SlideShare une entreprise Scribd logo

Developer Experience at the Guardian, Equal Experts Sept 2021

A
Akash Askoolum

The Guardian Developer Experience team’s mission statement is to “Enable teams to focus on delivering value at lightning speed by streamlining infrastructure management”. In this session, the Guardian will describe how we’re working to fulfil our mission; we’ll give a brief history and a glimpse into the future.

Logiciels
1  sur  34
Developer Experience at The Guardian Equal Experts, Sept 2021
Akash Askoolum he/him Senior Software Engineer akash.askoolum@theguardian.com @akash1810 👋
What does the DevX team do?
A brief history 2015 Solely on AWS (no more on premises servers) 2012 Move to AWS started (mix of on premises and AWS) May 1821 First Manchester Guardian newspaper published 1999 Guardian Unlimited network of websites launched aws.amazon.com/solutions/case-studies/guardian
Autonomous teams ● Dotcom team, building theguardian.com ● Apps teams, building the iOS and Android apps ● Reader Revenue teams, building supporter and contribution platforms ● Journalism teams, building internal tools for Editorial staff
News website of the year theguardian.com/p/t6qvf
Digital revenues theguardian.com/p/937j6
(some of) technologies used by the Engineering dept.
July 2020 Full time DevX team formed A brief history (continued) 2015 Solely on AWS (no more on premises servers) 2012 Move to AWS started (mix of on premises and AWS) May 1821 First Manchester Guardian newspaper published 1999 Guardian Unlimited network of websites launched aws.amazon.com/solutions/case-studies/guardian
What does the DevX team do?
3 areas of focus 1. Client side tools and infrastructure 2. Security tools and infrastructure 3. Operation tools and infrastructure
Mission Enable teams to focus on delivering value at lightning speed by streamlining infrastructure management
Our Tools
Our DevX Tools ● AMIable - Amazon Machine Image (AMI) management tool ● AMIgo - An AMI bakery ● Anghammarad - Centralised notifications service ● CDK - Generic Guardian flavoured AWS CDK components ● Central ELK - Centralised logging platform ● dev-nginx - Tools to configure a local development nginx to proxy our applications and services ● DNS Validation - An AWS lambda that automatically creates ACM validation DNS records ● Grafana - Centralised metrics service ● Gu:who - answering: who are all these users in my GitHub org? ● Janus - Google-backed AWS account access ● master-to-main - A CLI to automate updating a GitHub repository master branch to main ● Prism - Tool for collecting live data about infrastructure so it can be easily queried by users and automated tooling ● PRout - Looks after your pull requests, tells you when they're live ● Repo Apocalypse - Archive old Github projects to S3 ● RiffRaff - The Guardian's deployment platform ● Security HQ - Centralised security information for AWS accounts ● Source - The Guardian’s design system ● SSM Scala - ssh replacement: CLI program that wraps SSM's EC2 Run Command ● Strap - Bootstrap your macOS development system ● ...
Our DevX Tools ● AMIable - Amazon Machine Image (AMI) management tool ● AMIgo - An AMI bakery ● Anghammarad - Centralised notifications service ● CDK - Generic Guardian flavoured AWS CDK components ● Central ELK - Centralised logging platform ● dev-nginx - Tools to configure a local development nginx to proxy our applications and services ● DNS Validation - An AWS lambda that automatically creates ACM validation DNS records ● Grafana - Centralised metrics service ● Gu:who - answering: who are all these users in my GitHub org? ● Janus - Google-backed AWS account access ● master-to-main - A CLI to automate updating a GitHub repository master branch to main ● Prism - Tool for collecting live data about infrastructure so it can be easily queried by users and automated tooling ● PRout - Looks after your pull requests, tells you when they're live ● Repo Apocalypse - Archive old Github projects to S3 ● RiffRaff - The Guardian's deployment platform ● Security HQ - Centralised security information for AWS accounts ● Source - The Guardian’s design system ● SSM Scala - ssh replacement: CLI program that wraps SSM's EC2 Run Command ● Strap - Bootstrap your macOS development system ● ... 😱😱😱😱 😱
