Se7en Deadly Deployment Sins

A presentation at Dutch PHP Conference in June 2018 in Amsterdam, Netherlands by Philipp Krenn

Slide 1

Slide 1

Se7en Deployment Sins Philipp Krenn  @xeraa

Slide 2

Slide 2

Infrastructure |   Developer !

Slide 3

Slide 3

Slide 4

Slide 4

Slide 5

Slide 5

Gluttony is the overindulgence and overconsumption of anything to the point of waste.

Slide 6

Slide 6

Slide 7

Slide 7

Memory, Disk, Network

Slide 8

Slide 8

Diet aws-java-sdk-1.8.12.jar 12.9 M aws-java-sdk-1.11.335.jar 3.4 K

Slide 9

Slide 9

people arguing against fat JARs (only ship the business logic), but perfectly ! ne with containers - shipping even the JVM ! #RigaDevDays — https://twitter.com/xeraa/status/864122131768119296

Slide 10

Slide 10

640K ought to be enough for anybody

Slide 11

Slide 11

Slide 12

Slide 12

Slide 13

Slide 13

Slide 14

Slide 14

Slide 15

Slide 15

Microservices Nano, Pico, Femto, Atto, Yocto

Slide 16

Slide 16

Slide 17

Slide 17

Don’t forget - having legacy software is often a sign of success. Your business was successful to last long enough for your software to become legacy. — https://twitter.com/samnewman/status/ 929622273065136130

Slide 18

Slide 18

Yes, it helps if too many people too many dependencies not scalable

Slide 19

Slide 19

Will this solve all your problems?

Slide 20

Slide 20

Slide 21

Slide 21

Sun Microsystems 8 fallacies of distributed computing

Slide 22

Slide 22

Slide 23

Slide 23

Slide 24

Slide 24

Jeff Hodges Notes on Distributed Systems for Young Bloods https://www.somethingsimilar.com/2013/01/14/notes- on-distributed-systems-for-young-bloods/

Slide 25

Slide 25

The Five Nines Is it resilient? Nein. Is it available? Nein. Is it scalable? Nein. Is it reliable? Nein. Does it work? Nein. — https://twitter.com/marcvolovic/status/ 898022815668088832

Slide 26

Slide 26

At this point it would be easier if you told us when it DID work. — https://twitter.com/honest_update/status/ 930128629677416450

Slide 27

Slide 27

SOA done right?

Slide 28

Slide 28

Slide 29

Slide 29

Slide 30

Slide 30

SOAP: Simple Object Access Protocol. Except it's not Simple, it's Complicated. And it's not about Objects, it's about RPC. So really: CRAP — https://twitter.com/joewalnes/status/563691487586549761

Slide 31

Slide 31

Slide 32

Slide 32

We replaced our monolith with micro services so that every outage could be more like a murder mystery. — https://twitter.com/honest_update/status/ 651897353889259520

Slide 33

Slide 33

Slide 34

Slide 34

Here's a diagram of two microservices and their shared database. — https://twitter.com/mathiasverraes/status/ 711168935798902785

Slide 35

Slide 35

OH: "replace your shared monolithic DB with a shared monolithic stream store" — https://twitter.com/ntcoding/status/928902644764200960

Slide 36

Slide 36

...don’t even consider microservices unless you have a system that’s too complex to manage as a monolith. The majority of software systems should be built as a single monolithic application.

Slide 37

Slide 37

Do pay attention to good modularity within that monolith, but don’t try to separate it into separate services. — http://martinfowler.com/bliki/MicroservicePremium.html

Slide 38

Slide 38

Slide 39

Slide 39

https://twitter.com/simonbrown/status/847339104874381312

Slide 40

Slide 40

The #microservices bandwagon exists because the name is cool. Monoliths just need marketing help… #MegaPlatform #UberContainer #StereoLith — https://twitter.com/sjmaple/status/724541627407147008

Slide 41

Slide 41

#Serverfull

Slide 42

Slide 42

A word of the week: Microlith - a huge enterprise app ported to one, fat Docker container. #MicroserviceJokes — https://twitter.com/rmehmandarov/status/ 865542627004788737

Slide 43

Slide 43

If you want to implement microservices, the 1st thing you need to do is implement aggregated logging. The 2nd is implement correlation IDs — https://twitter.com/samnewman/status/ 862255875125366786

Slide 44

Slide 44

Microservices can help large number of people go faster by allowing more autonomy. I remain to be convinced it does the same for small teams — https://twitter.com/samnewman/status/ 778118760226062336

Slide 45

Slide 45

Repeat after me I'm not Facebook, Google, or Amazon

Slide 46

Slide 46

Slide 47

Slide 47

Greed is applied to a very excessive or rapacious desire and pursuit of material possessions.

