aws elasticbeanstalk and docker
TRANSCRIPT
● Deployment artifacts: zip, war, docker
● Competitors: Heroku, Azure Web Sites, Cloud Foundry, Bluemix, Google
App Engine, Openshift
ELASTICBEANSTALK
● Architecture:○ app vs. env○ Each env has a CNAME pointing ELB○ URL is Route53 aliased○ Host Manager (HM) runs on each EC2○ HM is responsible for:
■ deploy app■ aggregate events&metrics for API, console■ generate events■ monitoring app log files&app server■ rotate log files and s3 publish
ELASTICBEANSTALK
○ ElasticBeanstalk calls the AWS services using this role on your behalf
○ EC2, SQS, ELB, AutoScaling...
○ Environment tiers:
■ Webtier: Website, API
■ Workertier: Long running jobs, consumers
■ Docker: SingleContainer & MultiContainer
ELASTICBEANSTALK-tiers
○ Worker env:■ sqsd■ http://localhost:80/<httppath>■ custom httppath■ web application should only listen to
localhost■ web application returns 200 to inform that
message is processed, sqsd send a delete message to queue
ELASTICBEANSTALK-worker
ELASTICBEANSTALK-hooksHook preinit deploy/pre deploy/enact deploy/post postinit
Deploy instance ✅ ✅ ✅ ✅ ✅
Deploy version ✅ ✅ ✅
Hook pre enact post
Change env. ✅ ✅ ✅
Restart App Server ✅ ✅ ✅
○ Periodic tasks:
■ cron expression
■ cron.yaml file in the root of the project
● Version controlled!!
● “rebuild all from code” principle
version: 1cron: - name: "backup-job" # required - unique across all entries in this file url: "/backup" # required - does not need to be unique schedule: "0 */12 * * *" # required - does not need to be unique - name: "audit" url: "/audit" schedule: "0 23 * * *"
ELASTICBEANSTALK-cron
○ Configuration:■ Language specific
● Java,Docker: Environment Variable● .NET: web.config● Php: environment.ini● ...
■ 12Factor compliant?
ELASTICBEANSTALK-configuration
○ Scaling:■ Akordion■ AWS AutoScaling■ On Single/Multi Docker, EC2 based, not container!
ELASTICBEANSTALK-scaling
docker● “Industry 3.0” of Software Development
● “Infrastructure-as-code” DevOps Practice
● Infra Cost Optimisation(Storage/VM)
● Binary/Byte + Hosting/OS Dependencies
● Identical dev-test-staging-prod...
docker-Dev. Env.- “Local” Development Environment
- Lightweight vs. Vagrant
- Local vs. Prod identical
- “Infra-as-code” DevOps practice
Docker 1.12● Swarm-mode: Orchestration built-in,
Infra-agnostic
● Cryptographic Node Security: Mutual TLS, Key
rotation, Notary & TUF
● Routing Mesh: Service Discovery, Container
native load-balancing, Works with current LB,
IPVS