7. z
§ A significant time gap between the ideation and production
§ Development and operations silos
§ Lack of insights
§ Low confidence to release
§ Increased cost of maintenance
§ Loss of revenue
9. z
A typical week …
Production
System
24x7 up and
Running
New
Features
Bug Fixes
Design
Meetings
Requirement
Gathering
and Refining
Monitoring
and
Triaging
10. z
Business Needs
§ Reduce time to market
§ Quickly fix production bugs
§ Without compromising quality
§ Better insights of production environment to make informed
decisions
11. z
What DevOps brings to the table?
§ DevOps is a culture change
§ Shared responsibility
§ Shared functionalities
§ Improved collaboration
§ Thinking end-to-end
§ Visibility end-to-end
§ Complements Agile (https://agilemanifesto.org/)
15. z
Understand CI and CD Infrastructure as Code Containers Source Control
Scripting Language Test Automation Learn Linux Basics Deployment Strategies
Monitoring Security Fundamentals Networking Fundamentals
16. z
Understand CI and CD
CI CD
Source
repo
Automated
tests
Software
package
Artifact
repo
Infrastructure
*Example only. Tools and steps may vary
Versioning
17. z
§ Continuous Integration
§ Iterative small chunks of production ready code merged to a common branch
§ Automates tests as code is updated. Reject upon failure.
§ Continuous Delivery
§ Automated deployment - all the way to staging
§ Ready to be released at anytime
§ Continuous Deployment
§ Automated releases
§ Frequent (several times per day)
§ Thresholds, Alerts to find issues
Continuous
Integration
Continuous
Delivery
Continuous
Deployment
Code build AUTOMATED AUTOMATED AUTOMATED
Tests AUTOMATED AUTOMATED AUTOMATED
Deploy to staging MANUAL AUTOMATED AUTOMATED
Deploy to production MANUAL MANUAL AUTOMATED
18. z
Infrastructure as Code
§ Databases, load balancers, servers and their provisioning mechanics
§ Machine readable definition files
19. z
Infrastructure as Code
§ Multiple environments – same code
§ dev-*, tst-*, stg-*. prd-*
§ It worked on my machine dev
§ Time consuming
§ replicate bugs
§ recover
§ Destroy and redeploy
§ Cattle vs Pets
dev
tst
stg
prd
20. z
Containers
§ Virtualization
§ Runtime issues
§ Same configuration - dev to prod
§ Repositories – store and reuse
§ Container orchestration – manage lifecycles
§ Small, portable, quick to spin
§ Container != VM
Machine 1 Machine 2 Machine 3
22. z
Source Control
§ Both application code and infrastructure code
§ Controlled access
§ Auditability and recovery
§ Use conventions
§ Learn git basics ( https://rogerdudler.github.io/git-guide/ )
§ Learn git best practices ( https://deepsource.io/blog/git-best-practices )
23. z
Learn a Scripting Language
§ Automation scripts
§ Repetitive tasks
§ Consistency
§ Your own custom commands
§ Start with Python perhaps
24. z
Test Automation
§ Test Pyramid
§ Tests run with every merge
§ Try to improve test feedback time
§ Pact tests (https://docs.pact.io/)
§ Detect integration issues early
§ Quality gates / code smells
§ Inspect code quality automatically
Acceptance tests
Integration tests
Unit tests
25. z
Learn Linux Basics
§ Shell commands
§ File system
§ SSH
Source: www.phoenixnap.com/kb/linux-commands-cheat-sheet
Source: www.ssh.com
26. z
Deployment Strategies
§ Simple deployment.
§ Simply replace the instances with new version
§ OK for non-critical applications
§ Rolling deployment
§ Incrementally update instances in batches
§ Rollback if an error is detected
§ Blue – Green deployment
§ Two identical environments, live and staging
§ Test staging
§ Switch live and staging
§ Canary
§ Incrementally to a small subset of users
§ Targeted users
Then Now
1.3.0 1.4.0
27. z
Monitoring
§ Identify issues
§ Prevent failures
§ Usage patterns
§ Metrics and Alerts
§ System level as well as component level
28. z
Security Fundamentals
§ Sensitive vs non-sensitive data
§ Principle of Least Privilege
§ Encryption methods – Symmetric vs Asymmetric encryption
§ Digital certificates - X.509
§ Security standards, e.g., Oauth 2.0
§ What’s an identity?
§ SaaS products
29. z
Networking Fundamentals
§ Virtual Private Networks (VPN)
§ Disguise traffic
§ Cloud environments
§ e.g., AWS VPC
§ Public and Private Subnets
§ VPC links
§ Load balancers
§ Internet gateways
§ Bastion host / Jump Box
32. z
Tips
§ Master one tool for each of the above categories. Learn more as you gain
experience.
§ Document everything .Automate as much as possible.
§ It’s OK to be lazy smart
§ Use conventions, e.g., tst-1-customer-db
§ Externalize configuration, e.g., files, parameter stores
§ Logs !
§ Do NOT re-invent the wheel
§ DevOps != SRE, DevOps != Security Specialist, DevOps != Agile
34. z
KPI Description
Change lead time From coding to deploy in production
Change volume Features pushed to production per deploy
Deployment frequency Number of deployments per day
Success rate Successful deployments / total deployments
Time to detect defects Mean time taken to detect a bug in the production
Time to recover Mean time to recover
Other application metrics
For example, improvements in resource consumption
due to devops feedback.