Slide 48

Slide 48

Slide 49

Slide 49

Slide 50

Slide 50

Sloth is sometimes defined as physical laziness, but spiritual laziness is emphasized.

Slide 51

Slide 51

Slide 52

Slide 52

Continuous Integration CI Build and test every push

Slide 53

Slide 53

Continuous Delivery CD Manual production deployment

Slide 54

Slide 54

Continuous Deployment CD Automated production deployment

Slide 55

Slide 55

Slide 56

Slide 56

https://twitter.com/allspaw/status/925490726468771840

Slide 57

Slide 57

Slide 58

Slide 58

Slide 59

Slide 59

Facebook switched to Continuous Delivery / Deployment in 04/2017 https://code.facebook.com/posts/270314900139291/ rapid-release-at-massive-scale/

Slide 60

Slide 60

Slide 61

Slide 61

DDD (Russian: Davai Davai Deploy) - Just deploy this sh*t already. Come on! — https://twitter.com/Steve_Jules/status/ 862247438551265280

Slide 62

Slide 62

Also Deadline Driven Deployment

Slide 63

Slide 63

Slide 64

Slide 64

Continuous life or death cycle?

Slide 65

Slide 65

Slide 66

Slide 66

https://twitter.com/ericqweinstein/status/529319496029589504

Slide 67

Slide 67

Slide 68

Slide 68

Separate code and config

Slide 69

Slide 69

Do not commit secrets HashiCorp Vault Ansible Vault ...

Slide 70

Slide 70

Slide 71

Slide 71

Lust is an intense and uncontrolled desire.

Slide 72

Slide 72

Always use the hottest !

Slide 73

Slide 73

High-latency low-throughput append-only database with very expensive transaction commit protocols just doesn’t have the same ring to it as “Blockchain” does it? — https://twitter.com/jstogdill/status/1004448569615626240

Slide 74

Slide 74

Slide 75

Slide 75

Slide 76

Slide 76

Docker: each docker container should just run one process Me: but your containers are 700+MB each Docker: you see why our mascot is a whale — https://twitter.com/classam/status/743333692462895104

Slide 77

Slide 77

Slide 78

Slide 78

https://turnoff.us/geek/before-devops- after-devops/

Slide 79

Slide 79

Slide 80

Slide 80

Slide 81

Slide 81

Slide 82

Slide 82

"A container is just a process"

Slide 83

Slide 83

Slide 84

Slide 84

containers will not ! x your broken architecture you are welcome — https://twitter.com/littleidea/status/659445920954642432

Slide 85

Slide 85

Slide 86

Slide 86

so.. using GlibC? How’s re-imaging all of your @Docker images going? — https://twitter.com/starbuxman/status/ 700591322177019904

Slide 87

Slide 87

You gotta love the docker-compose command line: docker-compose down -v Removes all volumes docker-compose -v down Prints the version of docker-compose — https://twitter.com/fhopf/status/971910920522760192

Slide 88

Slide 88

New dependencies of your artifacts JVM and base image

Slide 89

Slide 89

Slide 90

Slide 90

Containerizing legacy applications

Slide 91

Slide 91

Microservices + containers Cargo cult

Slide 92

Slide 92

Slide 93

Slide 93

cargo culting comes from received but not integrated knowledge.because one doesn't grasp how a thing works, one simply goes through the motion of how one was told to do it. — https://twitter.com/GeePawHill/status/ 931941663886454784

Slide 94

Slide 94

If you are only picking Kubernetes because that's the way Google does it, then you should also consider writing your own ! lesystems. — https://twitter.com/kelseyhightower/status/ 741310392756887552

