Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.
Cloud, Microservices & DevOps
Enterprise-level implementation best practices
Maxim Shishkarev
Sr. Solutions Architect @ Grid Dynamics
Cloud Enablement, DevOps and CICD automation
15+ years of experie...
Introducing Grid Dynamics technology services
Digital transformation Big data, real time analytics, ML & AI
Microservices ...
Enterprise journey to
cloud, DevOps and SRE
5
...based on a true story.
Infrastructure
Architecture
&
Platform
Change
Management
Datacenter
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
Relea...
Datacenter
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
Can I...
Datacenter
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
Can I...
Datacenter
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
Can I...
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
Can I have a VM ...
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
Can I have a VM ...
Self-service portal
(as seen by a developer)
Developer
(came to ask for a VM)
Cloud VMs
(carefully managed by infrastructu...
Agility
Cost reduction
Flexibility
On-demand capacity
Pay as you go
Microservices
Continuous Delivery
Time to market
Speed...
Web UI Search Checkout
Infra
team
Self-service portal
Network
team
OS
team
Security
team
Dev
team
QA
team
Can I have a VM ...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
Cloud
Storage Network Other
A...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
Cloud
Storage Network Other
A...
Application teams access
No access
• Cloud projects
• Access policies
• Core networking
• IAM policies
Debatable
• Subnets...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
Cloud
Storage Network Other
A...
.WAR
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
Cloud
Storage Network Ot...
.WAR
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
Cloud
Storage Network Ot...
.WAR
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
Cloud
Storage Network Ot...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
Cloud
Storage Network Other
A...
Enterprise
Data Centers
Monolithic
Tightly Coupled
Microservices
Loosely Coupled
IaaS
Search Offers
Browse Checkout
Pricin...
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
auto-scale
self-heal
canary
release
rolling upgrade
fin...
Packaging Package
repo
Deployment
Logging & monitoring
Provisioning
Load balancing
Lifecycle management
(scaling, failover...
Microservices platform reference technology stack
Feature Container-based VM-based
Packaging
Artifact repository
Deploymen...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Web UI Search Checkout
Infra
teamCompute
Network
team
OS
team
Security
team
Dev
team
QA
team
RE
team
Cloud
Storage Network...
Application deployment package
Environment
Deployable unit
Build-time dependencies
Configuration
Deployment
scriptApplicat...
Application deployment package
Environment
Deployable unit
Build-time dependencies
Configuration
Deployment
scriptApplicat...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Microservices platf...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Deploy
Instance gro...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Application deployment package
Environment
Deployable unit (VM) Deployment script
Cloud Infrastructure
Instance group
Load...
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Production traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Order
Cart
Se...
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Web UI
Search
Profile
Cart
Order
Price
(v1.1)
Product
Price
(v1.2)
Production traffic Canary or test traffic
Platform & Tooling
Infrastructure
App1 v1.1
Configuration
Data
App2 v2.1
Configuration
Data
App3 v3.1
Configuration
Data
I...
All changes to production should be authorized
All changes to production should be authorized
1. Development lead should sign off
2. Functional QA lead should sign off
3...
Release
Engineer
Dev
QA
DevOps
Perf QA
Business
Test environment
Production
deployment CR
sign offs
Dev Lead
QA Lead
Perf ...
Source
code
Production
Web UI
Search
v1.1
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product ...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Production deployment sign offs
Dev lead
QA lead
Perf QA lead
Business (product manager)
Ops lead
Security lead
Artifact w...
Requirements
management
Project
management
Source code
repository
Continuous integration and delivery pipeline
Approvals a...
CICD platform sample technology stack
Feature Technology options
Requirements and project management
SCM and code review
S...
Closing notes
69
Capabilities for enterprise cloud, DevOps, and SRE
Organization Technology Process
DevOps culture and skills
Site reliabil...
10 years of
experience in cloud,
DevOps and digital
transformation
www.griddynamics.co
m
Thank you!
www.griddynamics.com
Prochain SlideShare
Chargement dans…5
×

Best practices for enterprise-grade microservices implementations with Google Cloud: Dynamic talks Silicon Valley Q3 2019

95 vues

Publié le

When migrating to a cloud and microservices architecture, companies need to invest in foundational capabilities, such as a microservices platform, continuous delivery, and an immutable infrastructure. In this talk, we will discuss our experience implementing these capabilities on the enterprise-scale with Google Cloud, Kubernetes, Istio, Envoy, Spinnaker, and Hashicorp stack. We will also discuss best practices of onboarding the cloud to facilitate DevOps, SRE without sacrificing quality or control.