Janus When making API calls to AWS locally, AWS credentials are required. Developers do not have any IAM users for our AWS accounts, instead we use temporary credentials or short-term, federated sessions. Janus is our federated login system for managing access to our myriad AWS accounts. This approach allows us to make our infrastructure easier and more secure to use. Google-backed AWS account access github.com/guardian/janus-app
Janus github.com/guardian/janus-app
SSM Scala A command line tool that wraps AWS Systems Manager (SSM). Used to execute commands on EC2 servers using EC2 Run command. It provides the user with: ● an alternative to SSH for running commands ● standard SSH access using short lived RSA keys We have removed direct SSH access (port 22) from applications and replaced it with SSM Scala. github.com/guardian/ssm-scala
Riff-Raff Our applications primarily run on EC2 or Lambda. Riff-Raff is our deployment tool and it allows us to use AWS auto-scaling to achieve zero downtime deploys. Riff-Raff also records the deployment history of each project, and can be used to schedule deploys. The Guardian's deployment platform github.com/guardian/riff-raff
Riff-Raff github.com/guardian/riff-raff
Riff-Raff github.com/guardian/riff-raff
Source Source is our Design System. Written in React and Emotion, it creates a consistent user and developer experience across *.theguardian.com and the apps. It's expanding to support internal tooling too. The Guardian's design system github.com/guardian/source
Prism Prism captures information about the infrastructure across our entire estate in near real-time. There is also a command line tool that uses the Prism API to locate infrastructure. github.com/guardian/prism
What’s next?
Areas of focus For the Operations team ● Observability ● Runtime environment ● Configuration ● Deployment
Guardian Cloud Development Kit
Let’s talk about CloudFormation... ✅ Tracked in VCS ✅ Repeatable ❌ JSON / YAML ❌ JSON can become verbose ❌ YAML is sensitive to whitespace ❌ Long feedback loop ❌ Errors first seen at runtime (UPDATE_ROLLBACK_COMPLETE 😈) ❌ Can result in not following the principles of least privilege ❌ Encourages copy pasting ❌ Consistency? ❌ Following best practice?
Guardian CDK ✅ Tracked in VCS ✅ Repeatable ✅ Written in a strongly typed language (TypeScript) ✅ Built using AWS CDK ✅ Unit tested ✅ Encodes today’s best practices ✅ Observability ✅ Runtime environment ✅ Configuration ✅ Deployment ✅ Follows the principles of least privilege ✅ npm install @guardian/cdk@latest github.com/guardian/cdk
Guardian CDK github.com/guardian/cdk
Guardian CDK ● A set of Guardian flavoured AWS CDK constructs and patterns, encoding today’s best practice on: ○ Observability ○ Runtime environment ○ Configuration ○ Deployment ● CloudFormation in TypeScript ● Tracked in VCS ● Improved consistency ● Not YAML or JSON 🎉 ○ Strongly typed ○ Unit tested github.com/guardian/cdk
What does the DevX team do?
A lot of our backend tooling revolves around simplifying AWS resource management across multiple accounts. Observation
Vision We will collaboratively create and maintain best in class standard patterns for deployment, configuration, runtime and observability. Creating and maintaining apps that follow these patterns will be quick, logical, free of boilerplate and secure by default. We will have worked with teams to migrate the majority of applications to our standard patterns. Teams will be focussed on delivering business value at high velocity as infrastructure concerns have been streamlined.
Thanks! Questions? 🙏 akash.askoolum@theguardian.com @akash1810 github.com/guardian workforus.theguardian.com

