Cloud Devops AWS and CI/CD Concepts

Cloud Computing

On Demand
App Services
Ubiquitous Storage
Easily
Networking
Network Quickly DB Security
Scaling
Shared Load Balancing
 AWS
No Capital AZURE
GCP
Our Own Cloud
Oracle
Low
IBM
Maintenance
Alibaba
Free Tier Limit

30 GB Storage
750 hours per month
Cloud Types

Public AWS AZURE GCP

Private Dell,3M,Siemens etc

Hybrid public+public

public+private
 Data Center(secure data)
+
AWS(web server, java,load balancing)

(AWS) RDS
+
Azure(.Net)
Service Models Application
SaaS
Data Serverless RDS S3
PaaS Runtime Lambda
EBS Middleware
SNS
O/S

CloudFormation
Virtualization
IaaS
Terraform
Services
EC2
Storage VPC
Networking Security Groups
CI/CD
Source Build Test Deploy Monitor
Commit Compile Integration Pre-Prod Health and
Unusual
Code Review Unit Test System Prod
Activities
Program war/jar/dll Load

Image UI
 Devops
Source Build Test Deploy Monitor
Git
Maven
WAR/JAR WAR/JAR Cloud Watch
Docker
WAR/JAR
Prometheus
Image Container Container

Kubernetes

Jenkins OR
AWS EBS
GIT
 VCS
Developer1
Centralized CVS
Clearcase

FligthService.java
Version
Developer2 Control 1.0
System
2.0
3.0

Tester
 GIT
Developer 1 Full Copy
Free and Open Source
Backup Work Area
Fast and Light Weight
Work Offline

Developer 2 Work Area REMOTE Repository

SHA1
Work Area
Branching
Devops
 REMOTE Repository

Clone PULL
PUSH

COMITTED

Local Repo STAGING

ADD COMMIT

Work Area
 1 2 3 4 5
commitId

Head
AWS
 Clinicals Bed Management
Environment EBS

Security IAM/Security Groups

Load Balancing ELB

Scaling Auto Scaling

Health Checks and Cloud Watch

Monitoring

Patient Registration Claims

Regions and Zones
Europe India
USA East

Zone A Zone B Zone X Zone Y Zone 1 Zone 2

Edge Edge Edge

Locations Locations Locations
EC2 Ubuntu Windows Centos

OS
AMI
Software
Java
Putty
Python
MySql
Docker
Mac Terminal
SSH Secure Shell
Encrypt/Decrypt
Client Remote
Machine Machine
22
Private Public
ssh-keygen -t rsa 2048-bit SSH-2 RSA keys

.ssh/id_rsa 5000 per region

S3 Simple Storage Service

Object Based Storage

Buckets
EBS 100 5GB
EC2 20000 GETs
EFS
2000 PUTs
EC2 AND S3

Launch a EC2 instance

Upload jar to S3

Access the jar from ec2 and test

1 - Create Launch Configuration
Instance Creation
Application Image(AMI)

2 - Auto Scaling Group

Scaling Policy
 Web Server

Linux

Auto Scaling Scale Up Scale Down

Web Server

Linux
 MySql
PostgreSQL

RDS DB MSSQL

MariaDB
Amazon Aurora
Replication

Auto Backups MongoDb

Auto Recovery DynamoDB

Caching
Deploy on EBS using RDS
EBS Coupon
Service

Application Coupon Instance MySql

Version DB Instance

Configuration Product RDS

Service

EBS Product Instance

 Load Balancing
RDS

Coupon
S3
Service

Elastic Beanstalk EC2 Instance

SNS

CloudWatch
Autoscaling
Java Python

Tomcat Elastic
NodeJs
Beanstalk
.Net
Ruby
Docker Go
 VPC
Application Client Network
App

Content
Classic Elastic Load Balancing

Microserivce Microservice Microservice

Instance 1 Instance 2 Instance 3
AWS CLI

Create a User

Install AWS CLI

Configure and Use

AWS Cloudwatch
Coupon
Service
Coupon
Collect
Instance
MySql Monitor
EBS
DB Instance Analyze
Product RDS
Service
Act
Product
Instance
EC2
 RDS