Publié dans : Technologie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Best practices for enterprise-grade microservices implementations with Google Cloud: Dynamic talks Silicon Valley Q3 2019

  1. 1. Cloud, Microservices & DevOps Enterprise-level implementation best practices
  2. 2. Maxim Shishkarev Sr. Solutions Architect @ Grid Dynamics Cloud Enablement, DevOps and CICD automation 15+ years of experience in these areas and still enjoying it ;) Family, Travel, Photography, Surfing
  3. 3. Introducing Grid Dynamics technology services Digital transformation Big data, real time analytics, ML & AI Microservices replatforming DevOps & cloud enablement Open Source Cloud-ready Scalable Automated
  4. 4. Enterprise journey to cloud, DevOps and SRE 5 ...based on a true story.
  5. 5. Infrastructure Architecture & Platform Change Management
  6. 6. Datacenter Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team Release team
  7. 7. Datacenter Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team Can I have a VM please? Release team
  8. 8. Datacenter Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team Can I have a VM please? Release team Sure. Tomorrow.
  9. 9. Datacenter Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team Can I have a VM please? Sure. Tomorrow. Probably Release team
  10. 10. Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team Can I have a VM please? Sure. Tomorrow. Probably Release team us-east Enterprise Data Centers us-west us-central
  11. 11. Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team Can I have a VM please? Cloud Sure. Tomorrow. Probably Release team
  12. 12. Self-service portal (as seen by a developer) Developer (came to ask for a VM) Cloud VMs (carefully managed by infrastructure)
  13. 13. Agility Cost reduction Flexibility On-demand capacity Pay as you go Microservices Continuous Delivery Time to market Speed Automation SRE DevOps CAPEX --> OPEX
  14. 14. Web UI Search Checkout Infra team Self-service portal Network team OS team Security team Dev team QA team Can I have a VM please? Sure. Tomorrow. Probably Cloud Release team
  15. 15. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team Cloud Storage Network Other API API API API Release team
  16. 16. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team Cloud Storage Network Other API API API API Policy (cost, access, security, other) Release team
  17. 17. Application teams access No access • Cloud projects • Access policies • Core networking • IAM policies Debatable • Subnets • Firewalls • OS • Base Images Has access • VMs based on pre approved images • Storage buckets • Load balancers • Firewalls within pre approved limits • Other pre approved cloud services
  18. 18. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team Cloud Storage Network Other API API API API Policy (cost, access, security, other) Release team
  19. 19. .WAR Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team Cloud Storage Network Other API API API API Policy (cost, access, security, other) Release team Monolithic App
  20. 20. .WAR Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team Cloud Storage Network Other API API API API Policy (cost, access, security, other) Release team Monolithic App
  21. 21. .WAR Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team Cloud Storage Network Other API API API API Policy (cost, access, security, other) Release team Monolithic App
  22. 22. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team Cloud Storage Network Other API API API API Policy (cost, access, security, other) Release team
  23. 23. Enterprise Data Centers Monolithic Tightly Coupled Microservices Loosely Coupled IaaS Search Offers Browse Checkout Pricing Account All in One
  24. 24. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) auto-scale self-heal canary release rolling upgrade find new version of price Refresh username/password of database route 5% traffic to price 1.2 register new nodes in load balancer
  25. 25. Packaging Package repo Deployment Logging & monitoring Provisioning Load balancing Lifecycle management (scaling, failover, etc.) Service mesh Service registry & discovery, secret management Business configuration management Microservices platform
  26. 26. Microservices platform reference technology stack Feature Container-based VM-based Packaging Artifact repository Deployment and provisioning Load balancing and routing Service mesh Service registry and discovery Secret management Feature flags management Resource management Auto-scaling, self-healing Logging and monitoring Registry
  27. 27. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API Microservices platform API Platform team Policy (cost, access, security, other)
  28. 28. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API Microservices platform API Platform team Policy (cost, access, security, other)
  29. 29. Web UI Search Checkout Infra teamCompute Network team OS team Security team Dev team QA team RE team Cloud Storage Network Other API API API API Microservices platform API Platform team applications deploy themselves? Policy (cost, access, security, other)
  30. 30. Application deployment package Environment Deployable unit Build-time dependencies Configuration Deployment scriptApplication artifact Platform & infra teams Development engineers QA engineers Deployment engineers Application can deploy itself
  31. 31. Application deployment package Environment Deployable unit Build-time dependencies Configuration Deployment scriptApplication artifact Platform & infra teams Development engineers QA engineers Deployment engineers Application can deploy itself
