Continuous

Delivery/Deployment on AWS

Shiva N ([email protected])
AWS Solution Architect

Version 1.0
 DEPLOYMENTS AT
AMAZON.COM

~11.6s ~1,079 ~10,000 ~30,000

Mean time between Max number of deployments Mean number of hosts Max number of hosts
deployments (weekday) in a single hour simultaneously receiving a simultaneously receiving a
deployment deployment
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Elastic BeanStalk
• Opsworks
• Cloudformation
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
 Agenda
• Intro to Continuous Integration and Continuous
v
Deployment/Delivery (CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Elastic BeanStalk
• Opsworks
• Cloudformation
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
Continuous Integration
v
CloudFormation
Templates for Env
Repo
Generate

Package
Config Builder
Install
Create AMIs
Code Push
Config Test Env
Tests
Version Deploy Staging Env
CI Server
Commit to Control Get / Server
Git/master Pull Prod Env
Dev Code
Distributed Builds
Run Tests in parallel

Send Build Report to Dev

Stop everything if build failed
 What does CI give us?
• Test driven promotion (of development
v change)
• Increasing velocity of feedback cycle through iterative
change
• Contain change to reduce risk
• Bugs are detected quickly
• Automated testing reduces size of testing effort
Continuous Delivery/Deployment
v
CloudFormation
Templates for Env
Repo
Generate

Package
Config Builder
Install
Create AMIs
Code Push
Config Test Env
Tests
Version Deploy Staging Env
CI Server
Commit to Control Get / Server
Git/master Pull Prod Env
Dev Code
Distributed Builds
Run Tests in parallel

Send Build Report to Dev

Stop everything if build failed
What does CD give us?
v
• Automated, repeatable process to push changes to production
• Hardens, de-risks the deployment process
• Immediate feedback from users
• Supports A/B testing or “We test customer reactions to features in
production”
• Gives us a breadth of data points across our applications
Continuous Delivery Vs Continuous
Deployment v
Example CI-CD Pipeline
Deploy application
Application only
tar, war, zip
Build/ v yum, rpm
Write Unit Test Package Deploy
App Code
Compile
App Code Application App Dev Env
Code
Dev

Test Env
Version Control Artifact Repository
DR Env
CloudFormation

Automate
Write Build Validate Deploy
Infra Code
Deploymen
Infras
Prod Env
AMIs Templates t
IT Ops
Infrastructure Deploy infrastructure
only
AMI
v

https://secure.flickr.com/photos/jasoneppink/499531891
 HOST v
SERVICE
METRICS METRICS

EXTERNAL SITE
LOG ANALYSIS
METRICS
v
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Elastic BeanStalk
• Opsworks
• Cloudformation
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
v

https://secure.flickr.com/photos/simononly/15386966677
 Delivery approaches
v
• How are we going to deliver our code?
• File shipping:
• Binaries (.rpm, .msi. .exe, .deb,
.conf…)
• As an AMI:
• Bundle one or more of the above
into an AMI
• Which method do you choose?
• How fast do we need to do this?
• Across how many instances?
• How do we roll back (or forward)?
AMI Deployment Method - Building
v
Delivery approaches…
v
Fully Functional AMI OS-Only AMI

Least flexible Try and find a happy Most amount of post-

to maintain medium here boot work

Partially Configured AMI

Deployment approaches
v
• Deploy in place
• Deploy all at once (Service outage)
• Rolling updates
• Blue-Green Deployment
• Discrete environment
• Multiple environments from branches
• Support A/B testing
• “Rolling DNS”
• Alternate Blue-Green (Red-Black?) deployment
• Alternate auto scaling group
• Avoid messing with DNS
Deploy in place – Rolling update
v
Deploy in place – Rolling update
v
Deploy in place – Rolling update
v
Deploy in place – Rolling update
v
Deploy in place – Rolling update
v
Deploy in place – Rolling update
v
Blue-Green deployment
Amazon
Route 53
v
100%

