Introduction to DevOps and Site Reliability Engineering

TLF_LFS162x.txt

TLF (LFS162x) (Prof. Gourav Shah)
Introduction to DevOps and Site Reliability Engineering
DevOps = Developer & Operations (Areas)
SRE = Site Reliability Engineer
---
Needs: Bridge Gap between ( Faster Dev vs Waterfall practices )
DevOps via:
	( Modern principles
	Practices
	Automation tools ) --PATH--> Ops into Agile Area => Faster software delivery.
---
cloud ~transforming~> organizations by providing:
	-elastic
	-scalable
	-HA
	-Multiregional infrastructure
---
Learn:
	* Containers are revolut. software delivery
	* Intrastructure as code & tools
	* Continuous Integration and Continuos Delivery differences.
	* Observability Systems
----------
Pre DevOps Era
	Puppet as Config management
	Centralized management system
	Write infrastructure as code and publish to centralized server.
	Google: (~2008)
		Resource isolation & namespaces = cgroups
---
(~2009)
Andrew Clay & Patrick Debois (Belgium) =>Agile Systems Administrator Group
=>DevOps term (2009).
Puppet -> Chef
---
(~2010-2015) = Devops Chaos Era
	(~2011): Hudson -forked-> Jenkins
	(~2012):
		Ansible
		DotCloud opensourced Docker
	(~2014-2015:
		orchestration engines:
			* Google opensourced Kubernetes, run infrastructure over Docker in production envs.
			* Docker released Swarm
			* Apache Mesos released Marathon
	(~2015):
		Configuration management:
			Puppet
			Chef
			Saltstack
			Ansible
		Continuous Integration:
			* Jenkins
			* Others like: Bamboo, Go, Travis CI, Circle CI
---
(~2016-2018) = Devops Maturity years
	(~2016): Kubernetes turned into the most reliable 
	(~2018):
		Mesos and Docker became Kubernetes friendly
		Ansible became as prefered config mgmt
---
(~2019-2020)
	{reli,avail,scal}ability & security
	five pillars of devops: 
		* the cloud
			lead by: AWS, Azure, GCP
		* containers: 
			Kubernetes and Docker are standard now
			Kubernetes:
				ability to scale, load balance, HA, service discovery
		* infrastructure as code (IaaC):
			Ansible can do it
			Terraform is specialized.
			Others: 
				Docker Compose
				Kubernetes scripts
		* CI / CD:
			lead by: 
				Jenkins with Spinnaker
		* Observability
				Based on Collecting:
					Logs, Metrics,	Traces.
				Guess the state of the system
			Logs:
				Elasticsearch, Logstash, Kibana
			Metrics:
				Prometheus: Time Series database
				Grafana: Visualizer
			Traces:
				Jaeger
				Zipkin
---
	(Present?)
	Kubernetes is the platform on top oh which things are built.
	Custom resource definitions (Service Mesh):		
		Istio & Linkerd:
			Telemetry example: Routing traffic
	Jenkins X
		CI/CD for cloud native apps over kubernetes
		integrates with Jenkins, Github with gitops
	Tekton forked from Knative lead by Google and IBM allows to CI/CD within kubernetes using YAML, features like blue green, canary deployments, gitops.		
---
	Deepen/Review later:
		Pipeline as a Code
		Spinnaker: Hybrid cloud deploment tool
		Custom resource definitions
		Service Mesh:
			Istio 
			Linkerd
		Gitops	
		Revisar curso:
			The Linux Foundation and CDF by the name DevOps and SRE Fundamentals: Implementing Continuous Delivery, with the course code LFS261 (Jenkins and Spinaker)
----------3
Cloud - Why Should You Bother?
	Site Reliability/DevOps Engineering: SR/DE
	9 reasons to bother about cloud:
		* utility computing model:
			buy the service instead of building
		* cloud = access to global infrastructure
		* scalable platform
		* OPEX: Operational Expenses
				vs 
			CAPEX: Capital Expenses 
		* Dynamic Capacity Provisioning and Scalability
			Scalability ~=
				Resilence
				Fault Tolerance
			High Availability ~=
				Multiple geolocations
		* Business continuity
				Multiple geolocations
		* Managed services
				Backups, Snapshots, HA, Scalability everything is done by the cloud platform.
		* Automation out of the box
			Terraform -------
			Ansible----------+\ IaaC
			Cloudformation---+/
			Heat Templates---
---
A Brief History of Cloud:
	John McCarthy (1961), time-sharing model will result in computing power sold as utility.
	(60s-70s): 
		Distributed computers internconnected.
	(~1991):
		Tim Berners -> WWW
	(~1999):
		VMWare -> Virtualization
	(~2006):
		AWS -> IaaS
	(~2008):
		AWS -> VPCloud, Storage Elastic Block, Load Balancers and Auto-scaling
		Google -> Google compuite engine
	(~2009):
		Microsoft -> Azure
---
Types of Cloud:
	IaaS : Infrastructure as a Service
		Complete control over servers, storage, network, databases.
		Receiving the Infrastructure as ready working pieces
		ex: AWS,GCP,Azute
	PaaS : Platform as a Service
		Microsoft Azure Services, 
		AWS Services,
		AWS Elastic Beanstalk 
		Red Hat Openshift will automatically:
			Takes you repo
			arrange it into a docker image
			deploy at scale
			deploy databases
			load balancers
			network config
	SaaS : Software as a Service
		Gmail, Dropbox, 
---
Cloud Deployment Models:
	Public: 
		Shared Infrastructure available for anyone globally
		ex: AWS, GCP, DigitalOcean, …
	Private
		Something we build inside, in our own datacenter, with the ability for self-service or self-provisioning.
		Openstack help to build our own private cloud platform
	Hybrid
		When you want some extra power (burst) or need to host something on another coutry, but keep other services on my own private cloud,
---
Major Cloud Services
	Compute
	Databases
		SQL, NoSQL
	Storage
		Block storage
		Object based storage
	Network services
		virtual private cloud ~= network config
		Network ACLs ~= Firewall at network level
		Subnets
		Private Subnets
		Custom IPs
	User control
		IAM: Identity and Access Management
	DevOps services
		Service management
		Push notifications services
		Analytics services 
		Routing, DNS, Email, etc			

