Upload
vokien
View
262
Download
4
Embed Size (px)
Citation preview
Continuous Delivery in Enterprise Environments
using Docker, Ansible and Jenkins_
Dennis Schulte, Marcel Birkner codecentric AG
2
Our Project Experience
3
Our experiences using Docker_
4
Build/Test/Deployment Infrastructure
Getting Started with Docker
JBoss / Java EEStandardization, Conformity, Compliance (Security)
DashboardMicroservices, Lightweight, Technology Flexibility
Greenfield Enterprise Speed, Flexibility, Duplicated Environments
20 % Learning / using new technologies
Our experiences using Docker_
5
Build/Test/Deployment Infrastructure
Getting Started with Docker
JBoss / Java EEStandardization, Conformity, Compliance (Security)
DashboardMicroservices, Lightweight, Technology Flexibility
Greenfield Enterprise Speed, Flexibility, Duplicated Environments
20 % Learning / using new technologies
JBoss / Java EE_
CI/CD Pipeline
Jenkins GitLab SonarQube Nexus SeleniumHub
Backend
DB2
ERP
LDAP
IMS
Applications
JBoss EE JBoss EEJBoss EE JBoss EE JBoss EE
JBoss EE JBoss EEJBoss EE JBoss EE JBoss EE
JBoss EE JBoss EEJBoss EE JBoss EE JBoss EE
JBoss EE JBoss EEJBoss EE JBoss EE JBoss EE
Platform
VMWareVagrant
Our experiences using Docker_
7
Build/Test/Deployment Infrastructure
Getting Started with Docker
JBoss / Java EEStandardization, Conformity, Compliance (Security)
DashboardMicroservices, Lightweight, Technology Flexibility
Greenfield Enterprise Speed, Flexibility, Duplicated Environments
20 % Learning / using new technologies
Platform
CI/CD Pipeline
Jenkins GitHub EESonarQube Nexus SeleniumHub
Backend
JIRA
WordPress
IMS
OpenStack
Dashboard_
Application
ReactJS Spring Boot Cassandra Spring Boot
AngularJS Scala Postgres Spring Boot
Static HTML NodeJS SpringBatch Keycloak
Neo4J JBoss EE NginxReactJS
Our experiences using Docker_
9
Build/Test/Deployment Infrastructure
Getting Started with Docker
JBoss / Java EEStandardization, Conformity, Compliance (Security)
DashboardMicroservices, Lightweight, Technology Flexibility
Greenfield Enterprise Speed, Flexibility, Duplicated Environments
20 % Learning / using new technologies
Greenfield Enterprise_
Application
ReactJS Spring Boot DB2
SpringBatchPostgresNginx
HSQL
SpringBatchSpringBatchSpringBatchSpringBatchSpringBatchSpringBatchSpringBatchSpring Boot
Spring Boot Admin
Platform
OpenStack
Backend
WebServices
Oracle
SAP
LDAP
Vagrant VMWare
CI/CD Pipeline
Jenkins GitHub EESonarQube Nexus SeleniumHub
INFRASTRUCTURE AS CODE
11
12
WRITE, PLAN, AND CREATE INFRASTRUCTURE AS CODE
13
OpenStack
AWS
VMWare
Platform
Compute Instances
Compute Instances
Compute Instances
Compute Instances
JBoss EE
Spring Boot
ReactJS
Neo4j
Infrastructure Automation_
Terraform :: Define Region & SSH Key Pair_
14
Terraform :: Define Security Group_
15
Terraform :: Define Resource_
16
Terraform :: Roll out_
• terraform plan
• terraform apply
17
18
APP DEPLOYMENT, CONFIGURATION MANAGEMENT AND ORCHESTRATION
19
OpenStack
AWS
VMWare
Platform
Compute Instances
Compute Instances
Compute Instances
Compute Instances
JBoss EE
Spring Boot
ReactJS
Neo4j
Infrastructure Automation_
Ansible :: CD Infrastructure Provisioning_
• ansible-playbook site.yml
20
CI/CD Pipeline
Jenkins GitLab SonarQube Nexus SeleniumHub
Ansible :: Jenkins Role (directory listing)_
21