EBS Cloud Watch EC2

SNS
Simple Notification Service (SNS)

NumberOfNotificationsFailed
Cloud Watch Alarm

Message Topic Subscription

Micro Service
Email
HTTP
AWS Lambda
1- Simple Notification Service
Topics
Subscriptions

2- Create Alarm and attach SNS

3-Test
IAM Access
EC2

Console
Programmatic Access RDS

Users S3
Policy
User Groups
Permissions
Role CloudWatch
AWS CLI
EC2

creat/stop/start

create
Command Line
RDS

copy

S3
Policy

Identity Based Actions

Resouces
Resource Based
Effect
IAM Permission Boundaries
Conditions
Service Control Policies

Access Control Lists

Session Policies
DOCKER
 Container

Container
Container
Windows

MacOS

Containers Dev Test Stage Prod

Container

Ubuntu
Container

CentOs
Docker Docker
Application
Image
Docker
OCI Windows Db Image
Server

MacOS
war/dll/django code

Image Docker
WebImage
Server

Container Docker Ubuntu

App Server
Image

CentOs
Simple Image
Our Application
Virtualization Platform Jboss
Java
Linux
Fast
Containers
PODA
 Registry
Docker
Docker Host
Client java
Docker Engine
tomcat
docker pull <image> Containers Images
tomcat mysql
docker run <image> tomcat
mysql mysql nodejs
docker build <image>

Docker Components and Workflow

Docker Layers

Microservice
Registry

Microservice

JBoss Faster
UFS Java Smaller
CentOs
Dockerization

Launch a MySql Container

Create a Dockerfile

Launch the App Container and Test

Docker Compose

Microservice

Docker Host DB Server

Docker Host

Web
Container

Docker Host
up
restart

build
scale
stop
kill
logs
ps
Web Dashboard

CLI

REST APIs
Master/Control node

Managed Nodes

Inventory
Copy Files
Modules
Install Software
Assignment

Flight
DB Server
Service

Container Container
Dockerization
Product
Service

Container
DB Server

Container

Coupon
Service

Container
docker commit <container-id> image

Apache2 State

Ubuntu Container
Volumes and Bind Mounts
Data Data

Container Deleted
Persist Data

Bind Mount Data

Host
: Container Deleted

Volume Data
Bind Mounts

Data

Host
: Container Deleted
Data
Local File System
Volume

Data

Host
: Container Deleted
Data
Docker
/var/lib/docker/volumes
Image Layers and Overlay

Container
Writable

Apache
Union File System
Ubuntu

Kernel
Kubernetes
Container Orchestration
Fault-tolerance ProductService ProductService

On-demand scalability

Performance
Auto Discovery CouponService CouponService

Public Access

Auto Update and

RollBack DB Server DB Server
 ProductSe
rvice
CouponSe
rvice
DB ProductSe
ProductSe
Server
rvice Helmsman rvice
CouponSe CouponSe
rvice
Ship Pilot rvice
DB DB
Server Server

Prod

ProductSe
rvice
CouponSe
rvice K8s
DB
Server Cloud Native Computing Foundation
ProductSe CI/CD
rvice
CouponSe
DB
rvice Google Kubernetes Engine
Server
AWS Elastic Container Service
Test
Azure Kubernetes Service
Namespace

Deployment
Docker

ReplicaSet
POD POD POD
Pod

Service
Master Worker

Api Server kubelet proxy

Control Docker
Scheduler
Manager

etcd

Worker

kubelet proxy
kubectl

Docker
Phases
POD
Pending

Running
Succeeded
Container

Failed

Unknown
POD

Network Security

DB Server CouponSe ProductSe

DB CouponS ProductSe
rvice rvice
Server ervice rvice

Configuration Volumes
Environment Variables POD POD POD
Executing Commands Product Product Product
Service Service Service

