What is AWS CodeDeploy and what are its top alternatives?
AWS CodeDeploy is a fully managed deployment service that automates software deployments to multiple computing services, including Amazon EC2 instances and on-premises servers. It allows you to centralize and control the deployment process, ensuring that updates are applied consistently across your application. Key features include deployment automation, tracking deployment status, and integration with other AWS services like Lambda and CodePipeline. However, some limitations of AWS CodeDeploy include a complex setup process, limited support for third-party integrations, and occasional issues with scaling deployments.
Jenkins: Jenkins is a popular open-source automation server that helps to automate various parts of the software development process, including building, testing, and deployment. It offers a high level of flexibility and customizability, making it easy to integrate with various tools and services. However, setting up and maintaining Jenkins can be complex and time-consuming compared to AWS CodeDeploy.
GitLab CI/CD: GitLab CI/CD is a part of the GitLab DevOps platform that offers integrated CI/CD capabilities for automating the software release process. It provides features like automated testing, container registry, and deployment environments, all in a single application. Compared to AWS CodeDeploy, GitLab CI/CD offers a more seamless experience for teams looking for an all-in-one solution but may lack some advanced deployment features.
CircleCI: CircleCI is a continuous integration and delivery platform that helps software teams automate their development and deployment processes. It offers easy integration with popular version control systems, cloud platforms, and other tools to streamline the deployment pipeline. However, compared to AWS CodeDeploy, CircleCI may have limitations in customizing deployment strategies and managing complex deployment scenarios.
Capistrano: Capistrano is an open-source tool for executing scripts on multiple servers, typically used for automating the deployment of web applications. It allows developers to define custom deployment tasks and easily roll back changes if needed. Capistrano offers flexibility and control over the deployment process but may require more manual configuration compared to AWS CodeDeploy.
Bamboo: Bamboo is a continuous integration and deployment tool from Atlassian that helps teams automate the software delivery process. It provides features like build automation, deployment environments, and release management, all within a single platform. Compared to AWS CodeDeploy, Bamboo offers seamless integration with other Atlassian products but may lack some advanced deployment capabilities.
Spinnaker: Spinnaker is an open-source continuous delivery platform that helps to automate the deployment process across multiple cloud providers. It offers advanced features like multi-cloud deployment, automated canary analysis, and automated rollback strategies. Compared to AWS CodeDeploy, Spinnaker provides more advanced deployment capabilities but may require more expertise to set up and maintain.
Octopus Deploy: Octopus Deploy is a deployment automation tool that helps teams automate the deployment process for .NET applications. It offers features like release management, deployment orchestration, and infrastructure configuration integration. Compared to AWS CodeDeploy, Octopus Deploy provides a more specialized solution for .NET applications but may lack support for other programming languages and platforms.
DeployBot: DeployBot is a deployment automation tool that helps teams automate the deployment process for web applications. It offers features like deployment pipelines, rollback capabilities, and integration with popular version control systems. Compared to AWS CodeDeploy, DeployBot provides a simpler and more user-friendly interface but may lack some advanced deployment features.
AWS CodePipeline: AWS CodePipeline is a continuous integration and continuous delivery service from AWS that helps teams automate their software release process. It integrates with various AWS services like CodeBuild and CodeDeploy to create a continuous delivery pipeline. Compared to AWS CodeDeploy, CodePipeline offers a more integrated solution for the entire software release process but may lack some advanced deployment customization options.
Rundeck: Rundeck is an open-source automation tool that helps teams automate the deployment and management of applications and infrastructure. It provides features like workflow automation, job scheduling, and remote command execution for orchestrating complex deployment tasks. Compared to AWS CodeDeploy, Rundeck offers more flexibility and control over the deployment process but may require more configuration and setup effort.
Top Alternatives to AWS CodeDeploy
- AWS CodePipeline
CodePipeline builds, tests, and deploys your code every time there is a code change, based on the release process models you define. ...
- Jenkins
In a nutshell Jenkins CI is the leading open-source continuous integration server. Built with Java, it provides over 300 plugins to support building and testing virtually any project. ...
- Docker
The Docker Platform is the industry-leading container platform for continuous, high-velocity innovation, enabling organizations to seamlessly build and share any application — from legacy to what comes next — and securely run them anywhere ...
- Ansible
Ansible is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates. Ansible’s goals are foremost those of simplicity and maximum ease of use. ...
