SlideShare a Scribd company logo

Optimize your CI/CD with GitLab and AWS

DevOps.com
DevOps.com

The document discusses best practices for accelerating the transformation to mature software manufacturing using DevOps principles. It recommends adopting modern approaches like microservices, serverless architectures, infrastructure as code, and event-driven architectures to increase speed and agility. Automating testing and deployments through continuous integration/delivery (CI/CD) pipelines is key. The document advocates treating infrastructure like code and using tools like AWS CodePipeline and GitLab to enable self-service platforms and faster delivery through automation.

Technology
1 of 38
Download to read offline
1 Born for DevOps CI CD: Accelerating the Transformation to Mature Software Manufacturing Darwin Sanoy, Senior Solutions Architect, GitLab James Bland, Ph.D., Sr. Solutions Architect, AWS
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is DevOps? DevOps is the combination of cultural philosophies, processes, people, and technology that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market.
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is DevOps today DevOps = Modernization
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. • Shrink the scope • Offload the undifferentiated pieces • Choose the right tool for the job • Automate everything A modern approach allows you to:
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why are customers choosing to build modern apps? Faster to Market More reliable applications Increased rate of innovation Reduced costs
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Best practices from AWS
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Two-pizza teams are fast & agile • Full ownership & autonomy • You build it, you run it • DevOps – small, nimble teams • Focused innovation
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Structure apps as collections of microservices When the impact of change is small, release velocity can increase Monolithic application Does everything Shared release pipeline Rigid scaling High impact of change Hard to adopt new technologies Microservices Does one thing Independent deployments Independent scaling Small impact of change Choice of technology
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Structure apps as collections of microservices APIs and decoupled communications enable automation and improves reliability FUNCTION API API MICROSERVICE FUNCTION EVENT API MICROSERVICE EVENT API MICROSERVICE APPLICATION
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use code to model applications and infrastructure Treating everything as software increases the speed and agility of infrastructure deployments Design Write application code Create infrastructure templates Create stacks Iterate
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LEVELOFABSTRACTION FOCUS ON BUSINESS LOGIC SERVERLESS P H Y S IC A L M A C H IN E S V IR T U A L M A C H IN E S C O N T A IN E R IZ A T IO N AWS Lambda AWS Fargate • Continuous scaling • Fault tolerance built-in • Pay for value • Zero maintenance • Focus on business value Serverless architectures provide the greatest agility with the least effort
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Directed Commands Observable Events Event-driven architectures Events are observable, not directed
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Event-driven Benefits: Break up the work Decoupled and distributed Decrease waste Pay for value Event-driven architectures
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Creating powerful self-service platforms that enable builders to use the right tool for the right job Self-service platforms without gatekeepers
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. developers delivery pipelines services monitorreleasetestbuild Deployment: Monolith development lifecycle
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. developers services monitorreleasetestbuild delivery pipelines monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild Deployment: Microservice development lifecycle
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security in the CI/CD pipeline Artifact validation Static code analysis Security of the CI/CD pipeline Access roles Hardening build servers/nodes 1 2 Automated and Secure Pipelines
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. A shift to microservices • Single-purpose • Connect only through hardened APIs • Largely “black boxes” to each other • Business logic and data only accessible through APIs
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deployment at scale 1,000s of teams Micro- services CI/CD Serverless = 190Million Deployments / Year
© 2020, Amazon Web Services, Inc. or its Affiliates. Want to learn more
© 2020, Amazon Web Services, Inc. or its Affiliates. Architecture, software delivery, and operations By Amazon’s senior technical executives and engineers Real-world practices with detailed explanations Content available for free on the website The Amazon Builders’ Library How Amazon builds and operates software
© 2020, Amazon Web Services, Inc. or its Affiliates. AWS Modernization Workshops Curated workshops created by AWS Partners https://awsworkshop.io
23 How To Have a Tortured Software Manufacturing Transformation Avoiding The DevSecOps Russian Nesting Doll Born for DevOps CI CD Accelerating the Transformation to a Mature Culture of Software Manufacturing Parallel Worlds: The Evolution of Automated Manufacturing Inherent DevOps Transformation Throughput Limits The Russian Nesting Doll Effect (Matryoshka) GitLab and AWS – Better Together!
24 Everywhere Else Do Engineered Automation (as Much as Possible) Focus Craftsmanship On Innovations That Delight Customers Henry Ford: Manufacturing Transformation
