![© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Operational Excellence – Promotion Model
[STAGING]
[FEATURE-1]
{Create} {rebase} {promote}
[FEATURE-N] {Create}
{Promote to Stable for go
live}
[ … ]
Conventions
o commit
+ branch create
* rebase
^ promote
/ code flow
[ ] branch](https://image.slidesharecdn.com/d1dev102-customer-bhuvaneswari-slides-v41-220526043201-d0748f5c/85/End-to-End-CI-CD-at-scale-with-Infrastructure-as-Code-on-AWS-35-320.jpg)
![© 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Operational Excellence – Promotion Model
[STAGING]
[FEATURE-1]
{Create} {rebase} {promote}
[FEATURE-N] {Create}
[STABLE]
Conventions
o commit
+ branch create
* rebase
^ promote
/ code flow
[ ] branch
{Promote to Stable for go
live}
[ … ]
[FEATURE-1] {Create} {rebase} {promote}
[FEATURE-N]
{Create}
[ … ]
{Code flow to Staging}](https://image.slidesharecdn.com/d1dev102-customer-bhuvaneswari-slides-v41-220526043201-d0748f5c/85/End-to-End-CI-CD-at-scale-with-Infrastructure-as-Code-on-AWS-36-320.jpg)
End-to-End CI/CD at scale with Infrastructure-as-Code on AWS
- 2. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. End-to-End CI/CD at scale with Infrastructure-as-Code on AWS Bhuvaneswari Subramani (she/hers) D1DEV102 Director, Engineering Operations, Infor AWS DevTools Hero
- 3. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Quick Intro • Bhuvaneswari Subramani (Bhuvana) • Director, Engineering Operations, Infor • AWS Hero since 2019 • Organizer, AWS User Group Bengaluru • Leading cloud computing, DevOps, and Performance QA https://bhuvana.pro /bhuvanas @installjournal
- 4. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda • Why Infrastructure as Code (IaC) for CI CD ? • CI CD multi-account Architecture • Build & Deployment Infrastructure Setup • Best Practices
- 5. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Why Infrastructure as Code for CI CD ?
- 6. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Key Benefits Speed Consistency Traceability
- 7. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. CI CD with multi-account architecture
- 8. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. VPC Gateway EndPoint Continuous Integration VPC Developer Service Account Private subnet Build & Deploy Server Worker Nodes Lin 1 2 3 Mirror Git Repo CI 1 - Initiate Build process 2 - Get Source code 3 - Compile & generate artifacts 4 - Publish artifacts 5 - Run code validation suite AWS Cloud
- 9. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. VPC Gateway EndPoint Continuous Integration VPC Developer Service Account Private subnet Build & Deploy Server Worker Nodes Lin 1 2 3 Mirror Git Repo Publish build artifacts 4 S3 Buckets CI 1 - Initiate Build process 2 - Get Source code 3 - Compile & generate artifacts 4 - Publish artifacts 5 - Run code validation suite AWS Cloud
- 10. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. VPC Gateway EndPoint Continuous Integration VPC Developer Service Account Private subnet Build & Deploy Server Worker Nodes Lin 1 2 3 Mirror Git Repo Publish build artifacts 4 S3 Buckets CI 1 - Initiate Build process 2 - Get Source code 3 - Compile & generate artifacts 4 - Publish artifacts 5 - Run code validation suite 5 AWS Cloud
- 11. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. VPC Gateway EndPoint Continuous Integration VPC Developer Service Account Build & Deploy Server Worker Nodes Lin Private subnet 1 2 3 Mirror Git Repo Publish build artifacts 4 S3 Buckets 5 App artifacts Config artifacts Data system artifacts Test artifacts AWS Cloud
- 12. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Mirror Git Repo Lin VPC Continuous Deployment – Nano Env AWS Cloud AWS Cloud Developer Service Account Nano Environment(s) Account https://<env-id>.nano.infornexus.com Public Subnet Internet gateway Windows Peer Linux Peer Users Availability Zone VPC Private subnet Build & Deploy Server S3 Buckets Deploy
- 13. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Nano to Full Scale Environments Beta …
- 14. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Continuous Integration – Alpha / Beta / Prod Env VPC Developer Service Account Private subnet Build Server Worker Nodes Lin 1 2 3 Mirror Git Repo CI 1 - Initiate Build process 2 - Get Source code 3 - Compile & generate artifacts 4 - Publish artifacts 5 - Run code validation suite AWS Cloud
