![Reference
{ "Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ],
"KeyName" : "mykey",
"ImageId" : "ami-7a11e213”
}
},
"InstanceSecurityGroup" : {
"Type" : "AWS::EC2::SecurityGroup",
"Properties" : {
"GroupDescription" : "Enable SSH access via port 22",
"SecurityGroupIngress" : [ {
"IpProtocol" : "tcp",
"FromPort" : "22",
"ToPort" : "22",
"CidrIp" :"0.0.0.0/0" } ]
}
}
} }](https://image.slidesharecdn.com/awssummitdevops-2016-sep-08-170318153517/85/Aws-summit-devops-29-320.jpg)
![Input Reference
{
"Parameters" : {
"KeyPair" : {
"Description" : "The EC2 Key Pair to allow SSH access to the instance",
"Type" : "String"
},
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" }],
"KeyName" : { "Ref" : "KeyPair"},
"ImageId" : "" }
},
…
} }](https://image.slidesharecdn.com/awssummitdevops-2016-sep-08-170318153517/85/Aws-summit-devops-30-320.jpg)
![自定义input参数
"WordPressUser": {
"Default": "admin",
"Description" : "The WordPress database admin account username",
"Type": "String",
"MinLength": "1",
"MaxLength": "16",
"AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*"
},
使用下列属性来验证input参数 :
Maxlength, MinLength, MaxValue, MinValue, AllowedPattern, AllowedValues](https://image.slidesharecdn.com/awssummitdevops-2016-sep-08-170318153517/85/Aws-summit-devops-31-320.jpg)
![Mappings
{"Mappings" : {
"RegionMap" : {
"us-east-1" : { "AMI" : "ami-76f0061f" },
"us-west-1" : { "AMI" : "ami-655a0a20" },
"eu-west-1" : { "AMI" : "ami-7fd4e10b" },
"ap-southeast-1" : { "AMI" : "ami-72621c20" },
"ap-northeast-1" : { "AMI" : "ami-8e08a38f" } } },
"Resources" : {
"Ec2Instance" : {
"Type" : "AWS::EC2::Instance",
"Properties" : {
"KeyName" : { "Ref" : "KeyName" },
“ImageId" : {
"Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]}
}
}
} }](https://image.slidesharecdn.com/awssummitdevops-2016-sep-08-170318153517/85/Aws-summit-devops-32-320.jpg)
![部署配置
v2 v2 v2 v2 v2 v2 v2 v2All-at-once
Min. healthy hosts = 0
v2 v2 v2 v2 v1 v1 v1 v1Half-at-a-time
Min. healthy hosts = 50%
v2 v2 v1 v1 v1 v1 v1 v1[Custom]
Min. healthy hosts = 75%
v2 v1 v1 v1 v1 v1 v1 v1One-at-a-time
Min. healthy hosts = 99%](https://image.slidesharecdn.com/awssummitdevops-2016-sep-08-170318153517/85/Aws-summit-devops-42-320.jpg)
Aws summit devops 云端多环境自动化运维和部署
- 3. 为什么基础设施代码化很重要 结构化 高效 健壮 安全
- 19. IaC Template AWS Lambda 扩展– AWS Lambda自定义资源
- 20. Cross-stack reference: VPC Cross-stack reference: Security Group Cross-stack reference: Subnet Look up AMI ID Utility function – e.g., string reversal IaC Template 扩展– AWS Lambda自定义资源
- 21. Cross-stack reference: VPC Cross-stack reference: Security Group Cross-stack reference: Subnet Look up AMI ID Utility function – e.g., string reversal IaC Template 扩展– AWS Lambda自定义资源
- 22. 测试 – 蓝绿部署 ExampleApp V1 IaC Template
- 23. 测试 – 蓝绿部署 AWS CodeDeploy ExampleApp V1 ExampleApp V2 IaC Template
- 24. 测试 – 蓝绿部署 AWS CodeDeploy ExampleApp V1 ExampleApp V2 IaC Template
- 25. 模板 CloudFormation 堆栈 JSON 格式的文件 参数定义 需要的资源 具体配置 配置好的AWS资源 完整的SAWS服务支持 可定制化 框架 创建堆栈 更新堆栈 错误检查和回滚 CloudFormation – 组件和技术实现
- 26. 价格 $0.00
- 27. CloudFormation示例 { "Description" : "A text description for the template usage", "Parameters": { // A set of inputs used to customize the template per deployment }, "Resources" : { // The set of AWS resources and relationships between them }, "Outputs" : { // A set of values to be made visible to the stack creator }, "AWSTemplateFormatVersion" : "2010-09-09” }