25 Benefits of Pulling A “Henry Ford” On Software Manufacturing ● Speed of innovations to market ● Improving predictability and quality ● Lowering cost of production and maintenance (after surge investment) ● Encoding of tacit human knowledge into Intellectual Property ● Removal of drudgery Let’s look at some key elements affecting the transition from the practice of software craftmanship to the practice of software manufacturing.
26 Car Manufacturing as Craft Challenges: ● Skilling Workers (Skill Breadth=Time) ● Scaling Production ● Consistent Quality ● Serviceability of Product ● Know How as a Corporate Asset Integrated: Know How + Manufacturing Labor
27 Automation Maturity Wave 1 Making product from engineered plans using an assembly line Product Engineer
28 Key Craft Transformations and Limits - Tacit Knowledge - Individual Knowledge - Implicit processes - Product Designed for Craft Assembly - Integrated Manufacturing Labor (Drudgery) - Explicit Knowledge - Shared Knowledge - Explicit processes - Product Re-Designed for Automated Assembly - Externalized & Automated Manufacturing Labor Maximum Bandwidth of Deep Know How Extraction Maximum Bandwidth of Reskilling Product Refactoring for Assembly Line Production Crafting Engineering & Automation Inherent Limits (While Continuing To Deliver Customer Value with Current Means)
31 The Russian Nesting Doll Effect Maturity Level 1 Product Engineered From Standard Parts Maturity Level 4: The Above for Infrastructure as Code (IaC) Product Craft Iterate! Maturity Level 2 Parts Build Automation Machine Op Craft Maturity Level 3 Assembly Lines Engineered from Standard Components or Functional Templates Factory Craft (DevOps ToolChain)
32 DevSecOps / AppSec - Skip the Russian Dolls ● Many companies efforts are in a Craftsmanship stage ○ Limited automation ○ Throughput limited by size of Security team ○ Manual reports, reviews and processes. Do a 3 Year DevSecOps Integrated Maturity & TCO Plan to compare Mature DIY DevSecOps to GitLab’s Prefabricated DevSecOps Assembly Line (Maturity Level 3) ● Multiple tools knitted together with complex manual processes and some hand off automation Late discoveries due to non-planned journey to maturity: ● Consumption based scanning license models ● Tool implementation & training costs ● Cost of non-integrated CI code review Why Play With Dolls At All?
33 GitLab Prefabricated Sub- Assemblies (e.g. SAST Scanning) Primitives to Build Sub-Assemblies and Lines Templates Your Prefabricated Sub-Assemblies & Lines Prefabricated Partner Sub-Assemblies Prefabricated Assembly Lines (AutoDevOps, DevSecOps) Skip the Russian Dolls by starting as high in this stack as you can. Unboxing The GitLab Factory Making Kit
34 Self-Managed SaaS 3 Paid Enterprise Tiers Free Enterprise (Public, OSS, Edu, Startup) Free Community Edition (100% OSS) Lots of Options To Get Involved 30 Day Trials - Self-Run - Sales Assisted
35 Production Grade CI / CD Automation Prefabricated Modular Scalable Highly Available 100% CI CD Automated Enables Building Your Own CI CD Primitives When Required Pipeline As Code
36 How to Have a Tortured Software Manufacturing Transformation ● Not accounting for both coding domains: Application Coding (CI), Infrastructure Coding (CD) ● Not skipping the DevSecOps Russian Doll ● Not allocating surge time and resources for culture, skill and technical transformation ● Not allocating refactor time for product code that is not DevOps assembly line friendly (12- factor.net) ● Not driving knowledge extraction, skilling or product refactoring to done-done. ● Not automating all the Russian dolls (Is QA or AppSec still the semi-manual bottleneck?) ● Not using off the shelf tooling to skip Craft => Engineering cycles as much as possible ● Not remembering craft is what creates all innovation - you must have it - but not where industry has or is reducing it to engineered automation.
37 All Branches SCM CI Job BranchA CI Job BranchB CI Job CI Job CD Integration Job BranchA Background AWS Services Config (Per-Service + Per-Branch / Per-Pipeline) IAM Role Per Service BranchA CodePipeline Per-Branch / Per-Pipeline) Code Pipeline CodeBuild CodeCommit CodeDeployCodeBuild CodeBuild S3 CloudWatch CloudFormation IAM CodeDeploy 3. Repo Mirroring Trigger - Full CodePipeline Integration - Leverage Superior GitLab SCM - Phased Migration Step (migration) 1. CodeDeploy Direct Integration - for Superior AWS Specific CD - for true Build/Pipeline as Code - No IaC for pipelines - Dynamic, per-branch pipelines Integration Options ECR 2. Artifact Depositing Trigger - CodePipeline for Deploy Only - Leverage Superior GitLab SCM - for Superior AWS Specific CD - S3 or ECR triggers S3 AWS Amplify AWS Elastic Beanstalk
38 Feature (many) (with builds) Rich Workflow Gating Controls for “Code Review” and “Environment Change Control” Push Rules (entire repo) Pre-prod (Deploy) Environment Deployment Branches Integration (Code Review & Validate) Code Review Branch Protections w/ Custom Groups Stage (Deploy Branch) Independent Branch Protections by Role by Users & Custom Groups by CODEOWNERS Prod (Deploy) Security & Compliance Scanning & Dashboard Custom Groups BS GU Verified Committers Signed Commits SP Lock Files / Dirs SP BSFC SP Repo-Wide Merge Approvals Tag Protections w/ Custom Groups BS BS Multiple Merge Approval Rules w/ Custom Groups SP GitLab CI FC BS AWS CodeDeploy Amazon ECS AWS CodeDeploy AWS CodePipelin e Amazon ECS AWS CodeDeploy AWS CodePipelin eAmazon ECS AWS CodeDeploy AWS CodePipelin e Amazon ECS ECS is built in, CodeDeploy and CodePipeline are Easy to Add
39 Resources Wire GitLab and AWS CodePipeline Together Integrate GitLab with AWS CodePipeline https://docs.gitlab.com/ee/user/project/repository/repository_mirroring.html Rich Change Controls for Building Workflows You Can Trust https://www.youtube.com/watch?v=uW95PV8d-w8
40 Solution Architects Partnering In Your Success With GitLab Need Help Understanding or Trying Out GitLab CI? https://about.gitlab.com/sales/ Darwin Sanoy, Senior Solutions Architect, GitLab James Bland, Ph.D., Sr. Solutions Architect, AWS DarwinJS @DarwinTheorizes missionimpossiblecode.io linkedin.com/in/DarwinSanoy linkedin.com/in/jamesbland123

