SlideShare a Scribd company logo

Pluggable Infrastructure with CI/CD and Docker

Bob Killen
Bob Killen

The docker cluster ecosystem is still young, and highly modular. This presentation covers some of the challenges we faced deciding on what infrastructure to deploy, and a few tips and tricks in making both applications and infrastructure easily adaptable.

Technology
1 of 33
Download to read offline
Pluggable Infrastructure with CI/CD and Docker. Bob Killen Systems Programmer/Analyst Senior Department of Pathology University of Michigan Health System Jeffrey Sica Business Systems Analyst Lead Department of Pathology University of Michigan Health System
Disclaimer All opinions spoken by Bob or Jeff are their own and not that of the University of Michigan or its affiliates.
A bit of background Central IT vs Pathology Informatics HIPAA Concerns Our original infrastructure ● Before Docker, there were VMs ● Started on Kubernetes ● Migrated to Individual Hosts
Challenges we faced ● Managing multiple instances of the same infrastructure ○ Public applications must be firewalled from Internal applications (HIPAA) ● Rapid prototyping and demoing of applications ○ Victims of our own success ● Large infrastructure, small staff ○ 40+ independant in house developed applications or services ○ 1 Designer, 1.5 Developers, 1.5 Sysadmins
Workflow - Outside of Host Cluster Commit and Code Push Source Control server notifies Build Server of new commit. Build Server schedules build at new commit. If build successful; tag image and push to registry. Otherwise notify group. After successful build pushed to the registry, trigger cluster update. Notify if problem arises during update.Build
Workflow - In Cluster Cluster is notified of new task. Cluster determines hosts with appropriate resource offerings. Hosts pull containers associated with task. Once containers pass healthcheck, front end is notified of host:port Front End updates configuration and reloads with new services. Service is now accessible to public network
The Pillars of a Container Centric Infrastructure
The path we have chosen. Gitlab Jenkins DTR Mesos Docker
Gitlab ● Open source ● Close-enough mirror to the familiar (GitHub) ● Low barrier to entry for non-developers ● Existing integration into other “pillars” (Jenkins) ● Now comes in a handy dandy container ○ “ docker pull gitlab/gitlab-ce ” ○ https://hub.docker.com/r/gitlab/gitlab-ce/
Jenkins ● Open Source ● Time tested solution ● Plug-ins galore ○ Docker ○ Mesos Cluster ○ Gitlab Webhooks ● No real constraints on architecture ○ No plugin? Use Bash! ● Blank slate for any project ● Windows Support
Docker Trusted Registry ● Security Requirements ○ 100% on premise. ○ LDAP backed. ○ RBAC - v0 api available, use and integration capability growing. ■ https://docs.docker.com/docker-trusted-registry/api/ ○ One-click upgrade. ○ User friendly UI. ● Support Offerings ○ 24/7 support REQUIRED for use in a clinical care setting. ○ Guided install with staff on-site where needed
Mesos ● Generic abstraction of resources. Useful to combine varied host systems (both physical and virtual). ● Caters well to an on prem solution. ● Slightly more mature in the cluster solution ecosystem. ○ Powered by Mesos Users - http://mesos.apache.org/documentation/latest/powered-by-mesos/ ● Large framework ecosystem; with lots of active development.
Mesos (Cont.) ● https://open.mesosphere.com/frameworks/ Just to name a few….
Mesos (Cont…future) Mesos Windows Epic: https://issues.apache.org/jira/browse/MESOS-3094 Docker + Windows + Mesos = Match made in the clouds Screencast Demo: https://www.youtube.com/watch?v=dC2vitIh84M
Docker (CE) ● Support Offerings ○ Touching on this again...24/7 support is REQUIRED when used in a clinical setting. ● Certified stable releases suitable for production use. ● Predictable release schedule for upgrade planning. ● Orchestration components are swappable...docker engine is not, and is the base requirement for everything.
Final Form: Pluggable Infrastructure Pt. 1 ● Application container function should be independent of infrastructure design. ○ Container init script + environment or cluster seed script. ■ container init script variables are static ■ seed script populates container init script with cluster specific information. ■ Build server can inject seed script for environment (local dev vs cluster deployment)
Example Init Script $VAR1 and $VAR2 can be set at container creation or ‘seeded’ via a script sourced as $ENVIRONMENT_INIT. The supplied script could hit a variety of endpoints for configuration information (consul, etcd, registrator, etc). If nothing is provided, it assumes the default value. This allows for init script to remain static, with only the sourced seed script changing per environment.
Final Form: Pluggable Infrastructure Pt. 2 ● Infrastructure components in source control; and if at all possible built as containers themselves. ○ Apply standard ‘infrastructure as code’ methods. ■ Version Everything ■ Design tests and integrate with CI/CD
Final Form: Pluggable Infrastructure Pt. 2 (Cont.) ● Components that may modify host configuration require some level of clean-up. e. g. anything that may require iptables. ○ trap SIGINT, SIGKILL etc. then perform action. ○ Does require some form of ‘init’ or process management. - supervisord, tini, monit etc ● Use of VRRP / Keepalived and deploying in pairs when services may be bound to a single point of failure (no DNS load balancing etc). ○ Provides incredibly simple IP failover. ○ Prerequisites for use: ■ sysctl - net.ipv4.ip_nonlocal_bind=1 ■ container run with host networking and cap NET_ADMIN ○ Added bonus of making it EXTREMELY easy to upgrade and switch services. ■ If upgrading: push new version to backup, then push to master.
Keepalived + HAproxy Demo
Example Keepalived Configuration Master Backup Description ● state - MASTER or BACKUP - Defines server role in the group. ● interface - The interface that keepalived will use for VRRP traffic and monitor by default. ● vrrp_unicast_bind - The ip in which vrrp should bind to. ● vrrp_unicast_peer - The bind ip of the other node in the group. ● virtual_router_id - Unique number between 1-255 that identifies the vrrp group. Multiple instances of vrrp can run at the same time on the same servers. ● priority - In scenarios with more than 2 nodes, priority will dictate the failover order with highest priority becoming the master. ● advert_int - Healthcheck interval (seconds) ● authentication - PASS (cleartext password) or AH (IPSEC Authorization Header). Password and method used by the nodes to validate each other. ● virtual_ipaddress - Virtual IP Address to be generated and interface it should be bound to. IPs in this block WILL be tracked by keepalived. Used for private network interface tracking. ● virtual_ipaddress_excluded - Virtual IP Address to be generated and interface it should be bound to. IPs in this block will NOT be tracked, but automatically failed over if an event would trigger a failure of IP(s) in the virtual_ipaddress block. Used for public facing IPs. ● track_interface - Interface adapters that should have their link state monitored for failover trigger.
Future State Challenges ● Better Secret Management ○ Consul / Vault injection at runtime and seeded via ENVIRONMENT_INIT. ○ Mount secure volume ● Profiling containers for lxc capabilities + apparmor profiles ○ https://github.com/jfrazelle/bane ● Improve logging with logstash framework ○ https://github.com/mesos/logstash ● Notary integration into build pipeline.
Questions? Bob Killen rkillen@med.umich.edu @mrbobbytables github.com/mrbobbytables Jeffrey Sica jsica@med.umich.edu @jeefy github.com/jeefy