ELB

EC2 Instances

MySQL RDS ElastiCache

DynamoDB Cache Node
Instance
Blue-Green deployment
Amazon
Route 53 UAT
v
100%

ELB ELB

EC2 Instances EC2 Instances

MySQL RDS ElastiCache

DynamoDB Cache Node
Instance
Blue-Green deployment
Amazon
Route 53
v
90% 10%

ELB ELB

EC2 Instances EC2 Instances

MySQL RDS ElastiCache

DynamoDB Cache Node
Instance
Blue-Green deployment
Amazon
Route 53
v
50% 50%

ELB ELB

EC2 Instances EC2 Instances

MySQL RDS ElastiCache

DynamoDB Cache Node
Instance
Blue-Green deployment Amazon
Route 53
v
0% 100%

ELB ELB

EC2 Instances EC2 Instances

MySQL RDS ElastiCache

DynamoDB Cache Node
Instance
Blue-Green deployment
Amazon
Route 53
v
0% 100%

ELB ELB

EC2 Instances EC2 Instances

MySQL RDS ElastiCache

DynamoDB Cache Node
Instance
Red-Black Deployment
ELB v

Auto Scaling
Group
V1

Amazon
Relational
Database Service
(RDS)
Red-Black Deployment
v
ELB

UAT

Auto Scaling Auto Scaling

Group Group
V1 V2

Amazon
Relational
Database Service
(RDS)
Red-Black Deployment
v
ELB

Auto Scaling Auto Scaling

Group Group
V1 V2

Amazon
Relational
Database Service
(RDS)
Red-Black Deployment
v

ELB

Auto Scaling
Group
V2

Amazon
Relational
Database Service
(RDS)
 HOST v
SERVICE
METRICS METRICS

EXTERNAL SITE
LOG ANALYSIS
METRICS
v
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Elastic BeanStalk
• Opsworks
• Cloudformation
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
 Deployment and Management
AWS Elastic AWS OpsWorks v
AWS DIY /
Beanstalk CloudFormation On Demand
Automated resource DevOps framework for Templates to deploy & DIY, on demand
management – web application lifecycle update infrastructure resources: EC2, S3,
apps made easy management and as code custom AMI’s, etc.
automation

Convenience Control
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Elastic BeanStalk
• Opsworks
• Cloudformation
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
 AWS Elastic Beanstalk (EB)
• Easily deploy, monitor, and scale three-tier vweb applications
and services.
• Infrastructure provisioned and managed by EB – but you
maintain complete control.
• Preconfigured application containers that are easily
customizable.
• Support for these platforms:

Jav PHP Python Ruby .NET Node.js docker

a
Elastic Beanstalk object model
v
Application

Environments Application versions Saved configurations

• Infrastructure resources (such as EC2
instances, ELB load balancers, and Auto
Scaling groups)
• Runs a single application version at a time
for better scalability
• An application can have many
environments (such as staging and
production)
• Application code • Configuration that defines how an
• Stored in Amazon S3 environment and its resources behave
• Can be used to launch new environments
• An application can have many application
versions (easy to rollback to previous quickly or roll-back configuration
versions) • An application can have many saved
configurations
Elastic Beanstalk environment
• Two types: v
• Single instance
• Load balancing, auto scaling
• Two tiers (web server and worker)
• Elastic Beanstalk provisions necessary
infrastructure resources such as load
balancers, auto-scaling groups, security
groups, and databases (optional)
• Configures Amazon Route 53 and gives you
a unique domain name
(For example: yourapp.elasticbeanstalk.com)
 On-instance configuration
v
Focus on building your application
Your code

HTTP server
• Elastic Beanstalk configures
each EC2 instance in your
Application server
environment with the
components necessary to run
Language interpreter
applications for the selected
platform
Operating system
• No more worrying about
Host
logging into instances to install
and configure your application
stack
 Application versions and saved configurations
v
Application versions
All versions are stored durably in
Amazon S3. Code can also be
pushed from a Git repository!