Recommandé

Secure Architecture and Programming 101
Secure Architecture and Programming 101Secure Architecture and Programming 101
Secure Architecture and Programming 101Mario-Leander Reimer
 
CI/CD with AWS Code Services
CI/CD with AWS Code ServicesCI/CD with AWS Code Services
CI/CD with AWS Code ServicesPulkit Gupta
 
CI CD using AWS Developer Tools Online Workshop
CI CD using AWS Developer Tools Online WorkshopCI CD using AWS Developer Tools Online Workshop
CI CD using AWS Developer Tools Online WorkshopBhuvaneswari Subramani
 
Infrastructure as Code on AWS
Infrastructure as Code on AWSInfrastructure as Code on AWS
Infrastructure as Code on AWSBhuvaneswari Subramani
 
Application & Account Monitoring in AWS
Application & Account Monitoring in AWSApplication & Account Monitoring in AWS
Application & Account Monitoring in AWSBhuvaneswari Subramani
 
IaC on AWS Cloud
IaC on AWS CloudIaC on AWS Cloud
IaC on AWS CloudBhuvaneswari Subramani
 
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018Bhuvaneswari Subramani
 
CI/CD on pure AWS
CI/CD on pure AWSCI/CD on pure AWS
CI/CD on pure AWSAndrey Trubitsyn
 

Recommandé

Secure Architecture and Programming 101
Secure Architecture and Programming 101Secure Architecture and Programming 101
Secure Architecture and Programming 101Mario-Leander Reimer
 
CI/CD with AWS Code Services
CI/CD with AWS Code ServicesCI/CD with AWS Code Services
CI/CD with AWS Code ServicesPulkit Gupta
 
CI CD using AWS Developer Tools Online Workshop
CI CD using AWS Developer Tools Online WorkshopCI CD using AWS Developer Tools Online Workshop
CI CD using AWS Developer Tools Online WorkshopBhuvaneswari Subramani
 
Infrastructure as Code on AWS
Infrastructure as Code on AWSInfrastructure as Code on AWS
Infrastructure as Code on AWSBhuvaneswari Subramani
 
Application & Account Monitoring in AWS
Application & Account Monitoring in AWSApplication & Account Monitoring in AWS
Application & Account Monitoring in AWSBhuvaneswari Subramani
 
IaC on AWS Cloud
IaC on AWS CloudIaC on AWS Cloud
IaC on AWS CloudBhuvaneswari Subramani
 
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018
CI CD using AWS Developer Tools @ AWS Community Day Bengaluru 2018Bhuvaneswari Subramani
 
CI/CD on pure AWS
CI/CD on pure AWSCI/CD on pure AWS
CI/CD on pure AWSAndrey Trubitsyn
 
betterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GobetterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GoQAware GmbH
 
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech... Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...Amazon Web Services
 
Serverless use cases with AWS Lambda - More Serverless Event
Serverless use cases with AWS Lambda - More Serverless EventServerless use cases with AWS Lambda - More Serverless Event
Serverless use cases with AWS Lambda - More Serverless EventBoaz Ziniman
 
An Overview of Spinnaker
An Overview of SpinnakerAn Overview of Spinnaker
An Overview of SpinnakerPierre-Nicolas Durette
 
AWS Code{Commit,Deploy,Pipeline} (June 2016)
AWS Code{Commit,Deploy,Pipeline} (June 2016) AWS Code{Commit,Deploy,Pipeline} (June 2016)
AWS Code{Commit,Deploy,Pipeline} (June 2016)Julien SIMON
 
Integrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfIntegrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfAmazon Web Services
 
Twelve Factor Serverless Applications
Twelve Factor Serverless ApplicationsTwelve Factor Serverless Applications
Twelve Factor Serverless ApplicationsAmazon Web Services
 
Securing your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory EnterpriseSecuring your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory EnterpriseDevOps.com
 
Continuous delivery and deployment on AWS
Continuous delivery and deployment on AWSContinuous delivery and deployment on AWS
Continuous delivery and deployment on AWSShiva Narayanaswamy
 
Kubernetes 101 and Fun
Kubernetes 101 and FunKubernetes 101 and Fun
Kubernetes 101 and FunQAware GmbH
 
From Docker Straight to AWS
From Docker Straight to AWSFrom Docker Straight to AWS
From Docker Straight to AWSDevOps.com
 
Cloud Native Unleashed
Cloud Native UnleashedCloud Native Unleashed
Cloud Native UnleashedQAware GmbH
 
All the Ops: DataOps with GitOps for Streaming data on Kafka and Kubernetes
All the Ops: DataOps with GitOps for Streaming data on Kafka and KubernetesAll the Ops: DataOps with GitOps for Streaming data on Kafka and Kubernetes
All the Ops: DataOps with GitOps for Streaming data on Kafka and KubernetesDevOps.com
 
Rein in Your Cloud Costs with Terraform and AWS Lambda
Rein in Your Cloud Costs with Terraform and AWS LambdaRein in Your Cloud Costs with Terraform and AWS Lambda
Rein in Your Cloud Costs with Terraform and AWS LambdaAmanda MacLeod
 