- Chef
Chef enables you to manage and scale cloud infrastructure with no downtime or interruptions. Freely move applications and configurations from one cloud to another. Chef is integrated with all major cloud providers including Amazon EC2, VMWare, IBM Smartcloud, Rackspace, OpenStack, Windows Azure, HP Cloud, Google Compute Engine, Joyent Cloud and others. ...
- AWS CodeBuild
AWS CodeBuild is a fully managed build service that compiles source code, runs tests, and produces software packages that are ready to deploy. With CodeBuild, you don’t need to provision, manage, and scale your own build servers. ...
- AWS CodeCommit
CodeCommit eliminates the need to operate your own source control system or worry about scaling its infrastructure. You can use CodeCommit to securely store anything from source code to binaries, and it works seamlessly with your existing Git tools. ...
- Terraform
With Terraform, you describe your complete infrastructure as code, even as it spans multiple service providers. Your servers may come from AWS, your DNS may come from CloudFlare, and your database may come from Heroku. Terraform will build all these resources across all these providers in parallel. ...
AWS CodeDeploy alternatives & related posts
AWS CodePipeline
- Simple to set up13
- Managed service8
- GitHub integration4
- Parallel Execution3
- Automatic deployment2
- Manual Steps Available0
- No project boards2
- No integration with "Power" 365 tools1
related AWS CodePipeline posts
I'm the CTO of a marketing automation SaaS. Because of the continuously increasing load we moved to the AWSCloud. We are using more and more features of AWS: Amazon CloudWatch, Amazon SNS, Amazon CloudFront, Amazon Route 53 and so on.
Our main Database is MySQL but for the hundreds of GB document data we use MongoDB more and more. We started to use Redis for cache and other time sensitive operations.
On the front-end we use jQuery UI + Smarty but now we refactor our app to use Vue.js with Vuetify. Because our app is relatively complex we need to use vuex as well.
On the development side we use GitHub as our main repo, Docker for local and server environment and Jenkins and AWS CodePipeline for Continuous Integration.
We recently added new APIs to Jira to associate information about Builds and Deployments to Jira issues.
The new APIs were developed using a spec-first API approach for speed and sanity. The details of this approach are described in this blog post, and we relied on using Swagger and associated tools like Swagger UI.
A new service was created for managing the data. It provides a REST API for external use, and an internal API based on GraphQL. The service is built using Kotlin for increased developer productivity and happiness, and the Spring-Boot framework. PostgreSQL was chosen for the persistence layer, as we have non-trivial requirements that cannot be easily implemented on top of a key-value store.
The front-end has been built using React and querying the back-end service using an internal GraphQL API. We have plans of providing a public GraphQL API in the future.
New Jira Integrations: Bitbucket CircleCI AWS CodePipeline Octopus Deploy jFrog Azure Pipelines
- Hosted internally523
- Free open source469
- Great to build, deploy or launch anything async318
- Tons of integrations243
- Rich set of plugins with good documentation211
- Has support for build pipelines111
- Easy setup68
- It is open-source66
- Workflow plugin53
- Configuration as code13
- Very powerful tool12
- Many Plugins11
- Continuous Integration10
- Great flexibility10
- Git and Maven integration is better9
- 100% free and open source8
- Github integration7
- Slack Integration (plugin)7
- Easy customisation6
- Self-hosted GitLab Integration (plugin)6
- Docker support5
- Pipeline API5
- Fast builds4
- Platform idnependency4
- Hosted Externally4
- Excellent docker integration4
- It`w worked3
- Customizable3
- Can be run as a Docker container3
- It's Everywhere3
- JOBDSL3
- AWS Integration3
- Easily extendable with seamless integration2
- PHP Support2
- Build PR Branch Only2
- NodeJS Support2
- Ruby/Rails Support2
- Universal controller2
- Loose Coupling2
- Workarounds needed for basic requirements13
- Groovy with cumbersome syntax10
- Plugins compatibility issues8
- Lack of support7
- Limited abilities with declarative pipelines7
- No YAML syntax5
- Too tied to plugins versions4
related Jenkins posts
Often enough I have to explain my way of going about setting up a CI/CD pipeline with multiple deployment platforms. Since I am a bit tired of yapping the same every single time, I've decided to write it up and share with the world this way, and send people to read it instead ;). I will explain it on "live-example" of how the Rome got built, basing that current methodology exists only of readme.md and wishes of good luck (as it usually is ;)).