Recommended

Docker From Scratch
Docker From ScratchDocker From Scratch
Docker From ScratchGiacomo Vacca
 
Platform Orchestration with Kubernetes and Docker
Platform Orchestration with Kubernetes and DockerPlatform Orchestration with Kubernetes and Docker
Platform Orchestration with Kubernetes and DockerJulian Strobl
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Stanislav Pogrebnyak
 
Containers, Clusters and Kubernetes - Brendan Burns - Defrag 2014
Containers, Clusters and Kubernetes - Brendan Burns - Defrag 2014Containers, Clusters and Kubernetes - Brendan Burns - Defrag 2014
Containers, Clusters and Kubernetes - Brendan Burns - Defrag 2014brendandburns
 
Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in DockerDocker, Inc.
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Ambassador Labs
 

Recommended

Docker From Scratch
Docker From ScratchDocker From Scratch
Docker From ScratchGiacomo Vacca
 
Platform Orchestration with Kubernetes and Docker
Platform Orchestration with Kubernetes and DockerPlatform Orchestration with Kubernetes and Docker
Platform Orchestration with Kubernetes and DockerJulian Strobl
 
Introduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopIntroduction to Kubernetes Workshop
Introduction to Kubernetes WorkshopBob Killen
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101Stanislav Pogrebnyak
 
Containers, Clusters and Kubernetes - Brendan Burns - Defrag 2014
Containers, Clusters and Kubernetes - Brendan Burns - Defrag 2014Containers, Clusters and Kubernetes - Brendan Burns - Defrag 2014
Containers, Clusters and Kubernetes - Brendan Burns - Defrag 2014brendandburns
 
Kubernetes in Docker
Kubernetes in DockerKubernetes in Docker
Kubernetes in DockerDocker, Inc.
 
Kubernetes laravel and kubernetes
Kubernetes laravel and kubernetesKubernetes laravel and kubernetes
Kubernetes laravel and kubernetesWilliam Stewart
 
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...
Velocity NYC 2017: Building Resilient Microservices with Kubernetes, Docker, ...Ambassador Labs
 
Docker for Java Developers - Fabiane Nardon and Arun gupta
Docker for Java Developers - Fabiane Nardon and Arun guptaDocker for Java Developers - Fabiane Nardon and Arun gupta
Docker for Java Developers - Fabiane Nardon and Arun guptaDocker, Inc.
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introductionSparkbit
 
Kubernetes and Hybrid Deployments
Kubernetes and Hybrid DeploymentsKubernetes and Hybrid Deployments
Kubernetes and Hybrid DeploymentsSandeep Parikh
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...Ambassador Labs
 
Ansible, integration testing, and you.
Ansible, integration testing, and you.Ansible, integration testing, and you.
Ansible, integration testing, and you.Bob Killen
 
Intro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchIntro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchJohn Culviner
 
Kubernetes deep dive - - Huawei 2015-10
Kubernetes deep dive - - Huawei 2015-10Kubernetes deep dive - - Huawei 2015-10
Kubernetes deep dive - - Huawei 2015-10Vishnu Kannan
 