Intro to js august 31
Intro to js august 31Intro to js august 31
Intro to js august 31Thinkful
 
Crafting Kubernetes Operators
Crafting Kubernetes OperatorsCrafting Kubernetes Operators
Crafting Kubernetes OperatorsRed Hat Developers
 
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...Henning Jacobs
 
Netflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source ProgramNetflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source Programaspyker
 
Spinnaker workshop
Spinnaker workshopSpinnaker workshop
Spinnaker workshopLee Xie
 
Pipelining DevOps with Jenkins and AWS
Pipelining DevOps with Jenkins and AWSPipelining DevOps with Jenkins and AWS
Pipelining DevOps with Jenkins and AWSJimmy Ray
 
Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...
Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...
Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...Amazon Web Services
 
AWS Meetup Fort Lauderdale Re:invent Recap
AWS Meetup Fort Lauderdale Re:invent RecapAWS Meetup Fort Lauderdale Re:invent Recap
AWS Meetup Fort Lauderdale Re:invent RecapAnthony Palmer
 

Contenu connexe

Tendances

betterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GobetterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GoQAware GmbH
 
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech... Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...Amazon Web Services
 
Serverless use cases with AWS Lambda - More Serverless Event
Serverless use cases with AWS Lambda - More Serverless EventServerless use cases with AWS Lambda - More Serverless Event
Serverless use cases with AWS Lambda - More Serverless EventBoaz Ziniman
 
AWS Code{Commit,Deploy,Pipeline} (June 2016)
AWS Code{Commit,Deploy,Pipeline} (June 2016) AWS Code{Commit,Deploy,Pipeline} (June 2016)
AWS Code{Commit,Deploy,Pipeline} (June 2016)Julien SIMON
 
Integrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfIntegrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfAmazon Web Services
 
Twelve Factor Serverless Applications
Twelve Factor Serverless ApplicationsTwelve Factor Serverless Applications
Twelve Factor Serverless ApplicationsAmazon Web Services
 
Securing your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory EnterpriseSecuring your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory EnterpriseDevOps.com
 
Continuous delivery and deployment on AWS
Continuous delivery and deployment on AWSContinuous delivery and deployment on AWS
Continuous delivery and deployment on AWSShiva Narayanaswamy
 
Kubernetes 101 and Fun
Kubernetes 101 and FunKubernetes 101 and Fun
Kubernetes 101 and FunQAware GmbH
 
From Docker Straight to AWS
From Docker Straight to AWSFrom Docker Straight to AWS
From Docker Straight to AWSDevOps.com
 
Cloud Native Unleashed
Cloud Native UnleashedCloud Native Unleashed
Cloud Native UnleashedQAware GmbH
 
All the Ops: DataOps with GitOps for Streaming data on Kafka and Kubernetes
All the Ops: DataOps with GitOps for Streaming data on Kafka and KubernetesAll the Ops: DataOps with GitOps for Streaming data on Kafka and Kubernetes
All the Ops: DataOps with GitOps for Streaming data on Kafka and KubernetesDevOps.com
 
Rein in Your Cloud Costs with Terraform and AWS Lambda
Rein in Your Cloud Costs with Terraform and AWS LambdaRein in Your Cloud Costs with Terraform and AWS Lambda
Rein in Your Cloud Costs with Terraform and AWS LambdaAmanda MacLeod
 
Intro to js august 31
Intro to js august 31Intro to js august 31
Intro to js august 31Thinkful
 
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...Henning Jacobs
 
Netflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source ProgramNetflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source Programaspyker
 
Spinnaker workshop
Spinnaker workshopSpinnaker workshop
Spinnaker workshopLee Xie
 
Pipelining DevOps with Jenkins and AWS
Pipelining DevOps with Jenkins and AWSPipelining DevOps with Jenkins and AWS
Pipelining DevOps with Jenkins and AWSJimmy Ray
 

Tendances (20)

betterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit GobetterCode Workshop: Effizientes DevOps-Tooling mit Go
betterCode Workshop: Effizientes DevOps-Tooling mit Go
 
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech... Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...
Building a Python Serverless Applications with AWS Chalice - AWS Online Tech...
 
