DevOps in the serverless era
Live address: 0 Basic advanced serverless master class - the best way to open DevOps in the serverless era
This article will introduce the best way to open DevOps in the serverless era through three parts:
•Ÿ Brief Analysis of DevOps
•Ÿ Brief Analysis of Serverless and Changes of DevOps in Serverless Era
•Ÿ Best Practices of DevOps in the Serverless Era
1.【DevOps in the serverless era】 Brief Analysis of DevOps
In the traditional software development process, development and operation and maintenance are two extremely divided links. Operation and maintenance does not care about how the code works, while development does not know how the code runs on the server. The rapid development of Internet companies often requires quick changes to meet the differentiated needs of users, or to respond to competing product strategies that require rapid product iteration and agile development through small steps and fast runs. For scenes that are posted N times a week or even a day, an efficient writing culture is very important. DevOps came into being in this situation.
DevOps breaks down the barriers between developers and operators, it values the culture, movement or practice of communication and cooperation between software developers i.e. Dev and IT operations technicians i.e. Ops. Build, test, and release software faster, more frequently, and more reliably by automating the processes of "software delivery" and "architectural changes." Additionally, it includes the entire software build lifecycle, including integration, testing, release and deployment, and management of infrastructure.
【DevOps in the serverless era】The job responsibilities of a DevOps engineer are mainly divided into three areas:
•Ÿ Manage the application life cycle (requirements, design, development, QA, release and operation);
•Ÿ Focus on improving process efficiency, digging bottlenecks and solving them;
•Ÿ Solve problems through standardized, automated, and platform-based tools.
The core focus of engineers is to shorten development cycles, increase deployment efficiency, and release more reliably. By introducing the concept of DevOps into the development process of the whole system, it can significantly improve the development efficiency of software and shorten the delivery cycle of software, which is more suitable for today's rapidly developing Internet era.
【DevOps in the serverless era】Brief Analysis of Serverless and Changes of DevOps in the Serverless Era
What changes does Serverless bring to the DevOps experience? As shown in the figure below, traditional application components need to go through the resource preparation stage, the R&D deployment stage, and the operation and maintenance stage; however, the process of building serverless applications is much simplified. In the resource preparation stage, there is no need to prepare resources at all. There is no need to create a specific cluster. In the research and development stage, you only need to deploy the business. Other functions such as monitoring, log warning, etc. are provided by the platform out of the box; the operation stage is also free of operation and maintenance, and users do not need to pay attention. Users only need to focus on the core business.
The overall SAE solution is actually a relatively standard system architecture for Internet companies. The bottom-up package of the entire architecture is divided into several levels.
The first is the gateway layer, which usually completes a series of return strategies such as sound network routing and traffic forwarding; the second is the business system, such as e-commerce, logistics, etc., there are reverse transactions and so on. Some core business logic is in the business system. This business system often uses a relatively mainstream microservice framework like Java. Since there are microservices, a corresponding registration center and configuration center are needed for auxiliary discovery and configuration management. In a relatively large e-commerce system, measures such as current limiting, downgrading, and circuit breakers are used to deal with the surge in traffic. There are also some stress-testing chaos platforms to guarantee the overall possibility.
There are two ways to deploy the underlying applications. One is traditional deployment, which is deployed to ECS; Kubernetes is also deployed on ECS.
The above are the components of the theme, and some release systems of Huayou are next to it, that is, how to deploy the source code to the mirror and then to the entire cluster for deployment. There are also monitoring bidding service governance and so on. These are actually a large system, more standard features.
The figure below is a relatively standard e-commerce system architecture. When applied to SAE, we can see that users only need to pay attention to the development of the core business system, and the rest are the corresponding solutions of SAE.
The first is the gateway layer. The gateway layer is the gateway function provided by Alibaba Cloud, which is actually an out-of-the-box microservice gateway. For the framework of these microservices, we also provide MSE/PTS and AHAS microservice events. MSE is a microservice gateway and the governance function of microservices, PTS is a stress measurement component, and AHAS is a current limiting and degrading component.
The following Kubernetes and IaaS take care of the characteristics of the SAE solution and do not require user attention. The cloud effect on the left is a commercialized CSC platform of Alibaba Cloud. Jenkins is a relatively mainstream self-built CSC platform in the industry; CloudTookit is a plug-in provided by Alibaba Cloud, which can manage and control the whole life cycle.
On the right side are real-time monitoring, alarming, service governance, etc., which can be used through the observable platforms provided by Alibaba Cloud, such as ARMS/SLS/cloud monitoring and Prometheus and other series of out-of-the-box components provided by Alibaba Cloud.
SAE builds an efficient closed-loop DevOps system and applies the entire process of development, deployment, and operation and maintenance. Medium and large enterprises often use enterprise-level CICD tools/products to realize the full-link process from source code to image to deployment. Individual developers prefer to use lightweight one-click deployment plug-ins, such as the above -mentioned CloudTookit /Maven-plugin plug-ins. Deploying applications directly to SAE is easy, whether through enterprise tools or developer tools. Their specific process is actually to call the Open API provided by SAE, and then more friendly to upgrade the interface and corresponding configuration on these consoles to the product.
Ops provides one-stop life cycle management, such as common operations: creating applications, deploying applications, starting applications, stopping applications, and scaling, etc., and SAE provides out-of-the-box functions.
At the same time, SAE also provides some very core out-of-the-box advanced functions, such as high-availability operation and maintenance, which provides service governance, performance stress testing, and current limiting and degradation. Application diagnostics, you can check whether there are potential problems with the application or what abnormal behaviors currently exist.
Through the above-mentioned automated CICD and the core features of one-click local deployment to the cloud and visualized intelligent operation and maintenance, an efficient closed-loop DevOps system is built.