Kubernetes: The Next Research Platform
Kubernetes: The Next Research PlatformKubernetes: The Next Research Platform
Kubernetes: The Next Research PlatformBob Killen
 
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Nati Shalom
 
Kubernetes automation in production
Kubernetes automation in productionKubernetes automation in production
Kubernetes automation in productionPaul Bakker
 
Docker to the Rescue of an Ops Team
Docker to the Rescue of an Ops TeamDocker to the Rescue of an Ops Team
Docker to the Rescue of an Ops TeamRachid Zarouali
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architectureJanakiram MSV
 
From Code to Kubernetes
From Code to KubernetesFrom Code to Kubernetes
From Code to KubernetesDaniel Oliveira Filho
 
Leveraging the Power of containerd Events - Evan Hazlett
Leveraging the Power of containerd Events - Evan HazlettLeveraging the Power of containerd Events - Evan Hazlett
Leveraging the Power of containerd Events - Evan HazlettDocker, Inc.
 
Configuration Management and Transforming Legacy Applications in the Enterpri...
Configuration Management and Transforming Legacy Applications in the Enterpri...Configuration Management and Transforming Legacy Applications in the Enterpri...
Configuration Management and Transforming Legacy Applications in the Enterpri...Docker, Inc.
 
Containers without docker
Containers without dockerContainers without docker
Containers without dockerBen Hall
 
Microservices using relocatable Docker containers
Microservices using relocatable Docker containersMicroservices using relocatable Docker containers
Microservices using relocatable Docker containersMauricio Garavaglia
 
DockerCon SF 2015: Enabling Microservices @Orbitz
DockerCon SF 2015: Enabling Microservices @OrbitzDockerCon SF 2015: Enabling Microservices @Orbitz
DockerCon SF 2015: Enabling Microservices @OrbitzDocker, Inc.
 
Kubernetes 101 and Fun
Kubernetes 101 and FunKubernetes 101 and Fun
Kubernetes 101 and FunMario-Leander Reimer
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes IntroductionRed Hat Developers
 
Building a Docker powered feature driven delivery pipeline at hoyhoy.nl
Building a Docker powered feature driven delivery pipeline at hoyhoy.nlBuilding a Docker powered feature driven delivery pipeline at hoyhoy.nl
Building a Docker powered feature driven delivery pipeline at hoyhoy.nlXebia Nederland BV
 
How Docker simplifies CI/CD
How Docker simplifies CI/CDHow Docker simplifies CI/CD
How Docker simplifies CI/CDGabriel N. Schenker
 

More Related Content

What's hot

Docker for Java Developers - Fabiane Nardon and Arun gupta
Docker for Java Developers - Fabiane Nardon and Arun guptaDocker for Java Developers - Fabiane Nardon and Arun gupta
Docker for Java Developers - Fabiane Nardon and Arun guptaDocker, Inc.
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introductionSparkbit
 
Kubernetes and Hybrid Deployments
Kubernetes and Hybrid DeploymentsKubernetes and Hybrid Deployments
Kubernetes and Hybrid DeploymentsSandeep Parikh
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...Ambassador Labs
 
Ansible, integration testing, and you.
Ansible, integration testing, and you.Ansible, integration testing, and you.
Ansible, integration testing, and you.Bob Killen
 
Intro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchIntro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchJohn Culviner
 
Kubernetes deep dive - - Huawei 2015-10
Kubernetes deep dive - - Huawei 2015-10Kubernetes deep dive - - Huawei 2015-10
Kubernetes deep dive - - Huawei 2015-10Vishnu Kannan
 
Kubernetes: The Next Research Platform
Kubernetes: The Next Research PlatformKubernetes: The Next Research Platform
Kubernetes: The Next Research PlatformBob Killen
 
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Nati Shalom
 
Kubernetes automation in production
Kubernetes automation in productionKubernetes automation in production
Kubernetes automation in productionPaul Bakker
 
Docker to the Rescue of an Ops Team
Docker to the Rescue of an Ops TeamDocker to the Rescue of an Ops Team
Docker to the Rescue of an Ops TeamRachid Zarouali
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architectureJanakiram MSV
 
Leveraging the Power of containerd Events - Evan Hazlett
Leveraging the Power of containerd Events - Evan HazlettLeveraging the Power of containerd Events - Evan Hazlett
Leveraging the Power of containerd Events - Evan HazlettDocker, Inc.
 
Configuration Management and Transforming Legacy Applications in the Enterpri...
Configuration Management and Transforming Legacy Applications in the Enterpri...Configuration Management and Transforming Legacy Applications in the Enterpri...
Configuration Management and Transforming Legacy Applications in the Enterpri...Docker, Inc.
 
Containers without docker
Containers without dockerContainers without docker
Containers without dockerBen Hall
 
Microservices using relocatable Docker containers
Microservices using relocatable Docker containersMicroservices using relocatable Docker containers
Microservices using relocatable Docker containersMauricio Garavaglia
 
DockerCon SF 2015: Enabling Microservices @Orbitz
DockerCon SF 2015: Enabling Microservices @OrbitzDockerCon SF 2015: Enabling Microservices @Orbitz
DockerCon SF 2015: Enabling Microservices @OrbitzDocker, Inc.
 