Serverless use cases with AWS Lambda - More Serverless Event
Serverless use cases with AWS Lambda - More Serverless EventServerless use cases with AWS Lambda - More Serverless Event
Serverless use cases with AWS Lambda - More Serverless Event
 
An Overview of Spinnaker
An Overview of SpinnakerAn Overview of Spinnaker
An Overview of Spinnaker
 
AWS Code{Commit,Deploy,Pipeline} (June 2016)
AWS Code{Commit,Deploy,Pipeline} (June 2016) AWS Code{Commit,Deploy,Pipeline} (June 2016)
AWS Code{Commit,Deploy,Pipeline} (June 2016)
 
Integrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfIntegrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdf
 
Twelve Factor Serverless Applications
Twelve Factor Serverless ApplicationsTwelve Factor Serverless Applications
Twelve Factor Serverless Applications
 
Securing your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory EnterpriseSecuring your AWS Deployments with Spinnaker and Armory Enterprise
Securing your AWS Deployments with Spinnaker and Armory Enterprise
 
Continuous delivery and deployment on AWS
Continuous delivery and deployment on AWSContinuous delivery and deployment on AWS
Continuous delivery and deployment on AWS
 
Kubernetes 101 and Fun
Kubernetes 101 and FunKubernetes 101 and Fun
Kubernetes 101 and Fun
 
From Docker Straight to AWS
From Docker Straight to AWSFrom Docker Straight to AWS
From Docker Straight to AWS
 
Cloud Native Unleashed
Cloud Native UnleashedCloud Native Unleashed
Cloud Native Unleashed
 
All the Ops: DataOps with GitOps for Streaming data on Kafka and Kubernetes
All the Ops: DataOps with GitOps for Streaming data on Kafka and KubernetesAll the Ops: DataOps with GitOps for Streaming data on Kafka and Kubernetes
All the Ops: DataOps with GitOps for Streaming data on Kafka and Kubernetes
 
Rein in Your Cloud Costs with Terraform and AWS Lambda
Rein in Your Cloud Costs with Terraform and AWS LambdaRein in Your Cloud Costs with Terraform and AWS Lambda
Rein in Your Cloud Costs with Terraform and AWS Lambda
 
Intro to js august 31
Intro to js august 31Intro to js august 31
Intro to js august 31
 
Crafting Kubernetes Operators
Crafting Kubernetes OperatorsCrafting Kubernetes Operators
Crafting Kubernetes Operators
 
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...
Large Scale Kubernetes on AWS at Europe's Leading Online Fashion Platform - A...
 
Netflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source ProgramNetflix Open Source: Building a Distributed and Automated Open Source Program
Netflix Open Source: Building a Distributed and Automated Open Source Program
 
Spinnaker workshop
Spinnaker workshopSpinnaker workshop
Spinnaker workshop
 
Pipelining DevOps with Jenkins and AWS
Pipelining DevOps with Jenkins and AWSPipelining DevOps with Jenkins and AWS
Pipelining DevOps with Jenkins and AWS
 

Similaire à Developer Experience at the Guardian, Equal Experts Sept 2021

Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...
Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...
Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...Amazon Web Services
 
AWS Meetup Fort Lauderdale Re:invent Recap
AWS Meetup Fort Lauderdale Re:invent RecapAWS Meetup Fort Lauderdale Re:invent Recap
AWS Meetup Fort Lauderdale Re:invent RecapAnthony Palmer
 
re:Invent Recap-AWSMeetup
re:Invent Recap-AWSMeetupre:Invent Recap-AWSMeetup
re:Invent Recap-AWSMeetupCloudHesive
 
Continuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventContinuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventJohn Schneider
 
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Amazon Web Services
 
Cluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesCluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesQAware GmbH
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAmazon Web Services
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 
Increase Speed and Agility with Amazon Web Services
Increase Speed and Agility with Amazon Web ServicesIncrease Speed and Agility with Amazon Web Services
Increase Speed and Agility with Amazon Web ServicesAmazon Web Services
 
Increase Speed and Agility with Amazon Web Services
Increase Speed and Agility with Amazon Web ServicesIncrease Speed and Agility with Amazon Web Services
Increase Speed and Agility with Amazon Web ServicesAmazon Web Services
 
