Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Richard Boyd, Sr. Developer Advocate, AWS Code ServicesLuis Colon, Sr. Developer Advocate, AWS CloudFormation
April 20, 2020
Infrastructure as CodeAWS Solutions Best Practices
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
Infrastructure as Code (IaC): The Basics
IaC with AWS CloudFormation
Best Practices
AWS Cloud Development Kit (CDK)
Other IaC Tools
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as Code: The Basics
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Basics
Managing cloud applications involves managing the lifecycle of its resources:
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Basics
Managing cloud applications involves managing the lifecycle of its resources:
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Basics
Managing cloud applications involves managing the lifecycle of its resources:
AWS Cloud
VPC
10.0.0.0/16
Availability Zone 2
Availability Zone 1
Auto Scaling group
Auto Scaling group
Amazon EC2 Auto Scaling
NAT Gateway
NAT Gateway
EC2Instance
EC2Instance
EC2Instance
EC2Instance
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
AWS Management Console
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
AWS Management Console
AWS Command Line Interface
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
AWS Management Console
AWS Command Line Interface
AWS Tools & Software Development Kits
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Resources
The building blocks, or components of cloud applications
Several options to manage your resource’s lifecycle:
AWS Management Console
AWS Command Line Interface
AWS Tools & Software Development Kits
AWS CloudFormation
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as CodeWith AWS CloudFormation
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as Code
AWSTemplateFormatVersion: "2010-09-09"Description: A CodeCommit Repo and Cloud9 EnvironmentResources:MyRepo:Type: "AWS::CodeCommit::Repository"Properties:
RepositoryName: MyRepoRepositoryDescription: Sample Repository for Demo
MyC9Environment:Type: "AWS::Cloud9::EnvironmentEC2"Properties:
Repositories:- PathComponent: /cfnRepositoryUrl: !GetAtt MyRepo.CloneUrlHttp
InstanceType: t2.micro
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
Code your template1
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
Code your template1 Upload, test,
review changes2
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
Code your template1 Upload, test,
review changes2 A stack is created by executing the changes
3
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormation
The code template describes the intended state of your resources
CloudFormation translates the intention to API calls
Code your template1 Upload, test,
review changes2 A stack is created by executing the changes
3 Manage many stacks and stack sets over time
4
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS CloudFormationBest Practices
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
TemplateDescribes resources, attributes, dependencies and their intended state
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
Template Change SetDescribes resources, attributes, dependencies and their intended state
Describes an execution plan to implement the intended state of a stack’s resources
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
Template Change Set StackDescribes resources, attributes, dependencies and their intended state
Describes an execution plan to implement the intended state of a stack’s resources
A group of resources and their intended states
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Best Practices: Core Artifacts
Template Change Set Stack StackSetDescribes resources, attributes, dependencies and their intended state
Describes an execution plan to implement the intended state of a stack’s resources
A group of resources and their intended states
A group of stack instances across accounts and regions
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Templates
AWSTemplateFormatVersion: "2010-09-09"Description: A CodeCommit Repo and Cloud9 EnvironmentResources:
MyRepo:Type: "AWS::CodeCommit::Repository"Properties:
RepositoryName: MyRepoRepositoryDescription: Sample Repository for Demo
## Once a repo is created, tie the Cloud9 EC2 Instance to ## the repository automatically
MyC9Environment:Type: "AWS::Cloud9::EnvironmentEC2"Properties:
Repositories:- PathComponent: /cfn
RepositoryUrl: !GetAtt MyRepo.CloneUrlHttpInstanceType: t2.micro
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Templates
AWSTemplateFormatVersion: "2010-09-09"Description: A CodeCommit Repo and Cloud9 EnvironmentResources:
MyRepo:Type: "AWS::CodeCommit::Repository"Properties:
RepositoryName: MyRepoRepositoryDescription: Sample Repository for Demo
## Once a repo is created, tie the Cloud9 EC2 Instance to ## the repository automatically
MyC9Environment:Type: "AWS::Cloud9::EnvironmentEC2"Properties:
Repositories:- PathComponent: /cfn
RepositoryUrl: !GetAtt MyRepo.CloneUrlHttpInstanceType: t2.micro
• Over 500 types of resources, or create your own
• SAM, Macros, Includes• YAML/JSON• YAML comments• cfn-flip• Smaller templates
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Templates
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Templates
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Change Sets
Original Stack/Template
Change Set AWS CloudFormationupdates your stack
Change Set
1. Create change set
2. View/accept change set
4. Execute change set
3. (optional) Create additionalchange sets
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Stacks
Layer your applicationExtract configuration
Resources:MyRDSDB:
Type: "AWS::RDS::DBInstance"Properties:
DBInstanceClass: db.t2.mediumAllocatedStorage: ’20’Engine: mariadbEngineVersion: ’10.2’MasterUsername: appadminMasterUserPassword:
‘{{resolve:ssm-secure:ssbRDSmEcntl:1}}'
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
StackSets
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as CodeWith AWS Cloud Development Kit
(CDK)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK
Model infrastructure as reusable components
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK
Multi-languageFramework
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Main Components
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Main Components
AutoScaling
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Main Components
AutoScaling
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Main Components
AutoScaling
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Sample Code
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Sample Code
AWSTemplateFormatVersion: "2010-09-09"Description: A CodeCommit Repo and Cloud9 EnvironmentResources:
MyRepo:Type: "AWS::CodeCommit::Repository"Properties:
RepositoryName: MyRepoRepositoryDescription: Sample Repository for Demo
MyC9Environment:Type: "AWS::Cloud9::EnvironmentEC2"Properties:
Repositories:- PathComponent: /cfn
RepositoryUrl: !GetAtt MyRepo.CloneUrlHttpInstanceType: t2.micro
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
L1 constructs – all resources in CloudFormation specification
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
L1 constructs – all resources in CloudFormation specification
L2 constructs – higher-level abstractions with sensible defaults
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
L1 constructs – all resources in CloudFormation specification
L2 constructs – higher-level abstractions with sensible defaults
L3 constructs – opinionated reference architectures and design
patterns using multiple AWS services
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
CDK Constructs
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Infrastructure as Code: Additional Tooling Options
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWS Native Options
AWS CloudFormation
AWS Cloud Development Kit (CDK)
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Additional AWS Options
AWS OpsWorks
AWS Service Catalog
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Third Party Options
TerraformChefPuppetAnsibleSaltStackPulumi…many more
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Summary
Infrastructure as Code (IaC) makes managing cloud applications and their resources more repeatable, safer
AWS provides multiple options for IaC, including CloudFormation and CDK
IaC best practices apply across AWS and non-AWS tools
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
More Information
AWS Site and Documentation https://aws.amazon.com/cloudformation/https://docs.aws.amazon.com/cloudformation/index.htmlhttps://aws.amazon.com/cdk/
AWS Open Source Resources
https://github.com/awshttps://github.com/aws/aws-cdkhttps://github.com/awslabs/aws-cloudformation-templateshttps://github.com/aws-cloudformation/cfn-python-linthttps://github.com/aws-cloudformation/cloudformation-cli
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Q&A
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Richard Boyd, Sr. Developer Advocate, AWS Code ServicesLuis Colon, Sr. Developer Advocate, AWS CloudFormation
April 20, 2020
Thank You!