- 15. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Continuous Integration – Alpha / Beta / Prod Env VPC Developer Service Account Private subnet Build Server Worker Nodes Lin 1 2 3 Mirror Git Repo Publish build artifacts 4 S3 Buckets CI 1 - Initiate Build process 2 - Get Source code 3 - Compile & generate artifacts 4 - Publish artifacts 5 - Run code validation suite AWS Cloud VPC Gateway EndPoint
- 16. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Continuous Integration – Alpha / Beta / Prod Env VPC Developer Service Account Private subnet Build Server Worker Nodes Lin 1 2 3 Mirror Git Repo Publish build artifacts 4 S3 Buckets CI 1 - Initiate Build process 2 - Get Source code 3 - Compile & generate artifacts 4 - Publish artifacts 5 - Run code validation suite AWS Cloud VPC Gateway EndPoint ECR Publish container images VPC Interface EndPoint 4
- 17. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Continuous Deployment – Alpha / Beta / Prod Env VPC Developer Service Account Private subnet Build Server Worker Nodes Lin 1 2 3 Mirror Git Repo Publish build artifacts 4 S3 Buckets CI 1 - Initiate Build process 2 - Get Source code 3 - Compile & generate artifacts 4 - Publish artifacts 5 - Run code validation suite 5 AWS Cloud VPC Gateway EndPoint AWS Cloud Prod Account Deploy Server ECR Publish container images VPC Interface EndPoint 4
- 18. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Mirror Git Repo Lin Continuous Deployment – Alpha / Beta / Prod Env AWS Cloud Developer Service Account VPC Private subnet Build Server VPC AWS Cloud Alpha / Beta / Prod Environment Account Private subnet App Container Services • Web Tier • Integration Tier Intermediate Tier • Caching • Lock co-ordination • Service Discovery Data Tier • Queueing • AWS Hosted Data Services • AWS Managed Data Services Logging & Monitoring Supply Chain Intelligence Deploy Server Deploy Nodes A Publish build artifacts ECR B Publish container images
- 19. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Mirror Git Repo Lin Continuous Deployment – Alpha / Beta / Prod Env AWS Cloud Developer Service Account VPC Private subnet Build Server VPC AWS Cloud Alpha / Beta / Prod Environment Account Private subnet App Container Services • Web Tier • Integration Tier Intermediate Tier • Caching • Lock co-ordination • Service Discovery Data Tier • Queueing • AWS Hosted Data Services • AWS Managed Data Services Logging & Monitoring Supply Chain Intelligence Deploy Server Deploy Nodes A Publish build artifacts C ECR B Publish container images
- 20. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Mirror Git Repo Lin Continuous Deployment – Alpha / Beta / Prod Env AWS Cloud Developer Service Account VPC Private subnet Build Server VPC AWS Cloud Alpha / Beta / Prod Environment Account Private subnet App Container Services • Web Tier • Integration Tier Intermediate Tier • Caching • Lock co-ordination • Service Discovery Data Tier • Queueing • AWS Hosted Data Services • AWS Managed Data Services Logging & Monitoring Supply Chain Intelligence Deploy Server Deploy Nodes A Publish build artifacts C ECR B Publish container images D D VPC Gateway EndPoint VPC Interface EndPoint
- 21. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Build & Deployment Infrastructure Setup
- 22. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Build Infrastructure Components AWS CloudFormation Mirror Git Repo Jenkins Master S3 Bucket IAM Roles Secrets Jenkins Win Agent Jenkins Linux Agent VPC EndPoints ECR
- 23. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Setup Mirror Git Repo using IaC Create Git repo tar.gz & Upload to S3 Create EC2 Instance Pull Git repo tar.gz from S3 and place in EC2 Configure Cron job to sync Git repo AWS CloudFormation Mirror Git Repo
- 24. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Setup Jenkins Master using IaC Pipeline Create EC2 Salt minion Jenkins Server Gitlab IaC Developers Source - Bootstrap Bootstrap Jenkins Linux Agent Windows Agent Jenkins Job Configuration Source - IaC
- 25. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Dev Environment for Jenkins Bootstrapping Run Jenkins as Container Install Docker Setup local repo Bind mount the directories into Docker Containers Install Jenkins as a Container Configure Jenkins
- 26. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Dev Environment for Jenkins Bootstrapping Run Jenkins as Container Install Docker Setup local repo Bind mount the directories into Docker Containers Install Jenkins as a Container Configure Jenkins
- 27. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Dev Environment for Jenkins Bootstrapping Run Jenkins as Container Install Docker Setup local repo Bind mount the directories into Docker Containers Install Jenkins as a Container Configure Jenkins