CI/CD on AWS: Deploy Everything All the Time | AWS Public Sector Summit 2016
CI/CD on AWS: Deploy Everything All the Time | AWS Public Sector Summit 2016CI/CD on AWS: Deploy Everything All the Time | AWS Public Sector Summit 2016
CI/CD on AWS: Deploy Everything All the Time | AWS Public Sector Summit 2016Amazon Web Services
 
Serverless Computing, AWS Way by SourceFuse Technologies
Serverless Computing, AWS Way by SourceFuse Technologies Serverless Computing, AWS Way by SourceFuse Technologies
Serverless Computing, AWS Way by SourceFuse Technologies SourceFuse
 
Serverless Computing, AWS Way: SourceFuse Technologies
Serverless Computing, AWS Way: SourceFuse Technologies Serverless Computing, AWS Way: SourceFuse Technologies
Serverless Computing, AWS Way: SourceFuse Technologies Sarmishtha Sinha
 
Cluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesCluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesQAware GmbH
 
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用Amazon Web Services
 
CI&CD on AWS - Meetup Roma Oct 2016
CI&CD on AWS - Meetup Roma Oct 2016CI&CD on AWS - Meetup Roma Oct 2016
CI&CD on AWS - Meetup Roma Oct 2016Paolo latella
 
Serverless cat detector workshop - cloudyna 2017 (16.12.2017)
Serverless cat detector workshop - cloudyna 2017 (16.12.2017)Serverless cat detector workshop - cloudyna 2017 (16.12.2017)
Serverless cat detector workshop - cloudyna 2017 (16.12.2017)Paweł Pikuła
 
DevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless ArchitectureDevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless ArchitectureMikhail Prudnikov
 
re:Invent Recap: Security Week at the SF Loft
re:Invent Recap: Security Week at the SF Loftre:Invent Recap: Security Week at the SF Loft
re:Invent Recap: Security Week at the SF LoftAmazon Web Services
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsAleksandr Maklakov
 

Similaire à Developer Experience at the Guardian, Equal Experts Sept 2021 (20)

Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...
Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...
Infrastructure Is Code with the AWS Cloud Development Kit (DEV372) - AWS re:I...
 
AWS Meetup Fort Lauderdale Re:invent Recap
AWS Meetup Fort Lauderdale Re:invent RecapAWS Meetup Fort Lauderdale Re:invent Recap
AWS Meetup Fort Lauderdale Re:invent Recap
 
re:Invent Recap-AWSMeetup
re:Invent Recap-AWSMeetupre:Invent Recap-AWSMeetup
re:Invent Recap-AWSMeetup
 
Continuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:InventContinuous Deployment @ AWS Re:Invent
Continuous Deployment @ AWS Re:Invent
 
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
Continuous Integration and Deployment Best Practices on AWS (ARC307) | AWS re...
 
Cluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesCluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards Kubernetes
 
AWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for GovernmentAWS Webcast - Build Agile Applications in AWS Cloud for Government
AWS Webcast - Build Agile Applications in AWS Cloud for Government
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
 
Increase Speed and Agility with Amazon Web Services
Increase Speed and Agility with Amazon Web ServicesIncrease Speed and Agility with Amazon Web Services
Increase Speed and Agility with Amazon Web Services
 
Increase Speed and Agility with Amazon Web Services
Increase Speed and Agility with Amazon Web ServicesIncrease Speed and Agility with Amazon Web Services
Increase Speed and Agility with Amazon Web Services
 
CI/CD on AWS: Deploy Everything All the Time | AWS Public Sector Summit 2016
CI/CD on AWS: Deploy Everything All the Time | AWS Public Sector Summit 2016CI/CD on AWS: Deploy Everything All the Time | AWS Public Sector Summit 2016
CI/CD on AWS: Deploy Everything All the Time | AWS Public Sector Summit 2016
 
Serverless Computing, AWS Way by SourceFuse Technologies
Serverless Computing, AWS Way by SourceFuse Technologies Serverless Computing, AWS Way by SourceFuse Technologies
Serverless Computing, AWS Way by SourceFuse Technologies
 
