Uchit Vyas ☁, profile picture
Uploaded byUchit Vyas ☁
496 views

Scaling with Automation

Uchit Vyas from Opex Software discusses IT automation at the 2016 summit, focusing on scaling SaaS applications using technologies like Chef, Packer, and Terraform. He emphasizes the importance of speed, correctness, and security in automating IT processes while onboarding customers quickly and maintaining lead over competition. Vyas also presents implementation strategies for cloud infrastructure and highlights challenges in integrating various applications within a DevOps framework.

Embed presentation

Location : Bangalore Date : 27th April, 2016 Name of the Speaker : Uchit Vyas Company Name : Opex Software, Pune IT Automation Summit 2016 http://www.unicomlearning.com/2016/IT_Automation_Summit/ Bangalore 27th April 2016
VCs on line 1 Scaling under pressure with Chef, Packer and Terraform
Who am I: Uchit Vyas 8+ years of exciting experience Infrastructure automation domain Leading Cloud Infrastructure automation in Opex Software
Introduction Single metric we measure: Speed with correctness Mission: Automate IT. Create Time Focus: SAAS applications
SAAS Startup Dream Scaling with SPEED How to make this happen, technically? Images: 4actionmarketing.net, dreamstime.com, thenextweb.com
Pressure from investors How to make this happen, technically? Images: startupinitiative.com
SAAS is value: Step 1 of 3 Clear value is delivered
SAAS is value: Step 2 of 3 Clear value is delivered Onboarding new customers rapidly
SAAS is value: Step 3 of 3 Clear value is delivered Onboarding new customers rapidly Upgrade fast, maintain lead, make value irresistible
Mortality Rate Images: jeepneymanilaph.files.wordpress.com
Execution Problems All good
Execution Problems All good Harden the OS skill not available immediately Automate app deploy/cfg after thought Automate Testing fully after thought
Execution Problems All good Harden the OS skill not available immediately Automate app deployment after thought Automate app configuration after thought Microservices independently upgradable? Lead starting to lose speed, competition! Images: avopress.com, animationmagazine.net, thenextweb.com
1412/05/15 DevOps + Strong Ops Dev Test Ops
15 Transform test automation for DevOps Test bed Infrastructure creation Automation Automated Test Result Analytics Test Automation (Selenium, QTP etc)
Strong Ops to scale Helpdesk Monitoring Configuration Management Auto-Self healing Synthetic Monitoring Log analytics
Good News
OS Hardening: Why is it imp? protecting IP unfair competition cybersecurity private data direct or indirect attacks via cloud President Barack Obama delivers remarks at the Business Roundtable offices in Washington September 16, 2015.
OS Hardening Use Chef templates and Terraform Include following in server configuration definition Security Rules, Password policies, Secure SSH, Compliance policy Important agents (AV, monitoring) Use “Chef-Vault” for storing secrets
Sample code: login definition template '/etc/login.defs' do source 'login.defs.erb' mode '0444' owner 'root' group 'root' variables( additional_user_paths: node['env’] … ) end
Sample code: erb file 'sample.erb' <% if @port != 80 -%> Listen <%= @port %> <% end -%> Two simple, but powerful concepts a) Expression evaluation b) Variable value replacement
Sample code: login definition variables( password_max_age: node['auth']['pw_max_age'], password_min_age: node['auth']['pw_min_age'], login_retries: node['auth']['retries'], login_timeout: node['auth']['timeout'], chfn_restrict: '', # "rwh" allow_login_without_home: node['auth']['allow_homeless'], … )
Quality gates: Serverspec
High speed lab creation Terraform is parallelized Auto-sequencing based on graphs Terraform can integrate with any layer of the stack Lab setup on pre-existing servers, provisioning servers from scratch - both are supported
Speed of provisioning Why we chose terraform for high-speed scaling Number of Machines Chef-metal Terraform 10 2.7 minutes 1.20 minutes 30 3.9 minutes 3.08 minutes 40 5.6 minutes 3.36 minutes 60 9.4 minutes 7.08 minutes 100 15.2 minutes 7.41 minutes
Distributing load elegantly Next few slides explain the code. Key highlighted portions are in a red rectangle Use cases 1: Synthetic monitoring Use case 2: Load balancing across all regions in a cloud How to scale across AZs? How to scale across clouds?
.tf Provisioning (AWS multi AZs) provider "aws" { region = "us-west-2" access_key = "XXXXXXX" secret_key = "XXXXXXXXX" }ia
variable "region" { default = "us-west-2" } variable "region_az" { default = { "us-east-1" = "us-east-1a,us-east-1c,us-east-1d,us-east-1e" "us-west-1" = "us-west-1a,us-west-1b,us-west-1c" "us-west-2" = "us-west-2a,us-west-2b,us-west-2c" "eu-west-1" = "eu-west-1a,eu-west-1b,eu-west-1c" "eu-central-1" = "eu-central-1a,eu-central-1b" "ap-southeast-1" = "ap-southeast-1a,ap-southeast-1b" "ap-northeast-1" = "ap-northeast-1a,ap-northeast-1b,ap-northeast-1c" "ap-southeast-2" = "ap-southeast-2a,ap-southeast-2b" "sa-east-1" = "sa-east-1a,sa-east-1b,sa-east-1c" } } Variables for AZs and AMIs Lets use this region to start
Region based AZ map variable "region_az" { default = { "us-east-1" = "us-east-1a,us-east-1c,us-east-1d,us-east-1e" "us-west-1" = "us-west-1a,us-west-1b,us-west-1c" "us-west-2" = "us-west-2a,us-west-2b,us-west-2c" "eu-west-1" = "eu-west-1a,eu-west-1b,eu-west-1c" "eu-central-1" = "eu-central-1a,eu-central-1b" "ap-southeast-1" = "ap-southeast-1a,ap-southeast-1b" "ap-northeast-1" = "ap-northeast-1a,ap-northeast-1b,ap-northeast-1c" "ap-southeast-2" = "ap-southeast-2a,ap-southeast-2b" "sa-east-1" = "sa-east-1a,sa-east-1b,sa-east-1c" } } variable "ami" { default = ... used in lookup
