Containerisation Hack of a Legacy Software Solution - Alex Carter - CodeMill - Dec 2017

60 %
40 %
Information about Containerisation Hack of a Legacy Software Solution - Alex Carter -...

Published on January 18, 2018

Author: codemill

Source: slideshare.net

1. “Let’s put Numéro into Containers on Windows!” This is what happened…

2. Callcredit Who we are • Credit Reference Agency • Data Company • Windows .NET • “Software” Products

3. Protects Cardholder Data Regulates Use & Storage of Personal Info. Implementation of the FoI Act Financial markets need to be honest, fair and effective so that consumers get a fair deal.

4. numéro Numéro solutionNuméro solution

5. Some Of Our Clients UTILITYTELECOMSRETAIL FINANCIAL GOV

6. Platform  Windows  SQL  .Net / IIS  Java / Tomcat  NodeJS / IIS  nginx Tools  Visual Studio  Git  Jenkins  Redmine  Grunt  Package Managers Headline Technical Info – Numéro Interactive

7. Architecture

8. Enterprise / Bespoke Solutions Browser Mobile App Data Platform DefinitionApp Definition – ADK ConfigurationContent API Based Architecture Core Services API Transactions API Web API Web UI Creation API API Identity and Access Management PUBLIC/DMZPRIVATECLIENT JSON Store API Enterprise API Process Proxy Legacy Services Legacy Services

9. Value Stream Mapping Retrospective

10. Fact finding Talk of the future not allowed!

11. Identify waste Types of wasteRed pen

12. Lots of waste Important to be open

13. Time for the green pen How can we improve?

14. the The Value Stream Map

15. • Starts with sales Issues can be introduced long before any technology involved

16. • Manual steps, waiting, • multiple deployments Multiple manual deployments Lots of waiting and manual steps

17. Long builds – 8 hours Failures common -> re run -> 16 hours Due to tech debt, such as redundant tests Queued builds due to hardware bottleneck

18. Manual deployment, often using copy/paste over RDP One site uses Octopus for deployment Multiple customers means multiple deploys Some customers don’t upgrade: wait time to receive value = infinity!

19. Callcredit’s requirements: • Portable (deployable onto platform of choice) • Push an update once to all live instances • Quickly replicate any bespoke customer solution • Methodology suitable for other software products • Scalability • Resilience Containers were the most obvious thing to try

20. Before the Hackathon Started, we… • Identified the minimum viable components  Database  Core Services  Identity Component • Built Numéro solution from scratch • Confirmed Prerequisites • Created a Pipeline in Octopus Deploy • Set up Azure Sandbox • Set up VSTS • Imported code into VSTS from Git Prep Work

21. http://www.visualstudio.com/news/release-archive-vso

22. Why VSTS? • Callcredit use TFS • Integrate Numéro with other product teams’ practices • Useful to have a cloud service - sharing with remote teams • Strong push to evaluate VSTS • Updates and enhancements handled by Microsoft • VSTS Updated before TFS

23. The Hack

24. Aims for the Hack • Build our three components within VSTS  Database  Core Services  Identity Component • Release Process:  Docker Containers  Test and Live environments  Azure • Monitoring

25. DevTest Labs Azure DevTest Labs

26. First output of the hack…

27. Container ecosystem

28. DevOps process with containers

29. IIS with .NET 4.5 (numerocr.azurecr.io/iis-net45) FROM microsoft/windowsservercore SHELL ["powershell"] RUN Add-WindowsFeature Web-Server,NET-Framework-45-Core,NET-Framework-45- ASPNET,Web-Net-Ext45,Web-ISAPI-Ext,Web-ISAPI-Filter,Web-Asp-Net45 COPY waitservice.ps1 / CMD c:waitservice.ps1 -ServiceName W3SVC -AllowServiceRestart

30. Tomcat & Java in addition to IIS (numerocr.azurecr.io/tomcat-java-iis) FROM numerocr.azurecr.io/iis-net45 SHELL ["powershell"] COPY /drop /drop RUN /drop/scripts/install.ps1 Reusing existing PowerShell

31. Core Services (numerocr.azurecr.io/core) FROM numerocr.azurecr.io/tomcat-java-iis COPY /drop/smartagent/ /drop/smartagent/ COPY /drop/scripts/ /drop/scripts/ COPY /drop/certs/ /drop/certs/ SHELL ["powershell"] #dns fix due to bug RUN set-itemproperty -path 'HKLM:SYSTEMCurrentControlSetServicesDnscacheParameters' -Name ServerPriorityTimeLimit -Value 0 -Type DWord RUN .dropscriptsinstall.ps1 EXPOSE 80

32. node.js on IIS FROM numerocr.azurecr.io/iis-net45:279 SHELL ["powershell"] ## Install IIS RewriteModule RUN Invoke-WebRequest -Uri http://go.microsoft.com/fwlink/?LinkID=615137 -OutFile rewrite.msi RUN Start-Process -Wait -FilePath .rewrite.msi -ArgumentList /quiet, /norestart RUN Remove-Item rewrite.msi ## Install IISNode COPY iisnode-core_x64.msi iisnode.msi RUN Start-Process -Wait -FilePath .iisnode.msi -ArgumentList /quiet, /norestart RUN Remove-Item iisnode.msi