What's hot (20)

Docker for Java Developers - Fabiane Nardon and Arun gupta
Docker for Java Developers - Fabiane Nardon and Arun guptaDocker for Java Developers - Fabiane Nardon and Arun gupta
Docker for Java Developers - Fabiane Nardon and Arun gupta
 
Kubernetes - introduction
Kubernetes - introductionKubernetes - introduction
Kubernetes - introduction
 
Kubernetes and Hybrid Deployments
Kubernetes and Hybrid DeploymentsKubernetes and Hybrid Deployments
Kubernetes and Hybrid Deployments
 
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
O'Reilly Software Architecture Conference London 2017: Building Resilient Mic...
 
Ansible, integration testing, and you.
Ansible, integration testing, and you.Ansible, integration testing, and you.
Ansible, integration testing, and you.
 
Intro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratchIntro to Docker and clustering with Rancher from scratch
Intro to Docker and clustering with Rancher from scratch
 
Kubernetes deep dive - - Huawei 2015-10
Kubernetes deep dive - - Huawei 2015-10Kubernetes deep dive - - Huawei 2015-10
Kubernetes deep dive - - Huawei 2015-10
 
Kubernetes: The Next Research Platform
Kubernetes: The Next Research PlatformKubernetes: The Next Research Platform
Kubernetes: The Next Research Platform
 
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
Orchestration tool roundup kubernetes vs. docker vs. heat vs. terra form vs...
 
Kubernetes automation in production
Kubernetes automation in productionKubernetes automation in production
Kubernetes automation in production
 
Docker to the Rescue of an Ops Team
Docker to the Rescue of an Ops TeamDocker to the Rescue of an Ops Team
Docker to the Rescue of an Ops Team
 
Kubernetes architecture
Kubernetes architectureKubernetes architecture
Kubernetes architecture
 
From Code to Kubernetes
From Code to KubernetesFrom Code to Kubernetes
From Code to Kubernetes
 
Leveraging the Power of containerd Events - Evan Hazlett
Leveraging the Power of containerd Events - Evan HazlettLeveraging the Power of containerd Events - Evan Hazlett
Leveraging the Power of containerd Events - Evan Hazlett
 
Configuration Management and Transforming Legacy Applications in the Enterpri...
Configuration Management and Transforming Legacy Applications in the Enterpri...Configuration Management and Transforming Legacy Applications in the Enterpri...
Configuration Management and Transforming Legacy Applications in the Enterpri...
 
Containers without docker
Containers without dockerContainers without docker
Containers without docker
 
Microservices using relocatable Docker containers
Microservices using relocatable Docker containersMicroservices using relocatable Docker containers
Microservices using relocatable Docker containers
 
DockerCon SF 2015: Enabling Microservices @Orbitz
DockerCon SF 2015: Enabling Microservices @OrbitzDockerCon SF 2015: Enabling Microservices @Orbitz
DockerCon SF 2015: Enabling Microservices @Orbitz
 
Kubernetes 101 and Fun
Kubernetes 101 and FunKubernetes 101 and Fun
Kubernetes 101 and Fun
 
Kubernetes Introduction
Kubernetes IntroductionKubernetes Introduction
Kubernetes Introduction
 

Viewers also liked

Building a Docker powered feature driven delivery pipeline at hoyhoy.nl
Building a Docker powered feature driven delivery pipeline at hoyhoy.nlBuilding a Docker powered feature driven delivery pipeline at hoyhoy.nl
Building a Docker powered feature driven delivery pipeline at hoyhoy.nlXebia Nederland BV
 
Automating the CI / CD pipeline of your containerized applications
Automating the CI / CD pipeline of your containerized applicationsAutomating the CI / CD pipeline of your containerized applications
Automating the CI / CD pipeline of your containerized applicationsKontena, Inc.
 
Jenkins + Docker = Continuous Improvement
Jenkins + Docker = Continuous ImprovementJenkins + Docker = Continuous Improvement
Jenkins + Docker = Continuous ImprovementUdaypal Aarkoti
 
CI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureCI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureFaisal Shaikh
 
Continuous Delivery with Jenkins Workflow
Continuous Delivery with Jenkins WorkflowContinuous Delivery with Jenkins Workflow
Continuous Delivery with Jenkins WorkflowUdaypal Aarkoti
 
Jenkins - From Continuous Integration to Continuous Delivery
Jenkins - From Continuous Integration to Continuous DeliveryJenkins - From Continuous Integration to Continuous Delivery
Jenkins - From Continuous Integration to Continuous DeliveryVirendra Bhalothia
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Docker, Inc.
 