Ansible :: Jenkins Role (Ansible Task Excerpt)_
22
Ansible :: Application Provisioning_
• ansible-playbook site.yml
23
Application
ReactJS Spring Boot Postgres
Ansible :: Spring Boot Role (excerpt)_
24
Ansible :: Application Deployment_
• ansible-playbook deploy-example-application.yml--extra-vars "version=1.0.0"
• ansible-playbook undeploy-example-application.yml
25
ReactJS Spring Boot Postgres
26
Ansible :: Infrastructure Repository :: Inventory & Playbooks_
Ansible Playbooks & Settings
{Environment specific settings
{
Continuous Delivery using Docker
27
Software Development Process_
28
Developer
GitLab Jenkins
SonarQube
Nexus
Build and Release
SeleniumHub
Docker Registry
Deployment
Jenkins
GitLab
Staging
Spring Boot
Test
Spring Boot
Prod
Spring Boot
Dev
Spring Boot
Live Demo
29
30
Tool URL Credentials
Jenkins http://jenkins.example.local OpenLDAP
Nexus http://nexus.example.local OpenLDAP
SonarQube http://sonarqube.example.local OpenLDAP
Gitlab http://git.example.local OpenLDAP
Docker Registry http://docker.example.local:5000/v2/_catalog no login required
Testserver http://testserver.example.local:8080 no login required
Demo :: Links_
31
Jenkins :: Docker Images Build Jobs_
32
Jenkins :: Example App Build & Deploy Jobs_
33
Jenkins :: Application Deployment Job_
34
Jenkins :: Example Spring Boot Application_
Demo End
35
Docker :: Image Hierarchy_
36
centos:7
jre:8jdk:8
jenkins-master:LTS example-application:1.0.0nexus:LTS sonarqube:LTS example-application:
1.0.0example-application:
1.0.0example-application:
1.0.0example-application:
1.0.0
Docker :: JRE & Example Application Dockerfile_
37
jre:8
example-application:1.0.0
Docker :: Image Hierarchy :: JBoss Migration_
rhel:7.2
jre:8jdk:8
jenkins-master:LTS eap:6.4nexus:LTS sonarqube:LTS
jboss-application:1.0.0
jboss-application:1.1.0
jboss-application:1.2.0
Docker :: EAP Dockerfile_
39
eap:6.4
Docker :: JBoss Dockerfile_
40
jboss-application:1.0.0
Best Practices
41
•Everything is in version control
•Use Ansible inventory for environment specific information
•Use Ansible Vault for secure storage for passwords
•Generate Jenkins Jobs automatically via Job DSL • GitLab REST API
•One Click Release & Deployments
Best practices_
42
Automate Everything
•All application run in Docker container
•Environment independent Docker images
•Use latest OS version (recent Kernel)
•Use fixed Docker / Ansible versions
•Have a clone of every system for testing new versions • incl. CI/CD Pipeline
•Create User / Group (uid/gid) per Application Type • required for volume mount permissions
•Do not run Docker Container under root!
Docker_
43
Stable Docker Setup
44
•Company Proxies • HTTPs / Man-in-the-Middle
•Self-signed Certificates (HTTPs)
•Freedom to spin up servers using Terraform
•Automate network configuration
•Docker Registry: "No space left on device"
•Keynote • Jean-Jacques van Oosten: "Do not compromise!"
Enterprise Environments_
45
Typical problems
46
“Thanks for your attention.”
47
Marcel Birkner,Software-Consultant
codecentric AG Hochstraße 11 42697 Solingen, Deutschland [email protected]
www.codecentric.de blog.codecentric.de
marcelbirkner
Senior IT-Consultant
codecentric AG Hochstraße 11 42697 Solingen, Deutschland [email protected]
www.codecentric.de blog.codecentric.de
denschu
Dennis Schulte,