AWS Getting Started with DevOps on AWS

https://explore.skillbuilder.aws/learn/course/internal/view/elearning/2000/getting-started-with-devops-on-aws

[Self-paced digital training on AWS - AWS Skill Builder

explore.skillbuilder.aws](https://explore.skillbuilder.aws/learn/course/internal/view/elearning/2000/getting-started-with-devops-on-aws)

요약

아래 질문 또는 설명에 대한 대답을 할 수 있어야함

• Describe challenges associated with traditional software development practices.
• List the benefits of implementing DevOps.
• Discuss the challenges involved in adopting a DevOps culture and describe possible solutions.
• Identify automation opportunities in developing and maintaining applications.
• Describe the benefits of decoupling services or components.
• Define observability and describe its importance to DevOps.
• Explain why security is important in every phase of the pipeline.
• Explain how AWS integrates with third-party tools for automated code delivery and deployments

 

 

---

수업 목표

• Describe challenges associated with traditional software development practices.
• List the benefits of implementing DevOps.

What is DevOps?

DevOps is the combination of cultural philosophies, practices, and tools that increases an organization’s ability to deliver applications and services at high velocity: evolving and improving products at a faster pace than organizations using traditional software development and infrastructure management processes. This speed enables organizations to better serve their customers and compete more effectively in the market.

-> Customer를 위한 빠른 서비스 제공을 위한 방법, 철학, 도구의 조합으로 소프트웨어를 이용해서 달성할 수 있음

DevOps has below things

• Cultural philosophies for removing barriers and sharing end-to-end responsibility
• Processes developed for speed and quality, that streamline the way people work
• Tools that align with processes and automate repeatable tasks, making the release process more efficient and the application more reliable

-> 책임은 모두의 것, 조직간의 장애물을 없앰
-> 툴을 이용하여 예측 가능한 결과물들과 반복 가능한 프로세스를 만드는 것

Problems with Traditional Development Practices

Waterfall development projects are slow, not iterative, resistant to change, and have long release cycles.

• Requirements are rigid, set at project start, and will likely not change.
• Development phases are siloed, each starting after the previous phase has ended. Each phase is supported by highly specialized teams.
• Hand offs from one phase to the other are long, often requiring teams to switch tools and spend time clarifying incomplete or ambiguous information.
• Testing and security come after implementation, making corrective actions responsive and expensive.

-> 느림, 변화가 어려움, 릴리스 주기가 김
-> 단계 마다 사일로 되어 있음 (책임은 해당 단계를 맡은 팀의 것)

Monolithic applications are hard to update and deploy because they:

• Are developed and deployed as a unit, so when changes are made, the entire application must be redeployed
• Have tightly coupled functionality, so if the application is large enough, maintenance becomes an issue because developers have a hard time understanding the entire application
• Are implemented using a single development stack, so changing technology is difficult and costly

-> 하나의 단위로 개발되어 있어 작은 부분 수정이 일어나도 전체가 다시 배포되어야 함
-> 하나의 부분적인 파악으로는 운영하기 힘듦
-> 단일 기술로 사용되었기 때문에 기술부채를 해결하기 힘듦

프로세스는 느리고
변화는 어려우며
책임은 전가하기 바쁘고
테스트도 어렵고
오랫동안 기술부채가 쌓일 수 있음

Why DevOps?

DevOps를 도입한 팀에서 얻을 수 있다고 나온 것들

• Agility
• Rapid delivery
• Reliabilty
• Scale
• Improved collaboration
• Security

 

---

수업 목표

• Discuss the challenges involved in adopting a DevOps culture and describe possible solutions.
• Identify automation opportunities in developing and maintaining applications.
• Describe the benefits of decoupling services or components.
• Define observability and describe its importance to DevOps.
• Explain why security is important in every phase of the pipeline.
• Explain how AWS integrates with third-party tools for automated code delivery and deployments

-> DevOps를 적용하기 위한 장애물과 방법은 무엇이 있을까

DevOps Culture

seven core principles

1. Create a highly collaborative environment
   DevOps brings together development and operations to break down silos, align goals, and deliver on common objectives. The whole team (development, testing, security, operations, and others) has end-to-end ownership for the software they release. They work together to optimize the productivity of developers and the reliability of operations. Teams learn from each other's experiences, listen to concerns and perspectives, and streamline their processes to achieve the required results.

This increased visibility enables processes to be unified and continuously improved to deliver on business goals. The collaboration also creates a high-trust culture that values the efforts of each team member, and transfers knowledge and best practices across teams and the organization.

