Effective DevOps with AWS

Effective DevOps with AWS

by Nathaniel Felsen
Released July 2017
Publisher(s): Packt Publishing
ISBN: 9781786466815

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Scale gracefully and maintain outstanding performance with your AWS-based infrastructure using DevOps principles

About This Book

  • Implement DevOps principles to take full advantage of the AWS stack and services

  • Take expert look at solving problems faced by real developers and operation teams and learn to overcome them

  • Learn from expert insights of the author who has worked with Silicon Valley’s most high-profile companies

    • Who This Book Is For

    This book is for developers, DevOps engineers and teams who want to build and use AWS for their software infrastructure. Basic computer science knowledge is required for this book.

    What You Will Learn

  • Find out what it means to practice DevOps and what its principles are

  • Build repeatable infrastructures using templates and configuration management

  • Deploy multiple times a day by implementing continuous integration and continuous deployment pipelines

  • Use the latest technologies, including containers and serverless computing, to scale your infrastructure

  • Collect metrics and logs and implement an alerting strategy

  • Make your system robust and secure

    • In Detail

    The DevOps movement has transformed the way modern tech companies work. AWS which has been on the forefront of the Cloud computing revolution has also been a key contributor of this DevOps movement creating a huge range of managed services that help you implement the DevOps principles.

    In this book, you’ll see how the most successful tech start-ups launch and scale their services on AWS and how you can too. Written by a lead member of Mediums DevOps team, this book explains how to treat infrastructure as code, meaning you can bring resources online and offline as necessary with the code as easily as you control your software. You will also build a continuous integration and continuous deployment pipeline to keep your app up to date. You’ll find out how to scale your applications to offer maximum performance to users anywhere in the world, even when traffic spikes with the latest technologies, such as containers and serverless computing. You will also take a deep dive into monitoring and alerting to make sure your users have the best experience when using your service.

    Finally, you’ll get to grips with ensuring the security of your platform and data.

    Style and approach

    This is a practical, hands-on, comprehensive guide to AWS, helping readers understand AWS in a step by step manner.

