2. @rafaelbenvenuti
@StGebert
Abstract
Who has not used Jenkins? Who does not have a love-hate relationship with it?
At EMnify, we are heavy Jenkins users, but we re also always considering
alternatives where hosted services could make our life easier.
Therefore, we recently - once again - looked at AWS CodePipeline and its friends
CodeCommit, CodeBuild, and CodeDeploy. In this talk, we will compare the current
state of the two ecosystems regarding their simplicity and flexibility for implementing
both trivial as well as complex pipelines. Further, we cover topics like: deployment,
maintenance, security, costs, and usability.
2
5. @rafaelbenvenuti
@StGebert
EMnify
5
One of the first cellular
providers on AWS -
dedicated for IoT businesses
We’re where customers are -
on AWS offering
simple integrations
(TGW, Kinesis)
Programmable SIM that
works all over the world in
~600 networks
Web portal and APIs
for managing SIMs and their
policies
6. @rafaelbenvenuti
@StGebert
EMnify GmbH
• Privately founded in 2014
• ~95 in total
• ~25 people touching code
• Engineering teams in Würzburg & Berlin
• Technology stack: AWS, Terraform, Java, Akka, Perl, C++, Go
7
8. @rafaelbenvenuti
@StGebert
Running Jenkins
• Jenkins Master
• EC2 instance, ECS+EFS, or EKS, Fargate (requires RWO file system)
• Recommendation: run it in Docker and include your plugins
• Build Agents
• Optional J (building on master is usually a bad idea)
• EC2 spot (using ec2 plugin) or EKS (using kubernetes plugin)
9
19. @rafaelbenvenuti
@StGebert
AWS Pricing
20
CodePipeline
• Each pipeline costs $1.00 per month (when active)
• Pipelines are free for the first 30 days after creation
CodeCommit
• Free for first active 5 users per month
• Each additional active user costs $1.00 per month
CodeBuild
• Small instance (2 vCPUs, 3 GB RAM) - $0.005/min
• Medium instance (4 vCPUs, 7 GB RAM) - $0.01/min
• Large instance (8 vCPUs, 15 GB RAM) - $0.02/min
CodeDeploy
• Free
34. @rafaelbenvenuti
@StGebert
Access Control
• Jenkins
• Users and groups, built-in or via
SSO/OAuth
• Per-project/folder permissions
35
• CodePipeline
• IAM users and roles
• Configure and run permissions
AWS Identity and Access
Management
38. @rafaelbenvenuti
@StGebert
CodeBuild Build Environments
• A CodeBuild build environment represents a combination of:
• operating system / programming language runtime / set of tools
• Essentially, a build environment is a Docker Image by definition.
• You can use Docker Images stored in:
• The Official Codebuild Image Repository
• AWS ECR Repositories
• DockerHub
51. @rafaelbenvenuti
@StGebert
Getting Input
• Input step
• Simple approval
• Values/text can be dynamically computed
• During pipeline execution
• Jenkins Parametrized build
• Only supplied with job execution
• Can come from other job / via POST
52
53. @rafaelbenvenuti
@StGebert
Jenkins Scripted Pipelines
• More power compared to Declarative Pipelines
• Full Groovy power
• Control/data structures
• Classes
• Variable assignment
• Groovy errors only triggered during execution
• Build error handling up to user (try/catch)
• Greater flexibility in build agent allocation
• Declarative: use script{} for super powers
• Shared libraries to maintain custom steps
54
64. @rafaelbenvenuti
@StGebert
Summary & Conclusion
• The best CI/CD tool depends on your situation and requirements (still in 2020)
• Accepting that one tool can‘t cover everything makes switching easier
• Integrating both together allows:
• Getting the best of both / Cheaper solution / Smoother migration
• Advice: Please give CodeDeploy a chance, it is a pretty interesting tool
65