  32. 32. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Microservices platformUpstream services
  33. 33. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Deploy Instance group Load balancer VM Template Microservices platformUpstream services
  34. 34. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  35. 35. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  36. 36. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  37. 37. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services Rolling upgrade
  38. 38. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  39. 39. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  40. 40. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  41. 41. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  42. 42. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Microservices platformUpstream services
  43. 43. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  44. 44. Application deployment package Environment Deployable unit (VM) Deployment script Cloud Infrastructure Instance group Load balancer VM Template Instance Instance Instance Microservices platformUpstream services
  45. 45. Web UI Search Profile Cart Order Price (v1.1) Product Production traffic
  46. 46. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  47. 47. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic Order Cart Search Product Web UI
  48. 48. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  49. 49. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  50. 50. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  51. 51. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  52. 52. Web UI Search Profile Cart Order Price (v1.1) Product Price (v1.2) Production traffic Canary or test traffic
  53. 53. Platform & Tooling Infrastructure App1 v1.1 Configuration Data App2 v2.1 Configuration Data App3 v3.1 Configuration Data Interfaces Interfaces Interfaces Interfaces Code is broken Wrong endpoint Corrupted Data Incompatible with App2 v2.1 Incorrect GC Config Tested v3 only Manually tweaked OS Exposes /v2.1/ instead of /v2/ Edge Forgot rules for App3 Still warming-up Interfaces Built on a laptop Create a ticket to get an environment Sent package via email Sent config via chat Forgot to restart another service after deployment Get configs from a spreadsheet Destroyed wrong env Messed with Firewalls VPN is downSuddenly out of quota or capacity What could possibly go wrong? –Everything…
  54. 54. All changes to production should be authorized
  55. 55. All changes to production should be authorized 1. Development lead should sign off 2. Functional QA lead should sign off 3. Performance QA lead should sign off 4. Security lead should sign off 5. Operations lead should sign off 6. Artifact deployed to production should be the same as tested in QA environment
  56. 56. Release Engineer Dev QA DevOps Perf QA Business Test environment Production deployment CR sign offs Dev Lead QA Lead Perf Lead Business Ops Lead Security Lead
  57. 57. Source code Production Web UI Search v1.1 Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with All changes to production should be authorized
  58. 58. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Code review All changes to production should be authorized
  59. 59. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Code review Build, code analysis, unit testing All changes to production should be authorized
  60. 60. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Code review Build, code analysis, unit testing Service testing All changes to production should be authorized Small QA environment
  61. 61. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Small QA environment
  62. 62. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing Small QA environment
  63. 63. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing UAT Small QA environment
  64. 64. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing UAT Canary release (1% traffic) Small QA environment
  65. 65. Production deployment sign offs Dev lead QA lead Perf QA lead Business (product manager) Ops lead Security lead Artifact wasn’t tampered with Source code Production Web UI Search v1.1 Search v1.2 Code review Build, code analysis, unit testing Service testing Deploy All changes to production should be authorized Integration testing UAT Canary release (1% traffic) Full release Small QA environment 1 hour
  66. 66. Requirements management Project management Source code repository Continuous integration and delivery pipeline Approvals and audit log Change management dashboard Release notes generation Functional testing platform Performance testing platform Security testing platform Code review Code analysis CICD platform components
  67. 67. CICD platform sample technology stack Feature Technology options Requirements and project management SCM and code review Static code analysis and scanning CICD pipeline Functional testing platform Performance testing platform Approvals and audit log Change management dashboard Release notes generation
  68. 68. Closing notes 69
  69. 69. Capabilities for enterprise cloud, DevOps, and SRE Organization Technology Process DevOps culture and skills Site reliability engineering Service-oriented organization Infrastructure as a service Cross-functional teams Microservices architecture Continuous delivery platform Chaos engineering Immutable infrastructure AI/ML for operations Microservices platform Policy-driven CICD Testing in production Single environment Ultra-light change management Change-driven design Covered Not covered
  70. 70. 10 years of experience in cloud, DevOps and digital transformation
  71. 71. www.griddynamics.co m Thank you! www.griddynamics.com

×