3. DevOps Best Practices in the Serverless Era
Deployment State Best Practices: CICD
There are many ways to deploy SAE. It supports Java mainstream microservice frameworks, such as Spring Cloud/ dubbo /HSF, etc., which can be deployed through War.jar. There are also multi-language applications, such as PHP/Python and so on. At the same time, it also supports image deployment, and provides diversified capabilities in the future.
In addition to direct deployment through the console, it also supports local deployment, cloud deployment and self-built deployment. Local deployment is through the CloudTookit plug-in, which can be directly deployed to SAE with one click. Cloud Effect is an enterprise-level CICD platform, and it is also perfectly integrated with SAE. Cloud Effect can pull the corresponding code from the code base, and then perform configurable code inspection or substitute testing. Then perform pre-operation, and then compile and build the code, which will produce specific products. Jenkins is also deployed to SAE in the same way.
[Please click on the video to watch the actual operation process]
Deployment Best Practices: One-click Start and Stop
A start-stop is mainly suitable for medium and large enterprises with multiple environments, such as development environment, test environment, online environment and so on. These test environments are often not used at night, and long-term retention of application instances will cause idle waste of resources. Therefore, SAE provides a start-stop function, which can save up to two-thirds of the overall cost. In addition, for example, traditional enterprises such as banks have specific commuting practices, and there is basically no traffic at other times, which becomes predictable. In this case, the one-key start-stop function can be used to start or stop in batches concrete application.
Deployment Best Practices: Three Axes for Application Publishing
The deployment state integrates the three strategies of application release with Alibaba Cloud's internal practices, which can be grayscale, monitorable, and rollback. With the help of Alibaba Cloud's best practices, it can be fully input into the design of SAE's entire product.
Ÿ Can be grayscale, it supports single batch, batch, canary and other publishing strategies; supports multiple publishing options such as stray grayscale, automatic/manual publishing between batches, batch interval, etc.
Monitorable refers to the clear comparison of changes in basic monitoring and application monitoring indicators in different batches during the release process, timely exposure of problems, and positioning of disguised risks.
Ÿ It can be rolled back, which means that it allows manual intervention to control the release traffic: abnormal abort, one-click rollback.
Deployment Best Practices: Canary Releases
A canary release has multiple versions in the release process: a grayscale version and a normal version. In the deployment state, the primary key of the grayscale version is expanded to completely replace the online version. By providing the canary publishing function, you can continuously control the traffic percentage. At the same time, a very fine-grained grayscale strategy is provided, for example, specific grayscale execution behavior can be performed by accessing parameters.
Deployment Best Practices: Omnidirectional Observation
Omnidirectional observability means that any changes in the distributed system can be observed. When there is a problem with the system, it is very convenient to locate the problem, troubleshoot and analyze the problem. And when the system is running smoothly, it is also possible to assess possible problems with risk prediction in advance.
Observability is divided into three aspects, Metrics/Tracing/Logging, which supports a lot of subdivision features. For example, Metrics provides basic monitoring, application monitoring, and monitoring alerts. Logging provides real-time logs, file logs and events. Tracing provides request call chain stack query, automatic discovery of application topology, indicator drill-down analysis of common scenarios, transaction snapshot query and abnormal transaction and slow transaction capture.
Deployment Best Practices: Online Debugging
Online debugging can directly access a specific instance of an application in the cloud locally. The principle is to provide port mapping for this target instance, and then use this capability to install open SSH to achieve SSH remote login, or SFTP upload and download functions.
Deployment Best Practices: Permission Isolation
For permission isolation, please refer to the application case on the left side of the figure below.
In the case of the above case, enterprise A is the owner of SAE resources, enterprise B is the actual user of resources, and B has operation permissions, such as application publishing, application control, automatic elasticity, and so on. At the same time, enterprise A hopes that enterprise B does not need any authority change when there are employee changes in enterprise B, and when the cooperation between A and B is terminated, A can completely revoke the authorization of B.
The above is a typical case that requires the permission configuration function. SAE integrates the RAM of Alibaba Cloud, and realizes the configuration of access permissions at the closed space bar level and application level, or can realize the configuration of permissions for a certain person or a group of people.
Deployment Best Practices: Device-Cloud Joint Commissioning
For microservice scenarios, local development joint debugging provides the capability of device-cloud joint debugging. Device-cloud joint debugging is a function in the test phase, which can realize the intermodulation of local and cloud applications. It can implement service subscription based on the CouldTookit plug-in and springboard and register with the registry built in the cloud SAE, so that the local service can be intermodulated with the cloud service.
Its principle is that a SEA application on the cloud can create a new ECS proxy server in the same VPC. Because the VPC is owned by the user, the user needs to build the proxy server by himself. Through the ECS proxy server springboard, the CloudTookit plug-in will be connected to ECS, and then forwarded to SAE through ECS to realize the function of device-cloud joint debugging. At the same time, CloudTookit will input the address of the registration center in the context of the microservice without inductive input, and then use this plug-in and this springboard to achieve this.
Copyright statement: The content of this article is contributed by Alibaba Cloud's real-name registered users. The copyright belongs to the original author. The Alibaba Cloud developer community does not own the copyright and does not assume the corresponding legal responsibility. For specific rules, please refer to the " Alibaba Cloud Developer Community User Service Agreement " and " Alibaba Cloud Developer Community Intellectual Property Protection Guidelines ". If you find any content suspected of plagiarism in this community, fill out the infringement complaint form to report it. Once verified, this community will delete the allegedly infringing content immediately.
Knowledge Base Team
Knowledge Base Team
Knowledge Base Team
Knowledge Base Team
Explore More Special Offers
50,000 email package starts as low as USD 1.99, 120 short messages start at only USD 1.00