Intro to CI/CD using Docker
Intro to CI/CD using DockerIntro to CI/CD using Docker
Intro to CI/CD using DockerMichael Irwin
 
Developing Infrastructure Code for CI & CD
Developing Infrastructure Code for CI & CDDeveloping Infrastructure Code for CI & CD
Developing Infrastructure Code for CI & CDRavikanth Chaganti
 
Deployment Automation with Docker
Deployment Automation with DockerDeployment Automation with Docker
Deployment Automation with DockerEgor Pushkin
 
Introducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by DockerIntroducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by DockerRamit Surana
 
Gradle - time for a new build
Gradle - time for a new buildGradle - time for a new build
Gradle - time for a new buildIgor Khotin
 
Gradle build tool that rocks with DSL JavaOne India 4th May 2012
Gradle build tool that rocks with DSL JavaOne India 4th May 2012Gradle build tool that rocks with DSL JavaOne India 4th May 2012
Gradle build tool that rocks with DSL JavaOne India 4th May 2012Rajmahendra Hegde
 
Gradle - the Enterprise Automation Tool
Gradle - the Enterprise Automation ToolGradle - the Enterprise Automation Tool
Gradle - the Enterprise Automation ToolIzzet Mustafaiev
 
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkinsdevopsdaysaustin
 
Database Migrations with Gradle and Liquibase
Database Migrations with Gradle and LiquibaseDatabase Migrations with Gradle and Liquibase
Database Migrations with Gradle and LiquibaseDan Stine
 
Continuous Integration, Build Pipelines and Continuous Deployment
Continuous Integration, Build Pipelines and Continuous DeploymentContinuous Integration, Build Pipelines and Continuous Deployment
Continuous Integration, Build Pipelines and Continuous DeploymentChristopher Read
 

Viewers also liked (20)

Building a Docker powered feature driven delivery pipeline at hoyhoy.nl
Building a Docker powered feature driven delivery pipeline at hoyhoy.nlBuilding a Docker powered feature driven delivery pipeline at hoyhoy.nl
Building a Docker powered feature driven delivery pipeline at hoyhoy.nl
 
How Docker simplifies CI/CD
How Docker simplifies CI/CDHow Docker simplifies CI/CD
How Docker simplifies CI/CD
 
Automating the CI / CD pipeline of your containerized applications
Automating the CI / CD pipeline of your containerized applicationsAutomating the CI / CD pipeline of your containerized applications
Automating the CI / CD pipeline of your containerized applications
 
Jenkins + Docker = Continuous Improvement
Jenkins + Docker = Continuous ImprovementJenkins + Docker = Continuous Improvement
Jenkins + Docker = Continuous Improvement
 
CI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for InfrastructureCI/CD Using Ansible and Jenkins for Infrastructure
CI/CD Using Ansible and Jenkins for Infrastructure
 
Continuous Delivery with Jenkins Workflow
Continuous Delivery with Jenkins WorkflowContinuous Delivery with Jenkins Workflow
Continuous Delivery with Jenkins Workflow
 
Jenkins - From Continuous Integration to Continuous Delivery
Jenkins - From Continuous Integration to Continuous DeliveryJenkins - From Continuous Integration to Continuous Delivery
Jenkins - From Continuous Integration to Continuous Delivery
 
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
Build, Publish, Deploy and Test Docker images and containers with Jenkins Wor...
 
Git,Travis,Gradle
Git,Travis,GradleGit,Travis,Gradle
Git,Travis,Gradle
 
Intro to CI/CD using Docker
Intro to CI/CD using DockerIntro to CI/CD using Docker
Intro to CI/CD using Docker
 
Developing Infrastructure Code for CI & CD
Developing Infrastructure Code for CI & CDDeveloping Infrastructure Code for CI & CD
Developing Infrastructure Code for CI & CD
 
Deployment Automation with Docker
Deployment Automation with DockerDeployment Automation with Docker
Deployment Automation with Docker
 
Introducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by DockerIntroducing Docker Swarm - the orchestration tool by Docker
Introducing Docker Swarm - the orchestration tool by Docker
 
Gradle - time for a new build
Gradle - time for a new buildGradle - time for a new build
Gradle - time for a new build
 
Gradle in 45min
Gradle in 45minGradle in 45min
Gradle in 45min
 
Gradle build tool that rocks with DSL JavaOne India 4th May 2012
Gradle build tool that rocks with DSL JavaOne India 4th May 2012Gradle build tool that rocks with DSL JavaOne India 4th May 2012
Gradle build tool that rocks with DSL JavaOne India 4th May 2012
 
Gradle - the Enterprise Automation Tool
Gradle - the Enterprise Automation ToolGradle - the Enterprise Automation Tool
Gradle - the Enterprise Automation Tool
 
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
2016 - Continuously Delivering Microservices in Kubernetes using Jenkins
 
Database Migrations with Gradle and Liquibase
Database Migrations with Gradle and LiquibaseDatabase Migrations with Gradle and Liquibase
Database Migrations with Gradle and Liquibase
 
Continuous Integration, Build Pipelines and Continuous Deployment
Continuous Integration, Build Pipelines and Continuous DeploymentContinuous Integration, Build Pipelines and Continuous Deployment
Continuous Integration, Build Pipelines and Continuous Deployment
 

Similar to Pluggable Infrastructure with CI/CD and Docker

Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst ITThings You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst ITOpenStack
 
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...Oleg Shalygin
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldDevOps.com
 
Composing services with Kubernetes
Composing services with KubernetesComposing services with Kubernetes
Composing services with KubernetesBart Spaans
 
Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOpsWeaveworks
 
Meetup Openshift Geneva 03/10
Meetup Openshift Geneva 03/10Meetup Openshift Geneva 03/10
Meetup Openshift Geneva 03/10MagaliDavidCruz
 
Cloud Platform Symantec Meetup Nov 2014
Cloud Platform Symantec Meetup Nov 2014Cloud Platform Symantec Meetup Nov 2014
Cloud Platform Symantec Meetup Nov 2014Miguel Zuniga
 
Deploying software at Scale
Deploying software at ScaleDeploying software at Scale
Deploying software at ScaleKris Buytaert
 
Q Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - ConjurQ Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - Conjurconjur_inc
 
The State of the Veil Framework
The State of the Veil FrameworkThe State of the Veil Framework
The State of the Veil FrameworkVeilFramework
 
Kubernetes and CoreOS @ Athens Docker meetup
Kubernetes and CoreOS @ Athens Docker meetupKubernetes and CoreOS @ Athens Docker meetup
Kubernetes and CoreOS @ Athens Docker meetupMist.io
 
ContainerCon - Test Driven Infrastructure
ContainerCon - Test Driven InfrastructureContainerCon - Test Driven Infrastructure
ContainerCon - Test Driven InfrastructureYury Tsarev
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Velocidex Enterprises
 
Getting to Walk with DevOps
Getting to Walk with DevOpsGetting to Walk with DevOps
Getting to Walk with DevOpsEklove Mohan
 
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius SchumacherOSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius SchumacherNETWAYS
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumWeaveworks
 
Introduction to PaaS and Heroku
Introduction to PaaS and HerokuIntroduction to PaaS and Heroku
Introduction to PaaS and HerokuTapio Rautonen
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps WorkshopWeaveworks
 

Similar to Pluggable Infrastructure with CI/CD and Docker (20)

Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst ITThings You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
 
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
Nagios Conference 2014 - Spenser Reinhardt - Detecting Security Breaches With...
 
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
GCP - Continuous Integration and Delivery into Kubernetes with GitHub, Travis...
 
The Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote WorldThe Future of Security and Productivity in Our Newly Remote World
The Future of Security and Productivity in Our Newly Remote World
 
Composing services with Kubernetes
Composing services with KubernetesComposing services with Kubernetes
Composing services with Kubernetes
 
Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOps
 
Meetup Openshift Geneva 03/10
Meetup Openshift Geneva 03/10Meetup Openshift Geneva 03/10
Meetup Openshift Geneva 03/10
 
Cloud Platform Symantec Meetup Nov 2014
Cloud Platform Symantec Meetup Nov 2014Cloud Platform Symantec Meetup Nov 2014
Cloud Platform Symantec Meetup Nov 2014
 
Deploying software at Scale
Deploying software at ScaleDeploying software at Scale
Deploying software at Scale
 
Q Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - ConjurQ Con New York 2015 Presentation - Conjur
Q Con New York 2015 Presentation - Conjur
 
12-Factor Apps
12-Factor Apps12-Factor Apps
12-Factor Apps
 
The State of the Veil Framework
The State of the Veil FrameworkThe State of the Veil Framework
The State of the Veil Framework
 
Kubernetes and CoreOS @ Athens Docker meetup
Kubernetes and CoreOS @ Athens Docker meetupKubernetes and CoreOS @ Athens Docker meetup
Kubernetes and CoreOS @ Athens Docker meetup
 
ContainerCon - Test Driven Infrastructure
ContainerCon - Test Driven InfrastructureContainerCon - Test Driven Infrastructure
ContainerCon - Test Driven Infrastructure
 
Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3Digital Forensics and Incident Response in The Cloud Part 3
Digital Forensics and Incident Response in The Cloud Part 3
 
Getting to Walk with DevOps
Getting to Walk with DevOpsGetting to Walk with DevOps
Getting to Walk with DevOps
 
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius SchumacherOSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
OSDC 2018 | Highly Available Cloud Foundry on Kubernetes by Cornelius Schumacher
 
Robust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and CiliumRobust Network Security and Observability with GitOps and Cilium
Robust Network Security and Observability with GitOps and Cilium
 
Introduction to PaaS and Heroku
Introduction to PaaS and HerokuIntroduction to PaaS and Heroku
Introduction to PaaS and Heroku
 
Free GitOps Workshop
Free GitOps WorkshopFree GitOps Workshop
Free GitOps Workshop
 

More from Bob Killen

Tackling New Challenges in a Virtual Focused Community
Tackling New Challenges in a Virtual Focused CommunityTackling New Challenges in a Virtual Focused Community
Tackling New Challenges in a Virtual Focused CommunityBob Killen
 
KubeCon EU 2021 Keynote: Shaping Kubernetes Community Culture
KubeCon EU 2021 Keynote: Shaping Kubernetes Community CultureKubeCon EU 2021 Keynote: Shaping Kubernetes Community Culture
KubeCon EU 2021 Keynote: Shaping Kubernetes Community CultureBob Killen
 
Intro to Kubernetes SIG Contributor Experience
Intro to Kubernetes SIG Contributor ExperienceIntro to Kubernetes SIG Contributor Experience
Intro to Kubernetes SIG Contributor ExperienceBob Killen
 