Recommended

Gitlab CI/CD
Gitlab CI/CDGitlab CI/CD
Gitlab CI/CD
JEMLI Fathi
 
Continuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CIContinuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CI
David Hahn
 
Devops Porto - CI/CD at Gitlab
Devops Porto - CI/CD at GitlabDevops Porto - CI/CD at Gitlab
Devops Porto - CI/CD at Gitlab
Filipa Lacerda
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCD
CloudOps2005
 
CICD with Jenkins
CICD with JenkinsCICD with Jenkins
CICD with Jenkins
Vietnam Open Infrastructure User Group
 
CI/CD (DevOps) 101
CI/CD (DevOps) 101CI/CD (DevOps) 101
CI/CD (DevOps) 101
Hazzim Anaya
 
Building a CICD pipeline for deploying to containers
Building a CICD pipeline for deploying to containersBuilding a CICD pipeline for deploying to containers
Building a CICD pipeline for deploying to containers
Amazon Web Services
 
CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
Bhargav Amin
 

Recommended

Gitlab CI/CD
Gitlab CI/CDGitlab CI/CD
Gitlab CI/CD
JEMLI Fathi
 
Continuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CIContinuous Integration/Deployment with Gitlab CI
Continuous Integration/Deployment with Gitlab CI
David Hahn
 
Devops Porto - CI/CD at Gitlab
Devops Porto - CI/CD at GitlabDevops Porto - CI/CD at Gitlab
Devops Porto - CI/CD at Gitlab
Filipa Lacerda
 
GitOps with ArgoCD
GitOps with ArgoCDGitOps with ArgoCD
GitOps with ArgoCD
CloudOps2005
 
CICD with Jenkins
CICD with JenkinsCICD with Jenkins
CICD with Jenkins
Vietnam Open Infrastructure User Group
 
CI/CD (DevOps) 101
CI/CD (DevOps) 101CI/CD (DevOps) 101
CI/CD (DevOps) 101
Hazzim Anaya
 
Building a CICD pipeline for deploying to containers
Building a CICD pipeline for deploying to containersBuilding a CICD pipeline for deploying to containers
Building a CICD pipeline for deploying to containers
Amazon Web Services
 
CI/CD on AWS
CI/CD on AWSCI/CD on AWS
CI/CD on AWS
Bhargav Amin
 
Using GitLab CI
Using GitLab CIUsing GitLab CI
Using GitLab CI
ColCh
 
GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...
GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...
GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...
GITS Indonesia
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Vietnam Open Infrastructure User Group
 
GitOps w/argocd
GitOps w/argocdGitOps w/argocd
GitOps w/argocd
Jean-Philippe Bélanger
 
Gitlab ci, cncf.sk
Gitlab ci, cncf.skGitlab ci, cncf.sk
Gitlab ci, cncf.sk
Juraj Hantak
 
CI/CD Overview
CI/CD OverviewCI/CD Overview
CI/CD Overview
An Nguyen
 
CD using ArgoCD(KnolX).pdf
CD using ArgoCD(KnolX).pdfCD using ArgoCD(KnolX).pdf
CD using ArgoCD(KnolX).pdf
Knoldus Inc.
 