-> 사일로를 없애고, 조직 간의 고립을 없애고 공통된 목표를 달성하자는 마인드셋
협업은 각 팀원의 노력을 중시하고 조직 전체에 지식 또는 베스트 프랙티스를 공유하려는 문화 형성

2. Automate when possible
   With DevOps, repeatable tasks are automated, enabling teams to focus on innovation. Automation provides the means to rapid development, testing, and deployment. Identify automation opportunities at every phase, such as code integrations, reviews, testing, security, deployments, and monitoring, using the right tools and services.

For example, infrastructure-as-code (IaC) can be used for predefined or approved environments, and versioned so that repeatable and consistent environments are built. You can also define regulatory checks and incorporate them in test that continuously run as part of your release pipeline.

-> 반복가능한 작업을 자동화하여 서비스에만 집중할 수 있게 함

3. Focus on customer needs
   A customer first mindset is a key factor in driving development. For example, with feedback loops DevOps teams stay in-touch with their customer and develop software that meets the customer needs. With a microservices architecture, they are able to quickly switch direction and align their efforts to those needs.

Streamlined processes and automation deliver requested updates faster and keep customer satisfaction high. Monitoring helps teams determine the success of their application and continuously align their customer focused efforts.

-> 중요한 것은 고객중심의 개발로, DevOps 문화, MSA를 통해 요구사항을 빠르게 적용할 수 있음

4. Develop small and release often
   Applications are no longer being developed as one monolithic system with rigid development, testing, and deployment practices. Application architectures are designed with smaller, loosely coupled components. Overarching policies (such as backward compatibility, or change management) are in place and provide governance to development efforts. Teams are organized to match the required system architecture. They have a sense of ownership for their efforts.

Adopting modern development practices, such as small and frequent code releases, gives teams the agility they need to be responsive to customer needs and business objectives.

-> 작게 자주 릴리스해서 비즈니스 목표에 신속하게 대응

5. Include security at every phase
   To support continuous delivery, security must be iterative, incremental, automated, and in every phase of the application lifecycle, instead of something that is done before a release. Educate the development and operations teams to embed security into each step of the application lifecycle. This way, you can identify and resolve potential vulnerabilities before they become major issues and are more expensive to fix.

For example, you can include security testing to scan for hard-coded access keys, or usage of restricted ports.

-> 모든 단계에는 보안성이 있어야함

6. Continuously experiment and learn
   Inquiry, innovation, learning, and mentoring are encouraged and incorporated into DevOps processes. Teams are innovative and their progress is monitored. With innovation, failure will happen. Leadership accepts failure and teams are encouraged to see failure as a learning opportunity.

For example, teams use DevOps tools to spin-up environments on demand, enabling them to experiment and innovate, perhaps on the use of new technology to support a customer requirement.

-> DevOps 프로세스는 꾸준한 학습, 혁신, 멘토링이 장려되는 문화로 많이 실패하고 배우는 것이 좋음

7. Continuously improve
   Thoughtful metrics help teams monitor their progress, evaluate their processes and tools, and work toward common goals and continuous improvement. For example, teams strive to improve development performance measures such as throughput.

They also strive to increase stability and reduce the mean time to restore service. Using the right monitoring tools, you can set application benchmarks for usual behaviors, and continuously monitor for variations.

-> 지표를 설정하여 DevOps 파이프라인, 프로세스를 평가하고 공통된 목표를 위한 개선사항을 발견함
여러 지표를 설정하여 개선해나감

DevOps Practice

Six Categories

1. Communication and collaboration
   DevOps teams set strong cultural norms around transparency of information and communication. These cross-functional teams have ownership and thus, instead of evaluating just their work, they consider the project needs collectively. They build empathy for each other’s efforts, partnerships, and trust, while collaborating towards common goals. They physically bring together traditional development and operations workflows and systematically improve productivity.

DevOps tools and automation of the delivery process, support these consolidated processes and workflows, coordinate efforts, automate repetitive tasks, and facilitate feedback loops required in good communication and collaboration.

-> 유관 부서와 공통된 목표를 가지고 협력하며 서로의 노력을 인정하고 신뢰를 형성함
DevOps의 도구와 프로세스 정립은 반복적인 작업을 자동화, 원활한 의사소통, 협업에 필요한 피드백 루프를 용이하게 만듦

2. Monitoring and observability
   Monitoring and observability are used to assess how effective changes to the application and infrastructure are, and how they impact performance and overall user experience. Part of DevOps feedback loops, monitoring and observability help teams react, learn, plan, and improve.

