© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
KJ Wu (吳貴融), Solutions Architect, AWS TW
Ting-Chung Hu (胡定中), Sr. Staff Engineer, Trend Micro
2016/5/20
DevOps on AWS
A look at our tools/processes and Trend Micro’s DevOps story
Agenda
• Amazon DevOps Story
• AWS DevOps Technology
• Customer story
• How Trend Micro (FRS team) runs DevOps on AWS
What is DevOps?
DevOps = efficiencies that speed up this lifecycle
developers customers
releasetestbuild
plan monitor
delivery pipeline
feedback loop
Software development lifecycle
Service-Oriented
Architecture (SOA)
Single-purpose
Connected through APIs
Highly decoupled
“Microservices”
2001
Development transformation at Amazon: 2001-2009
2009
monolithic
application + teams
microservices + 2 pizza teams
Things went much
better under this
model and teams
were releasing faster
than ever, but we felt
that we could still
improve
We were just waiting…..
WaitWrite Code WaitBuild
Code WaitDeploy to Test
Deploy to
Prod
Weeks
Mins Days Mins Days Mins Days Mins
We found out that we had a tooling gap –
Missing Tools
developersdelivery pipeline
services
???
So….We decided to built
tools to automate our
software release process
Automated actions and transitions; from check-in to production
Development benefits:
• Automated release process
• Faster and safer
• Simplification & standardization
• Visualization of the process
Pipelines
Microservice development lifecycle
developers delivery pipelinesservices
releasetestbuild
releasetestbuild
releasetestbuild
releasetestbuild
releasetestbuild
releasetestbuild
= 50 million deployments a year
Thousands of teams
× Microservice architecture
× Continuous delivery
× Multiple environments
In 2014
Setting up a delivery pipeline
Testing Staging Production
de
plo
y
de
plo
y
de
plo
y
Source Build
release
AWS CodeDeploy
AWS CodePipeline
AWS
CodeCommit
AWS CodeDeploy
Easy and reliable deployments
Avoid downtime during application deployment
Deploy to any server, including your on-premises servers
TestCodeDeployv1, v2, v3
Production
Dev
application
revisions
deployment groups
Agent
“appspec.yml” (Example)version: 0.0os: linuxfiles:
- source: /destination: /var/www/html
permissions:- object: /var/www/html
pattern: “*.html”owner: rootgroup: rootmode: 755
hooks:ApplicationStop:
- location: scripts/deregister_from_elb.shBeforeInstall:
- location: scripts/install_dependencies.shApplicationStart:
- location: scripts/start_httpd.shValidateService:
- location: scripts/test_site.sh- location: scripts/register_with_elb.sh
• Remove/add instance to ELB
• Install dependency packages
• Start Apache
• Confirm successful deploy
• More!
• Send application files to one
directory and configuration
files to another
• Set specific permissions on
specific directories & files
v2 v2 v2 v2 v2 v2
one at a time
half at a time
all at once
v2 v2 v2 v1 v1 v1
v2 v1 v1 v1 v1 v1 Agent Agent
Dev Deployment group
ORProd Deployment group
Agent
AgentAgent
Agent Agent
Agent
Choose Deployment Speed and Group
Continuous delivery service for fast and
reliable application updates
Model and visualize your software release
process
Builds, tests, and deploys your code every time
there is a code change
Integrates with 3rd party tools and AWS
AWS CodePipeline
Source
Source
GitHub
Build
JenkinsOnEC2
Jenkins
Deploy
JavaApp
Elastic Beanstalk
NotifyDevelopers
Lambda
TestAPI
Runscope
CodePipeline
MyApplication
Support Parallel
and Sequential
actions
Support S3,
GitHub and
CodeCommit
Elastic Beanstalk
and CodeDeploy
AWS CodeCommit
Use standard Git tools
Scalability, availability, and durability of Amazon S3
Encryption at rest with customer-specific keys
git pull/push CodeCommit
Git objects in
Amazon S3
Git index in
Amazon
DynamoDB
Encryption key
in AWS KMS
SSH or HTTPS
©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved
Is there any other popular DevOps service
adopted by Enterprise Customers?
Mapping DevOps Territory on AWS
MonitorProvisionDeployTestBuildCode
Elastic Beanstalk
OpsWorks
Cloud
Watch
Cloud
Formation
Code
Deploy
Code
Commit
Code
Pipeline
Infrastructure as Code
Create templates of your infrastructure
CloudFormation provisions AWS resources
based on dependency needs
Version control/replicate/update templates like
code
Integrates with development, CI/CD,
management tools
AWS
CloudFormation
Sample Integration in CI/CD Pipelines
AWS
CloudFormation
App Developers
AWS CodePipeline
Dev
Staging
Prod
Infrastructure of Code
template
Story
AWS CodeCommit
Source Control
AWS CodeDeploy
App Source
Code
AWS OpsWorks
• Configuration Management with Chef
• Easy to start with built-in recipes
• Model, manage, automate scalable and complex
infrastructure
• Deploy quickly, frequently, and safety by OpsWorks Life
Cycle Event
AWS OpsWorks Application Configuration
Management
New or
Stopped
Requested
or BootingSetup Configure
Online
ConfigureTerminating or
Shutting Down
setup
configure
configure
deploy
shutdown
undeploy