"DevOps > CI+CD "
"DevOps > CI+CD ""DevOps > CI+CD "
"DevOps > CI+CD "
Innovation Roots
 
CI with Gitlab & Docker
CI with Gitlab & DockerCI with Gitlab & Docker
CI with Gitlab & Docker
Joerg Henning
 
GitLab for CI/CD process
GitLab for CI/CD processGitLab for CI/CD process
GitLab for CI/CD process
HYS Enterprise
 
Introduction to CI/CD
Introduction to CI/CDIntroduction to CI/CD
Introduction to CI/CD
Hoang Le
 
CI-CD WITH GITLAB WORKFLOW
CI-CD WITH GITLAB WORKFLOWCI-CD WITH GITLAB WORKFLOW
CI-CD WITH GITLAB WORKFLOW
AddWeb Solution Pvt. Ltd.
 
Fundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CDFundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CD
Batyr Nuryyev
 
Jenkins vs GitLab CI
Jenkins vs GitLab CIJenkins vs GitLab CI
Jenkins vs GitLab CI
CEE-SEC(R)
 
Automation CICD
Automation CICDAutomation CICD
Automation CICD
Lumban Sopian
 
CI/CD
CI/CDCI/CD
CI/CD
AmitDhodi
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation Slides
Amazon Web Services
 
CI and CD with Jenkins
CI and CD with JenkinsCI and CD with Jenkins
CI and CD with Jenkins
Martin Málek
 
Introduction to CI/CD
Introduction to CI/CDIntroduction to CI/CD
Introduction to CI/CD
Steve Mactaggart
 
Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cd
Dan MAGIER
 
IBM Think 2020 Openshift on IBM Z and LinuxONE
IBM Think 2020 Openshift on IBM Z and LinuxONEIBM Think 2020 Openshift on IBM Z and LinuxONE
IBM Think 2020 Openshift on IBM Z and LinuxONE
Filipe Miranda
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale Organizations
XebiaLabs
 

More Related Content

What's hot

What's hot (20)

Using GitLab CI
Using GitLab CIUsing GitLab CI
Using GitLab CI
 
GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...
GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...
GITS Class #16: CI/CD (Continuous Integration & Continuous Deployment) with G...
 
Meetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOpsMeetup 23 - 03 - Application Delivery on K8S with GitOps
Meetup 23 - 03 - Application Delivery on K8S with GitOps
 
GitOps w/argocd
GitOps w/argocdGitOps w/argocd
GitOps w/argocd
 
Gitlab ci, cncf.sk
Gitlab ci, cncf.skGitlab ci, cncf.sk
Gitlab ci, cncf.sk
 
CI/CD Overview
CI/CD OverviewCI/CD Overview
CI/CD Overview
 
CD using ArgoCD(KnolX).pdf
CD using ArgoCD(KnolX).pdfCD using ArgoCD(KnolX).pdf
CD using ArgoCD(KnolX).pdf
 
"DevOps > CI+CD "
"DevOps > CI+CD ""DevOps > CI+CD "
"DevOps > CI+CD "
 
CI with Gitlab & Docker
CI with Gitlab & DockerCI with Gitlab & Docker
CI with Gitlab & Docker
 
GitLab for CI/CD process
GitLab for CI/CD processGitLab for CI/CD process
GitLab for CI/CD process
 
Introduction to CI/CD
Introduction to CI/CDIntroduction to CI/CD
Introduction to CI/CD
 
CI-CD WITH GITLAB WORKFLOW
CI-CD WITH GITLAB WORKFLOWCI-CD WITH GITLAB WORKFLOW
CI-CD WITH GITLAB WORKFLOW
 
Fundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CDFundamentals of DevOps and CI/CD
Fundamentals of DevOps and CI/CD
 
Jenkins vs GitLab CI
Jenkins vs GitLab CIJenkins vs GitLab CI
Jenkins vs GitLab CI
 
Automation CICD
Automation CICDAutomation CICD
Automation CICD
 
CI/CD
CI/CDCI/CD
CI/CD
 
Build CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation SlidesBuild CICD Pipeline for Container Presentation Slides
Build CICD Pipeline for Container Presentation Slides
 
CI and CD with Jenkins
CI and CD with JenkinsCI and CD with Jenkins
CI and CD with Jenkins
 