    Table of contents

    1. Title Page
    2. Copyright
      1. Effective DevOps with AWS
    3. Credits
    4. About the Author
    5. About the Reviewer
    6. www.PacktPub.com
      1. Why subscribe?
    7. Customer Feedback
    8. Preface
      1. What this book covers
      2. What you need for this book
      3. Who this book is for
      4. Conventions
      5. Reader feedback
      6. Customer support
        1. Downloading the example code
        2. Downloading the color images of this book
        3. Errata
        4. Piracy
        5. Questions
    9. The Cloud and the DevOps Revolution
      1. Thinking in terms of the cloud and not infrastructure
        1. Deploying your own hardware versus in the cloud
        2. Cost analysis
        3. Just-in-time infrastructure
        4. The different layers of building a cloud
      2. Adopting a DevOps culture
        1. The origin of DevOps
        2. The developers versus operations dilemma
          1. Too much code changing at once
          2. Differences in the production environment
          3. Communication
        3. Key characteristics of a DevOps culture
          1. Source control everything
          2. Automate testing
          3. Automate infrastructure provisioning and configuration
          4. Automate deployment
          5. Measure everything
      3. Deploying in AWS
        1. How best to take advantage of the AWS ecosystem
        2. How AWS synergizes with a DevOps culture
      4. Summary
    10. Deploying Your First Web Application
      1. Creating and configuring your account
        1. Signing up
        2. Enabling multi-factor authentication on the root account
        3. Creating a new user in IAM
        4. Installing and configuring the command-line interface (CLI)
          1. Installing Windows Subsystem for Linux (Windows only)
          2. Installing the AWS CLI package
          3. Configuring the AWS CLI
      2. Creating our first web server
        1. AMI
        2. Instance type
        3. Security group
        4. Generating your ssh keys
        5. Launching an EC2 instance
        6. Connecting to the EC2 instance using ssh
        7. Creating a simple Hello World web application
          1. Installing node.js
          2. Running a node.js Hello World.
          3. Turning our simple code into a service using Upstart
        8. Terminating our EC2 instance
      3. Summary
    11. Treating Your Infrastructure As Code
      1. Managing your infrastructure with CloudFormation
        1. Getting started with CloudFormation
          1. AWS CloudFormation Designer
          2. CloudFormer
        2. Recreating our Hello World example with CloudFormation
          1. Using troposphere to create a Python script for our template
          2. Creating the stack in the CloudFormation console
        3. Adding our template to a source control system
        4. Updating our CloudFormation stack
          1. Updating our Python script
          2. Updating our stack
          3. Change sets
        5. Deleting our CloudFormation stack
      2. Adding a configuration management system
        1. Getting started with Ansible
        2. Installing Ansible on your computer
        3. Creating our Ansible playground
        4. Creating our Ansible repository
        5. Executing modules
        6. Running arbitrary commands
        7. Ansible playbooks
          1. Creating a playbook
            1. Creating roles to deploy and start our web application
            2. Creating the playbook file
          2. Executing a playbook
          3. Canary-testing changes
        8. Running Ansible in pull mode
        9. Installing Git and Ansible on our EC2 instance
          1. Configuring Ansible to run on localhost
          2. Adding a cronjob to our EC2 instance
        10. Integrating Ansible with CloudFormation
        11. Monitoring
      3. Summary
    12. Adding Continuous Integration and Continuous Deployment
      1. Building a continuous integration pipeline
        1. Creating a Jenkins server using Ansible and CloudFormation
          1. Creating the Ansible playbook for Jenkins
          2. Creating the CloudFormation template
          3. Launching the stack and configuring Jenkins
        2. Preparing our CI environment
          1. Creating a new GitHub repository
          2. Creating a GitHub personal access token
          3. Adding the access token to the credentials in Jenkins
          4. Creating the Jenkins job to automatically run the builds
        3. Implementing the Hello World application using our CI environment
          1. Initializing the project
          2. Creating a functional test using mocha
          3. Developing the remaining of the application
          4. Creating the CI pipeline in Jenkins
        4. Productionizing the CI pipeline
      2. Building a continuous deployment pipeline
        1. Creating new web servers for continuous deployment
          1. Importing a custom library to Ansible for AWS CodeDeploy
          2. Creating a CodeDeploy Ansible role
          3. Creating the web server CloudFormation template
          4. Launching our web server
        2. Integrating our Hello World application with CodeDeploy
          1. Creating the IAM service role for CodeDeploy
          2. Creating the CodeDeploy application
          3. Adding the CodeDeploy configuration and scripts to our repository
        3. Building our deployment pipeline with AWS CodePipeline
          1. Creating a continuous deployment pipeline for staging
          2. Integrating Jenkins to our CodePipeline pipeline
            1. Updating the IAM profile through CloudFormation
            2. Installing and using the CodePipeline Jenkins plugin
            3. Adding a test stage to our pipeline
          3. Building a continuous delivery pipeline for production
            1. Creating the new CloudFormation stack for production