It always starts with an app, whatever it may be and reading the readmes available while Vagrant and VirtualBox is installing and updating. Following that is the first hurdle to go over - convert all the instruction/scripts into Ansible playbook(s), and only stopping when doing a clear vagrant up
or vagrant reload
we will have a fully working environment. As our Vagrant environment is now functional, it's time to break it! This is the moment to look for how things can be done better (too rigid/too lose versioning? Sloppy environment setup?) and replace them with the right way to do stuff, one that won't bite us in the backside. This is the point, and the best opportunity, to upcycle the existing way of doing dev environment to produce a proper, production-grade product.
I should probably digress here for a moment and explain why. I firmly believe that the way you deploy production is the same way you should deploy develop, shy of few debugging-friendly setting. This way you avoid the discrepancy between how production work vs how development works, which almost always causes major pains in the back of the neck, and with use of proper tools should mean no more work for the developers. That's why we start with Vagrant as developer boxes should be as easy as vagrant up
, but the meat of our product lies in Ansible which will do meat of the work and can be applied to almost anything: AWS, bare metal, docker, LXC, in open net, behind vpn - you name it.
We must also give proper consideration to monitoring and logging hoovering at this point. My generic answer here is to grab Elasticsearch, Kibana, and Logstash. While for different use cases there may be better solutions, this one is well battle-tested, performs reasonably and is very easy to scale both vertically (within some limits) and horizontally. Logstash rules are easy to write and are well supported in maintenance through Ansible, which as I've mentioned earlier, are at the very core of things, and creating triggers/reports and alerts based on Elastic and Kibana is generally a breeze, including some quite complex aggregations.
If we are happy with the state of the Ansible it's time to move on and put all those roles and playbooks to work. Namely, we need something to manage our CI/CD pipelines. For me, the choice is obvious: TeamCity. It's modern, robust and unlike most of the light-weight alternatives, it's transparent. What I mean by that is that it doesn't tell you how to do things, doesn't limit your ways to deploy, or test, or package for that matter. Instead, it provides a developer-friendly and rich playground for your pipelines. You can do most the same with Jenkins, but it has a quite dated look and feel to it, while also missing some key functionality that must be brought in via plugins (like quality REST API which comes built-in with TeamCity). It also comes with all the common-handy plugins like Slack or Apache Maven integration.
The exact flow between CI and CD varies too greatly from one application to another to describe, so I will outline a few rules that guide me in it: 1. Make build steps as small as possible. This way when something breaks, we know exactly where, without needing to dig and root around. 2. All security credentials besides development environment must be sources from individual Vault instances. Keys to those containers should exist only on the CI/CD box and accessible by a few people (the less the better). This is pretty self-explanatory, as anything besides dev may contain sensitive data and, at times, be public-facing. Because of that appropriate security must be present. TeamCity shines in this department with excellent secrets-management. 3. Every part of the build chain shall consume and produce artifacts. If it creates nothing, it likely shouldn't be its own build. This way if any issue shows up with any environment or version, all developer has to do it is grab appropriate artifacts to reproduce the issue locally. 4. Deployment builds should be directly tied to specific Git branches/tags. This enables much easier tracking of what caused an issue, including automated identifying and tagging the author (nothing like automated regression testing!).
Speaking of deployments, I generally try to keep it simple but also with a close eye on the wallet. Because of that, I am more than happy with AWS or another cloud provider, but also constantly peeking at the loads and do we get the value of what we are paying for. Often enough the pattern of use is not constantly erratic, but rather has a firm baseline which could be migrated away from the cloud and into bare metal boxes. That is another part where this approach strongly triumphs over the common Docker and CircleCI setup, where you are very much tied in to use cloud providers and getting out is expensive. Here to embrace bare-metal hosting all you need is a help of some container-based self-hosting software, my personal preference is with Proxmox and LXC. Following that all you must write are ansible scripts to manage hardware of Proxmox, similar way as you do for Amazon EC2 (ansible supports both greatly) and you are good to go. One does not exclude another, quite the opposite, as they can live in great synergy and cut your costs dramatically (the heavier your base load, the bigger the savings) while providing production-grade resiliency.
Releasing new versions of our services is done by Travis CI. Travis first runs our test suite. Once it passes, it publishes a new release binary to GitHub.
Common tasks such as installing dependencies for the Go project, or building a binary are automated using plain old Makefiles. (We know, crazy old school, right?) Our binaries are compressed using UPX.