Introduction to CI/CD
Introduction to CI/CDIntroduction to CI/CD
Introduction to CI/CD
 
Gitlab ci-cd
Gitlab ci-cdGitlab ci-cd
Gitlab ci-cd
 

Similar to Optimize your CI/CD with GitLab and AWS

Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale Organizations
XebiaLabs
 
How to Balance System Speed and Risk for Multi-Platform Innovation
How to Balance System Speed and Risk for Multi-Platform InnovationHow to Balance System Speed and Risk for Multi-Platform Innovation
How to Balance System Speed and Risk for Multi-Platform Innovation
Claudia Ring
 
How do you deliver your applications to the cloud?
How do you deliver your applications to the cloud?How do you deliver your applications to the cloud?
How do you deliver your applications to the cloud?
Michael Elder
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
WSO2
 
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-PatternsTo Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
DevOps.com
 
Software Factories in the Real World: How an IBM WebSphere Integration Factor...
Software Factories in the Real World: How an IBM WebSphere Integration Factor...Software Factories in the Real World: How an IBM WebSphere Integration Factor...
Software Factories in the Real World: How an IBM WebSphere Integration Factor...
ghodgkinson
 
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
Amazon Web Services
 

Similar to Optimize your CI/CD with GitLab and AWS (20)

IBM Think 2020 Openshift on IBM Z and LinuxONE
IBM Think 2020 Openshift on IBM Z and LinuxONEIBM Think 2020 Openshift on IBM Z and LinuxONE
IBM Think 2020 Openshift on IBM Z and LinuxONE
 
Infrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale OrganizationsInfrastructure as Code in Large Scale Organizations
Infrastructure as Code in Large Scale Organizations
 
How to Balance System Speed and Risk for Multi-Platform Innovation
How to Balance System Speed and Risk for Multi-Platform InnovationHow to Balance System Speed and Risk for Multi-Platform Innovation
How to Balance System Speed and Risk for Multi-Platform Innovation
 
How do you deliver your applications to the cloud?
How do you deliver your applications to the cloud?How do you deliver your applications to the cloud?
How do you deliver your applications to the cloud?
 
Webinar VB6 apps to html5
Webinar VB6 apps to html5Webinar VB6 apps to html5
Webinar VB6 apps to html5
 
Overview
OverviewOverview
Overview
 
UrbanCode Deploy course and product overview slides
UrbanCode Deploy course and product overview slidesUrbanCode Deploy course and product overview slides
UrbanCode Deploy course and product overview slides
 
Applying lean, dev ops, and cloud for better business outcomes
Applying lean, dev ops, and cloud for better business outcomesApplying lean, dev ops, and cloud for better business outcomes
Applying lean, dev ops, and cloud for better business outcomes
 
Collision 2018: CodeStar for CICD Pipelines
Collision 2018: CodeStar for CICD PipelinesCollision 2018: CodeStar for CICD Pipelines
Collision 2018: CodeStar for CICD Pipelines
 
The Future of DevOps and UrbanCode
The Future of DevOps and UrbanCodeThe Future of DevOps and UrbanCode
The Future of DevOps and UrbanCode
 
The new developer experience
The new developer experienceThe new developer experience
The new developer experience
 
Gartner EA Architecting for DevOps and Hybrid Cloud
Gartner EA Architecting for DevOps and Hybrid CloudGartner EA Architecting for DevOps and Hybrid Cloud
Gartner EA Architecting for DevOps and Hybrid Cloud
 
Delivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing ChoreoDelivering New Digital Experiences Fast - Introducing Choreo
Delivering New Digital Experiences Fast - Introducing Choreo
 
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
 
Improve productivity with Continuous Integration & Delivery
Improve productivity with Continuous Integration & DeliveryImprove productivity with Continuous Integration & Delivery
Improve productivity with Continuous Integration & Delivery
 
New Continuous Release and Deployment Capabilities for CICS Customers v4
New Continuous Release and Deployment Capabilities for CICS Customers v4New Continuous Release and Deployment Capabilities for CICS Customers v4
New Continuous Release and Deployment Capabilities for CICS Customers v4
 
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
Applying DevOps, PaaS and cloud for better citizen service outcomes - IBM Fe...
 
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-PatternsTo Scale Test Automation for DevOps, Avoid These Anti-Patterns
To Scale Test Automation for DevOps, Avoid These Anti-Patterns
 
Software Factories in the Real World: How an IBM WebSphere Integration Factor...
Software Factories in the Real World: How an IBM WebSphere Integration Factor...Software Factories in the Real World: How an IBM WebSphere Integration Factor...
Software Factories in the Real World: How an IBM WebSphere Integration Factor...
 