An observable system is a system that generates enough data from all resources, applications, and services in the form of logs, metrics, and traces to gain system-wide operational visibility. Logs report on discrete events, such as warnings. Metrics capture health and performance information, such as request rate or response time. Traces report on transactions and the flow of data across a distributed system, such as one comprised of microservices.

By observing a system, you can draw concise inferences about why something is happening.

Monitoring tells you what is happening with your system. By consolidating and visualizing data gathered by an observable system over time, teams gain insight on performance, identify trends, can set alarms, and make predictions on expected outcomes.

-> 로그, 메트릭, 트레이스를 생성하여 시스템 전반적인 가시성을 확보함
로그는 경고와 같은 개별 이벤트
메트릭은 요청 속도, 응답 시간과 같은 성능 정보
트레이스는 MSA와 같은 분산 시스템에서의 트랜잭션과 데이터 흐름을 파악

모니터링을 통해 시스템의 상태와 방향, 어떻게 나아가야할 지를 파악할 수 있음

3. Continuous integration (CI)
   Continuous integration is a DevOps software development practice where developers regularly merge their code changes into a central repository, after which automated builds and tests are run. This way, teams can resolve merging issues and code defects early, when they are easier and more cost effective to resolve.

Continuous integration most often refers to the build or integration stage of the software release process. It requires both an automation component (for example, a CI or build service) and a cultural component (for example, learning to integrate frequently). The key goals of continuous integration are to find and address bugs quicker, improve software quality, and reduce the time it takes to validate and release new software updates.

-> 개발자가 코드 변경을 하게 되면 정기적으로 병합하고 자동화 된 빌드 후 테스트를 진행함
조기에 문제를 발견할 수 있음
서비스 품질 개선 및 릴리스 주기 단축

4. Continuous delivery/continuous deployment (CD)
   Continuous delivery is a software development practice where every code change is automatically built, tested, and then deployed to a non-production testing or staging environment. Manual approval is required before pushing to production. When properly implemented, developers will always have a deployment-ready build artifact that has passed through a standardized test process.

Continuous deployment is similar to continuous delivery, but with automatic deployment to production. Tested code does not need an explicit approval before being pushed to production.

-> 지속적인 배포는 실제로 라이브, 프로덕션환경에 배포하는 것을 말함

5. Microservices architecture
   –
   A microservices architecture, is a design approach that builds an application as a set of loosely coupled services. Each service is designed for a set of capabilities and focuses on solving a specific business problem. Services do not need to share any of their code or implementation with other services. Any communication between individual components happens via well-defined APIs. These services can be assigned to fully accountable teams, and be developed, tested, an deployed independently of other services.

According to research from DevOps Research and Assessment (DORA), the type of architecture the team settles on, is a direct predictor of how successful they will be with achieving continuous delivery. The nature of microservices supports faster development, updates and corrections, and quicker deployments.

-> 각 서비스는 특정 문제를 해결하기 위해 만들어졌고 각 서비스들은 느슨하게 결합되어 있음
다른 서비스와 별개로 통합, 개발, 테스트, 배포가 이루어짐

6. Infrastructure as code
   Development, testing, and production run on complex environments comprised of hardware and software. Manually spinning up and setting environments does not scale and is error prone.

Infrastructure as code (IaC) is a practice in which infrastructure is provisioned and managed using code and software development techniques, such as version control and continuous integration.

The cloud’s API-driven model enables developers and system administrators to interact with infrastructure programmatically, and at scale, instead of needing to manually set up and configure resources. Because environments are defined by code, they can quickly be deployed with dynamically enforced compliance, updated with the latest patches, rolled back to a previous version, or duplicated in repeatable ways. Also, by reacting to environment changes through modification to this code, you can track changes, optimize resources, and improve system uptime.

-> 인프라를 지속적으로 버전 제어를 함으로써 반복 가능한 인프라 구성을 얻게 되며 인프라에 대한 히스토리 파악 가능

DevOps Tools

Six Categories

1. Cloud
   Development teams need to quickly innovate and deliver reliable and secure applications. Teams rely on cloud platform providers and cloud computing resources for an array of technologies to support application development efforts. Instead of buying, owning, and maintaining physical data centers and servers, teams provision environments on demand, using cloud providers like AWS.