variable "ami" { default = { "description" = "Ubuntu server 14.04 ami id" "us-west-1" = "ami-df6a8b9b" "us-west-2" = "ami-5189a661" "us-east-1" = "ami-d05e75b8" "eu-west-1" = "ami-47a23a30" "eu-central-1" = "ami-accff2b1" "ap-northeast-1" = "ami-936d9d93" "ap-southeast-1" = "ami-96f1c1c4" "ap-southeast-2" = "ami-69631053" "sa-east-1" = "ami-4d883350" } } Region based Ubuntu AMI map
resource "aws_instance" "web" { ami = "${lookup(var.ami, var.region)}" instance_type = "${var.instance_type}" count = "${var.servers}" availability_zone = "${element(split(",",lookup(var.region_az, var.region)), count.index%length (split(",",lookup(var.region_az, var.region)) ))}" Resource declaration
resource "aws_instance" "web" { ami = "${lookup(var.ami, var.region)}" instance_type = "${var.instance_type}" count = "${var.servers}" availability_zone = "${element(split(",",lookup(var.region_az, var.region)), count.index%length (split(",",lookup(var.region_az, var.region)) ))}" Scaling and iterating Math library added from terraform v0.4 Simulating iteration Scaling to 100s of servers
Multi-cloud distribution Step 1 Creating an image for each cloud Step 2 Using that image in the code that we just saw
Creating image using Packer "provisioners": [{ "type": "shell", "inline": [ "sleep 30", "sudo apt-get update", "sudo apt-get install -y redis- server" ] }] Provisioning Redis server
Strong Ops - Chef provisioner "provisioners": [{ "type": "chef-client", "server_url”: “https://mychefserver.com/” }] Cookbooks and Recipes: Helpdesk, monitoring server, monitoring clients, antivirus agents, auto-healing servers, analytics data couriers... Using Chef client-server
App context: Data bags
Creating image using Packer "builders": [{ "type": "amazon-ebs", "access_key": "{{user `aws_access_key`}}", "secret_key": "{{user `aws_secret_key`}}", "region": "us-east-1", "source_ami": "ami-de0d9eb7", "instance_type": "t1.micro", "ssh_username": "ubuntu", "ami_name": "packer-example {{timestamp}}" }, Build in Amazon Cloud
Same code for multi-cloud "builders": [{ "type": "amazon-ebs", "access_key": "{{user `aws_access_key`}}", "secret_key": "{{user `aws_secret_key`}}", "region": "us-east-1", "source_ami": "ami-de0d9eb7", "instance_type": "t1.micro", "ssh_username": "ubuntu", "ami_name": "packer-example {{timestamp}}" }, { "type": "digitalocean", "api_token": "{{user `do_api_token`}}", "image": "ubuntu-14-04-x64", "region": "nyc3", "size": "512mb" }], Build in Amazon Cloud Build in Digital Ocean Cloud
Beautiful multi-color output amazon-ebs output will be in this color. digitalocean output will be in this color. ==> digitalocean: Creating temporary ssh key for droplet... ==> amazon-ebs: Prevalidating AMI Name... ==> amazon-ebs: Inspecting the source AMI... ==> amazon-ebs: Creating temporary keypair: packer 55f6c5e5-2b50-c8c3-5e37-7d246b6f0bca ==> amazon-ebs: Creating temporary security group for this instance... ==> amazon-ebs: Authorizing access to port 22 the temporary security group... ==> amazon-ebs: Launching a source AWS instance... ==> digitalocean: Creating droplet... ==> digitalocean: Waiting for droplet to become active...
Pilot of great idea - clear value delivered - all good Onboarding new customers rapidly without sacrificing quality Harden the OS - chef-templates, packer, Terraform Automate app deployment - Terraform + Chef Automate app configuration - Terraform + Chef + Data bags Pivot fast, maintain the lead, make value irresistible DevOps for building new features fast - Adopt DevOps early Upgrade customers DevOps pipeline + Roles + Environments Hope this helps!
The 4th question in daily agile scrums that was never asked 4th question: Are you blocking Ops? Meaning: a) Are there any new binaries created/deleted? b) Are there any configuration files that changed? c) Are there any configuration attributes that changed? Why DevOps projects fail
Recap, takeaway Easy to code infrastructure Easy to replicate infrastructure Easy to distribute infrastructure across AZs Easy to balance infrastructure across regions Easy to balance infrastructure across clouds, countries Easy to integrate with other apps The 4th scrum question
IT Automation Summit 2016 http://www.unicomlearning.com/2016/IT_Automation_Summit/ Speaker Name: Uchit Vyas Email ID: uchit.vyas@opexsoftware.com Organized by UNICOM Trainings & Seminars Pvt. Ltd. contact@unicomlearning.com
Opex Software Thanks You AUTOMATE IT. CREATE TIME
Hybrid SAAS Apps App is on AWS (DO, Azure, other clouds) Appliance, Sync process is on-prem with the tenant
Upgrading customers: Env knife environment create ClientSetOne name "ClientSetOne" description "The packages and configuration used by ClientSetOne" cookbook_versions({ "nginx" => "<= 1.1.0", "apt" => "= 0.0.1" }) override_attributes ({ "nginx" => { "listen" => [ "80", "443" ] }, "mysql" => { "root_pass" => "root" } })
Upgrading customers: Associate Each node can be in exactly one environment STEP1: knife node edit clientOneAppliance STEP2: { "name": "clientOneAppliance", "chef_environment": "ClientSetOne", "normal": { "tags": [ ] }, "run_list": [ "role[web_server]" ] }
Language Integration challenges Source: http://sdtimes.com/poll-the-language-i-use-most-at-work-is/
Terraform JSON file which can be executed by terraform Java beans for the all available TF resources. Opening TF to Java world Terraform Resource (Java) Transpiler with Notification Provisioner Injection Terraform Resource (JSON) Convert TF Java bean into TF JSON. Injects echos using local_exec.
Terraform JSON Resource Terraform Executor(Java) Terraform Action Handler Notify Action Handlers for 1. Resource Created 2. Provisioner Execution Started 3. Provisioner Execution Done Execute Terraform JSON File Terraform Executor(Java)