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
 

More from DevOps.com

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
DevOps.com
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
DevOps.com
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
DevOps.com
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
DevOps.com
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
DevOps.com
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
DevOps.com
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
DevOps.com
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
DevOps.com
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
DevOps.com
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
DevOps.com
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
DevOps.com
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
DevOps.com
 

More from DevOps.com (20)

Modernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source SoftwareModernizing on IBM Z Made Easier With Open Source Software
Modernizing on IBM Z Made Easier With Open Source Software
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
Comparing Microsoft SQL Server 2019 Performance Across Various Kubernetes Pla...
 
Next Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and SnykNext Generation Vulnerability Assessment Using Datadog and Snyk
Next Generation Vulnerability Assessment Using Datadog and Snyk
 
Vulnerability Discovery in the Cloud
Vulnerability Discovery in the CloudVulnerability Discovery in the Cloud
Vulnerability Discovery in the Cloud
 
2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions2021 Open Source Governance: Top Ten Trends and Predictions
2021 Open Source Governance: Top Ten Trends and Predictions
 
A New Year’s Ransomware Resolution
A New Year’s Ransomware ResolutionA New Year’s Ransomware Resolution
A New Year’s Ransomware Resolution
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
 
Don't Panic! Effective Incident Response
Don't Panic! Effective Incident ResponseDon't Panic! Effective Incident Response
Don't Panic! Effective Incident Response
 
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's CultureCreating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
Creating a Culture of Chaos: Chaos Engineering Is Not Just Tools, It's Culture
 
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with TeleportRole Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
Role Based Access Controls (RBAC) for SSH and Kubernetes Access with Teleport
 
Monitoring Serverless Applications with Datadog
Monitoring Serverless Applications with DatadogMonitoring Serverless Applications with Datadog
Monitoring Serverless Applications with Datadog
 
Deliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or PrivatelyDeliver your App Anywhere … Publicly or Privately
Deliver your App Anywhere … Publicly or Privately
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid final
 
How to Build a Healthy On-Call Culture
How to Build a Healthy On-Call CultureHow to Build a Healthy On-Call Culture
How to Build a Healthy On-Call Culture
 
The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021The Evolving Role of the Developer in 2021
The Evolving Role of the Developer in 2021
 
Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?Service Mesh: Two Big Words But Do You Need It?
Service Mesh: Two Big Words But Do You Need It?
 
Secure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift EnvironmentsSecure Data Sharing in OpenShift Environments
Secure Data Sharing in OpenShift Environments
 
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
How to Govern Identities and Access in Cloud Infrastructure: AppsFlyer Case S...
 
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
Elevate Your Enterprise Python and R AI, ML Software Strategy with Anaconda T...
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Evaluating the top large language models.pdf
Evaluating the top large language models.pdfEvaluating the top large language models.pdf
Evaluating the top large language models.pdf
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

