How to Adopt Infrastructure as Code
-
Upload
nginx-inc -
Category
Technology
-
view
2.626 -
download
2
Transcript of How to Adopt Infrastructure as Code
MORE INFORMATION AT NGINX.COM
MORE INFORMATION AT NGINX.COM
Who Are We?
Kief MorrisCloud Practice Lead, Thoughtworks
Formerly:• Sr. Technical Architect, Map of Medicine• Hosting Operations Manager, Syzygy• Technical Director, bitBull
Floyd SmithTechnical Marketing Writer
Formerly:• Sr. Technical Writer, Apple• Group Channel Manager, Altavista• Business Site Manager, AOL
Netscape
MORE INFORMATION AT NGINX.COM
• First OSS release in 2004• Company founded in 2011• VC-backed by industry
leaders• 500+ customers• 75+ employees
160 milliontotal sites
running on NGINX
4Source: Netcraft June 2016 Web Server Survey
51%of the Top 10,000
most visited websites
5Source: W3Techs Web Technology Survey
36%of all sites on
Amazon Web Services
6Source: W3Techs December 2013 Web Server Survey
7
Where NGINX Fits
Internet
WebserverServe content from disk
Application GatewayFastCGI, uWSGI, Passenger…
Reverse ProxyCaching, Load Balancing…
HTTP traffic
MORE INFORMATION AT NGINX.COM
Modern Web, Modern Architecture
From Monolithic...Three-tier, J2EE-style
architecturesComplex protocols (HTML, SOAP)
Persistent deploymentsFixed, static Infrastructure
Big-bang releasesSilo’ed teams (Dev, Test, Ops)
...to DynamicMicroservicesLightweight (REST, Messaging)Mutable; Containers, VMsSDN, NFV, CloudContinuous deliveryDevOps Culture
Why DevOps + NGINX =• Software load balancing goes hand-in-hand with cloud
deployments• Variety of load balancing methods gives flexibility
and performance• On-the-fly reconfiguration supports service discovery
and uptime• Application health checks give early warning of
problems• Robust, customizable monitoring increases uptime
10
MORE INFORMATION AT NGINX.COM
OPEN SOURCE PLUSFEATURES
REQUEST ROUTING COMPRESSION LOAD BALANCING APP HEALTH MONITORING GUI VISUALIZATION
SSL EMBEDDED SCRIPT LANGUAGE EDGE CACHE MEDIA STREAMING MONITORING ANALYTICS CONFIGURATION RESTFUL API
What’s Inside NGINX Plus?
11
“NGINX Plus gives us the agility we need to anticipate and meet customers’ needs as they arise –
without fear of compromising availability or performance.”
-Serge Leschinsky, DevOps engineer at MuleSoft
Results Fit right in to current
infrastructure Simplified security Agility Around-the-Clock Support
The Challenge Wanted greater visibility into
customer traffic Needed more configuration
flexibility Too much redundant manual
work
Solution Upgrade from NGINX
to NGINX Plus On-the-fly DNS-based
reconfiguration Enhanced monitoring and
visibility
In Action: MuleSoft moves from open source to NGINX Plus for greater visibility & control
Cloud Practice Lead (UK)DevOps, Continuous Delivery, Agile
Ops
Twitter: @kiefBook: http://oreil.ly/1JKIBVeSite: http://infrastructure-as-code.com
SERVER SPRAWLCreating new servers is the easy part
CONFIGURATION DRIFTServers start out identical
But changes accumulate over time
AUTOMATION FEAR CYCLE
INFRASTRUCTURE AS CODE“Applying software engineering tools and practices to infrastructure”
UNATTENDED AUTOMATION
Tools run on a schedule to apply, re-apply, and update configuration
BENEFITS OF UNATTENDED:
●Discover problems quickly
●Force yourself to fix those problems
●Force yourself to improve your tools and processes
●Discourages “out of band” changes
AUTOMATE SERVER UPDATESAutomation isn’t just for new servers!
Configuration synchronization
Run Chef, Puppet, Ansible, etc. on a schedule
Immutable servers
Apply changes by rebuilding servers
Containerized servers
Apply changes by deploying new container instances
RE-USE & PROMOTE DEFINITIONSRe-use the same definition files across environments for a given application or service
DEV STAGE
PRODPlaybooks, Cookbooks, Manifests,
templates, etc.
TEST INFRASTRUCTURE CHANGESPreventing DevOops
INFRATES
T
DEV TEST
PROD
PIPELINESUsing Continuous Delivery pipelines to manage infrastructure
WHAT?
Terraform, Puppet, etc.
Changes are made and committed to VCS
Tools are run on agents to apply changes to environments
Changes are only promoted after passing tests & authorization
WHY?Validates changes to infrastructure before applying them to production
Confidence for frequent, small improvements to infrastructure
Limit direct changes to infrastructure
TESTINGCorrectness
Security policies
PerformanceStability
GOVERNANCEThe process for applying changes is auditable
Changes can be traced back to commitsAutomation ensures processes are followedAuthorization can be required as needed
VPCSubnet10.0.0.0/16
Security Group1.1.1.0/16 -> :443
DEFINING A SIMPLE ENVIRONMENT
ANSIBLE PLAYBOOKServer configuration
TERRAFORM FILEEnvironment structure
APPLICATION SOURCE
Deployable application
SIMPLE PIPELINE DESIGN
BUILD STAGE
TEST STAGE
QA STAGE
PROD STAGE
Application Ansible Terraform
Deploy application, configuration, and infrastructure
ALIGN INFRASTRUCTURE DESIGN TO TEAMSEnsure teams can make the changes they need easily and safely
COMPLEX ENVIRONMENTSInfrastructure involving multiple teams
FAN-IN PIPELINEServiceA
ServiceB
ServiceC
SYSTEM TEST QA PROD
BUILD
BUILD
BUILD
SERVICE TEST
SERVICE TEST
SERVICE TEST
DECOUPLED PIPELINESServiceA
TESTBUILD
ServiceB
TESTBUILD
ServiceC
TESTBUILD
QA PROD
QA PROD
QA PROD
DEPENDENCIESServiceA
TESTBUILD
ServiceB
QA PROD
TESTBUILD QA PROD
Create test instance of
provider
Implement Consumer
Driven Contract (CDC)
Tests
Use mocks and stubs
ISSUE: SHARED ELEMENTS
NGINX
ServiceAvhost
ServiceBvhost
Shared infrastructure definitions
Service-specific infrastructure
definitions
SHARING ELEMENTSAvoid monoliths - optimize to simplify making changes
NGINX
OUTCOMES ● Quickly provision and evolve infrastructure
● Effortlessly roll out fixes● Keep systems
consistent and up to date
● Spend time on high value work
Book: http://oreil.ly/1JKIBVeSite: http://infrastructure-as-code.comTwitter: @kief
Cloud Practice Lead (UK)
, Continuous Delivery, Agile Ops
Links
38
NGINX
1. MuleSoft case study
2. Doing DevOps blog post
3. How to Manage Your Control Issues
4. Reconfiguring NGINX on the fly
5. nginx.conf 2016
6. All NGINX DevOps blog posts
ThoughtWorks
1. Infrastructure as Code – Amazon
2. Effective DevOps – Amazon
3. State of DevOps survey at ThoughtWorks
4. “Infrastructure as Code” articles at ThoughtWorks
MORE INFORMATION AT NGINX.COM
Questions?
Thank Younginx.com | @nginx