Intro to the CNCF Research User Group
Intro to the CNCF Research User GroupIntro to the CNCF Research User Group
Intro to the CNCF Research User GroupBob Killen
 
A Peek Behind the Curtain: Managing the Kubernetes Contributor Community
A Peek Behind the Curtain: Managing the Kubernetes Contributor CommunityA Peek Behind the Curtain: Managing the Kubernetes Contributor Community
A Peek Behind the Curtain: Managing the Kubernetes Contributor CommunityBob Killen
 
Kubernetes The New Research Platform
Kubernetes The New Research PlatformKubernetes The New Research Platform
Kubernetes The New Research PlatformBob Killen
 
Getting started with kubernetes
Getting started with kubernetesGetting started with kubernetes
Getting started with kubernetesBob Killen
 
Federated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingFederated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingBob Killen
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewBob Killen
 
(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive OverviewBob Killen
 
The (mutable) config management showdown
The (mutable) config management showdownThe (mutable) config management showdown
The (mutable) config management showdownBob Killen
 

More from Bob Killen (11)

Tackling New Challenges in a Virtual Focused Community
Tackling New Challenges in a Virtual Focused CommunityTackling New Challenges in a Virtual Focused Community
Tackling New Challenges in a Virtual Focused Community
 
KubeCon EU 2021 Keynote: Shaping Kubernetes Community Culture
KubeCon EU 2021 Keynote: Shaping Kubernetes Community CultureKubeCon EU 2021 Keynote: Shaping Kubernetes Community Culture
KubeCon EU 2021 Keynote: Shaping Kubernetes Community Culture
 
Intro to Kubernetes SIG Contributor Experience
Intro to Kubernetes SIG Contributor ExperienceIntro to Kubernetes SIG Contributor Experience
Intro to Kubernetes SIG Contributor Experience
 
Intro to the CNCF Research User Group
Intro to the CNCF Research User GroupIntro to the CNCF Research User Group
Intro to the CNCF Research User Group
 
A Peek Behind the Curtain: Managing the Kubernetes Contributor Community
A Peek Behind the Curtain: Managing the Kubernetes Contributor CommunityA Peek Behind the Curtain: Managing the Kubernetes Contributor Community
A Peek Behind the Curtain: Managing the Kubernetes Contributor Community
 
Kubernetes The New Research Platform
Kubernetes The New Research PlatformKubernetes The New Research Platform
Kubernetes The New Research Platform
 
Getting started with kubernetes
Getting started with kubernetesGetting started with kubernetes
Getting started with kubernetes
 
Federated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific ComputingFederated Kubernetes: As a Platform for Distributed Scientific Computing
Federated Kubernetes: As a Platform for Distributed Scientific Computing
 
Kubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive OverviewKubernetes - A Comprehensive Overview
Kubernetes - A Comprehensive Overview
 
(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview(Draft) Kubernetes - A Comprehensive Overview
(Draft) Kubernetes - A Comprehensive Overview
 
The (mutable) config management showdown
The (mutable) config management showdownThe (mutable) config management showdown
The (mutable) config management showdown
 

Recently uploaded

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 

Recently uploaded (20)

Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 

Pluggable Infrastructure with CI/CD and Docker

  • 1. Pluggable Infrastructure with CI/CD and Docker. Bob Killen Systems Programmer/Analyst Senior Department of Pathology University of Michigan Health System Jeffrey Sica Business Systems Analyst Lead Department of Pathology University of Michigan Health System
  • 2. Disclaimer All opinions spoken by Bob or Jeff are their own and not that of the University of Michigan or its affiliates.
  • 3. A bit of background Central IT vs Pathology Informatics HIPAA Concerns Our original infrastructure ● Before Docker, there were VMs ● Started on Kubernetes ● Migrated to Individual Hosts
  • 4. Challenges we faced ● Managing multiple instances of the same infrastructure ○ Public applications must be firewalled from Internal applications (HIPAA) ● Rapid prototyping and demoing of applications ○ Victims of our own success ● Large infrastructure, small staff ○ 40+ independant in house developed applications or services ○ 1 Designer, 1.5 Developers, 1.5 Sysadmins
  • 5. Workflow - Outside of Host Cluster Commit and Code Push Source Control server notifies Build Server of new commit. Build Server schedules build at new commit. If build successful; tag image and push to registry. Otherwise notify group. After successful build pushed to the registry, trigger cluster update. Notify if problem arises during update.Build
  • 6. Workflow - In Cluster Cluster is notified of new task. Cluster determines hosts with appropriate resource offerings. Hosts pull containers associated with task. Once containers pass healthcheck, front end is notified of host:port Front End updates configuration and reloads with new services. Service is now accessible to public network
  • 7. The Pillars of a Container Centric Infrastructure
  • 8. The path we have chosen. Gitlab Jenkins DTR Mesos Docker
  • 9. Gitlab ● Open source ● Close-enough mirror to the familiar (GitHub) ● Low barrier to entry for non-developers ● Existing integration into other “pillars” (Jenkins) ● Now comes in a handy dandy container ○ “ docker pull gitlab/gitlab-ce ” ○ https://hub.docker.com/r/gitlab/gitlab-ce/
  • 10. Jenkins ● Open Source ● Time tested solution ● Plug-ins galore ○ Docker ○ Mesos Cluster ○ Gitlab Webhooks ● No real constraints on architecture ○ No plugin? Use Bash! ● Blank slate for any project ● Windows Support
  • 11. Docker Trusted Registry ● Security Requirements ○ 100% on premise. ○ LDAP backed. ○ RBAC - v0 api available, use and integration capability growing. ■ https://docs.docker.com/docker-trusted-registry/api/ ○ One-click upgrade. ○ User friendly UI. ● Support Offerings ○ 24/7 support REQUIRED for use in a clinical care setting. ○ Guided install with staff on-site where needed
  • 12. Mesos ● Generic abstraction of resources. Useful to combine varied host systems (both physical and virtual). ● Caters well to an on prem solution. ● Slightly more mature in the cluster solution ecosystem. ○ Powered by Mesos Users - http://mesos.apache.org/documentation/latest/powered-by-mesos/ ● Large framework ecosystem; with lots of active development.
  • 14. Mesos (Cont…future) Mesos Windows Epic: https://issues.apache.org/jira/browse/MESOS-3094 Docker + Windows + Mesos = Match made in the clouds Screencast Demo: https://www.youtube.com/watch?v=dC2vitIh84M
  • 15. Docker (CE) ● Support Offerings ○ Touching on this again...24/7 support is REQUIRED when used in a clinical setting. ● Certified stable releases suitable for production use. ● Predictable release schedule for upgrade planning. ● Orchestration components are swappable...docker engine is not, and is the base requirement for everything.
  • 16.
  • 17. Final Form: Pluggable Infrastructure Pt. 1 ● Application container function should be independent of infrastructure design. ○ Container init script + environment or cluster seed script. ■ container init script variables are static ■ seed script populates container init script with cluster specific information. ■ Build server can inject seed script for environment (local dev vs cluster deployment)
  • 18. Example Init Script $VAR1 and $VAR2 can be set at container creation or ‘seeded’ via a script sourced as $ENVIRONMENT_INIT. The supplied script could hit a variety of endpoints for configuration information (consul, etcd, registrator, etc). If nothing is provided, it assumes the default value. This allows for init script to remain static, with only the sourced seed script changing per environment.
  • 19. Final Form: Pluggable Infrastructure Pt. 2 ● Infrastructure components in source control; and if at all possible built as containers themselves. ○ Apply standard ‘infrastructure as code’ methods. ■ Version Everything ■ Design tests and integrate with CI/CD
  • 20. Final Form: Pluggable Infrastructure Pt. 2 (Cont.) ● Components that may modify host configuration require some level of clean-up. e. g. anything that may require iptables. ○ trap SIGINT, SIGKILL etc. then perform action. ○ Does require some form of ‘init’ or process management. - supervisord, tini, monit etc ● Use of VRRP / Keepalived and deploying in pairs when services may be bound to a single point of failure (no DNS load balancing etc). ○ Provides incredibly simple IP failover. ○ Prerequisites for use: ■ sysctl - net.ipv4.ip_nonlocal_bind=1 ■ container run with host networking and cap NET_ADMIN ○ Added bonus of making it EXTREMELY easy to upgrade and switch services. ■ If upgrading: push new version to backup, then push to master.
  • 21.
  • 22.
  • 23.
  • 24.
  • 25.
  • 26.
  • 27.
  • 29. Example Keepalived Configuration Master Backup Description ● state - MASTER or BACKUP - Defines server role in the group. ● interface - The interface that keepalived will use for VRRP traffic and monitor by default. ● vrrp_unicast_bind - The ip in which vrrp should bind to. ● vrrp_unicast_peer - The bind ip of the other node in the group. ● virtual_router_id - Unique number between 1-255 that identifies the vrrp group. Multiple instances of vrrp can run at the same time on the same servers. ● priority - In scenarios with more than 2 nodes, priority will dictate the failover order with highest priority becoming the master. ● advert_int - Healthcheck interval (seconds) ● authentication - PASS (cleartext password) or AH (IPSEC Authorization Header). Password and method used by the nodes to validate each other. ● virtual_ipaddress - Virtual IP Address to be generated and interface it should be bound to. IPs in this block WILL be tracked by keepalived. Used for private network interface tracking. ● virtual_ipaddress_excluded - Virtual IP Address to be generated and interface it should be bound to. IPs in this block will NOT be tracked, but automatically failed over if an event would trigger a failure of IP(s) in the virtual_ipaddress block. Used for public facing IPs. ● track_interface - Interface adapters that should have their link state monitored for failover trigger.
  • 30.
  • 31. Future State Challenges ● Better Secret Management ○ Consul / Vault injection at runtime and seeded via ENVIRONMENT_INIT. ○ Mount secure volume ● Profiling containers for lxc capabilities + apparmor profiles ○ https://github.com/jfrazelle/bane ● Improve logging with logstash framework ○ https://github.com/mesos/logstash ● Notary integration into build pipeline.
  • 32.