Contact Us

Fast, Secure Deployments with Docker on AWS: Recap

Fast, Secure Deployments with Docker on AWS: Recap

Running Docker on Amazon Web Services (AWS) is an increasingly popular way to improve the velocity of code delivery. But understanding the right AWS and 3rd party tools to orchestrate containers, automate infrastructure build-out, and secure your critical resources can be a challenge.

Last week, Logicworks teamed up with AWS and our mutual customer, Spring Venture Group, for a webinar about running Docker containers securely on AWS.

You can watch the webinar replay below or view the Slideshare here.

 
Here are a few highlights from the webinar:

From Ronald Widha Surnano, Solutions Architect at AWS:

  • Traditional IT delivery models are increasingly obsolete. End-users expect continuous improvement and stability from their applications, and IT needs to be able to provision infrastructure as rapidly as developers demand it.
  • AWS provides you with a suite of tools to enable common DevOps practices, from infrastructure as code development to microservices to CI/CD tools. But it is up to your team to configure and customize those tools for your specific requirements.
  • Microservices is the practice of building applications as a set of small services that communicates with other services through APIs. It helps make your operating environment standard, repeatable, and consistent.

From Chuck Price, VP of Professional Services at Logicworks:

  • We all know that the dream of DevOps doesn’t always meet reality – and this is especially true in the “Ops” half of DevOps.
  • Usually, in the first efforts to transform an IT organization into DevOps, it’s really the developers that get most of the focus and attention. Development and deployment tools get automated, but infrastructure does not, which means that every infrastructure change is time-consuming and risky.
  • More than a third of developers say it takes more than a month to get new infrastructure.
  • The secret to great operations in a DevOps world is to create self-service infrastructure and design for constant change. As a systems engineer, you simply can’t just custom, hand-build each infrastructure stack for each unique app. It’s just not scalable.
  • Instead, you need to start treating infrastructure as code – and building templates that deploy infrastructure, rather than hand-building your instances.
  • All this means that you’re no longer constantly managing and fixing infrastructure – and so with less people in your production environment, you reduce your overall security risk.
  • The infrastructure buildout stage is the most crucial part of this process, and AWS CloudFormation is a simple but incredibly powerful tool.
  • The next stage of the instance automation process is configuration management. The purpose of configuration management is to get your instances ready to receive your application code. That means configuring hostnames, binding instances to central auth, and installing various packages.
  • Together, AWS CloudFormation and configuration management are the “one-two punch” to get your infrastructure ready to receive code. And when you configure your instances with a tool like Puppet or Chef, and then use a code repo like Git to version control your Puppet or Chef code, you are essentially treating the configuration of your infrastructure like software – software that can be easily modified, replicated, and rolled back.
  • Imagine that rather than having to manually install packages and “remember” to update packages, you can write code to install those packages ONCE, in a central location, and then have 100% certainty that all of your instances meet that new configuration when they check back into Puppet. That’s incredibly powerful, and has a huge impact on your operations team, especially at scale.
  • AWS Service Catalog is a service that allows you to create a catalog of AWS CloudFormation templates that are approved for use on AWS.
  • Service Catalog acts as the interface between your operations team and your development team. No more waiting a month for new infrastructure – your developers can launch fully-approved infrastructure in minutes. This also means that if something ever happens, they can REPLACE their entire infrastructure in minutes.
  • When you combine Service Catalog and Docker, you have something really powerful: a lightweight, consistently built Docker container running on top of standard, consistent infrastructure – a completely disposable system.

From Jerry Hagedorn, VP of IT at Spring Venture Group

  • Spring Venture Group (SVG) is an inside sales and marketing company with a concentration on direct-to-consumer insurance products. They experienced 150% revenue growth in 2016.
  • Their IT goals were to focus on application development, not on infrastructure. They had already containerized their on-premises solution but found it cumbersome to update and maintain.
  • SVG decided to migrate to AWS with Logicworks, an AWS Premier Consulting Partner.
  • The benefit of Docker is that you can build once and run anywhere, without worrying about missing dependencies and packages. This makes it easier to automate testing, integration and packaging.
  • If you are planning to adopt Docker, automation is key. Invest early in a service discovery solution (Eureka, Consul, etc.) and embrace external configuration.
  • Most importantly, use the HEALTHCHECK instruction in your Docker file and implement meaningful health checks in your application that it interacts with.
  • SVG used Amazon EC2 Container Service (ECS) to manage Docker containers on AWS. It is a highly scalable, lightweight service that eliminates the need to install and operate a separate cluster management infrastructure.
  • SVG chose ECS because they prefer to use native solutions wherever possible. ECS provided significant improvement in stability with disposing of containers based on health checks.
  • Migration to AWS started in February 2016 and was completed in July 2016, all with minimum business operational impact and while nearly doubling the number of users.
  • Working with Logicworks significantly accelerated migration. They build the AWS environment from the ground up while helping SVG understand their HIPAA compliance requirements on AWS.
  • Logicworks’ automation mean that SVG can deploy AWS with the click of a button and have 24x7x365 support for their systems.

Have any questions about the content in the webinar? Contact us. To learn more about Logicworks, visit our website or schedule a time to talk. To learn more about Spring Venture Group, visit their website.

 

Posted on July 20, 2017 in Cloud Automation, Cloud Computing Industry, Managed AWS

Share the Story

About the Author

Back to Top