Travis has come a long way over the past years. I used to prefer Jenkins in some cases since it was easier to debug broken builds. With the addition of the aptly named “debug build” button, Travis is now the clear winner. It’s easy to use and free for open source, with no need to maintain anything.
#ContinuousIntegration #CodeCollaborationVersionControl
Docker
- Rapid integration and build up823
- Isolation692
- Open source521
- Testability and reproducibility505
- Lightweight460
- Standardization218
- Scalable185
- Upgrading / downgrading / application versions106
- Security88
- Private paas environments85
- Portability34
- Limit resource usage26
- Game changer17
- I love the way docker has changed virtualization16
- Fast14
- Concurrency12
- Docker's Compose tools8
- Fast and Portable6
- Easy setup6
- Because its fun5
- Makes shipping to production very simple4
- It's dope3
- Highly useful3
- Does a nice job hogging memory2
- Open source and highly configurable2
- Simplicity, isolation, resource effective2
- MacOS support FAKE2
- Its cool2
- Docker hub for the FTW2
- HIgh Throughput2
- Very easy to setup integrate and build2
- Package the environment with the application2
- Super2
- Asdfd0
- New versions == broken features8
- Unreliable networking6
- Documentation not always in sync6
- Moves quickly4
- Not Secure3
related Docker posts
Our whole DevOps stack consists of the following tools:
- GitHub (incl. GitHub Pages/Markdown for Documentation, GettingStarted and HowTo's) for collaborative review and code management tool
- Respectively Git as revision control system
- SourceTree as Git GUI
- Visual Studio Code as IDE
- CircleCI for continuous integration (automatize development process)
- Prettier / TSLint / ESLint as code linter
- SonarQube as quality gate
- Docker as container management (incl. Docker Compose for multi-container application management)
- VirtualBox for operating system simulation tests
- Kubernetes as cluster management for docker containers
- Heroku for deploying in test environments
- nginx as web server (preferably used as facade server in production environment)
- SSLMate (using OpenSSL) for certificate management
- Amazon EC2 (incl. Amazon S3) for deploying in stage (production-like) and production environments
- PostgreSQL as preferred database system
- Redis as preferred in-memory database/store (great for caching)
The main reason we have chosen Kubernetes over Docker Swarm is related to the following artifacts:
- Key features: Easy and flexible installation, Clear dashboard, Great scaling operations, Monitoring is an integral part, Great load balancing concepts, Monitors the condition and ensures compensation in the event of failure.
- Applications: An application can be deployed using a combination of pods, deployments, and services (or micro-services).
- Functionality: Kubernetes as a complex installation and setup process, but it not as limited as Docker Swarm.
- Monitoring: It supports multiple versions of logging and monitoring when the services are deployed within the cluster (Elasticsearch/Kibana (ELK), Heapster/Grafana, Sysdig cloud integration).
- Scalability: All-in-one framework for distributed systems.
- Other Benefits: Kubernetes is backed by the Cloud Native Computing Foundation (CNCF), huge community among container orchestration tools, it is an open source and modular tool that works with any OS.
Often enough I have to explain my way of going about setting up a CI/CD pipeline with multiple deployment platforms. Since I am a bit tired of yapping the same every single time, I've decided to write it up and share with the world this way, and send people to read it instead ;). I will explain it on "live-example" of how the Rome got built, basing that current methodology exists only of readme.md and wishes of good luck (as it usually is ;)).
It always starts with an app, whatever it may be and reading the readmes available while Vagrant and VirtualBox is installing and updating. Following that is the first hurdle to go over - convert all the instruction/scripts into Ansible playbook(s), and only stopping when doing a clear vagrant up
or vagrant reload
we will have a fully working environment. As our Vagrant environment is now functional, it's time to break it! This is the moment to look for how things can be done better (too rigid/too lose versioning? Sloppy environment setup?) and replace them with the right way to do stuff, one that won't bite us in the backside. This is the point, and the best opportunity, to upcycle the existing way of doing dev environment to produce a proper, production-grade product.
I should probably digress here for a moment and explain why. I firmly believe that the way you deploy production is the same way you should deploy develop, shy of few debugging-friendly setting. This way you avoid the discrepancy between how production work vs how development works, which almost always causes major pains in the back of the neck, and with use of proper tools should mean no more work for the developers. That's why we start with Vagrant as developer boxes should be as easy as vagrant up
, but the meat of our product lies in Ansible which will do meat of the work and can be applied to almost anything: AWS, bare metal, docker, LXC, in open net, behind vpn - you name it.