POD POD

DB Server DB Server Service

POD POD POD

Coupon Coupon Coupon

Service Service Service
Liveness and Readiness
 productservice POD POD POD

Product Product Product

Service Service Service

POD POD

DB Server DB Server

POD POD POD

Coupon Coupon Coupon

Service
mysqlservice Service Service

couponservice
Single-Node Installation

Master Worker

Api Server kubelet proxy

Control Docker
Scheduler
Manager

kubectl

Minikube Docker Desktop

 On-Premise Bare Metal or VMs

Cloud Installation
Hosted Solutions on Cloud
Google Kubernetes Engine (GKE)
Azure Kubernetes Service (AKS)
OpenShift Dedicated

On Premise Private Cloud

 Apps
Master Worker

Api Server
Load
kubelet proxy
Balancer

Control Docker
Scheduler
Manager

etcd

Worker

kubelet proxy
kubectl
Single-Master and Multi-Worker Docker

Multi-Master and Multi-Worker

Only Cluster Client/Tester

Outside

Maps to a entity
Service

PodA PodB PodC

172.33.22.1 172.33.22.10 172.33.22.18

ClusterIP
PodD

172.33.22.30

10.20.162.144

Cluster IP IP Tables IPV4

Service

PodA PodB PodC

172.33.22.1 172.33.22.10 172.33.22.18

NodePort Client/Tester

NodePort
Service 30000 to 32767

10.20.162.144
Cluster IP

PodA PodB PodC

172.33.22.1 172.33.22.10 172.33.22.18

LoadBalancer Client

AWS ELB

NodePort
NodePort
32333 32333

ClusterIP
ClusterIP

PodA PodB PodC

172.33.22.1 172.33.22.10 172.33.22.18

External Name

Ingress
8080 80
kubectl command resource <options>
create pod
get replicaset
describe service
delete
 Coupon
Service

coupon-app MySql

docker-mysql

Product
Service

product-app
DB Deployment

Create Deployment

Create ConfigMap

Mount Volume
Volumes

Container Container Container

/etc/config /etc/config /etc/config

Pod Pod
/config/data /config/data
emptyDir

nfs Config Map and secret

hostPath
 httpd

Image Versions POD

maxUnavailable
httpd
maxSurge
POD
Deployment

Recreate httpd

POD

RollingUpdate
PersistentVolume PersistentVolumeClaim

Container Container
/etc/config /etc/config \ Cluster
Persistent Volume /data

Persistent
Pod Volume
Claim
Volume
Access Modes

ReadWriteOnce

ReadOnlyMany

ReadWriteMany
Create Persistent Volume
Create Persistent Volume Claim
Mount the Volume Claim
Labels and Selectors
 Coupon Deployment
DB Deployment

app: cs
Product Deployment app: db

app: ps
Product
Service
app: db
Product MySql app: ps
app: ps
Service

Coupon app: cs
Coupon app: cs Coupon MySql app: db
Service
Service Service
app: cs
= != in notin exists
 ProductSe
rvice
CouponSe Integrated in to docker engine
rvice
DB ProductSe
ProductSe
Server rvice
rvice CouponSe
CouponSe
rvice rvice
DB DB
Server Server

Docker
Prod
Swarm

ProductSe
rvice
CouponSe
rvice
DB Scale Auto Discovery
Server
ProductSe Load Balancing
rvice Fault Tolerant
CouponSe
rvice
DB Rolling Updates
Server
Test
Docker Swarm vs Kubernetes

First
Evolved from google
How they work
Community Backing
Setup
Lots of commits
Components
Pods

Huge Clusters
 Raft Consensus Group

Distributed State Store

docker swarm init

Manager2 Manager1 Manager3
TLS
Certificate
Token
Worker1 Worker2 Worker4
Worker3
 httpd

Task
Worker1

3 httpd
Task

Service httpd

Task Task
Worker2
Swarm manager

Task

httpd

Task
Worker3
Swarm Architecture
API

Container
Orchestrator

RAFT Allocator Worker

Dispatcher Executor

Scheduler Worker Node

Manager Node
Service
Redis Older Version

3
8
5
docker stack deploy docker-compose.yml
Ansible Provisioning/CM

SSH
Host1

ad hoc
Ansible
Master Host2

playbook
Host3