Optimize your CI/CD with GitLab and AWS

  • 1. 1 Born for DevOps CI CD: Accelerating the Transformation to Mature Software Manufacturing Darwin Sanoy, Senior Solutions Architect, GitLab James Bland, Ph.D., Sr. Solutions Architect, AWS
  • 2. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is DevOps? DevOps is the combination of cultural philosophies, processes, people, and technology that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market.
  • 3. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is DevOps today DevOps = Modernization
  • 4. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. • Shrink the scope • Offload the undifferentiated pieces • Choose the right tool for the job • Automate everything A modern approach allows you to:
  • 5. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why are customers choosing to build modern apps? Faster to Market More reliable applications Increased rate of innovation Reduced costs
  • 6. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Best practices from AWS
  • 7. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Two-pizza teams are fast & agile • Full ownership & autonomy • You build it, you run it • DevOps – small, nimble teams • Focused innovation
  • 8. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Structure apps as collections of microservices When the impact of change is small, release velocity can increase Monolithic application Does everything Shared release pipeline Rigid scaling High impact of change Hard to adopt new technologies Microservices Does one thing Independent deployments Independent scaling Small impact of change Choice of technology
  • 9. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Structure apps as collections of microservices APIs and decoupled communications enable automation and improves reliability FUNCTION API API MICROSERVICE FUNCTION EVENT API MICROSERVICE EVENT API MICROSERVICE APPLICATION
  • 10. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use code to model applications and infrastructure Treating everything as software increases the speed and agility of infrastructure deployments Design Write application code Create infrastructure templates Create stacks Iterate
  • 11. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. LEVELOFABSTRACTION FOCUS ON BUSINESS LOGIC SERVERLESS P H Y S IC A L M A C H IN E S V IR T U A L M A C H IN E S C O N T A IN E R IZ A T IO N AWS Lambda AWS Fargate • Continuous scaling • Fault tolerance built-in • Pay for value • Zero maintenance • Focus on business value Serverless architectures provide the greatest agility with the least effort
  • 12. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Directed Commands Observable Events Event-driven architectures Events are observable, not directed
  • 13. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Event-driven Benefits: Break up the work Decoupled and distributed Decrease waste Pay for value Event-driven architectures
  • 14. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Creating powerful self-service platforms that enable builders to use the right tool for the right job Self-service platforms without gatekeepers
  • 15. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. developers delivery pipelines services monitorreleasetestbuild Deployment: Monolith development lifecycle
  • 16. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. developers services monitorreleasetestbuild delivery pipelines monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild monitorreleasetestbuild Deployment: Microservice development lifecycle
  • 17. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security in the CI/CD pipeline Artifact validation Static code analysis Security of the CI/CD pipeline Access roles Hardening build servers/nodes 1 2 Automated and Secure Pipelines
  • 18. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. A shift to microservices • Single-purpose • Connect only through hardened APIs • Largely “black boxes” to each other • Business logic and data only accessible through APIs
  • 19. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deployment at scale 1,000s of teams Micro- services CI/CD Serverless = 190Million Deployments / Year
  • 20. © 2020, Amazon Web Services, Inc. or its Affiliates. Want to learn more
  • 21. © 2020, Amazon Web Services, Inc. or its Affiliates. Architecture, software delivery, and operations By Amazon’s senior technical executives and engineers Real-world practices with detailed explanations Content available for free on the website The Amazon Builders’ Library How Amazon builds and operates software
  • 22. © 2020, Amazon Web Services, Inc. or its Affiliates. AWS Modernization Workshops Curated workshops created by AWS Partners https://awsworkshop.io
  • 23. 23 How To Have a Tortured Software Manufacturing Transformation Avoiding The DevSecOps Russian Nesting Doll Born for DevOps CI CD Accelerating the Transformation to a Mature Culture of Software Manufacturing Parallel Worlds: The Evolution of Automated Manufacturing Inherent DevOps Transformation Throughput Limits The Russian Nesting Doll Effect (Matryoshka) GitLab and AWS – Better Together!
  • 24. 24 Everywhere Else Do Engineered Automation (as Much as Possible) Focus Craftsmanship On Innovations That Delight Customers Henry Ford: Manufacturing Transformation
  • 25. 25 Benefits of Pulling A “Henry Ford” On Software Manufacturing ● Speed of innovations to market ● Improving predictability and quality ● Lowering cost of production and maintenance (after surge investment) ● Encoding of tacit human knowledge into Intellectual Property ● Removal of drudgery Let’s look at some key elements affecting the transition from the practice of software craftmanship to the practice of software manufacturing.