We must also give proper consideration to monitoring and logging hoovering at this point. My generic answer here is to grab Elasticsearch, Kibana, and Logstash. While for different use cases there may be better solutions, this one is well battle-tested, performs reasonably and is very easy to scale both vertically (within some limits) and horizontally. Logstash rules are easy to write and are well supported in maintenance through Ansible, which as I've mentioned earlier, are at the very core of things, and creating triggers/reports and alerts based on Elastic and Kibana is generally a breeze, including some quite complex aggregations.
If we are happy with the state of the Ansible it's time to move on and put all those roles and playbooks to work. Namely, we need something to manage our CI/CD pipelines. For me, the choice is obvious: TeamCity. It's modern, robust and unlike most of the light-weight alternatives, it's transparent. What I mean by that is that it doesn't tell you how to do things, doesn't limit your ways to deploy, or test, or package for that matter. Instead, it provides a developer-friendly and rich playground for your pipelines. You can do most the same with Jenkins, but it has a quite dated look and feel to it, while also missing some key functionality that must be brought in via plugins (like quality REST API which comes built-in with TeamCity). It also comes with all the common-handy plugins like Slack or Apache Maven integration.
The exact flow between CI and CD varies too greatly from one application to another to describe, so I will outline a few rules that guide me in it: 1. Make build steps as small as possible. This way when something breaks, we know exactly where, without needing to dig and root around. 2. All security credentials besides development environment must be sources from individual Vault instances. Keys to those containers should exist only on the CI/CD box and accessible by a few people (the less the better). This is pretty self-explanatory, as anything besides dev may contain sensitive data and, at times, be public-facing. Because of that appropriate security must be present. TeamCity shines in this department with excellent secrets-management. 3. Every part of the build chain shall consume and produce artifacts. If it creates nothing, it likely shouldn't be its own build. This way if any issue shows up with any environment or version, all developer has to do it is grab appropriate artifacts to reproduce the issue locally. 4. Deployment builds should be directly tied to specific Git branches/tags. This enables much easier tracking of what caused an issue, including automated identifying and tagging the author (nothing like automated regression testing!).
Speaking of deployments, I generally try to keep it simple but also with a close eye on the wallet. Because of that, I am more than happy with AWS or another cloud provider, but also constantly peeking at the loads and do we get the value of what we are paying for. Often enough the pattern of use is not constantly erratic, but rather has a firm baseline which could be migrated away from the cloud and into bare metal boxes. That is another part where this approach strongly triumphs over the common Docker and CircleCI setup, where you are very much tied in to use cloud providers and getting out is expensive. Here to embrace bare-metal hosting all you need is a help of some container-based self-hosting software, my personal preference is with Proxmox and LXC. Following that all you must write are ansible scripts to manage hardware of Proxmox, similar way as you do for Amazon EC2 (ansible supports both greatly) and you are good to go. One does not exclude another, quite the opposite, as they can live in great synergy and cut your costs dramatically (the heavier your base load, the bigger the savings) while providing production-grade resiliency.
Ansible
- Agentless284
- Great configuration210
- Simple199
- Powerful176
- Easy to learn155
- Flexible69
- Doesn't get in the way of getting s--- done55
- Makes sense35
- Super efficient and flexible30
- Powerful27
- Dynamic Inventory11
- Backed by Red Hat9
- Works with AWS7
- Cloud Oriented6
- Easy to maintain6
- Vagrant provisioner4
- Simple and powerful4
- Multi language4
- Simple4
- Because SSH4
- Procedural or declarative, or both4
- Easy4
- Consistency3
- Well-documented2
- Masterless2
- Debugging is simple2
- Merge hash to get final configuration similar to hiera2
- Fast as hell2
- Manage any OS1
- Work on windows, but difficult to manage1
- Certified Content1
- Dangerous8
- Hard to install5
- Doesn't Run on Windows3
- Bloated3
- Backward compatibility3
- No immutable infrastructure2
related Ansible posts
Often enough I have to explain my way of going about setting up a CI/CD pipeline with multiple deployment platforms. Since I am a bit tired of yapping the same every single time, I've decided to write it up and share with the world this way, and send people to read it instead ;). I will explain it on "live-example" of how the Rome got built, basing that current methodology exists only of readme.md and wishes of good luck (as it usually is ;)).