-> AWS 와 같은 CSP로부터 서비스를 제공받고 지원을 받을 수 있음

2. Development
   DevOps teams need to continuously collaborate with their team members. There are several tools that help teams develop and deliver faster. Integrated development environments (IDEs) help you write, run, and debug code for your applications. Software development kits (SDKs) are sets of tools that allow programmers to develop applications for a specific platform. Source code repositories, or version control systems, store the files of your project.

As needed, you can access your documents and code, see revision history, compare changes over time, or revert to previous versions.

Examples:

IDEs: AWS Cloud9, IntelliJ, Eclipse, Visual Studio Code
SDKs: AWS SDK for Java, iPhone SDK
Source code repositories: GitHub, AWS CodeCommit

-> 코드 작성, 실행 및 디버깅, 빌드 툴, 소스 레포지토리 등
필요에 따라 버전 변경이 가능하고 히스토리 파악이 가능해야함

3. CI/CD
   Practices such as continuous testing, continuous integration (CI), and continuous delivery/deployment (CD) are supported by tools that bring seamless continuity in all the development phases. CI/CD tools automate continuously integrated code that teams develop, check compliance with standards, run testing more frequently, promote code to different test environments, and deploy products to the infrastructure, repeatedly and reliably.

CI/CD tools should help bring agility to the application development and deployment processes, while continuously providing feedback and alerting appropriate teams of any issues.

Examples:

Build tools: Jenkins, Travis CI, AWS CodeBuild
Source control tools, repositories: Git, AWS CodeCommit
Deployment tools: AWS CodeDeploy, AWS CloudFormation
Pipeline automation tools: AWS CodePipeline, Jenkins, GitLab

-> 애플리케이션 개발 및 배포 프로세스에 민첩성, 빠른 속도로 수행함과 동시에 지속적으로 피드백을 주어 문제가 있는 적절한 팀에 알럿

4. Infrastructure automation
   Programmatically define your infrastructure, including constraints, to repeatedly and consistently provision your environments (development sandboxes, testing, staging, production).

Using templates, you can deploy compute services, permissions, dependencies, and more. You can configure rules and automate remediation.

Examples:

Infrastructure automation tools: AWS CloudFormation, Terraform, AWS Elastic Beanstalk
Configuration management tools: Chef, Puppet, AWS OpsWorks

-> 인프라를 코드로 관리하여 일관된 결과, 반복가능한 인프라를 구성함
인프라에 대한 규칙, 권한, 종속성들을 파악하고 자동화할 수 있음

5. Containers and serverless
   Containers and serverless compute services enable the developers to focus on applications, and not on the details of the host environment.

Containers package code, configuration settings, and dependencies needed to run the application. This way, the application is portable and can run on any server. Containers are similar to virtual machines, but more lightweight because they are virtualized at the operating system (OS) level. Containers run anything from microservices to legacy large applications. They streamline the way you build, test, and deploy applications to multiple environments.

They make the deployed application more secure because security policies can be implemented at the container level. Containers however, require container orchestration for managing or scheduling the work of individual containers.
Serverless compute services are services that allow you to build and run code, and let the infrastructure overhead be managed by the service's cloud provider, like AWS.
Examples:

Serverless services: AWS Lambda, AWS Fargate
Container services:
Runtimes: Docker, Containerd
Orchestration: Amazon Elastic Container Service (Amazon ECS), Kubernetes, Amazon Elastic Kubernetes Service (Amazon EKS)

-> 컨테이너와 서버리스 컴퓨팅으로는 인프라에 대한 걱정 없이 애플리케이션에 대해서만 집중 가능한 환경을 만들 수 있음

6. Monitoring and observability

Monitoring and observability are key aspects of DevOps, helping you be proactive in preventing challenges before they occur. With tools, you can collect metrics on the health and performance of your application. You can capture deployment frequency, identify successful or failed deployments, application usage traffic, and more.

Tools can help you trace end-to-end request and transaction flows through a distributed system. With tools, you can visualize and analyze logs, metrics, and traces to uncover new insights on the health, performance, and availability of your system. With insight you can streamline your processes, improve system performance, and reduce downtime.

Examples: AWS X-Ray, Amazon CloudWatch, AWS Config, AWS CloudTrail

-> 문제가 발생하기 전에 예방할 수 있음
전체적인 시스템에 대한 로그, 메트릭, 트레이스로 파악하여 인사이트 발견 가능

 

---

AWS DevOps Pipeline