DevOps@Bagaar - HackMD

## Devops at Bagaar  --- ## What? ---- **DEV**elopment + **OP**eration**S** Note: The word “DevOps” was coined in 2009 by [Patrick Debois](https://fr.wikipedia.org/wiki/Patrick_Debois) in Ghent(!), who became one of its gurus. The term was formed by combining “development” and “operations,” which provides a starting point for understanding exactly what people typically mean when they say “DevOps.” Notably, DevOps isn’t a process or a technology or a standard. Many devotees refer to DevOps as a “culture”. In our presentation, we will explain how this culture is (and will be) applied at Bagaar in order to give everyone a good understanding. Gartner says: “DevOps represents a change in IT culture, focusing on rapid IT service delivery through the adoption of agile, lean practices in the context of a system-oriented approach. DevOps emphasizes people (and culture), and seeks to improve collaboration between operations and development teams. DevOps implementations utilize technology— especially automation tools that can leverage an increasingly programmable and dynamic infrastructure from a life cycle perspective.” Importantly, the meaning of DevOps has broadened to be an umbrella term for the processes, culture, and mindset used to shorten the software development life cycle, using fast feedback loops to deliver features, fixes, and updates more frequently. --- ## Origin  ---- - Enterprise systems management (ESM) - Agile Development Note: Many of the people involved in the initial definition of DevOps were system administrators. These operations experts brought key ESM best practices to DevOps, including configuration management, system monitoring, automated provisioning, and the toolchain approach. “DevOps can be interpreted as an outgrowth of Agile—agile software development prescribes close collaboration of customers, product management, developers, and (sometimes) QA to fill in the gaps and rapidly iterate towards a better product ... [DevOps acknowledges that] service delivery and how the app and systems interact are a fundamental part of the value proposition to the client as well, and so the product team needs to include those concerns as a top-level item. From this perspective, DevOps is simply extending Agile principles beyond the boundaries of the code to the entire delivered service.” --- ## Goal > Improve collaboration across IT teams, accelerate deploy cycles, and deliver better experiences ---- <img src="https://i.imgur.com/CsMEF41.png" style="border:0;width:512px;height:486px;"> Note: The general idea was to create cross-functional teams to manage the continuous deployment and test of new software, while maintaining a functional infrastructure (read: servers). Devops sits at the intersection of development, Q&A and operations. The next slides will also demonstrate this in how the devops culture is adopted throughout an organisation. Making sure the application code is *always* in a deployable state. Devops fits in the "agile" cycle ![](https://i.imgur.com/t6eqB8D.png) --- ## How does it work? ---- <img src="https://i.imgur.com/beEf8ja.png" style="border:0;width:650px;"> ---- ## Continuous Integration > merging all developers' working copies to a shared code mainline several times a day Note: ---- ## Continuous Testing > integrated testing of code and features as part of the deploy process. Note: **before** delivering them to the users ---- ## Continuous Delivery > the ability to get changes of all types into production, or into the hands of users, safely and quickly in a sustainable way. Note: This includes new features, configuration changes, bug fixes and experiments ---- ## Continuous Monitoring ---- ## Infrastructure-as-code > the process of managing and provisioning computer data centers through machine-readable definition files ```yaml= resource "aws_instance" "example" { ami = "ami-0c55b159cbfafe1f0" instance_type = "t2.micro" tags = { Name = "terraform-example" } } ``` Note: Rather than physical hardware configuration or interactive configuration tools. --- ## Automation needs tools <img src="https://i.imgur.com/xgPfm8j.png" style="border:0;width:500px"> ---- <img src="https://i.imgur.com/N4cYqhx.png" style="border:0"> Note: [Source link](https://digital.ai/periodic-table-of-devops-tools) DevOps relies heavily on automation—and that means you need tools. Tools you build. Tools you buy. Open source tools. Proprietary tools. And those tools are not just scattered around the lab willy-nilly: DevOps relies on toolchains to automate large parts of the end-to-end software development and deployment process. Caveat: Because DevOps tools are so amazingly awesome, there’s a tendency to see DevOps as just a collection of tools. While it’s true that DevOps relies on tools, DevOps is much more than that. --- ## Kubernetes (k8s)  ---- - recommended by cloud native computing foundation - an open source platform that automates Linux container operations - eliminates many of the manual processes involved in deploying and scaling containerized applications - you can cluster together groups of hosts running Linux containers - helps you easily and efficiently manage those clusters. Note: And where did this unusual name come from? The agreed-upon origin is from the Greek, meaning “helmsman” or “sailing master.” ---- ## Ergh container? <img src="https://i.imgur.com/cu6ySHP.png" style="border:0;width:400px;"> Note: A Linux® container is a set of 1 or more processes that are isolated from the rest of the system. All the files necessary to run them are provided from a distinct image, meaning Linux containers are portable and consistent as they move from development, to testing, and finally to production. This makes them much quicker to use than development pipelines that rely on replicating traditional testing environments. Because of their popularity and ease of use containers are also an important part of IT security. ---- ## Why? - scale more easily - manage containers more easily - decompose (or orchestrate) applications into smaller systems (called microservices) while developing ---- ## How does it look like? <img src="https://i.imgur.com/aU8bwW3.png" style="border:0;width:600px;"> --- ## Security  ---- ### Principle of least privilege - Nobody gets direct access to cloud resources - No database access - Per-project Git access, including env variables - Keep track of who has access to what Note: everyone must be able to access only the information and resources that are necessary for its legitimate purpose. Standardized + automatized Code = documentatie **Don't touch it** ---- - Incident isolation - Access key per project - Alerting - Secret management - Rotate - Cloud Trail ---- ### Penetration testing - By Toreon --- ## Operations benefits ---- - Automation saves time - Feedback loops - Different Environments - Development - [Feature Testing] - Acceptance - Production - Low risk releases ---- - Faster time to market - Higher quality - Lower costs - Better products - Happier teams :) Note: To spend time on innovative work that adds value to Bagaar and its clients ---- <img src="https://i.imgur.com/heAKEPw.png" style="border:0;width:500px;"> --- ## Developer benefits ---- - Easy environment setup - Sandbox environment for service testing - Debugging tools - grafana (cluster), loki (cluster), bugsnag ... - Database dumps: without access to database - Automated, anonimised dump - Gitlab artifact - Run (artisan) commands on a server - https://github.com/guratr/nova-command-runner Note: - New project setup - Time savings compared to previous project setup (1 week with Sean) --- ### Case study: Oase ----  --- ### Demo Continuous Monitoring (grafana) ![](https://i.imgur.com/8Ve7D4k.png) --- ## Future / Next steps ---- - Research and set up an access database - Feature branch previews - Includes database dumps as Gitlab artifact ---