Santhosh Kumar Sundarrajan
Sr. Cloud Solution Architect,
ICS Cloud Delivery
Tech Mahindra

Application releases can be a major challenge with traditional methods for any organizations. The enterprise companies need simple, robust, and seamless deployment processes to help their business reduce time to go-live. When it comes to application deployments with traditional license-based tools, the challenges include: resource constrains, long down time, multiple dependencies, and process coordination. Although, this approach works but there could be many shortcomings with it.

The rollback is a cumbersome process and takes more than usual time that results in a longer downtime period for the applications. The deployment tools require regular license renewals which in-turn increases the cost. The resources deployed in the cloud environments has very less control and limited governance, which causes unplanned outages and uncontrolled resource utilization.

CI/CD Using Simple Open Source Tools

Creating CI/CD workflows using open-source tools help organizations to automate the application deployment process. Achieving DevOps using blue-green deployment ensures low-to-zero downtime along with seamless rollback. When it comes to public cloud services, it becomes more flexible to use simple and open source tools, which helps in simplifying the application deployments.

This approach is capable of building immutable dynamic environments, hassle free rollback if any problems arise. Complete set of open source toolsets helps to achieve continuous integration and continuous delivery. With a secure, efficient Infrastructure as a Code (IaC) solution, it helps in robust deployment in any region and enables disaster recovery at the application layer.

Building an Immutable Infrastructure

Blue-green deployment is a way of accomplishing a zero-downtime upgrade to an existing application. Automated infrastructure provisioning is quicker and error free using Infrastructure as Service (IaS) tools, such as AWS CloudFormation, Terraform, Jenkins. Other infrastructure automation tools like Ansible, Shell, PowerShell, and so on, make application deployments seamless and keep the code base updated. Cloud native tools like Elastic Load Balancing (ELB), Amazon Route 53 makes an easy switch between immutable infrastructure and live infrastructure. The continuous integration tools like AWS CodePipeline and Jenkins can be customized to automate the complete infrastructure deployment, application deployment and blue-green switch with seamless rollback process.

DevSecOps—DevOps with Complete Security Compliance

Security is a critical component in any environment, and more concerning in public cloud environments. The CI/CD pipeline tools like Jenkins, AWS CodePipeline have the capability to integrate with existing authentication methods and are fully flexible to sync with single-sign on, Security Assertion Markup Language (SAML) federation, and so on, for role-based access. AWS IAM role and assume-role with least required permissions help us to use the solution for multiple AWS accounts in a secure way. Data in all the stages (in-transit and at-rest) can be encrypted using AWS KMS, AWS VPN solutions. The data can be fully restricted for use in private secure networks and AWS internal networks using VPC Endpoints. Each and every API call can be recorded using AWS CloudTrail, and the logs can be stored in centralized and secure S3 bucket. The complete infrastructure can be managed centrally using configuration management tools like Ansible, AWS OpsWorks.

Ensure Controlled, Cost-Effective Environments

The blue-green deployment method makes it easier to implement automated horizontal scaling using the AWS auto scaling feature. This ensures more control in number of resources running all the time to meet the capacity need. This removes the need for running constant number of resources all the time and provides the advantage of adding or removing resources based on the load. The license-based tools are replaced with complete set of open source tools thus providing cost optimization. The immutable infrastructure is fully controlled via IAC tools; the cleanup process is automated; it ensures every resource is managed and no orphan resources left out.

Utilizing the vastly available simple open source tools with blue-green deployment approach can make application deployment seamless, automated, and secure, while helping organizations release products quicker.