More Related Content

PDF
Julien Simon "Scaling ML from 0 to millions of users"
byFwdays
 
PDF
ADF Mobile: 10 Things you don't get from the developers guide
byLuc Bors
 
PDF
Oracle MAF real life OOW.pptx
byLuc Bors
 
PDF
"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019
byProvectus
 
PDF
Charla - SharePoint en la Nube (17Jul2013)
byJuan Andrés Valenzuela
 
PDF
Real Life MAF (2.2) Oracle Open World 2015
byLuc Bors
 
PDF
AWSug.nl Meetup @ New10 - SAM
byMartijn van Dongen
 
PDF
Crossing the Bridge: Connecting Rails and your Front-end Framework
byDaniel Spector
 
Julien Simon "Scaling ML from 0 to millions of users"
byFwdays
 
ADF Mobile: 10 Things you don't get from the developers guide
byLuc Bors
 
Oracle MAF real life OOW.pptx
byLuc Bors
 
"Scaling ML from 0 to millions of users", Julien Simon, AWS Dev Day Kyiv 2019
byProvectus
 
Charla - SharePoint en la Nube (17Jul2013)
byJuan Andrés Valenzuela
 
Real Life MAF (2.2) Oracle Open World 2015
byLuc Bors
 
AWSug.nl Meetup @ New10 - SAM
byMartijn van Dongen
 
Crossing the Bridge: Connecting Rails and your Front-end Framework
byDaniel Spector
 

What's hot

PDF
OSCON Google App Engine Codelab - July 2010
byikailan
 
PPTX
Infrastructure-as-Code (IaC) using Terraform
byAdin Ermie
 
PDF
Deploying SharePoint @ Cloud
byJuan Andrés Valenzuela
 
PDF
A Little Backbone For Your App
byLuca Mearelli
 
PPTX
Introduction to windows power shell in sharepoint 2010
byBinh Nguyen
 
PPTX
Webinar - Office 365 & PowerShell : A Match Made in Heaven
bySébastien Levert
 
PPTX
Infrastructure-as-Code (IaC) Using Terraform (Intermediate Edition)
byAdin Ermie
 
PPTX
Power Shell and Sharepoint 2013
byMohan Arumugam
 
PPTX
Picking the right AWS backend for your application (September 2017)
byJulien SIMON
 
PDF
Symfony tips and tricks
byJavier Eguiluz
 
PDF
[AWS Innovate 온라인 컨퍼런스] 간단한 Python 코드만으로 높은 성능의 기계 학습 모델 만들기 - 김무현, AWS Sr.데이...
byAmazon Web Services Korea
 
PPT
Building Single Page Application (SPA) with Symfony2 and AngularJS
byAntonio Peric-Mazar
 
PDF
Server Side JavaScript on the Java Platform - David Delabassee
byJAXLondon2014
 