It always starts with an app, whatever it may be and reading the readmes available while Vagrant and VirtualBox is installing and updating. Following that is the first hurdle to go over - convert all the instruction/scripts into Ansible playbook(s), and only stopping when doing a clear vagrant up
or vagrant reload
we will have a fully working environment. As our Vagrant environment is now functional, it's time to break it! This is the moment to look for how things can be done better (too rigid/too lose versioning? Sloppy environment setup?) and replace them with the right way to do stuff, one that won't bite us in the backside. This is the point, and the best opportunity, to upcycle the existing way of doing dev environment to produce a proper, production-grade product.
I should probably digress here for a moment and explain why. I firmly believe that the way you deploy production is the same way you should deploy develop, shy of few debugging-friendly setting. This way you avoid the discrepancy between how production work vs how development works, which almost always causes major pains in the back of the neck, and with use of proper tools should mean no more work for the developers. That's why we start with Vagrant as developer boxes should be as easy as vagrant up
, but the meat of our product lies in Ansible which will do meat of the work and can be applied to almost anything: AWS, bare metal, docker, LXC, in open net, behind vpn - you name it.
We must also give proper consideration to monitoring and logging hoovering at this point. My generic answer here is to grab Elasticsearch, Kibana, and Logstash. While for different use cases there may be better solutions, this one is well battle-tested, performs reasonably and is very easy to scale both vertically (within some limits) and horizontally. Logstash rules are easy to write and are well supported in maintenance through Ansible, which as I've mentioned earlier, are at the very core of things, and creating triggers/reports and alerts based on Elastic and Kibana is generally a breeze, including some quite complex aggregations.
If we are happy with the state of the Ansible it's time to move on and put all those roles and playbooks to work. Namely, we need something to manage our CI/CD pipelines. For me, the choice is obvious: TeamCity. It's modern, robust and unlike most of the light-weight alternatives, it's transparent. What I mean by that is that it doesn't tell you how to do things, doesn't limit your ways to deploy, or test, or package for that matter. Instead, it provides a developer-friendly and rich playground for your pipelines. You can do most the same with Jenkins, but it has a quite dated look and feel to it, while also missing some key functionality that must be brought in via plugins (like quality REST API which comes built-in with TeamCity). It also comes with all the common-handy plugins like Slack or Apache Maven integration.
The exact flow between CI and CD varies too greatly from one application to another to describe, so I will outline a few rules that guide me in it: 1. Make build steps as small as possible. This way when something breaks, we know exactly where, without needing to dig and root around. 2. All security credentials besides development environment must be sources from individual Vault instances. Keys to those containers should exist only on the CI/CD box and accessible by a few people (the less the better). This is pretty self-explanatory, as anything besides dev may contain sensitive data and, at times, be public-facing. Because of that appropriate security must be present. TeamCity shines in this department with excellent secrets-management. 3. Every part of the build chain shall consume and produce artifacts. If it creates nothing, it likely shouldn't be its own build. This way if any issue shows up with any environment or version, all developer has to do it is grab appropriate artifacts to reproduce the issue locally. 4. Deployment builds should be directly tied to specific Git branches/tags. This enables much easier tracking of what caused an issue, including automated identifying and tagging the author (nothing like automated regression testing!).
Speaking of deployments, I generally try to keep it simple but also with a close eye on the wallet. Because of that, I am more than happy with AWS or another cloud provider, but also constantly peeking at the loads and do we get the value of what we are paying for. Often enough the pattern of use is not constantly erratic, but rather has a firm baseline which could be migrated away from the cloud and into bare metal boxes. That is another part where this approach strongly triumphs over the common Docker and CircleCI setup, where you are very much tied in to use cloud providers and getting out is expensive. Here to embrace bare-metal hosting all you need is a help of some container-based self-hosting software, my personal preference is with Proxmox and LXC. Following that all you must write are ansible scripts to manage hardware of Proxmox, similar way as you do for Amazon EC2 (ansible supports both greatly) and you are good to go. One does not exclude another, quite the opposite, as they can live in great synergy and cut your costs dramatically (the heavier your base load, the bigger the savings) while providing production-grade resiliency.