33. MS SQL Server FROM microsoft/windowsservercore ENV sql_express_download_url "https://go.microsoft.com/fwlink/?linkid=829176" SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"] RUN Invoke-WebRequest -Uri $env:sql_express_download_url -OutFile sqlexpress.exe ; Start-Process -Wait -FilePath .sqlexpress.exe -ArgumentList /qs, /x:setup ; .setupsetup.exe /q /ACTION=Install /INSTANCENAME=SQLEXPRESS /FEATURES=SQLEngine /UPDATEENABLED=0 /SQLSVCACCOUNT='NT AUTHORITYSystem' /SQLSYSADMINACCOUNTS='BUILTINADMINISTRATORS' /TCPENABLED=1 /NPENABLED=0 /IACCEPTSQLSERVERLICENSETERMS ; Remove-Item -Recurse -Force sqlexpress.exe, setup RUN stop-service MSSQL`$SQLEXPRESS ; set-itemproperty -path 'HKLM:softwaremicrosoftmicrosoft sql servermssql13.SQLEXPRESSmssqlserversupersocketnetlibtcpipall' -name tcpdynamicports -value '' ; set-itemproperty -path 'HKLM:softwaremicrosoftmicrosoft sql servermssql13.SQLEXPRESSmssqlserversupersocketnetlibtcpipall' -name tcpport -value 1433 ; set-itemproperty -path 'HKLM:softwaremicrosoftmicrosoft sql servermssql13.SQLEXPRESSmssqlserver' -name LoginMode -value 2; HEALTHCHECK CMD [ "sqlcmd", "-Q", "select 1" ] What about data?

34. nginx FROM microsoft/windowsservercore SHELL ["powershell"] RUN mkdir /drop RUN wget -uri 'http://nginx.org/download/nginx-1.11.12.zip' -OutFile /drop/nginx.zip RUN Expand-Archive -Path /drop/nginx.zip -DestinationPath /nginx -Force COPY nginx.conf /nginx/nginx-1.11.12/conf/ COPY certs/hack.numerotraining.com.key /nginx/nginx-1.11.12/conf/ COPY certs/hack.numerotraining.com.cer /nginx/nginx-1.11.12/conf/ #dns fix due to bug RUN set-itemproperty -path 'HKLM:SYSTEMCurrentControlSetServicesDnscacheParameters' - Name ServerPriorityTimeLimit -Value 0 -Type Dword EXPOSE 80 EXPOSE 443 WORKDIR /nginx/nginx-1.11.12 ENTRYPOINT ["nginx.exe"] nginx for SSL offload and routing

35. Build

36. Build Definition Flag: we set tests to continue on error Docker tasks once build is complete

37. Build the image

38. Push the image to Azure Container Registry • acr

39. View verbose logs for each build stage

40. View build output including test and deployment status

41. Release

42. Release using Docker Compose • Why Compose & Swarm? • Needed to deploy to single VM • Swarm provides a Windows only solution • No Linux servers required • What's in the compose file? • Services and their configuration • Image • Ports • Environment variables • Dependencies • Networking details

43. Release Pipeline Used docker-compose up to run containers. If using Swarm would use docker deploy For the hack, two environments Test & LV (live)

44. Release triggers

45. It Works!!

46. Monitoring • Microsoft Operations Management Suite • Collects logs from Docker hosts • Integrates into the Azure portal • Allows export of logs to external platforms such as ELK

47. • Right now… • Map and Script everything we did • Shout about it • Orchestration: Kubernetes? Swarm? • Recreate it in a fully automated way from scratch – on Azure • Within a Year • Prove Portability – Callcredit environment – AWS • Add Customer config • Fully functional, Live customer solution running in containers • Begin containerisation of next Software product Next steps

48. Callcredit’s requirements: • Portable (deployable onto platform of choice) • Push an update once to all live instances • Quickly replicate any bespoke customer solution • Methodology suitable for other software products • Scalability • Resilience

49. • Right now… • Map and Script everything we did • Shout about it • Orchestration: Kubernetes? (Marcus - Swarm?) • Recreate it in a fully automated way from scratch – on Azure • Within a Year • Prove Portability – Callcredit environment – AWS • Add Customer config • Fully functional, Live customer solution running in containers • Begin containerisation of next Software product Next steps

50. Resources Alex Carter System Build Engineer Callcredit Information Group Email: Alexandra.carter@callcreditgroup.com Twitter: @smileandeliver • DevOps Fundamentals: https://channel9.msdn.com/Series/DevOps-Fundamentals • DevOps Dimensions: https://channel9.msdn.com/Shows/DevOps-Dimension • Lots of videos about Azure and containers https://channel9.msdn.com/ • Get access to free online training: https://mva.microsoft.com/training-topics/devops • Numero Interactive: http://www.thisisnumero.com/ • Callcredit http://www.callcredit.co.uk/ Want access to Azure, VSTS and more for FREE? Visual Studio Dev Essentials - https://www.visualstudio.com/dev-essentials/

Add a comment