PDF
AEM GEMS Session SAML authentication in AEM
byAdobeMarketingCloud
 
PDF
AWS Step Functions 実践
byShuji Kikuchi
 
OSCON Google App Engine Codelab - July 2010
byikailan
 
Infrastructure-as-Code (IaC) using Terraform
byAdin Ermie
 
Deploying SharePoint @ Cloud
byJuan Andrés Valenzuela
 
A Little Backbone For Your App
byLuca Mearelli
 
Introduction to windows power shell in sharepoint 2010
byBinh Nguyen
 
Webinar - Office 365 & PowerShell : A Match Made in Heaven
bySébastien Levert
 
Infrastructure-as-Code (IaC) Using Terraform (Intermediate Edition)
byAdin Ermie
 
Power Shell and Sharepoint 2013
byMohan Arumugam
 
Picking the right AWS backend for your application (September 2017)
byJulien SIMON
 
Symfony tips and tricks
byJavier Eguiluz
 
[AWS Innovate 온라인 컨퍼런스] 간단한 Python 코드만으로 높은 성능의 기계 학습 모델 만들기 - 김무현, AWS Sr.데이...
byAmazon Web Services Korea
 
Building Single Page Application (SPA) with Symfony2 and AngularJS
byAntonio Peric-Mazar
 
Server Side JavaScript on the Java Platform - David Delabassee
byJAXLondon2014
 
AEM GEMS Session SAML authentication in AEM
byAdobeMarketingCloud
 
AWS Step Functions 実践
byShuji Kikuchi
 

Viewers also liked

DOCX
13th August 2016 - Priorities for our Relationships
byThorn Group Pvt Ltd
 
PPTX
Ensayo
byJeimyNieto
 
PPTX
UNIT 2
byDheebhob Bimvoen
 
PPT
Simple Db &amp; Dynamo Db
byUchit Vyas ☁
 
DOCX
Avoliobio2016
byBruce Avolio
 
PDF
Mindmap Jung
bySherlyn Sense
 
PDF
Michael Maher 4 Simple LifeHacks of SuperProducers
byHomesPro from Homes.com
 
PDF
Poster :: ITS: Predictive Vehicular Networking (1)
byJoarder Kamal
 
PDF
Getting Strated with Amazon Dynamo DB (Jim Scharf) - AWS DB Day
byAmazon Web Services Korea
 
PDF
Mindmap Bandura
bySherlyn Sense
 
PPTX
Pulse polio immunization campaign
byShanmukha Akinapelli
 
PDF
Brand Best Practices
byMahmoodul Sameer
 
PPT
Gymnastics For Demonstration teaching by Edgardo Paule
byedgardoseda
 
PPTX
Disrupting Documentary: Ecstatic Truth & Elusive Fiction
byShannon Walsh
 
PPTX
360 video
byShannon Walsh
 
PPTX
Aljaska-geografija 7. razred
byTamara Radičev
 
PDF
A Plan to Help a Friend
byMyWonderStudio
 
PPTX
Final Roundtable Discussion
byStephanie Wells, BPR, MSc
 
13th August 2016 - Priorities for our Relationships
byThorn Group Pvt Ltd
 
Ensayo
byJeimyNieto
 
UNIT 2
byDheebhob Bimvoen
 
Simple Db &amp; Dynamo Db
byUchit Vyas ☁
 
Avoliobio2016
byBruce Avolio
 
Mindmap Jung
bySherlyn Sense
 
Michael Maher 4 Simple LifeHacks of SuperProducers
byHomesPro from Homes.com
 
Poster :: ITS: Predictive Vehicular Networking (1)
byJoarder Kamal
 
Getting Strated with Amazon Dynamo DB (Jim Scharf) - AWS DB Day
byAmazon Web Services Korea
 
Mindmap Bandura
bySherlyn Sense
 
Pulse polio immunization campaign
byShanmukha Akinapelli
 
Brand Best Practices
byMahmoodul Sameer
 
Gymnastics For Demonstration teaching by Edgardo Paule
byedgardoseda
 
Disrupting Documentary: Ecstatic Truth & Elusive Fiction
byShannon Walsh
 
360 video
byShannon Walsh
 
Aljaska-geografija 7. razred
byTamara Radičev
 
A Plan to Help a Friend
byMyWonderStudio
 
Final Roundtable Discussion
byStephanie Wells, BPR, MSc
 

Similar to Scaling with Automation

PDF
Rapid Infrastructure Provisioning
byUchit Vyas ☁
 
PPTX
Aprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps day
byPlain Concepts
 
PDF
Cloud patterns applied
byLars Fronius
 
PDF
Workshop Infrastructure as Code - Suestra
byMario IC
 
PPTX
"Continuously delivering infrastructure using Terraform and Packer" training ...
byAnton Babenko
 
PPTX
AWS Techniques and lessons writing a minimal cost gitlab runner
byAnthony Scata
 
