the immutable journey
TRANSCRIPT
![Page 1: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/1.jpg)
The Immutable Journey
Tom Tsai @ Startup
![Page 2: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/2.jpg)
hello!
I am Tom TsaiI am here because I want to give life to the servers
� Startup (DevOps)� Trend Micro (QA, DevOps)� DevOps Lecturer
![Page 3: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/3.jpg)
“Why Come To This Section ?
![Page 4: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/4.jpg)
Outline
� What is Immutable Infrastructure?
� Configuration Management == Die
� Container Orchestration - Kubernetes
� Image CD Pipeline Build Up
� Q & A
![Page 5: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/5.jpg)
1.
Immutable Infrastructure
![Page 6: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/6.jpg)
Build
A stack that you build once (be it a virtual machine image, container image, or something else), run one
or many instances of, and never change again. Ref
V0.0.1
![Page 7: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/7.jpg)
Deploy
The deployment model is to terminate the instance/container and start over from a new one Ref
V0.0.2 V0.0.1
![Page 8: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/8.jpg)
What is the Benefit
� Simplifying operations
� Continuous deployments, fewer failures
� Reduces errors and threats
Ref
![Page 9: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/9.jpg)
Yes ! Docker is Immutable Infrastructure
Docker containers wrap a piece of software in a complete filesystem that contains everything needed to run: code, runtime, system tools, system libraries
![Page 10: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/10.jpg)
Golden Image
Is there a image to execute all kind of application ?
Ruby Python
C#
PHPJavascript
Perl
RJava
Groovy
Clojure
GoF# Pig
![Page 11: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/11.jpg)
Image Layer
How to prepare the image for all kind of application in alpha, beta, production phase using?
OS
Environment
Application
Change Seldomly
Change Frequently
![Page 12: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/12.jpg)
Dockerfile
Is Dockerfile the only solution?
![Page 13: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/13.jpg)
2.
Configuration Management
![Page 14: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/14.jpg)
“Which Configuration
Management Do You Use?
![Page 15: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/15.jpg)
If the server is Immutable,
Can We Throw away CM?
![Page 16: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/16.jpg)
DockerfileEasy to use, hard to maintain, extend
configuration management should Be Die !?
Configuration ManagementSteep Learning Curve, easy to maintain, extend
![Page 17: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/17.jpg)
Using Cm to provision Image
Packer is a tool for creating machine and container images for multiple platforms from a single source configuration.
![Page 18: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/18.jpg)
Packer Template
Builders: Base image
Provisioners: Select
prepare tool (e.g. Chef)
Post-Processors:
store image (e.g.
dockerhub, aws ecr)
![Page 19: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/19.jpg)
Image Layer
Separate Image to two part, OS+Environment & Application
OS
Environment
Application
Change Seldomly
Change Frequently
![Page 20: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/20.jpg)
Chef X Docker X Packer
1. Push tag to
trigger webhook
2. Execute Packer
to provision image
3. Get Provision
script from Chef
4. Push Image to
dockerhub, image
tag equal to git
tag
Ref
![Page 21: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/21.jpg)
“Different phase Images ?
V0.0.1 alpha V0.0.1 beta V0.0.1 prod
![Page 22: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/22.jpg)
All PhaSe Image
Get $PHASE from environment variable. Get different phase configuration in one image.
app/start.sh /binary /conf/alpha.yml /beta.yml /prod.yml
Build Structure
ln -s /app/conf/$PHASE.yml /app/conf/current.yml
binary -conf /app/conf/current.yml
start.sh
![Page 23: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/23.jpg)
3.
Kubernetes
![Page 24: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/24.jpg)
Without K8S ...
![Page 25: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/25.jpg)
With K8S ...
![Page 26: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/26.jpg)
K8S Infra
![Page 27: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/27.jpg)
K8S Terminology
PodA group of one or more containers
Replica SetEnsures that a specified number of pod “replicas” are running
DeploymentProvides declarative updates for Pods and Replica Sets
Servicea logical set of Pods and a policy by which to access them
![Page 28: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/28.jpg)
K8S Deployment
� Create a Deployment to bring up a Replica Set and Pods.
� Update Deployment (e.g. rolling update Pods)
� Rollback to an earlier Deployment revision
� Pause and resume a Deployment.
![Page 29: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/29.jpg)
COntainer Deployment
K8S API
1. Create Deployment
2. Update Image ver.
3. Create Service
4. Of course, Testing
![Page 30: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/30.jpg)
Setup K8S is so
Hard
Use it in google cloud engine will be easy
![Page 31: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/31.jpg)
But I still Try in AWS By
� AWS CloudFormation
� Chef
Don’t forgot to add tag KubernetesCluster in all aws resource
AWS
![Page 32: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/32.jpg)
4.
Image CD Pipeline
![Page 33: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/33.jpg)
“Have you ever heard Jenkins?
How dare
you ...
![Page 34: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/34.jpg)
Not to mention
DeployBuild Test
CM X Docker X Packer Kubernetes Depends ...
![Page 35: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/35.jpg)
Place your screenshot here
Jenkins 2.0 Pipeline is Good
� Leverage Groovy DSL to achieve pipeline as code
� Loading Script Text from Version Control
� Retaining Global Libraries
Everything is done, take a break ?!
![Page 36: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/36.jpg)
More and More Job
Using Jenkins Pipeline Plugin after one month, I feel there is still room for improvement...
![Page 37: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/37.jpg)
insufficient
Pipeline Job: Still need to
maintain Manually
Develop: Inside Jenkins
website
Groovy: Cannot include
third-party library
![Page 38: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/38.jpg)
Jenkins Job DSL
Trigger Seed Job just like compile your General Jenkins job
Seed Job
Job A
DSL
Job B
DSL
Job A Pipeline
Job B Pipeline
![Page 39: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/39.jpg)
After Using ...
Pipeline Job: Generate
automatically
Develop: everywhere
Groovy: embed other
language
![Page 40: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/40.jpg)
demo
![Page 41: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/41.jpg)
Jenkins Deployable Now !
/CM Script/ # do anything you want
/dsl-repo/dsl/ # job dsl for generate jenkins job /pipeline/ # pipeline script for job dsl including
/jobs/ # Jenkins Job generating by job dsl
/workflow-libs/ #Pipeline Global Library
Jenkins Build Structure (/var/lib/jenkins/...)
![Page 42: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/42.jpg)
Script Security
Script security plugin block groovy script, after enabling global security… (workaround)
![Page 43: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/43.jpg)
Test Your Jenkins Job?
![Page 44: The immutable journey](https://reader030.vdocuments.mx/reader030/viewer/2022020203/5880bcf71a28abba3b8b4fb9/html5/thumbnails/44.jpg)
thanks!
Any questions?
smalltown20110306
smalltown0110
smalltown0110