Serverless Computing, AWS Way: SourceFuse Technologies
Serverless Computing, AWS Way: SourceFuse Technologies Serverless Computing, AWS Way: SourceFuse Technologies
Serverless Computing, AWS Way: SourceFuse Technologies
 
Cluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards KubernetesCluster-as-code. The Many Ways towards Kubernetes
Cluster-as-code. The Many Ways towards Kubernetes
 
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
Track 4 Session 4_ MAD02 MAD 04 如何藉由 CICD 流程管理容器化和無伺服器應用
 
CI&CD on AWS - Meetup Roma Oct 2016
CI&CD on AWS - Meetup Roma Oct 2016CI&CD on AWS - Meetup Roma Oct 2016
CI&CD on AWS - Meetup Roma Oct 2016
 
Serverless cat detector workshop - cloudyna 2017 (16.12.2017)
Serverless cat detector workshop - cloudyna 2017 (16.12.2017)Serverless cat detector workshop - cloudyna 2017 (16.12.2017)
Serverless cat detector workshop - cloudyna 2017 (16.12.2017)
 
DevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless ArchitectureDevOps, Microservices and Serverless Architecture
DevOps, Microservices and Serverless Architecture
 
re:Invent Recap: Security Week at the SF Loft
re:Invent Recap: Security Week at the SF Loftre:Invent Recap: Security Week at the SF Loft
re:Invent Recap: Security Week at the SF Loft
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startups
 

Dernier

How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceanilsa9823
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️anilsa9823
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 

Dernier (20)