PPTX
An intro to Docker, Terraform, and Amazon ECS
byYevgeniy Brikman
 
PDF
AWS DevOps - Terraform, Docker, HashiCorp Vault
byGrzegorz Adamowicz
 
PPTX
RIMA-Infrastructure as a code with Terraform.pptx
byMrJustbis
 
PDF
OSDC 2018 | Migrating to the cloud by Devdas Bhagat
byNETWAYS
 
PDF
Terraform in action
byDamien Pacaud
 
PDF
DevOps at Tradeshift - AWS community day nordics
byJesperTerkelsen1
 
PDF
Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...
byOpenCredo
 
PPTX
Cloud Meetup - Automation in the Cloud
bypetriojala123
 
PDF
Atmosphere 2018: Wojciech Krysmann- INFRA AS CODE - TERRAFORM DEEP DIVE AND B...
byPROIDEA
 
PDF
Getting Started with DevOps on AWS [Mar 2020]
byDhaval Nagar
 
PDF
Dynamically scaling a political news and activism hub (up to 5x the traffic i...
bySusan Potter
 
PDF
Case Study: Using Terraform and Packer to deploy go applications to AWS
byPatrick Bolduan
 
PPTX
terraform cours intéressant et super fort
byamar719595
 
PDF
A Hands-on Introduction on Terraform Best Concepts and Best Practices
byNebulaworks
 
Rapid Infrastructure Provisioning
byUchit Vyas ☁
 
Aprovisionamiento multi-proveedor con Terraform - Plain Concepts DevOps day
byPlain Concepts
 
Cloud patterns applied
byLars Fronius
 
Workshop Infrastructure as Code - Suestra
byMario IC
 
"Continuously delivering infrastructure using Terraform and Packer" training ...
byAnton Babenko
 
AWS Techniques and lessons writing a minimal cost gitlab runner
byAnthony Scata
 
An intro to Docker, Terraform, and Amazon ECS
byYevgeniy Brikman
 
AWS DevOps - Terraform, Docker, HashiCorp Vault
byGrzegorz Adamowicz
 
RIMA-Infrastructure as a code with Terraform.pptx
byMrJustbis
 
OSDC 2018 | Migrating to the cloud by Devdas Bhagat
byNETWAYS
 
Terraform in action
byDamien Pacaud
 
DevOps at Tradeshift - AWS community day nordics
byJesperTerkelsen1
 
Hashidays London 2017 - Evolving your Infrastructure with Terraform By Nicki ...
byOpenCredo
 
Cloud Meetup - Automation in the Cloud
bypetriojala123
 
Atmosphere 2018: Wojciech Krysmann- INFRA AS CODE - TERRAFORM DEEP DIVE AND B...
byPROIDEA
 
Getting Started with DevOps on AWS [Mar 2020]
byDhaval Nagar
 
Dynamically scaling a political news and activism hub (up to 5x the traffic i...
bySusan Potter
 
Case Study: Using Terraform and Packer to deploy go applications to AWS
byPatrick Bolduan
 
terraform cours intéressant et super fort
byamar719595
 
A Hands-on Introduction on Terraform Best Concepts and Best Practices
byNebulaworks
 

More from Uchit Vyas ☁

PDF
Service api design validation & collaboration
byUchit Vyas ☁
 
PDF
API Design Collaboration
byUchit Vyas ☁
 
PPTX
Defining DevSecOps
byUchit Vyas ☁
 
PPT
Let’s Democratize Deployments
byUchit Vyas ☁
 
PPTX
Hashicorp Products Overview
byUchit Vyas ☁
 
PPTX
Deployment using aws
byUchit Vyas ☁
 
PPTX
Cloud
byUchit Vyas ☁
 
Service api design validation & collaboration
byUchit Vyas ☁
 
API Design Collaboration
byUchit Vyas ☁
 
Defining DevSecOps
byUchit Vyas ☁
 
Let’s Democratize Deployments
byUchit Vyas ☁
 
Hashicorp Products Overview
byUchit Vyas ☁
 
Deployment using aws
byUchit Vyas ☁
 
Cloud
byUchit Vyas ☁
 

Recently uploaded

PDF
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
PDF
Supercharging Android Apps with On-Device AI: Gemini Nano
bydinoykraj
 
PDF
Mutation Testing for Industrial Robotic Systems (FMAS 2025)
bySylvain Hallé
 
PPTX
Explaining ourselves – people, computers and AI
byAlan Dix
 
PDF
Linux Foundation Certified System Administrator (LFCS) Exam.pdf
byLinuxCert Guru
 
PDF
PMI PMBOK8 Released on November 13, 2025
byScott M. Graffius
 
PDF
SELinux Policy Management in RHEL - RHCSA+.pdf
byLinuxCert Guru
 
PPTX
AI: Beyond Generative AI and LLM | Harrie de Groot (harrie.dev)
byHarrie de Groot
 
PDF
UnityNet AI Induced Harm & Youth Protection Position Statement 2025-11-15
byLHelferty
 
PDF
IDSECCONF2025 - Rama Tri Nanda - Hunting Stingray GSM on Budget.pdf
byidsecconf
 
PDF
Oracle MySQL HeatWave - Complete - Version 3
byLuca Bonesini
 
PPTX
Neo4j Fraud GraphTalk Singapore Nov 2025
bygourisachdeva2
 
PDF
Linux Professional Institute LPIC-1 Exam.pdf
byLinuxCert Guru
 
PDF
Raj Jain, Recent Advances, Issues, and Challenges in Cybersecurity, Keynote a...
byrjain51
 