Saved configurations
Save these for easy duplication for A/B
testing or non-disruptive deployments
 Deployment options
v
1. Via the AWS Management Console

2. Via Git / EB CLI

$ git aws.push

3. Via the AWS Toolkit for Eclipse and the Visual

Studio IDE
 Deployment configuration
v
Your code

01 Region

02 Stack (container) type

Load balanced with

03 Single instance OR
Auto Scaling

04 Database (RDS) Optional

 Example: CLI workflow
v

Initial app deployment:

01 Initialize your Git repository 04 Add your code
$ git init . $ git add .

02 Create your Elastic Beanstalk app 05 Commit

$ eb init $ git commit –m “v1.0”

Follow the prompts to configure the Create the resources and launch the
03 06
environment application
$ eb create
Example: CLI workflow
v

Update your app:

01 Update your code

02 Push the new code

$ git add .
$ git commit –m “v2.0”
$ eb deploy

03 Monitor the deployment progress

$ eb status
 Customize application containers
Add custom software to your environment
v using ebextensions:
packages:
yum:
newrelic-sysmond: []
rpm:
newrelic: http://yum.newrelic.com/pub/newrelic/el5/i386/newrelic-repo-5-3.noarch.rpm

commands:
0_newrelic_command:
command: "touch /tmp/$(date '+%F.%T.%N').newrelic_command_0"
1_configure_new_relic_key:
command: nrsysmond-config --set license_key=<Your key here>
1a_newrelic_command:
command: "touch /tmp/$(date '+%F.%T.%N').newrelic_command_1a"
2_start_new_relic:
command: "/etc/init.d/newrelic-sysmond start"
2a_newrelic_command:
command: "touch /tmp/$(date '+%F.%T.%N').newrelic_command_2a"
 Iterate on application architecture
v
Add additional resources to your environments using ebextensions:
Add other components such as: Resources:
MyElastiCache:
• In-memory caching (Amazon ElastiCache Redis and Type: AWS::ElastiCache::CacheCluster
Memcached) Properties:
CacheNodeType:
• Amazon SQS Fn::GetOptionSetting:
• Amazon CloudFront OptionName : CacheNodeType
DefaultValue: cache.m1.small
NumCacheNodes:
Fn::GetOptionSetting:
OptionName : NumCacheNodes
DefaultValue: 1
Engine:
Fn::GetOptionSetting:
OptionName : Engine
DefaultValue: memcached
 Zero-downtime deployments
v
Swap URLs
1. Create a new environment for an existing application

2. Deploy your updated application code to the new environment

3. Use the “Swap URLs” feature to transition users to the new production
environment
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Elastic BeanStalk
• Opsworks
• Cloudformation
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
AWS OpsWorks architecture
v
Command
JSON

Command
Log+Status

Amazon EC2, Amazon EBS, EIP, On-instance execution via

Amazon VPC, Elastic Load Balancing…. Chef client/zero
Auto-Scaling, Auto-Healing….
The heart of AWS OpsWorks
Agent on each v

EC2 instance

understands a set of commands that are

triggered by OpsWorks.
The agent then runs a Chef solo run.

5
5
Chef integration
v

• Supports Chef 11.10

• Built-in convenience cookbooks / bring your own
• Chef run is triggered by lifecycle event firing:
push vs. pull
• Event comes with stack state JSON
 Opsworks components
v
Stack is basically a A layer is basically a
container for AWS blueprint that
resources—Amazon specifies how to
EC2 instances, Amazon EBS configure a set of
volumes, Elastic IP Amazon EC2 instances
addresses, and so on—that for a particular
have a common purpose purpose, such as
and would be logically serving applications or
managed together. hosting a database
server. Eg Java App
server layer, PHP layer,
RDS layer, MySQL
Layer, HAProxy layer
etc
An instance represents an
Amazon EC2 instance and
defines its basic
configuration, such as
operating system and size.
Each layer has an associated
set of Chef recipes that AWS
OpsWorks runs on the layer's
instances at key points in an
instance's life cycle.
Each application
is represented by an
app, which specifies
the application type
and contains the
information that AWS
OpsWorks needs to
deploy the
application from the
repository to your
instances.
Opsworks components
instances applications
Scalability Configure Application
• Auto healing • Source of
• Auto scaling
• Load balancing
v packages
• Git, svn, S3
• Scaling – time
layers • Scaling - load
deployments
Application Architecture
• Load balancers Deployment
• Web layer • Environments
• Elastic IP’s • Dev, Test, Prod
• Security groups
• Database layer

stack
monitoring
Infrastructure Provisioning
• Region
Monitoring
• Availability Zone
AWS • Logs
• Operating system
• Monitor
• Keys OpsWorks
Instance lifecycle commands
v
Setup event
v

