Implement DevOps Like a Unicorn—Even If You’re Not One

DW3
Adopting DevOps
6/7/2017 1:30:00 PM
DW3 Implement DevOps Like a
Unicorn-Even If You're Not One
Presented by:
Mason Leung
Grand Rounds
Brought to you by:
350 Corporate Way, Suite 400, Orange Park, FL 32073
888-‐268-‐8770 ·∙ 904-‐278-‐0524 - info@techwell.com - https://www.techwell.com/

Mason Leung
Grand Rounds
A backend developer with an interest in infrastructure and operations, Mason
Leung is an infrastructure engineer at Grand Rounds, a health tech company that
enables patients better access to care providers. In his career roles, Mason has
experience defining and establishing a DevOps foundation and culture. Mason is
passionate about enhancing developer efficiency and experience through
automation, better tooling, and education. On weekends he mentors high school
students who are interested in math and STEM. Mason's lifetime goal is to start a
tutoring center and provide free lessons to disadvantaged students in San
Francisco. Reach Mason at terajukun@gmail.com.

1
Implement DevOps Like A Unicorn Even
You Don't Work At One

2 | © 2017 Grand Rounds, Inc.
Background
• Mason Leung
• Infrastructure Engineer

"What do you do?"
Asked by my 7 years old niece

Implement DevOps Like A
Unicorn Even You Don't
Work At One

What is an unicorn?
• Wikipedia: Company valued over $1B
• 2013 Aileen Lee, VC

No Unicorn

Forrest vs Tree
vs

Scenario Question

What would you do?

Plan of Attack
The goal as an infrastructure engineer is to
identify components of the platform whether
it is a process or resources that are
potential bottlenecks, figure a way to break
them.

Implicit Goal
Bus Factor N to N+1
Hopefully N != 1

Let's Begin
Components to increase
scalability and agility
(from the infrastructure perspective)

Deployment

Deployment
Loosely defined term

Deployment
• Resource Provision
• Configuration Management
• Code Deploy

Resource Provision
• How do I set up the platform?
• Is it in the Cloud?

Lots of Questions
• What are the needed resources?
• What are the security groups and access
control?
• What are the VPN access on premise and
remote?
• What to do with persistent data?

Codify your infrastructure

Is there a DR in the house?

Terraform: First Try
• One huge file
• Good for proof of concept
• Good learning experience
• Problems: organization and collaboration

Terraform: Second Try
• Break down
components
• Separation of
environments
• Problem: organization
and collaboration

Terraform: Third Try
• Use Terragrunt for state locking
• DRY with module

Considerations
• Terraform by applications vs one repo for
all applications
• Module organization
• functional vs flat

The Benefits
• Infrastructure reproducibility
• Documentation

What separates a good
programmer and an
excellent programmer?

Excellent programmer
documents

Codify Your Infrastructure
• Flexibility and reproducibility
• Documentation
• Traceability of changes
• A step toward DR

Configuration Management

In The Past
• apt-get install manually
• shell scripts

Which one?

A Third Option?

Benefits
• Environmental
Attributes

Benefits
• Integration with
other tools

Benefits
• Shorten debug
loop

Benefits
• Community cookbooks or manifests
• Lock down version and portability

Benefit
• Documentation

Continuous Delivery
No longer a luxury, but a necessity

Concepts
• Continuous Integration
• constantly merging
• Continuous Delivery
• constantly deploying

The Old Deploy Pipeline

The Old Pipeline
• Mason Leung
• Infrastructure Engineering @
GrandRounds

Short Term Fix
Automate commit
messages to slack
with gem

Short Term Fix
Score =( Number of
commits ) x (Hours
since deploy)

Considerations on CD
• Buy in from managers and developers
• Homogenous deploy tool
• In house vs hosted solution or both

Considerations on CD
• Monitoring core metrics
• Run Jenkins backup
• Modular services
• Application and infrastructure cadence

A Very Important Lesson

Do NOT build
customized tools unless
you absolutely have to

Case 1
• EC2 Creator
• Bring up EC2 in console
• Use knife-ec2 instead
• Run chef configuration

Problems
• Works great for EC2 only
• Our platform has other resources
• A bigger picture

Are we in the business
of writing ops tools?

Lessons
• Think about your value proposition
• Google for tools
• Ask questions on mailing list or /r/devops
• Documentation

Case 2
• Home grown CI system
• build under 15 minutes
• parallelization with containers
• split up test with profiler

Building a CI System
From Scratch is Fun

Maintaining a CI System is
Not Fun

The Trouble Continue
• Build start to run more than 15 minutes
• Increases parallelism
• Cost of CI vs production

The Real Issues
• Poorly written nested tests
• New code makes requests to DB
• Not enough tests ran

Lessons Learned
• Keep good relationship
• Understand the problem beneath
• Pay down technical debt
• Look at non-functional features

Building Customized Solutions
• Always ask
• What is the real problem?
• Are there existing solutions?
• Enough support within the org?

Your Great
Customized
Solution Is A
Snowflake

If You Insist...

So Far
• Resource provisioning
• Configuration management
• Code deployment
• Use existing tools
• Resists making snowflakes
• Documentation

Putting All
Your Eggs In
One Basket

Multiple Vendors
• DNS: DNSMadeEasy
• CDN: EdgeCast
• Other resources: AWS

A Big Migration
• VPC migration
• DNS and CDN consolidation
• Finish before the holiday season starts

Three Phrases
• DNS Migration
• CDN Migration
• VPC Migration

DNS Migration
• Create new host zone in R53
• Update domain registrar
• Export zone file in DNSME and reimport
on R53
• Monitor queries

Redirect Problem
• Nifty redirect feature
• blog.example.com to example.com/blog
• vpn.example.com to http://1.2.3.4

Redirect Problem Solution
• Do it through S3
• Run your own redirect service
• Third party

Third Party Redirect
Not a lot of choices
for URL redirect

Lesson Learned
• Ask questions
• Look at nifty features
• Be transparent
• Migration goes according to plan

CDN Migration
• Weighted policy in Route 53
• Two type of contents
• S3
• Assets on EC2 behind ELB

Migration Steps
• Enable CloudFront for either a S3 bucket
or an ELB
• Forward the HOST header to enable SSL
in CloudFront
• Split CDN reference into two in Route 53
• Dial up traffic slowly
• Repeat

A Redirect Loop
• A catch all /platform/ regex left in route
• DDos-ing ourselves
platform.example.com
sfa.example.com
sfp.example.com

Overload our ELB
• ELB not warm enough
• Call Amazon ahead of time to warm up

Lessons Learned
• Understand your usage pattern, watch for
capacity issue
• Always have another pair of eyes
• Monitor core metrics

VPC Migration
• Beginning of October
• Smoother than expected

Clean Up and Review
• Review our architecture
• Design with 10x growth
• Using internal ELBs
• Rewrite pingdom checks
• Copy RDS backups with Lambda

Implement DevOps Like A
Unicorn Even You Don't
Work At One

Principles
• Transparency
• Repeatability
• Codify your infrastructure
• Use configuration management tools
• Documentation
• Agility
• Have a CD pipeline
• Monitoring
• Identify core metrics
• Resist snowflakes
• Don't reinvent the wheel

FIN

Implement DevOps Like a Unicorn—Even If You’re Not One

More Related Content

What's hot (20)

Similar to Implement DevOps Like a Unicorn—Even If You’re Not One (20)

More from TechWell (20)

Recently uploaded (20)

Implement DevOps Like a Unicorn—Even If You’re Not One