PDF
IDSECCONF2025 - Faisal Ilham - Semi Automating Vulnerability Scanner and Expl...
byidsecconf
 
PDF
IDSECCONF2025 - Nosa Shandy - Discovering and Disclosing Privacy Vulnerabilit...
byidsecconf
 
PPTX
oop pillor polymorphism Code Presentation
byhifzamahmood8
 
PDF
IDSECCONF2025 - Budi Rahardjo - Cyber Security and AI.pdf
byidsecconf
 
PDF
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
PDF
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 
MINDCTI Revenue Release Quarter 3 2025 - Financial Presentation
byMIND CTI
 
Supercharging Android Apps with On-Device AI: Gemini Nano
bydinoykraj
 
Mutation Testing for Industrial Robotic Systems (FMAS 2025)
bySylvain Hallé
 
Explaining ourselves – people, computers and AI
byAlan Dix
 
Linux Foundation Certified System Administrator (LFCS) Exam.pdf
byLinuxCert Guru
 
PMI PMBOK8 Released on November 13, 2025
byScott M. Graffius
 
SELinux Policy Management in RHEL - RHCSA+.pdf
byLinuxCert Guru
 
AI: Beyond Generative AI and LLM | Harrie de Groot (harrie.dev)
byHarrie de Groot
 
UnityNet AI Induced Harm & Youth Protection Position Statement 2025-11-15
byLHelferty
 
IDSECCONF2025 - Rama Tri Nanda - Hunting Stingray GSM on Budget.pdf
byidsecconf
 
Oracle MySQL HeatWave - Complete - Version 3
byLuca Bonesini
 
Neo4j Fraud GraphTalk Singapore Nov 2025
bygourisachdeva2
 
Linux Professional Institute LPIC-1 Exam.pdf
byLinuxCert Guru
 
Raj Jain, Recent Advances, Issues, and Challenges in Cybersecurity, Keynote a...
byrjain51
 
IDSECCONF2025 - Faisal Ilham - Semi Automating Vulnerability Scanner and Expl...
byidsecconf
 
IDSECCONF2025 - Nosa Shandy - Discovering and Disclosing Privacy Vulnerabilit...
byidsecconf
 
oop pillor polymorphism Code Presentation
byhifzamahmood8
 
IDSECCONF2025 - Budi Rahardjo - Cyber Security and AI.pdf
byidsecconf
 
Mastering UiPath Maestro – Session 2 – Building a Live Use Case - Session 2
byDianaGray10
 
