Popular tools to use at each phase of the DevOps process.
- Plan – Feature, Story and Backlog creations and their documentaion take place
- Scrum, Slack, Jira, Git, SVN, Mercurial, CVS
- Code – feature development and implementation
- Maven, Gradle, Apache Ant, Python Invoke, Ruby Rake, Packer
- Build -gather code and objects and integrate with system configuration
- Jenkins, Kubernetes, Gulp
- Test –
- Jenkins, Selenium, JUnit
- Release –
- Jenkins, Codeship
- Deploy –
- Docker, AWS
- Operate –
- Ansible, Kubernetes, Chef
- Monitor – visibility into the performance of the application
- Splunk, ELK Stack, Nagios, Datadog
The architecture is configured as follows:
- All of the infrastructure is defined as code using Terraform.
- We deploy everything on Amazon Web Services (AWS).
- Stateless applications are packaged with Docker and deployed on Amazon EC2 Container Service (ECS).
- Stateful applications are packaged as AMIs with Packer and deployed in an Auto Scaling Group.
- Traffic is distributed across frontend services using a public-facing Application Load Balancer (ALB) and amongst backend services using an internal ALB (each service registers in the ALB during boot, so it works as a lightweight service discovery mechanism).
- Relational databases run on top of the Relational Database Service (RDS) and distributed caches like Redis and Memcached run on top of ElastiCache.
- Schema migrations are managed using Flyway.
- Static content (CSS, JS, images) are stored in S3 with CloudFront as a CDN.
- All servers run in private subnets and the only way to connect to them is via an OpenVPN server. We have tools that let you manage OpenVPN and SSH access using IAM groups.
- We use Jenkins or CircleCI as a CI server.
- Metrics, logs, and alerts are in CloudWatch and/or ELK.
- Stream data processing and pub/sub are done using Kafka or Kinesis.
- Application secrets are encrypted via KMS or Vault.
- TLS certs are provisioned and renewed using AWS Certificate Manager