D e vO p s

THE PLATFORM MANIFESTOArchitectural Imperatives for platform

automation and continuous delivery pipelines

INFRASTRUCTURE

2

Security

3

10.1.50.0/24

dnsipamldapad

monitoringlog aggregationmirrorsrepositoriesorchestration

SAN N

ASvirtual machines (os, configuration, code deployment)containersservice(s)

Load Balancing Proxies Firewalls

THE PLATFORM

virtualizationvmwarehyper-vawsdockercloudfoundrybare metal

Product X

THERE IS ONE PLATFORM NOT A COLLECTION OF PLATFORMSEvery difference between production and preproduction environments introduces risk

4

D e vO p s

THE DESIRED STATE OF THE PLATFORM MUST BE A KNOWN QUANTITYMust know every dependency, configuration, communication, required package, infrastructure, etc

5

D e vO p s

THE KNOWN QUANTITY MUST BE MACHINE PARSEABLEThe manner in which the desired state is documented must be readable by the tools that create and test the actual state

6

D e vO p s

THE ONLY AUTHORITATIVE SOURCE FOR THE STATE OF THE PLATFORM IS THE PLATFORMNot desired state documentation, not proxies, not knowledge or belief

7

D e vO p s

THE ACTUAL STATE OF THE PLATFORM MUST SELF-CORRECT TO THE DESIRED STATEContinuous testing to compare desired state to actual state and then correct

8

D e vO p s

THE ENTIRE PLATFORM MUST BE DEPLOYABLE USING SOURCE MEDIA AND TEXT FILESEverything is reduced to source or artifact repositories

9

D e vO p s

INFRASTRUCTURE ELEMENTS TO CONSIDER

Defined Networks or VLANs (routing) IPAM Provision/Configure of Virtual Machines Load Balancing SAN or NAS Storage access and rights External Services (akamai, google) Proxies Monitoring Log Aggregation

10

D e vO p s

INFRASTRUCTURE ELEMENTS TO CONSIDER

Authentication (AD-Windows Group Policy, ldap) Name Resolution (internal and external) Package/ISO Management (mirrors) Artifact Management Security implementation (Firewalls, hardware or software) Recurring Patch Management (security) Automation Orchestration

11

D e vO p s

AUTOMATION*Remember - it’s CODE

12

AUTOMATION TO BUILD, TEST, AND OPERATE THE PLATFORM

Keep disparity between environments to absolute minimum Conventions over Configuration Test over Inspect Avoid manual data transfers and data stores maintained manually Author solutions you would buy Do not improve manual processes - automate them Keep disparity between environments to absolute minimum

13

D e vO p s

SOFTWARE OR TOOLS INCORPORATED INTO PLATFORM

Small tools that interoperate well, over one "do everything poorly" product Must authenticate and authorize from configurable, external source Only products that implement an API API not restricted to one language API includes functional examples and does not require an expert to use Product configurations are machine readable and configurable Data stored in product is accessible Does not require installation on bare metal

14

D e vO p s

Portions adapted from the jameswhite manifesto

email: nic.cheneweth@thoughtworks.com

THANK YOU