KMWorld - KM & AI Bring Collectivity, Nostalgia, & Selectivity
byJonathan Ralton
 

Scaling with Automation

  • 1.
    Location : Bangalore Date: 27th April, 2016 Name of the Speaker : Uchit Vyas Company Name : Opex Software, Pune IT Automation Summit 2016 http://www.unicomlearning.com/2016/IT_Automation_Summit/ Bangalore 27th April 2016
  • 2.
    VCs on line1 Scaling under pressure with Chef, Packer and Terraform
  • 3.
    Who am I:Uchit Vyas 8+ years of exciting experience Infrastructure automation domain Leading Cloud Infrastructure automation in Opex Software
  • 4.
    Introduction Single metric wemeasure: Speed with correctness Mission: Automate IT. Create Time Focus: SAAS applications
  • 5.
    SAAS Startup Dream Scalingwith SPEED How to make this happen, technically? Images: 4actionmarketing.net, dreamstime.com, thenextweb.com
  • 6.
    Pressure from investors Howto make this happen, technically? Images: startupinitiative.com
  • 7.
    SAAS is value:Step 1 of 3 Clear value is delivered
  • 8.
    SAAS is value:Step 2 of 3 Clear value is delivered Onboarding new customers rapidly
  • 9.
    SAAS is value:Step 3 of 3 Clear value is delivered Onboarding new customers rapidly Upgrade fast, maintain lead, make value irresistible
  • 10.
  • 11.
  • 12.
    Execution Problems All good Hardenthe OS skill not available immediately Automate app deploy/cfg after thought Automate Testing fully after thought
  • 13.
    Execution Problems All good Hardenthe OS skill not available immediately Automate app deployment after thought Automate app configuration after thought Microservices independently upgradable? Lead starting to lose speed, competition! Images: avopress.com, animationmagazine.net, thenextweb.com
  • 14.
  • 15.
    15 Transform test automationfor DevOps Test bed Infrastructure creation Automation Automated Test Result Analytics Test Automation (Selenium, QTP etc)
  • 16.
    Strong Ops toscale Helpdesk Monitoring Configuration Management Auto-Self healing Synthetic Monitoring Log analytics
  • 17.
  • 18.
    OS Hardening: Whyis it imp? protecting IP unfair competition cybersecurity private data direct or indirect attacks via cloud President Barack Obama delivers remarks at the Business Roundtable offices in Washington September 16, 2015.
  • 19.
    OS Hardening Use Cheftemplates and Terraform Include following in server configuration definition Security Rules, Password policies, Secure SSH, Compliance policy Important agents (AV, monitoring) Use “Chef-Vault” for storing secrets
  • 20.
    Sample code: logindefinition template '/etc/login.defs' do source 'login.defs.erb' mode '0444' owner 'root' group 'root' variables( additional_user_paths: node['env’] … ) end
  • 21.
    Sample code: erbfile 'sample.erb' <% if @port != 80 -%> Listen <%= @port %> <% end -%> Two simple, but powerful concepts a) Expression evaluation b) Variable value replacement
  • 22.
    Sample code: logindefinition variables( password_max_age: node['auth']['pw_max_age'], password_min_age: node['auth']['pw_min_age'], login_retries: node['auth']['retries'], login_timeout: node['auth']['timeout'], chfn_restrict: '', # "rwh" allow_login_without_home: node['auth']['allow_homeless'], … )
  • 23.
  • 24.
    High speed labcreation Terraform is parallelized Auto-sequencing based on graphs Terraform can integrate with any layer of the stack Lab setup on pre-existing servers, provisioning servers from scratch - both are supported
  • 25.
    Speed of provisioning Whywe chose terraform for high-speed scaling Number of Machines Chef-metal Terraform 10 2.7 minutes 1.20 minutes 30 3.9 minutes 3.08 minutes 40 5.6 minutes 3.36 minutes 60 9.4 minutes 7.08 minutes 100 15.2 minutes 7.41 minutes
  • 30.
    Distributing load elegantly Nextfew slides explain the code. Key highlighted portions are in a red rectangle Use cases 1: Synthetic monitoring Use case 2: Load balancing across all regions in a cloud How to scale across AZs? How to scale across clouds?
  • 31.
    .tf Provisioning (AWSmulti AZs) provider "aws" { region = "us-west-2" access_key = "XXXXXXX" secret_key = "XXXXXXXXX" }ia
  • 32.
    variable "region" { default ="us-west-2" } variable "region_az" { default = { "us-east-1" = "us-east-1a,us-east-1c,us-east-1d,us-east-1e" "us-west-1" = "us-west-1a,us-west-1b,us-west-1c" "us-west-2" = "us-west-2a,us-west-2b,us-west-2c" "eu-west-1" = "eu-west-1a,eu-west-1b,eu-west-1c" "eu-central-1" = "eu-central-1a,eu-central-1b" "ap-southeast-1" = "ap-southeast-1a,ap-southeast-1b" "ap-northeast-1" = "ap-northeast-1a,ap-northeast-1b,ap-northeast-1c" "ap-southeast-2" = "ap-southeast-2a,ap-southeast-2b" "sa-east-1" = "sa-east-1a,sa-east-1b,sa-east-1c" } } Variables for AZs and AMIs Lets use this region to start
  • 33.
    Region based AZmap variable "region_az" { default = { "us-east-1" = "us-east-1a,us-east-1c,us-east-1d,us-east-1e" "us-west-1" = "us-west-1a,us-west-1b,us-west-1c" "us-west-2" = "us-west-2a,us-west-2b,us-west-2c" "eu-west-1" = "eu-west-1a,eu-west-1b,eu-west-1c" "eu-central-1" = "eu-central-1a,eu-central-1b" "ap-southeast-1" = "ap-southeast-1a,ap-southeast-1b" "ap-northeast-1" = "ap-northeast-1a,ap-northeast-1b,ap-northeast-1c" "ap-southeast-2" = "ap-southeast-2a,ap-southeast-2b" "sa-east-1" = "sa-east-1a,sa-east-1b,sa-east-1c" } } variable "ami" { default = ... used in lookup
  • 34.
    variable "ami" { default = { "description"= "Ubuntu server 14.04 ami id" "us-west-1" = "ami-df6a8b9b" "us-west-2" = "ami-5189a661" "us-east-1" = "ami-d05e75b8" "eu-west-1" = "ami-47a23a30" "eu-central-1" = "ami-accff2b1" "ap-northeast-1" = "ami-936d9d93" "ap-southeast-1" = "ami-96f1c1c4" "ap-southeast-2" = "ami-69631053" "sa-east-1" = "ami-4d883350" } } Region based Ubuntu AMI map