	Deepen/Review later:
			Block storage
			Object based storage
---
Demos: Building Scalable, High Available Infrastructure with AWS		
Virtual Private Cloud: VPC
Availability Zones (AZ) ~= Datacenters
Auto Scaling Groups: ASG


VPC:
	Define 
		Network ACLs: (Firewall rules)
			what go In and/or Out
		security groups: (firewall at software level)
		EC2 instances ~= Servers
		RDS = Relational Database Service
000000000111111111122222222223333333333444		
123456789012345678901234567890123456789012

///////////////Network ACLs///////////////
╔════════════════════════════════════════╗ 
║           [ Load Balancer ]            ║
║                /      \                ║
╟------------======S.G.======------------╢
║  . . . . . . . . .║. . . . . . .ASG    ║
║ .┌---┐            ║  ┌---┐      .      ║
║ .│EC²│            ║  │EC²│      .      ║ 
║ .└-┬-┘            ║  └-┬-┘      .      ║
║  . . . . . . . . .║. . . . . . .       ║
║    |   DB(RDS)    ║    |   DB          ║
║    └---▊|         ║    └---▊|          ║
║         ^_____repl║ica_____^           ║
║                   ║                    ║
║                   ║                    ║
║       AZ1      <-Netw->    AZ2         ║
╚═══════════════════╩════════════════════╝
									 VPC

Generate This automatically with:
	Cloudformation

----------------------------------------------------
CI/CD - Why Should You Bother?
It's all about reliability no matter the features
	available
	scalable
	
	bugs affects reliability ~= downtimes
			rework
	minimize deffects ~= Continuous and Automated Feedback
----------------------------------------------------
What Is Continuous Integration?	
	simple testing can prevent most critical of failures.
When:
	Whenever you integrate code to the mainline

Continuous Integration = Integration + Build + Unit Tests + Static Checkers  + {Integration+Acceptance+Load+Compliance} tests

Agile = Smaller Batches + Integrate Often
so:
	CI = Code merged into master is reliable
----------------------------------------------------
CI Tool:
	Ability to create jobs to run build, tests, packaging by integrating with some tools
	Connect those jobs to create a sequence of execution pipelines.
	Run pipelines automatically
	Trigger pipelines based on events
Tools
	Jenkins, Go, Bamboo, 
	Travis CI, Circle CI	
----------------------------------------------------
Continuous Deployment and Continuous Delivery
Build
	->Test
		->Package
			->Deploy to DEV
				->Deploy to Stage
					->Ask for permission
						->Deploy to Prod
Why?
	Controlled and safer
	Stress free deployments
	Allows for manual and exploratory testing
	Could accommodate hybrid deployments
	Scheduled releases
----------------------------------------------------
CD = Build->Test->Package->Deploy to {DEV->STAGE->ReleaseManager->PROD}
CD -> Controlled and Safer, Stress free deployments, , allows manual or exploratory testing, hybrid deployments (schema updates + auto deploy), Schedules releases, 

CI/CD Principles and Practices
Agile <--> CD
Build=Automated + Quick
Test should be automated:
	Test Pyramid:
	(Base)->Automated{Unit->Component->Service->API->UI->Manual}Test
	The more at the right (top of the pyramid) more expensive 
Deployments=Automated
Practices:
  Revision control:
	  Application Code
		Build logic (pom.xml, package.json, makefiles,etc)
		Configurations
		CI Pipelines (jenkinsFiles)
		Artifact build and packaging logic (dockerfiles)
		IaaCode (ansible)
		Deployment logic (Kubernetes deployment files)
	Development workflow: How fast to deliver
	Automated Deployment Pipelines (Spinnaker)
Summary:
	CD:
		Setup revision control system (git+github)
		Define development workflow + Code review
		Setup CI Platform
		Create CI Pipelines: Build, Test
		Build and Manage artefacts: Packaging, Jobs
		Setup deployment tools and create deployment pipelines
		
╔═══════╦═════════╗ 
║       ║    ╨    ║
╠       ╬
╚═══════╩═════════╝