Slide 95

Slide 95

We've been so beaten into thinking we need to care about the speed-of- delivery with containers, we lost focus somewhere on prod reliability — https://twitter.com/danveloper/status/858372256174669824

Slide 96

Slide 96

What's wrong here? For a stateful production service $ docker run -p 9200:9200 -p 9300:9300 -e "http.host=0.0.0.0" -e "transport.host=0.0.0.0" -e "discovery.zen.ping.unicast.hosts=..." docker.elastic.co/elasticsearch/elasticsearch

Slide 97

Slide 97

Zombies ideas that should have been killed by evidence, but keep shambling along

Slide 98

Slide 98

Run Elasticsearch as root

Slide 99

Slide 99

Cockroaches claims that disappear for a while when proved wrong, but just keep on coming back

Slide 100

Slide 100

Make JAR not WAR

Slide 101

Slide 101

One more thing Serverless

Slide 102

Slide 102

Serverless

Slide 103

Slide 103

Slide 104

Slide 104

Yesterday I have bird and bee discussion with junior devops for make realize cloud instance is born of real hardware. — https://twitter.com/DEVOPS_BORAT/status/ 289777231683788801

Slide 105

Slide 105

I felt a great disturbance in the cloud, as if millions of microservices suddenly cried out in terror, and were suddenly serverless. — https://twitter.com/kennybastani/status/ 858021145890762755

Slide 106

Slide 106

2016: Serverless Architecture 2017: Codeless Architecture 2018: Architectureless Architecture — https://twitter.com/benbjohnson/status/ 746049032699600897

Slide 107

Slide 107

by 2025, 30% of net new technical debt will be serverless — https://twitter.com/mstine/status/972207185005633536

Slide 108

Slide 108

PaaS reborn?

Slide 109

Slide 109

If your PaaS can e ! ciently start instances in 20ms that run for half a second, then call it serverless. — https://twitter.com/adrianco/status/736553530689998848

Slide 110

Slide 110

Slide 111

Slide 111

Pride is identified as believing that one is essentially better than others.

Slide 112

Slide 112

Slide 113

Slide 113

DevOps is not a technology

Slide 114

Slide 114

Slide 115

Slide 115

Slide 116

Slide 116

To make error is human. To propagate error to all server in automatic way is #devops. — https://twitter.com/DEVOPS_BORAT/status/ 41587168870797312

Slide 117

Slide 117

Slide 118

Slide 118

Envy is the discontent towards someone's traits, status, abilities, or rewards.

Slide 119

Slide 119

Craft everything yourself!

Slide 120

Slide 120

"Nobody uses Maven. Maven uses you" @venkat_s at #Devoxx — https://twitter.com/mariofusco/status/ 927899858056425472

Slide 121

Slide 121

Infrastructure Pets vs Cattle

Slide 122

Slide 122

All my servers are cattle ... except for the redis instance. That one gets health care and Christmas gifts. — https://twitter.com/ajordens/status/801847570259509248

Slide 123

Slide 123

Ansible Puppet Chef Terraform

Slide 124

Slide 124

Slide 125

Slide 125

Avoid Drift

Slide 126

Slide 126

Slide 127

Slide 127

I like the "ssh tags the instance for garbage collection" model as a step; it lets you migrate a team to new habits. — https://twitter.com/ferlatte/status/905984786082050048

Slide 128

Slide 128

Slide 129

Slide 129

Wrath also known as "rage", may be described as inordinate and uncontrolled feelings of hatred and anger.

Slide 130

Slide 130

Log & Monitor

Slide 131

Slide 131

Slide 132

Slide 132

Slide 133

Slide 133

Conclusion

Slide 134

Slide 134

A good developer is like a werewolf: Afraid of silver bullets. — https://twitter.com/codepitbull/status/ 784691906005635072

Slide 135

Slide 135

OH: “their infra is 50 shades of broken and they’re now setting up their own frankenetes cluster hoping it’ll ! x everything” ! " — https://twitter.com/copyconstruct/status/ 935317466573504512

Slide 136

Slide 136

Slide 137

Slide 137

https://youtu.be/zoGyuiyCUAQ

Slide 138

Slide 138

Questions? Confessions? @xeraa