            2. Creating a CodeDeploy group to deploy to production
            3. Adding a continuous delivery step to our pipeline
          4. Strategies to practice continuous deployments in production
            1. Fail fast
            2. Canary Deployment
            3. Feature flags
      3. Summary
    13. Scaling Your Infrastructure
      1. Scaling a monolithic application
        1. Using Auto Scaling groups to scale web servers
          1. Updating our CloudFormation template
            1. Removing the instance creation
            2. Adding an ELB to our stack
            3. Adding an Auto Scaling capability
          2. Launching our new stack
          3. Updating CodeDeploy
        2. Basics of scaling a traditional database
      2. Improving performance and cost saving
        1. ElastiCache
        2. CloudFront
      3. Architecting your application to handle massive amounts of traffic
        1. Load balancers
          1. Elastic Load Balancer
          2. Application Load Balancer
        2. Offline processing with SQS and Kinesis
        3. Serverless architecture
          1. AWS Lambda
          2. API Gateway
        4. Data stores at scale
        5. Multi-region applications
      4. Summary
    14. Running Containers in AWS
      1. Dockerizing our helloworld application
        1. Getting started with Docker
          1. Docker fundamentals
          2. Docker in action
        2. Creating our Dockerfile
      2. Using the EC2 container service
        1. Creating an ECR repository to manage our Docker image
        2. Creating an ECS cluster
        3. Creating an ALB
        4. Creating our ECS hello world service
      3. Creating a CI/CD pipeline to deploy to ECS
        1. Creating our production ECS cluster
        2. Automating the creation of containers with CodeBuild
        3. Creating our deployment pipeline with CodePipeline
          1. Adding the CloudFormation template to our code base
          2. Creating a CloudFormation template for CodePipeline
          3. Starting and configuring our CloudFormation stack
      4. Summary
    15. Monitoring and Alerting
      1. Instrumenting our application for monitoring
        1. AWS CloudWatch
          1. Metrics
          2. Logs
          3. Events
        2. Using CloudWatch to monitor our helloworld application
          1. Adding logs to our application
            1. Creating a custom logger for our application
            2. Making changes to provide the version and saving the console log
            3. Making changes to CodeDeploy to better handle logging
          2. Adding metrics and events to our application
          3. Sending logs, events, and metrics to CloudWatch from EC2
            1. Creating an Ansible role for CloudWatch logs
            2. Updating our CloudFormation template
          4. Handling logs, events, and metrics in ECS
        3. Advanced logging infrastructure with ElasticSearch, Kibana, and Firehose
          1. Creating and launching an ElasticSearch cluster
          2. Creating and launching a Kinesis Firehose stream
          3. Updating our application to send logs to the Firehose endpoint
            1. Adding permissions to EC2 to communicate with Firehose
            2. Changing the logging transport to send logs to Firehose
          4. Using Kibana to visualize logs
      2. Monitoring our infrastructure
        1. Monitoring EC2
          1. Providing custom metrics to CloudWatch
            1. Updating our CloudFormation template
            2. Creating a CloudWatch role in Ansible
        2. Monitoring ECS clusters
          1. Monitoring ECS hosts
          2. Monitoring the ECS service
          3. Monitoring your containers
        3. Monitoring ALB and ELB instances
      3. Creating alarms using CloudWatch and SNS
        1. AWS Simple Notification Service (SNS)
        2. Creating an alert of an elevated error rate in our application
        3. Using CloudWatch events and Lambda to create alerts on custom metrics
        4. Monitoring and alerting with AWS health
      4. Summary
    16. Hardening the Security of Your AWS Environment
      1. Understanding where to focus your effort
        1. The shared responsibility model
        2. Auditing the security in your cloud
          1. AWS trusted advisor
          2. AWS Inspector
          3. Scout2
          4. AWS CloudTrail
            1. Enabling CloudTrail using CloudFormation
            2. Validating CloudTrail logs integrity
            3. Using CloudTrail logs
            4. Sending CloudTrail logs to ElasticSearch using Lambda
            5. Creating a Kibana Dashboard for our CloudTrail logs
      2. Improving the security of the IAM layer
        1. Managing users in AWS
          1. Configuring a user password policy
          2. Creating groups for users and operators
          3. Creating proper IAM policies to empower users to do their work securely
            1. Empowering users to manage their accounts
            2. Enforcing the use of MFA devices
            3. Using a script to create an MFA session
        2. Managing service permissions in AWS
      3. Strengthening the security at the network level
        1. Creating a VPC with public and private subnets
        2. Recreating our helloworld stack using our new VPC
          1. Recreating our application to take advantage of private subnets
          2. Creating our helloworld application in the new VPC
        3. Creating a VPN connection to our VPC
          1. Deploying a VPN server to AWS
          2. Configuring your computer to use this VPN
      4. Protecting against targeted attacks
        1. Protecting against DoS and DDoS attacks
        2. Protecting against ransomware
      5. Summary

    Product information

    • Title: Effective DevOps with AWS
    • Author(s): Nathaniel Felsen
    • Release date: July 2017
    • Publisher(s): Packt Publishing
    • ISBN: 9781786466815