• Sent when instance boots

• Includes deploy event
• Use for initial installation of software &
services
Configure event
v

• Sent to all instances when any instance

enters or leaves online state
• Use for making sure the configuration is
up-to-date
Deploy event
v

• Sent when you deploy via UI/API; part of

each setup.
• Use for custom deployment
Undeploy event
v

• Sent via UI/API when apps are deleted

• Use to remove apps from running
instances
Shutdown event
v

• Sent when an instance

is shut down
• ~45s to execute
• Use for clean shutdown
Automation good!
v

https://secure.flickr.com/photos/macwagen/94975613
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Elastic BeanStalk
• Opsworks
• Cloudformation
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
Amazon CloudFormation
v

• Infrastructure as Code
• Integrates with version control
• JSON format
• Templates
• Stacks
• Supports all AWS resource types

AWS CloudFormation
AWS CloudFormation: Model Your App
v
• Document, version control, and share your applications and
infrastructure as a JSON document
• Provision app and other AWS resources (VPC, DynamoDB, etc) from a
template
• Repeatable, reliable deployments for test/dev/prod in any AWS
Region
 AWS CloudFormation: Application stack
example (continue) v Use the version
control system of
your choice to store
Build out multiple
and track changes to
environments, such Dev this template
as for Development, Git
Test, and Production Test Subversion
using the template Mercurial
Prod
Template File
Defining Stack

The entire application can be

represented in an AWS
CloudFormation template.

Architecting on AWS – Overview of Services for Web Applications

Template Anatomy
{ v
"Description" : "Create an EC2 instance.”,
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"KeyName" : “my-key-pair”,
"ImageId" : "ami-75g0061f”,
“InstanceType” : “m1.medium”
}
}
}
}
Template Anatomy
v
{
"Description" : "Create an EC2 instance.”,
"Parameters" : {
"UserKeyName" : {
"Description" : "The EC2 Key Pair to allow SSH access to the instance",
"Type" : "String"
}
},
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"KeyName" : { “Ref” : “UserKeyName”},
"ImageId" : "ami-75g0061f”,
“InstanceType” : “m1.medium”
}
}
}
}
Template Anatomy
{ v
"Description" : "Create an EC2 instance.”,
"Parameters" : {
"UserKeyName" : {
"Description" : "The EC2 Key Pair to allow SSH access to the instance",
"Type" : "String"
},
“InstanceType” : {
“Description” : “The EC2 Instance Type to launch.”,
“Type” : “String”,
“AllowedValues” : [“t1.micro”, “m1.small”, “m1.medium”]
}
},
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"KeyName" : { “Ref” : “UserKeyName”},
"ImageId" : "ami-75g0061f”,
“InstanceType” : { “Ref” : “InstanceType” }
}
}
},
"Outputs" : {
"InstancePublicDnsName" : {
"Description" : "The public DNS name of the newly created EC2 instance",
"Value" : { ”Fn::GetAtt" : [ "Ec2Instance”, “PublicDnsName” ] }
}
}
}
Application Deployment - User Data
v
"UserData": {
"Fn::Base64": {
"Fn::Join": [
"",
[
"#!/bin/bash -ex\n",
"yum -y install git-core\n",
"yum -y install php-pear\n",
"pear install Crypt_HMAC2-1.0.0\n",
"pear install HTTP_Request-1.4.4\n",
"pear install aws/sdk\n",
Application Deployment - cfn-init
v
"Ec2Instance": {
"Metadata": {
"AWS::CloudFormation::Init": {
"config": {
"sources" : {
"/usr/local/bin/s3cmd" : "https://github.com/s3tools/s3cmd”
},
"packages": {
"yum": { "git": [] }
}
}
}
}
3rd Party Tools
v
• Easily integrate with existing configuration management tools