  • 35.
    resource "aws_instance" "web"{ ami = "${lookup(var.ami, var.region)}" instance_type = "${var.instance_type}" count = "${var.servers}" availability_zone = "${element(split(",",lookup(var.region_az, var.region)), count.index%length (split(",",lookup(var.region_az, var.region)) ))}" Resource declaration
  • 36.
    resource "aws_instance" "web"{ ami = "${lookup(var.ami, var.region)}" instance_type = "${var.instance_type}" count = "${var.servers}" availability_zone = "${element(split(",",lookup(var.region_az, var.region)), count.index%length (split(",",lookup(var.region_az, var.region)) ))}" Scaling and iterating Math library added from terraform v0.4 Simulating iteration Scaling to 100s of servers
  • 37.
    Multi-cloud distribution Step 1 Creatingan image for each cloud Step 2 Using that image in the code that we just saw
  • 38.
    Creating image usingPacker "provisioners": [{ "type": "shell", "inline": [ "sleep 30", "sudo apt-get update", "sudo apt-get install -y redis- server" ] }] Provisioning Redis server
  • 39.
    Strong Ops -Chef provisioner "provisioners": [{ "type": "chef-client", "server_url”: “https://mychefserver.com/” }] Cookbooks and Recipes: Helpdesk, monitoring server, monitoring clients, antivirus agents, auto-healing servers, analytics data couriers... Using Chef client-server
  • 40.
  • 41.
    Creating image usingPacker "builders": [{ "type": "amazon-ebs", "access_key": "{{user `aws_access_key`}}", "secret_key": "{{user `aws_secret_key`}}", "region": "us-east-1", "source_ami": "ami-de0d9eb7", "instance_type": "t1.micro", "ssh_username": "ubuntu", "ami_name": "packer-example {{timestamp}}" }, Build in Amazon Cloud
  • 42.
    Same code formulti-cloud "builders": [{ "type": "amazon-ebs", "access_key": "{{user `aws_access_key`}}", "secret_key": "{{user `aws_secret_key`}}", "region": "us-east-1", "source_ami": "ami-de0d9eb7", "instance_type": "t1.micro", "ssh_username": "ubuntu", "ami_name": "packer-example {{timestamp}}" }, { "type": "digitalocean", "api_token": "{{user `do_api_token`}}", "image": "ubuntu-14-04-x64", "region": "nyc3", "size": "512mb" }], Build in Amazon Cloud Build in Digital Ocean Cloud
  • 43.
    Beautiful multi-color output amazon-ebsoutput will be in this color. digitalocean output will be in this color. ==> digitalocean: Creating temporary ssh key for droplet... ==> amazon-ebs: Prevalidating AMI Name... ==> amazon-ebs: Inspecting the source AMI... ==> amazon-ebs: Creating temporary keypair: packer 55f6c5e5-2b50-c8c3-5e37-7d246b6f0bca ==> amazon-ebs: Creating temporary security group for this instance... ==> amazon-ebs: Authorizing access to port 22 the temporary security group... ==> amazon-ebs: Launching a source AWS instance... ==> digitalocean: Creating droplet... ==> digitalocean: Waiting for droplet to become active...
  • 44.
    Pilot of greatidea - clear value delivered - all good Onboarding new customers rapidly without sacrificing quality Harden the OS - chef-templates, packer, Terraform Automate app deployment - Terraform + Chef Automate app configuration - Terraform + Chef + Data bags Pivot fast, maintain the lead, make value irresistible DevOps for building new features fast - Adopt DevOps early Upgrade customers DevOps pipeline + Roles + Environments Hope this helps!
  • 45.
    The 4th questionin daily agile scrums that was never asked 4th question: Are you blocking Ops? Meaning: a) Are there any new binaries created/deleted? b) Are there any configuration files that changed? c) Are there any configuration attributes that changed? Why DevOps projects fail
  • 46.
    Recap, takeaway Easy tocode infrastructure Easy to replicate infrastructure Easy to distribute infrastructure across AZs Easy to balance infrastructure across regions Easy to balance infrastructure across clouds, countries Easy to integrate with other apps The 4th scrum question
  • 47.
    IT Automation Summit2016 http://www.unicomlearning.com/2016/IT_Automation_Summit/ Speaker Name: Uchit Vyas Email ID: uchit.vyas@opexsoftware.com Organized by UNICOM Trainings & Seminars Pvt. Ltd. contact@unicomlearning.com
  • 48.
    Opex Software ThanksYou AUTOMATE IT. CREATE TIME
  • 49.
    Hybrid SAAS Apps Appis on AWS (DO, Azure, other clouds) Appliance, Sync process is on-prem with the tenant
  • 50.
    Upgrading customers: Env knifeenvironment create ClientSetOne name "ClientSetOne" description "The packages and configuration used by ClientSetOne" cookbook_versions({ "nginx" => "<= 1.1.0", "apt" => "= 0.0.1" }) override_attributes ({ "nginx" => { "listen" => [ "80", "443" ] }, "mysql" => { "root_pass" => "root" } })
  • 51.
    Upgrading customers: Associate Eachnode can be in exactly one environment STEP1: knife node edit clientOneAppliance STEP2: { "name": "clientOneAppliance", "chef_environment": "ClientSetOne", "normal": { "tags": [ ] }, "run_list": [ "role[web_server]" ] }
  • 52.
    Language Integration challenges Source:http://sdtimes.com/poll-the-language-i-use-most-at-work-is/
  • 53.
    Terraform JSON filewhich can be executed by terraform Java beans for the all available TF resources. Opening TF to Java world Terraform Resource (Java) Transpiler with Notification Provisioner Injection Terraform Resource (JSON) Convert TF Java bean into TF JSON. Injects echos using local_exec.
  • 54.
    Terraform JSON Resource Terraform Executor(Java) Terraform Action Handler NotifyAction Handlers for 1. Resource Created 2. Provisioner Execution Started 3. Provisioner Execution Done Execute Terraform JSON File Terraform Executor(Java)