AZ 2
Kube-proxy Kube-proxy
30. AWS Identity and Access Management
(IAM) Authentication
Kubectl
3) Authorizes AWS identity with RBAC
K8s API
1) Passes AWS identity
2) Verifies AWS identity
4) K8s action
allowed/denied
31. Container Storage Interface (CSI)
A flexible standard for orchestration
and storage provider connections
We support the CSI standard through following drivers:
Amazon Elastic Block Store: Amazon EBS CSI Driver
Amazon Elastic File System: Amazon EFS CSI Driver
Amazon FSx for Lustre: Amazon FSx CSI Driver
32. • Amazon EKS-Optimized AMI
• Standard EC2 compute instance types
• P2 and P3 accelerated instances
• i3 bare metal
• Spot Instances
Worker Node Instance Flexibility
34. Continuous Deployment Cycle
Code
Repository
Code Pipeline Execution New Image Generated Trigger Deployment
1 2 4
3 5
6
1
Developers continuously integrate
changes into a main branch hosted
within a repo
2
Triggers an execution of the pipeline
when a new version is found, builds
a new image with build id
3
Pushes the newly built image
tagged with build id to container repo
4
Trigger application deployment
5
Update Kubernetes deployment
6
Fetches new container image
and performs a rolling update
of deployment
Developer
Container Repo
Environment can be a lot of different components, because it’s not about technology. Today you can have VMs or containers or switches or firewalls in your environment, and tomorrow there may be some other thing – but you will still need an environment. For testing, for development, for production, for demos and PoCs
Teams get access to secure https environments using a self-service slack bot in under 5 minutes
Transition from static to dynamic environments – optimizing cloud consumption and increasing development speed
Testing on production-like environments
Environments standardized and easy to manage
Cloud Account Access control
All cloud infrastructure is automatically and consistently tagged