Heroku was a decent choice to start a business, but at some point our platform was too big, too complex & too heterogenic, so Heroku started to be a constraint, not a benefit. First, we've started containerizing our apps with Docker to eliminate "works in my machine" syndrome & uniformize the environment setup. The first orchestration was composed with Docker Compose , but at some point it made sense to move it to Kubernetes. Fortunately, we've made a very good technical decision when starting our work with containers - all the container configuration & provisions HAD (since the beginning) to be done in code (Infrastructure as Code) - we've used Terraform & Ansible for that (correspondingly). This general trend of containerisation was accompanied by another, parallel & equally big project: migrating environments from Heroku to AWS: using Amazon EC2 , Amazon EKS, Amazon S3 & Amazon RDS.
- Dynamic and idempotent server configuration110
- Reusable components76
- Integration testing with Vagrant47
- Repeatable43
- Mock testing with Chefspec30
- Ruby14
- Can package cookbooks to guarantee repeatability8
- Works with AWS7
- Has marketplace where you get readymade cookbooks3
- Matured product with good community support3
- Less declarative more procedural2
- Open source configuration mgmt made easy(ish)2
related Chef posts
In late 2013, the Operations Engineering team at PagerDuty was made up of 4 engineers, and was comprised of generalists, each of whom had one or two areas of depth. Although the Operations Team ran its own on-call, each engineering team at PagerDuty also participated on the pager.
The Operations Engineering Team owned 150+ servers spanning multiple cloud providers, and used Chef to automate their infrastructure across the various cloud providers with a mix of completely custom cookbooks and customized community cookbooks.
Custom cookbooks were managed by Berkshelf, andach custom cookbook contained its own tests based on ChefSpec 3, coupled with Rspec.
Jenkins was used to GitHub for new changes and to handle unit testing of those features.
Since #ATComputing is a vendor independent Linux and open source specialist, we do not have a favorite Linux distribution. We mainly use Ubuntu , Centos Debian , Red Hat Enterprise Linux and Fedora during our daily work. These are also the distributions we see most often used in our customers environments.
For our #ci/cd training, we use an open source pipeline that is build around Visual Studio Code , Jenkins , VirtualBox , GitHub , Docker Kubernetes and Google Compute Engine.
For #ServerConfigurationAndAutomation, we have embraced and contributed to Ansible mainly because it is not only flexible and powerful, but also straightforward and easier to learn than some other (open source) solutions. On the other hand: we are not affraid of Puppet Labs and Chef either.
Currently, our most popular #programming #Language course is Python . The reason Python is so popular has to do with it's versatility, but also with its low complexity. This helps sysadmins to write scripts or simple programs to make their job less repetitive and automating things more fun. Python is also widely used to communicate with (REST) API's and for data analysis.
- Pay per minute7
- Parameter Store integration for passing secrets5
- Integrated with AWS4
- Streaming logs to Amazon CloudWatch3
- Bit bucket integration3
- GitHub Webhooks support2
- AWS Config and Config rule integration for compliance2
- VPC PrivateLinks to invoke service without internet2
- Windows/.NET support1
- Jenkins plugin integration1
- Ondemand scaling of build jobs1
- Scheduled builds with CloudWatch Events integration1
- Local build debug support1
- Native support for accessing Amazon VPC resources1
- Docker based build environment1
- Support for bringing custom Docker images1
- Fully managed (no installation/updates, servers to mai1
- PCI, SOC, ISO, HIPAA compliant1
- Full API/SDKs/CLI support1
- YAML based configuration1
- Great support (forums, premium support, SO, GitHub)1
- Perpetual free tier option (100 mins/month)1
- GitHub Enterprise support1
- Poor branch support2
related AWS CodeBuild posts
The recent move of our CI/CD tooling to AWS CodeBuild / AWS CodeDeploy (with GitHub ) as well as moving to Amazon EC2 Container Service / AWS Lambda for our deployment architecture for most of our services has helped us significantly reduce our deployment times while improving both feature velocity and overall reliability. In one extreme case, we got one service down from 90 minutes to a very reasonable 15 minutes. Container-based build and deployments have made so many things simpler and easier and the integration between the tools has been helpful. There is still some work to do on our service mesh & API proxy approach to further simplify our environment.
Hi, I need advice. In my project, we are using Bitbucket hosted on-prem, Jenkins, and Jira. Also, we have restrictions not to use any plugins for code review, code quality, code security, etc., with bitbucket. Now we want to migrate to AWS CodeCommit, which would mean that we can use, let's say, Amazon CodeGuru for code reviews and move to AWS CodeBuild and AWS CodePipeline for build automation in the future rather than using Jenkins.