- 29. Reference { "Resources" : { "Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" } ], "KeyName" : "mykey", "ImageId" : "ami-7a11e213” } }, "InstanceSecurityGroup" : { "Type" : "AWS::EC2::SecurityGroup", "Properties" : { "GroupDescription" : "Enable SSH access via port 22", "SecurityGroupIngress" : [ { "IpProtocol" : "tcp", "FromPort" : "22", "ToPort" : "22", "CidrIp" :"0.0.0.0/0" } ] } } } }
- 30. Input Reference { "Parameters" : { "KeyPair" : { "Description" : "The EC2 Key Pair to allow SSH access to the instance", "Type" : "String" }, "Resources" : { "Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "SecurityGroups" : [ { "Ref" : "InstanceSecurityGroup" }], "KeyName" : { "Ref" : "KeyPair"}, "ImageId" : "" } }, … } }
- 31. 自定义input参数 "WordPressUser": { "Default": "admin", "Description" : "The WordPress database admin account username", "Type": "String", "MinLength": "1", "MaxLength": "16", "AllowedPattern" : "[a-zA-Z][a-zA-Z0-9]*" }, 使用下列属性来验证input参数 : Maxlength, MinLength, MaxValue, MinValue, AllowedPattern, AllowedValues
- 32. Mappings {"Mappings" : { "RegionMap" : { "us-east-1" : { "AMI" : "ami-76f0061f" }, "us-west-1" : { "AMI" : "ami-655a0a20" }, "eu-west-1" : { "AMI" : "ami-7fd4e10b" }, "ap-southeast-1" : { "AMI" : "ami-72621c20" }, "ap-northeast-1" : { "AMI" : "ami-8e08a38f" } } }, "Resources" : { "Ec2Instance" : { "Type" : "AWS::EC2::Instance", "Properties" : { "KeyName" : { "Ref" : "KeyName" }, “ImageId" : { "Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "AMI" ]} } } } }
- 34. AWS code services AWS CodeCommit AWS CodePipeline AWS CodeDeploy
- 35. 源码控制 - CodeCommit Private Git repositories hosted on Amazon S3 • 基于Amazon的私有Git Repositories • 完全兼容Git • 充分利用云的优势 (扩展性,持久性, 可靠性, 按需付费以降低成本) • Repositories没有大小限制 • 在线代码工具,支持browse, edit, diff • IAM用户管理
- 36. 持续交付 - CodePipeline • 可自定义的自动化版本发布,并且集成了编译和测试 • 对自定义的版本发布工作流建模、可视化 (源代码 è 编译 è beta è gamma è 线上生产) • 自动化编译、测试和部署 • 执行自定义规则 • 与第三方工具集成 36
- 38. 持续部署 - CodeDeploy • 协调服务器的软件更新,滚动更新以避免宕机时间 • 针对部署的健康检测,以及回滚 • 集成自动扩展(Auto Scaling) • 对所有应用程序适用 • 重用已有的部署工具 (Bash, Powershell, Chef, Puppet…) 38
- 39. 工作流
- 41. AppSpec fileos: linux files: - source: Config/config.txt destination: webapps/Config - source: Service destination: /webapps/DogSuit hooks: ApplicationStop: - location: Scripts/Deactivate_Service BeforeInstall: - location: Scripts/Flush_Logs.sh AfterInstall: - location: Scripts/Decrypt_Secrets.sh ApplicationStart: - location: Scripts/Start_Pooch_Service.sh timeout: 3600 ValidateService: - location: Scripts/Check_Dogs_Barking.sh runas: codedeployuser ApplicationStop BeforeInstall AfterInstall ApplicationStart ValidateService DownloadBundle Install Start End
- 42. 部署配置 v2 v2 v2 v2 v2 v2 v2 v2All-at-once Min. healthy hosts = 0 v2 v2 v2 v2 v1 v1 v1 v1Half-at-a-time Min. healthy hosts = 50% v2 v2 v1 v1 v1 v1 v1 v1[Custom] Min. healthy hosts = 75% v2 v1 v1 v1 v1 v1 v1 v1One-at-a-time Min. healthy hosts = 99%
- 43. 第三方工具集成
- 44. AWS DevOps 服务 运维 Elastic Beanstalk CloudWatch CloudFormationCodeDeploy CodePipeline Opsworks Elastic Container Service 监控搭建部署测试构建开发 Lambda CloudTrail 版本管理 持续集成 持续交付 持续部署 自动化运维 配置管理 自动化监控基础设施即代码 日志管理 CodeCommit
- 45. Thank you.