  • 26. 26 Car Manufacturing as Craft Challenges: ● Skilling Workers (Skill Breadth=Time) ● Scaling Production ● Consistent Quality ● Serviceability of Product ● Know How as a Corporate Asset Integrated: Know How + Manufacturing Labor
  • 27. 27 Automation Maturity Wave 1 Making product from engineered plans using an assembly line Product Engineer
  • 28. 28 Key Craft Transformations and Limits - Tacit Knowledge - Individual Knowledge - Implicit processes - Product Designed for Craft Assembly - Integrated Manufacturing Labor (Drudgery) - Explicit Knowledge - Shared Knowledge - Explicit processes - Product Re-Designed for Automated Assembly - Externalized & Automated Manufacturing Labor Maximum Bandwidth of Deep Know How Extraction Maximum Bandwidth of Reskilling Product Refactoring for Assembly Line Production Crafting Engineering & Automation Inherent Limits (While Continuing To Deliver Customer Value with Current Means)
  • 29. 31 The Russian Nesting Doll Effect Maturity Level 1 Product Engineered From Standard Parts Maturity Level 4: The Above for Infrastructure as Code (IaC) Product Craft Iterate! Maturity Level 2 Parts Build Automation Machine Op Craft Maturity Level 3 Assembly Lines Engineered from Standard Components or Functional Templates Factory Craft (DevOps ToolChain)
  • 30. 32 DevSecOps / AppSec - Skip the Russian Dolls ● Many companies efforts are in a Craftsmanship stage ○ Limited automation ○ Throughput limited by size of Security team ○ Manual reports, reviews and processes. Do a 3 Year DevSecOps Integrated Maturity & TCO Plan to compare Mature DIY DevSecOps to GitLab’s Prefabricated DevSecOps Assembly Line (Maturity Level 3) ● Multiple tools knitted together with complex manual processes and some hand off automation Late discoveries due to non-planned journey to maturity: ● Consumption based scanning license models ● Tool implementation & training costs ● Cost of non-integrated CI code review Why Play With Dolls At All?
  • 31. 33 GitLab Prefabricated Sub- Assemblies (e.g. SAST Scanning) Primitives to Build Sub-Assemblies and Lines Templates Your Prefabricated Sub-Assemblies & Lines Prefabricated Partner Sub-Assemblies Prefabricated Assembly Lines (AutoDevOps, DevSecOps) Skip the Russian Dolls by starting as high in this stack as you can. Unboxing The GitLab Factory Making Kit
  • 32. 34 Self-Managed SaaS 3 Paid Enterprise Tiers Free Enterprise (Public, OSS, Edu, Startup) Free Community Edition (100% OSS) Lots of Options To Get Involved 30 Day Trials - Self-Run - Sales Assisted
  • 33. 35 Production Grade CI / CD Automation Prefabricated Modular Scalable Highly Available 100% CI CD Automated Enables Building Your Own CI CD Primitives When Required Pipeline As Code
  • 34. 36 How to Have a Tortured Software Manufacturing Transformation ● Not accounting for both coding domains: Application Coding (CI), Infrastructure Coding (CD) ● Not skipping the DevSecOps Russian Doll ● Not allocating surge time and resources for culture, skill and technical transformation ● Not allocating refactor time for product code that is not DevOps assembly line friendly (12- factor.net) ● Not driving knowledge extraction, skilling or product refactoring to done-done. ● Not automating all the Russian dolls (Is QA or AppSec still the semi-manual bottleneck?) ● Not using off the shelf tooling to skip Craft => Engineering cycles as much as possible ● Not remembering craft is what creates all innovation - you must have it - but not where industry has or is reducing it to engineered automation.
  • 35. 37 All Branches SCM CI Job BranchA CI Job BranchB CI Job CI Job CD Integration Job BranchA Background AWS Services Config (Per-Service + Per-Branch / Per-Pipeline) IAM Role Per Service BranchA CodePipeline Per-Branch / Per-Pipeline) Code Pipeline CodeBuild CodeCommit CodeDeployCodeBuild CodeBuild S3 CloudWatch CloudFormation IAM CodeDeploy 3. Repo Mirroring Trigger - Full CodePipeline Integration - Leverage Superior GitLab SCM - Phased Migration Step (migration) 1. CodeDeploy Direct Integration - for Superior AWS Specific CD - for true Build/Pipeline as Code - No IaC for pipelines - Dynamic, per-branch pipelines Integration Options ECR 2. Artifact Depositing Trigger - CodePipeline for Deploy Only - Leverage Superior GitLab SCM - for Superior AWS Specific CD - S3 or ECR triggers S3 AWS Amplify AWS Elastic Beanstalk
  • 36. 38 Feature (many) (with builds) Rich Workflow Gating Controls for “Code Review” and “Environment Change Control” Push Rules (entire repo) Pre-prod (Deploy) Environment Deployment Branches Integration (Code Review & Validate) Code Review Branch Protections w/ Custom Groups Stage (Deploy Branch) Independent Branch Protections by Role by Users & Custom Groups by CODEOWNERS Prod (Deploy) Security & Compliance Scanning & Dashboard Custom Groups BS GU Verified Committers Signed Commits SP Lock Files / Dirs SP BSFC SP Repo-Wide Merge Approvals Tag Protections w/ Custom Groups BS BS Multiple Merge Approval Rules w/ Custom Groups SP GitLab CI FC BS AWS CodeDeploy Amazon ECS AWS CodeDeploy AWS CodePipelin e Amazon ECS AWS CodeDeploy AWS CodePipelin eAmazon ECS AWS CodeDeploy AWS CodePipelin e Amazon ECS ECS is built in, CodeDeploy and CodePipeline are Easy to Add
  • 37. 39 Resources Wire GitLab and AWS CodePipeline Together Integrate GitLab with AWS CodePipeline https://docs.gitlab.com/ee/user/project/repository/repository_mirroring.html Rich Change Controls for Building Workflows You Can Trust https://www.youtube.com/watch?v=uW95PV8d-w8
  • 38. 40 Solution Architects Partnering In Your Success With GitLab Need Help Understanding or Trying Out GitLab CI? https://about.gitlab.com/sales/ Darwin Sanoy, Senior Solutions Architect, GitLab James Bland, Ph.D., Sr. Solutions Architect, AWS DarwinJS @DarwinTheorizes missionimpossiblecode.io linkedin.com/in/DarwinSanoy linkedin.com/in/jamesbland123