- 28. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Dev Environment for Jenkins Bootstrapping Run Jenkins as Container Install Docker Setup local repo Bind mount the directories into Docker Containers Install Jenkins as a Container Configure Jenkins
- 29. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Dev Environment for Jenkins Bootstrapping Run Jenkins as Container Install Docker Setup local repo Bind mount the directories into Docker Containers Install Jenkins as a Container Configure Jenkins
- 30. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Dev Environment for Jenkins Bootstrapping Run Jenkins as Container Install Docker Setup local repo Bind mount the directories into Docker Containers Install Jenkins as a Container Configure Jenkins
- 31. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Best Practices
- 32. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Best Practices • Operational excellence • Security • Reliability • Performance efficiency • Cost optimization • Sustainability AWS Well-Architected Framework
- 33. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Operational excellence • Continually improving quality process • Design for failure • Opportunities for improvement • Clearly defined Promotion model for IaC
- 34. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Operational Excellence – Promotion Model Stable Staging Feature • Holds IaC for services that are live on an Env • Protected Branch ; Changes needs approval • Holds IaC for services ready to go live • Protected Branch ; Changes needs approval • To apply changes to production or alpha branch
- 35. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Operational Excellence – Promotion Model [STAGING] [FEATURE-1] {Create} {rebase} {promote} [FEATURE-N] {Create} {Promote to Stable for go live} [ … ] Conventions o commit + branch create * rebase ^ promote / code flow [ ] branch
- 36. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Operational Excellence – Promotion Model [STAGING] [FEATURE-1] {Create} {rebase} {promote} [FEATURE-N] {Create} [STABLE] Conventions o commit + branch create * rebase ^ promote / code flow [ ] branch {Promote to Stable for go live} [ … ] [FEATURE-1] {Create} {rebase} {promote} [FEATURE-N] {Create} [ … ] {Code flow to Staging}
- 37. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security • Infrastructure protection • Centralized identities with SAML 2.0 • End-to-end Traceability • Data Protection
- 38. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Reliability • Monitor workload Resources • Adapt to changes in Demand • Implement resiliency for reliable workload
- 39. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Performance Efficiency • Capability to deploy the workload in multiple AWS Regions • Use serverless architectures • Monitor your resources
- 40. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Cost Optimization • Implement cloud financial management • Monitor Cost and Usage • Stop spending money on undifferentiated heavy lifting
- 41. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Sustainability • Remove or refactor workload components with low or no use • Increase utilization of build environments • Optimize areas of code that consume the most time or resources
- 42. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Key Benefits Speed Consistency Traceability
- 43. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Additional resources Link 1 About Link 1 AWS speakers, more resources are on the wiki Link 1 About Link 1 Link 1 About Link 1 Link 1 About Link 1
- 44. © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deepen your skills with digital learning on demand Access 500+ free digital courses and Learning Plans Earn an industry-recognized credential AWS Skill Builder AWS Certifications Explore resources with a variety of skill levels and 16+ languages to meet your learning needs Join the AWS Certified community and get exclusive benefits Receive Foundational, Associate, Professional, and Specialty certifications Train now Access new exam guides © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Learn in-demand AWS Cloud skills
- 45. Thank you! © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved. Bhuvaneswari Subramani https://bhuvana.pro /bhuvanas @installjournal
- 46. ! Please complete the session survey © 2022, Amazon Web Services, Inc. or its affiliates. All rights reserved.