successful practices for continuous delivery codecph
TRANSCRIPT
Mandi Walls | Technical Community Manager | [email protected]@lnxchk
Successful Practices
forContinuous
Delivery
Mandi WallsTechnical Community Manager for EMEA@[email protected]
EVERY business is a software business
We’re going to be a software company with airplanes.
– CIO, Alaska Airlines
It’s Hard!?!?• “DevOps” is now seven years old• There are still plenty of people who reject it• But even simple practices can improve quality of delivery• DevOps Report found in their 2014 survey that Ops using version
control was a significant indicator of success• https://www.perforce.com/blog/140829/devops-version-control-even-more-
important-ops-dev
Quality and innovation, historically a tradeoffQU
ALIT
Y/CO
MPL
IANC
E
RATE OF INNOVATION
The game changer: rapid time to value
Innovation
Quality/Compliance
DynamicInfrastructure
Dynamic infrastructureMigrate applications to the cloud and support hybrid and multi-cloud environments. Automate the management of heterogeneous networks, including legacy systems.
• Provisioning and setting up environments • Dynamic scaling of compute resources• Migrating legacy workloads to the cloud• Multi cloud and hybrid cloud deployment• Support for heterogeneous environments
The game changer: rapid time to value
Innovation
Quality/Compliance
DynamicInfrastructure
Infrastructure as Code
Automate the Stack
+
Infrastructure as Code• Programmatically provision and
configure components• Treat like any other code base• Reconstruct business from code
repository, data backup, and compute resources
AutomationTurn infrastructure into code—infrastructure as code is versionable, testable and repeatable. Manual processes become a thing of the past.
• Automated, full-stack application policies• Package and service installation• Versionable, testable, repeatable workflow• Scalable application policies• Management of interdependencies across nodes
Describe Infrastructure as Codehttpd_service 'customers' do mpm 'prefork' action [:create, :start]end
httpd_config 'customers' do instance 'customers' source 'customers.conf.erb' notifies :restart, 'httpd_service[customers]'end
directory '/var/www/customers/public_html' do recursive trueend
Test the Codedescribe 'apache::default' do context 'When all attributes are default, on an unspecified platform' do
let(:chef_run) do runner = ChefSpec::ServerRunner.new runner.converge(described_recipe) end
it 'converges successfully' do expect { chef_run }.to_not raise_error end
it 'installs apache' do expect(chef_run).to install_package 'apache2' end endend
Version the Code & the Artifact
name 'cmgw'maintainer 'Chef Software, Inc.'maintainer_email '[email protected]'license 'apache2'description 'Installs/Configures cmgw'long_description 'Installs/Configures cmgw'version '0.1.0'
The game changer: rapid time to value
Innovation
Quality/Compliance
DynamicInfrastructure
Infrastructure as Code
Automate the Stack
DevOps
+ +
DEVOPSA cultural and professional movement, focused on how we build and operate high velocity organizations, born from
the experiences of its practitioners.
PEOPLE
PRODUCTS
COMPANIES
WE ARE LEAN• Eliminate non-value-added action (Waste/Muda)• Pull over Push• Kaizen (Continuous Improvement)• Kaikaku (Disruptive Change)• Small Batch + Experimentation
UBIQUITOUS WORKFLOW AUTOMATION
DIVERSITY
DevOps workflow & cultureEliminate silos and lower the overhead of IT operations and service management by supporting DevOps culture. Build communities.
• Unified workflow for application and infrastructure
• Integration with version control for dev and ops
• Support for automated testing of infrastructure and applications
• Integration of security and compliance into product development
• Advanced, high-velocity workflow
The rewards?*
*source: Dr. Nicole Forsgren research on DevOps
More deployments
Ship faster
Faster MTTR after issues More profits, market share, and productivity
Market cap goes up
Continuous delivery of infrastructure & appsImplement a high-velocity software delivery pipeline that integrates application and infrastructure. Eliminate the risks incurred with large, infrequent releases.
• Rapid provisioning of dev and test environments
• Ensure consistency and repeatability of environments
• Unified pipeline for infrastructure, runtime environments and applications
• Support for large teams with multiple projects
• Advanced, high-velocity workflow
MANAGE RISK
• Small batches, near term hypothesis• Validation comes from customers• Introduce near-term volatility to gain decreased
long-term risk
CONTINUOUS INTEGRATION
• Always integrate branches to master• They should be short lived, iterative branches• Fix the build when it goes red
THE FOUR-EYE RULE
WRITE TESTS
• Unit test (a single function)• Integration tests (multiple classes/units)• Functional tests (user-oriented, high-level, full
stack)• Smoke tests (quickly determine if the system is
“working”)
ONE PATH FOR CHANGE
• The way change moves through your organization is fixed
• Designed to re-enforce your principles and aid flow
• Flexible at the level of execution
CODE GOES THROUGH THE SAME WORKFLOW
Applications are codeInfrastructure is code
Security and compliance at velocityRegulatory compliance and security concerns are facts of life for every enterprise. At the same time, competitive pressures are increasing. Embed requirements into the software delivery pipeline. Code makes compliance at velocity possible.
• Embed compliance into the software delivery pipeline
• Automated checking of compliance criteria with analytics
• Structured review process during development
• Discovery and analysis• Patch management and remediation
SSH Control
SSH supports two different protocol versions. The original version, SSHv1, was subject to a number of security issues. Please use SSHv2 instead to
avoid these.
Dev QA Stage Security Review Prod
Dev QA Stage Prod
Dev QA Stage Prod
"Scanning"
Afterthought Scanning
Too Late!
What We Have Here Is A Communications Problem
SSH Version Checkdescribe sshd_config do impact 1.0
title 'SSH Version 2'
desc <<-EOF SSH supports two different protocol versions. The original version, SSHv1, was subject to a number of security issues. Please use SSHv2 instead to avoid these. EOF
its('Protocol') { should cmp 2 }end
Unified Pipeline ShapeThe stages are fixed, and each stage has a fixed set of phases
VERIFY BUILD ACCEPTANCE REHEARSAL DELIVEREDUNIONAPPROVE DELIVER
LintSyntax
UnitSecurityQualityPublish
LintSyntax
Unit
ProvisionDeploySmoke
Functional
Provision
DeploySmoke
Functional
ProvisionDeploySmoke
Functional
ProvisionDeploySmoke
Functional
Submit
Change
Does thiscode changelook good?
Do we wantto ship this?
Shared WorkflowDelivery’s pipeline is shared across projects and teams
Chef Provides a Proven Approach to DevOps
Apps
Runtime environments
Infrastructure
...
...
...
Targets/Workloads
Collaborative Dev Production
Chef Server
Chef Server
Chef Supermarket
Assessment
Chef Compliance
SearchAuditDiscover
ProvisionDeploy
Test
Chef Delivery
Local Dev
ModelBuildTest
Chef DK
Chef Client & Cookbooks
What questions can I answer for you?