This OpenHack enables attendees to use DevOps practices to achieve secure zero downtime deployment for microservice based applications running in Azure App Service.
The OpenHack simulates a real-world scenario where developers from an insurance company must “keep the lights on” while evolving their containerized application – collecting relevant usage data and minimizing downtime.
During the “hacking” attendees will focus on:
- Building a CI/CD pipeline from scratch that accommodates basic testing and deployment of cloud infrastructure and application.
- Building out and improving the pipeline to implement security, monitoring, integration testing, and phased rollout.
By the end of the OpenHack, attendees will have built out a technical solution that is a complete development workflow using modern computing resources (Azure App Service.)
About this course
GitHub or Azure DevOps (team choice), Azure App Service, Log Analytics, Application Insights, Azure Monitor, Azure SQL Database, Azure Container Registry, Key Vault, Bicep, Terraform,
Challenge 1: Establish your plan
To have a successful DevOps strategy, your team needs to have a plan. In this challenge, your team will learn about the basics of DevOps and gain an understanding of a team development model.
- Adopt a DevOps “mindset” in the team.
- The participants are asked to get to know themselves better, organize the team and define how and where they will handle work items.
- Design task board to track work in progress.
Challenge 2: Setting up the Development Workflow
In this challenge, teams will select tools to meet the planning objectives as it relates to continuous integration.
- The participants will learn the fundamentals of Planning and Continuous Integration using the tooling of their choice.
- By using Branch Protection, teams can enforce code quality policies for incoming changes ensuring that each service has a code owner.
- Participants review pull requests before changes are merged into the main code base.
Challenge 3: Deploy Cloud Infrastructure with Infrastructure as Code (IaC)
In this challenge, teams will build workflow for cloud infrastructure deployment.
- Participants will learn how to deploy cloud infrastructure on Azure using infrastructure definition from the code.
Challenge 4: Implement Continuous Integration (CI) with Testing
In this challenge, teams will improve the reliability of their code by introducing testing.
- Participants will learn to integrate unit tests into a build workflow to supply rapid feedback and augment thorough code reviews designed to only accept changes into main when all tests pass.
- They will be asked to run unit tests automatically and integrate them in the workflow they are building.
Challenge 5: Implement Continuous Deployment (CD)
In this challenge, teams will focus on release management automation.
- The participants will learn the fundamentals of Release Management by automatically deploying an updated version of their application to an Azure App Service.
- They will also be asked to demonstrate that the respective container images are only updated when changes are successfully merged into the main branch.
Challenge 6: Implement a Blue/Green deployment strategy
In this challenge, teams will learn how to perform a zero down time deployment using a Blue/Green deployment strategy.
- Building on earlier challenges, participants will learn how to implement a blue/green deployment strategy.
- They will be asked to articulate the blue/green logic and demonstrate its implementation for one of the APIs of the provided application, so that they are able roll out code changes without causing application downtime.
Challenge 7: DevSecOps – Get rid of secrets
In this challenge, teams will learn about securing codebase and prevent leaks of secrets.
- The participants will learn how to detect secrets in the codebase and move all sensitive data to a secure place.
- They will be asked to implement a secret rotation strategy for SQL database.
Challenge 8: Integrating quality and security gates
In this challenge, teams will learn how to enhance their testing strategy through integration with external tools focused on improving the quality of the software that is released into production.
- The participants will be required to improve the automated testing capabilities of their pipelines to incorporate more sophisticated quality and security checks.
- They will also be required to demonstrate one or more of the following enhancements to their pipeline: Dependency scanning, SAST, DAST, Variant Analysis, Code Coverage, Integration Tests, Load Tests and Manual Approval prior to deployment.
Challenge 9: Implement a monitoring solution with alerting
In this challenge, teams will learn about configuring a monitoring and alerting solution.
- The participants will learn how to close the DevOps loop by adding monitoring and alerting.
- They will be asked to demonstrate a view aggregating the monitoring of the application and infrastructure. They also will have to implement alerting in the case of application performance degradation. Alerts should also generate a work item in the teamwork tracking system.
Challenge 10: Implement phased rollout with rollback
In this challenge, teams will learn how to enhance their Blue/Green Deployment strategy by performing a gradual release of software into production with a rollback strategy.
- The participants will revise their deployment strategy and learn how to perform a blue/green deployment with gradual rollout and how to implement a “rollback” mechanism.
- They will be asked to add several phases to their existing pipeline to support a gradual rollout/rollback of a new version of the application. They will be asked to implement gates to validate the behavior of the application and implement a rollback mechanism.
- DevOps fundamental upskilling and developing secure zero-downtime deployment strategies, translates to reduced friction in production deployments and ensures deployments of new features can occur more often and safely without requiring system downtime.
- "Keeping the lights on” – implementing a production pipeline that alleviates the problem of high downtime when making new development changes to your application
- Testing – Unit, Integration and Load testing to reduce the risk of “breaking production” and ensuring that new code will integrate properly with current code
- Phased rollout – gradual code change implementation and ability to “rollback” to add a layer of security to production.
- Security – implementing DevSecOps practices to reduce risk of secrets leaks and improve overall code and application security.
- Target Audience:
- Microsoft – CSE, CSA, GBB, ATT, SE, TPM
- Customer – App Developers
- Target verticals: Cross-Industry
- Customer profile:
- Enterprises and ISVs looking to deploy containerized based workloads in the cloud
- Customers looking forward to using containers for DevOps
- Customers looking forward to micro-services architecture for their existing or new solutions
- Customers looking to deepen their overall DevOps maturity