• Simply use User-Data or cfn-init to configure agents

 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Cloudformation
• Elastic BeanStalk
• Opsworks
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
EC2 Container Service (ECS)
v
• Cluster Management Made Easy
• Flexible Scheduling
• High Performance
• Resource Efficiency
• Extensible
• Security
• Programmatic Control
• Docker Compatibility
• Monitoring
• AWS Integration
ECS Components
v
• Containers
• Names and identifies your image
• Includes default runtime attributes for your container (Environment Variables, Port
Mappings, Container entry point and commands, Resource constraints…)
• Tasks
• A group of related containers
• Container Instances
• An instance on which Tasks are scheduled
• Runs AMI with ECS Agent installed
• Registers into cluster on launch
• Clusters
• Provides a pool of resources for your Tasks
• A grouping of Container Instances
• Starts empty, dynamically scalable
User Workflow
v
I have a docker image I
want to run in a cluster
Customer

Push images
Customer

Create task definition

Customer Similar to fig template

Run instances Use custom AMI with docker

support and ECS agent.ECS agent
Customer
will register with default cluster

Describe cluster Get information about cluster and

Customer available resources
User Workflow
v

Run task
Customer

Describe cluster
Customer
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Cloudformation
• Elastic BeanStalk
• Opsworks
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
ALM | What is CodeCommit?
v
A secure, highly scalable, managed source
control service that hosts private Git repositories.

Eliminates the need to operate your own source

control system or worry about scaling its
infrastructure.
Basically, managed Git
ALM | What is CodeCommit?
v
Fully managed service source control service for hosting private
Git repositories

Automatically scales to meet the needs of your project

Stores any type of file (source, images, videos, libraries etc.) with
no limit on repository size.

Fully integrated with AWS CodePipeline and AWS CodeDeploy to

streamline development and release processes.
ALM | What is CodeCommit?
v
Only transfers incremental changes – not the entire application

CodeCommit supports all Git commands and works with your

existing Git-based tools (e.g., continuous integration/continuous
delivery systems, and graphical clients).

Built-in encryption support

Fully integrated with AWS Identity and Access Management (IAM)

ALM | Preliminary look at CodeCommit console

v
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Cloudformation
• Elastic BeanStalk
• Opsworks
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
ALM | What is CodePipeline?
v
A continuous delivery and release automation
service that aids smooth deployments.

You can design your development workflow for

checking in code, building the code, deploying
your application into staging, testing it, and
releasing it to production

Similar to Bamboo or Jenkins

ALM | What is CodePipeline?
v
CodePipeline standardizes and automates the software release
process, allowing you to rapidly release new features to users

Provides the capability to set up configurable gates between

each stage such as time-based rules or manual approvals

Workflows can be created to run unit and integration tests

before deploying to production
ALM | What is CodePipeline?
v
IMPORTANT:

Able to be used stand-alone as an end-to-end solution, or can

be integrated with your existing source control system, test
framework or build tools (like Bamboo, Jenkins, etc)
ALM | Preliminary look at the console

v
 Agenda
• Intro to Continuous Integration and Continuous Deployment/Delivery
v
(CI-CD)
• CD Strategies
• CI-CD on AWS
– Application Management
• Cloudformation
• Elastic BeanStalk
• Opsworks
• EC2 Container Service (ECS)
– Application Lifecycle Management
• Code Commit
• Code Pipeline
• Code Deploy
Code Deploy
v

Deploys your released code to a "fleet" of EC2 instances

Accommodate fleets that range in size from one instance all the way up to
tens of thousands of instances
Automatically schedules updates across multiple Availability Zones in
order to maintain high availability during the deployment
Application and Deployment groups described in YAML-formatted files
Deployment groups identify EC2 instances by tags & can also reference
Auto Scaling Groups
Managed via AWS Management Console, CLI or APIs
Can be used in conjunction with Chef recipes or Puppet scripts
Code Deploy components
v
Code Deploy Workflow
v
Using AWS CodeDeploy

• Begin by defining an Application

95
Using AWS CodeDeploy

• Create a versioned revision for

deployment.

In this example the revision is stored

in S3 but it could also come from
CodeCommit or GitHub

96
Using AWS CodeDeploy

• Define the IAM role to be used when

interacting with other AWS services
such as EC2 or Auto Scaling

97
Using AWS CodeDeploy

• Create a new Deployment

Configuration or select from one of
the defaults.

98
Using AWS CodeDeploy
• Review your settings and deploy.

• Deployment progress will be

displayed in the AWS
Management Console.

99
https://secure.flickr.com/photos/dullhunk/202872717/