Now I want advice on below.
- Is it a good idea to migrate from Bitbucket to AWS Codecommit?
- If we want to integrate Jira with AWS Codecommit, then how can we do this? If a developer makes any changes in Jira, then a build should be triggered automatically in AWS and create a Jira ticket if the build fails. So, how can we achieve this?
AWS CodeCommit
- Free private repos44
- IAM integration26
- Pay-As-You-Go Pricing24
- Amazon feels the most Secure20
- Repo data encrypted at rest19
- I can make repository by myself if I have AWS account11
- Faster deployments when using other AWS services11
- AWS CodePipeline integration8
- Codebuild integration6
- Does not support web hooks yet! :(6
- Cost Effective4
- No Git LFS! Dealbreaker for me2
- Elastic Beanstalk Integration2
- Integrated with AWS Ecosystem2
- Integration via SQS/SNS for events (replaces webhooks)1
- IAM1
- Issue tracker1
- Available in Ireland (Dublin) region1
- CodeDeploy Integration1
- CodeCommit Trigger for an AWS Lambda Function1
- Open source friendly1
- Only US Region1
- Ui0
- UI sucks12
- SLOW4
- No Issue Tracker3
- Bad diffing/no blame2
- NO LFS support2
- No fork2
- No webhooks2
- Can't download file from UI1
- Only time based triggers1
- Accident-prone UI0
related AWS CodeCommit posts
Hi, I need advice. In my project, we are using Bitbucket hosted on-prem, Jenkins, and Jira. Also, we have restrictions not to use any plugins for code review, code quality, code security, etc., with bitbucket. Now we want to migrate to AWS CodeCommit, which would mean that we can use, let's say, Amazon CodeGuru for code reviews and move to AWS CodeBuild and AWS CodePipeline for build automation in the future rather than using Jenkins.
Now I want advice on below.
- Is it a good idea to migrate from Bitbucket to AWS Codecommit?
- If we want to integrate Jira with AWS Codecommit, then how can we do this? If a developer makes any changes in Jira, then a build should be triggered automatically in AWS and create a Jira ticket if the build fails. So, how can we achieve this?
Docker is used to package up our applications with all of the parts they need, such as libraries and other dependencies, and enable us to ship it all out as one package. Our repositories hosted in AWS CodeCommit are automatically built by AWS CodeBuild on changes (resulting from Pull Requests being approved) and these are stored in the the EC2 Container Registry (ECR) before being approved for deployment to the Amazon EC2 Container Service in a zero-downtime, staged upgrade. We also provide development instances of our Apps, which are also hosted in Docker containers.
Terraform
- Infrastructure as code121
- Declarative syntax73
- Planning45
- Simple28
- Parallelism24
- Well-documented8
- Cloud agnostic8
- It's like coding your infrastructure in simple English6
- Immutable infrastructure6
- Platform agnostic5
- Extendable4
- Automation4
- Automates infrastructure deployments4
- Portability4
- Lightweight2
- Scales to hundreds of hosts2
- Doesn't have full support to GKE1
related Terraform posts
Context: I wanted to create an end to end IoT data pipeline simulation in Google Cloud IoT Core and other GCP services. I never touched Terraform meaningfully until working on this project, and it's one of the best explorations in my development career. The documentation and syntax is incredibly human-readable and friendly. I'm used to building infrastructure through the google apis via Python , but I'm so glad past Sung did not make that decision. I was tempted to use Google Cloud Deployment Manager, but the templates were a bit convoluted by first impression. I'm glad past Sung did not make this decision either.
Solution: Leveraging Google Cloud Build Google Cloud Run Google Cloud Bigtable Google BigQuery Google Cloud Storage Google Compute Engine along with some other fun tools, I can deploy over 40 GCP resources using Terraform!
Check Out My Architecture: CLICK ME
Check out the GitHub repo attached
We recently moved our main applications from Heroku to Kubernetes . The 3 main driving factors behind the switch were scalability (database size limits), security (the inability to set up PostgreSQL instances in private networks), and costs (GCP is cheaper for raw computing resources).
We prefer using managed services, so we are using Google Kubernetes Engine with Google Cloud SQL for PostgreSQL for our PostgreSQL databases and Google Cloud Memorystore for Redis . For our CI/CD pipeline, we are using CircleCI and Google Cloud Build to deploy applications managed with Helm . The new infrastructure is managed with Terraform .
Read the blog post to go more in depth.