How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 

Developer Experience at the Guardian, Equal Experts Sept 2021

  • 1. Developer Experience at The Guardian Equal Experts, Sept 2021
  • 3. What does the DevX team do?
  • 4. A brief history 2015 Solely on AWS (no more on premises servers) 2012 Move to AWS started (mix of on premises and AWS) May 1821 First Manchester Guardian newspaper published 1999 Guardian Unlimited network of websites launched aws.amazon.com/solutions/case-studies/guardian
  • 5. Autonomous teams ● Dotcom team, building theguardian.com ● Apps teams, building the iOS and Android apps ● Reader Revenue teams, building supporter and contribution platforms ● Journalism teams, building internal tools for Editorial staff
  • 6. News website of the year theguardian.com/p/t6qvf
  • 8. (some of) technologies used by the Engineering dept.
  • 9. July 2020 Full time DevX team formed A brief history (continued) 2015 Solely on AWS (no more on premises servers) 2012 Move to AWS started (mix of on premises and AWS) May 1821 First Manchester Guardian newspaper published 1999 Guardian Unlimited network of websites launched aws.amazon.com/solutions/case-studies/guardian
  • 10. What does the DevX team do?
  • 11. 3 areas of focus 1. Client side tools and infrastructure 2. Security tools and infrastructure 3. Operation tools and infrastructure
  • 12. Mission Enable teams to focus on delivering value at lightning speed by streamlining infrastructure management
  • 14. Our DevX Tools ● AMIable - Amazon Machine Image (AMI) management tool ● AMIgo - An AMI bakery ● Anghammarad - Centralised notifications service ● CDK - Generic Guardian flavoured AWS CDK components ● Central ELK - Centralised logging platform ● dev-nginx - Tools to configure a local development nginx to proxy our applications and services ● DNS Validation - An AWS lambda that automatically creates ACM validation DNS records ● Grafana - Centralised metrics service ● Gu:who - answering: who are all these users in my GitHub org? ● Janus - Google-backed AWS account access ● master-to-main - A CLI to automate updating a GitHub repository master branch to main ● Prism - Tool for collecting live data about infrastructure so it can be easily queried by users and automated tooling ● PRout - Looks after your pull requests, tells you when they're live ● Repo Apocalypse - Archive old Github projects to S3 ● RiffRaff - The Guardian's deployment platform ● Security HQ - Centralised security information for AWS accounts ● Source - The Guardian’s design system ● SSM Scala - ssh replacement: CLI program that wraps SSM's EC2 Run Command ● Strap - Bootstrap your macOS development system ● ...
  • 15. Our DevX Tools ● AMIable - Amazon Machine Image (AMI) management tool ● AMIgo - An AMI bakery ● Anghammarad - Centralised notifications service ● CDK - Generic Guardian flavoured AWS CDK components ● Central ELK - Centralised logging platform ● dev-nginx - Tools to configure a local development nginx to proxy our applications and services ● DNS Validation - An AWS lambda that automatically creates ACM validation DNS records ● Grafana - Centralised metrics service ● Gu:who - answering: who are all these users in my GitHub org? ● Janus - Google-backed AWS account access ● master-to-main - A CLI to automate updating a GitHub repository master branch to main ● Prism - Tool for collecting live data about infrastructure so it can be easily queried by users and automated tooling ● PRout - Looks after your pull requests, tells you when they're live ● Repo Apocalypse - Archive old Github projects to S3 ● RiffRaff - The Guardian's deployment platform ● Security HQ - Centralised security information for AWS accounts ● Source - The Guardian’s design system ● SSM Scala - ssh replacement: CLI program that wraps SSM's EC2 Run Command ● Strap - Bootstrap your macOS development system ● ... 😱😱😱😱 😱
  • 16. Janus When making API calls to AWS locally, AWS credentials are required. Developers do not have any IAM users for our AWS accounts, instead we use temporary credentials or short-term, federated sessions. Janus is our federated login system for managing access to our myriad AWS accounts. This approach allows us to make our infrastructure easier and more secure to use. Google-backed AWS account access github.com/guardian/janus-app
  • 18. SSM Scala A command line tool that wraps AWS Systems Manager (SSM). Used to execute commands on EC2 servers using EC2 Run command. It provides the user with: ● an alternative to SSH for running commands ● standard SSH access using short lived RSA keys We have removed direct SSH access (port 22) from applications and replaced it with SSM Scala. github.com/guardian/ssm-scala
  • 19. Riff-Raff Our applications primarily run on EC2 or Lambda. Riff-Raff is our deployment tool and it allows us to use AWS auto-scaling to achieve zero downtime deploys. Riff-Raff also records the deployment history of each project, and can be used to schedule deploys. The Guardian's deployment platform github.com/guardian/riff-raff
  • 22. Source Source is our Design System. Written in React and Emotion, it creates a consistent user and developer experience across *.theguardian.com and the apps. It's expanding to support internal tooling too. The Guardian's design system github.com/guardian/source
  • 23. Prism Prism captures information about the infrastructure across our entire estate in near real-time. There is also a command line tool that uses the Prism API to locate infrastructure. github.com/guardian/prism
  • 25. Areas of focus For the Operations team ● Observability ● Runtime environment ● Configuration ● Deployment
  • 27. Let’s talk about CloudFormation... ✅ Tracked in VCS ✅ Repeatable ❌ JSON / YAML ❌ JSON can become verbose ❌ YAML is sensitive to whitespace ❌ Long feedback loop ❌ Errors first seen at runtime (UPDATE_ROLLBACK_COMPLETE 😈) ❌ Can result in not following the principles of least privilege ❌ Encourages copy pasting ❌ Consistency? ❌ Following best practice?
  • 28. Guardian CDK ✅ Tracked in VCS ✅ Repeatable ✅ Written in a strongly typed language (TypeScript) ✅ Built using AWS CDK ✅ Unit tested ✅ Encodes today’s best practices ✅ Observability ✅ Runtime environment ✅ Configuration ✅ Deployment ✅ Follows the principles of least privilege ✅ npm install @guardian/cdk@latest github.com/guardian/cdk
  • 30. Guardian CDK ● A set of Guardian flavoured AWS CDK constructs and patterns, encoding today’s best practice on: ○ Observability ○ Runtime environment ○ Configuration ○ Deployment ● CloudFormation in TypeScript ● Tracked in VCS ● Improved consistency ● Not YAML or JSON 🎉 ○ Strongly typed ○ Unit tested github.com/guardian/cdk
  • 31. What does the DevX team do?
  • 32. A lot of our backend tooling revolves around simplifying AWS resource management across multiple accounts. Observation
  • 33. Vision We will collaboratively create and maintain best in class standard patterns for deployment, configuration, runtime and observability. Creating and maintaining apps that follow these patterns will be quick, logical, free of boilerplate and secure by default. We will have worked with teams to migrate the majority of applications to our standard patterns. Teams will be focussed on delivering business value at high velocity as infrastructure concerns have been streamlined.