DevOps Best Practices

DevOps is essential for modern software delivery. Let's explore best practices for CI/CD, IaC, and automation.

CI/CD Pipelines

GitHub Actions Example

```yaml

on:

push:

branches: [main]

pull_request:

branches: [main]

jobs:

build:

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@v3

- name: Set up Node.js

uses: actions/setup-node@v3

with:

node-version: '18'

- name: Install dependencies

run: npm ci

- name: Run tests

run: npm test

- name: Build

run: npm run build

- name: Deploy to Azure

uses: azure/webapps-deploy@v2

with:

app-name: 'my-app'

publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}

```

Jenkins Pipeline

```groovy

pipeline {

agent any

stages {

stage('Build') {

steps {

sh 'mvn clean package'

}

stage('Test') {

steps {

sh 'mvn test'

}

stage('Docker Build') {

steps {

sh 'docker build -t myapp:latest .'

}

stage('Deploy') {

steps {

sh 'kubectl apply -f k8s/'

}

```

Infrastructure as Code

Terraform Example

```hcl

Provider configuration

terraform {

required_providers {

azurerm = {

source = "hashicorp/azurerm"

version = "~> 3.0"

}

provider "azurerm" {

features {}

}

Resource Group

resource "azurerm_resource_group" "main" {

name = "my-resources"

location = "East US"

}

App Service Plan

resource "azurerm_app_service_plan" "main" {

name = "my-app-plan"

location = azurerm_resource_group.main.location

resource_group_name = azurerm_resource_group.main.name

sku {

tier = "Standard"

size = "S1"

}

App Service

resource "azurerm_app_service" "main" {

name = "my-web-app"

location = azurerm_resource_group.main.location

resource_group_name = azurerm_resource_group.main.name

app_service_plan_id = azurerm_app_service_plan.main.id

site_config {

dotnet_framework_version = "v6.0"

}

```

Docker Best Practices

Multi-Stage Dockerfile

```dockerfile

Build stage

FROM node:18-alpine AS builder

WORKDIR /app

COPY package*.json ./

RUN npm ci --only=production

COPY . .

RUN npm run build

Production stage

FROM node:18-alpine

WORKDIR /app

COPY --from=builder /app/dist ./dist

COPY --from=builder /app/node_modules ./node_modules

EXPOSE 3000

CMD ["node", "dist/main.js"]

```

Kubernetes Deployment

```yaml

apiVersion: apps/v1

kind: Deployment

metadata:

spec:

replicas: 3

selector:

matchLabels:

app: myapp

template:

metadata:

labels:

app: myapp

spec:

containers:

- name: myapp

image: myapp:latest

ports:

- containerPort: 3000

resources:

requests:

memory: "64Mi"

CPU: "250m"

limits:

memory: "128Mi"

cpu: "500m"

livenessProbe:

httpGet:

path: /health

port: 3000

initialDelaySeconds: 30

periodSeconds: 10

---

apiVersion: v1

kind: Service

metadata:

spec:

selector:

app: myapp

ports:

- port: 80

targetPort: 3000

type: LoadBalancer

```

Monitoring and Logging

Prometheus Configuration

```yaml

global:

scrape_interval: 15s

scrape_configs:

- job_name: 'myapp'

static_configs:

- targets: ['localhost:3000']

```

ELK Stack Setup

- **Elasticsearch**: Store logs

- **Logstash**: Process logs

- **Kibana**: Visualize logs

Security Best Practices

1. **Secret Management**: Use tools like HashiCorp Vault

2. **Image Scanning**: Scan containers for vulnerabilities

3. **Network Policies**: Restrict pod-to-pod communication

4. **RBAC**: Implement role-based access control

5. **Security Scanning**: Use tools like SonarQube, Snyk

GitOps with ArgoCD

```yaml

apiVersion: argoproj.io/v1alpha1

kind: Application

metadata:

spec:

project: default

source:

repoURL: https://github.com/myorg/myapp

targetRevision: HEAD

path: k8s

destination:

server: https://kubernetes.default.svc

namespace: production

syncPolicy:

automated:

prune: true

selfHeal: true

```

Best Practices Summary

1. **Automate Everything**: Build, test, deploy, and monitoring

2. **Version Control**: All code and infrastructure

3. **Immutable Infrastructure**: Replace, don't modify

4. **Monitoring and Alerting**: Know what's happening

5. **Security First**: Build security into pipeline

6. **Documentation**: Keep runbooks updated

7. **Disaster Recovery**: Test backup and recovery procedures

Conclusion

DevOps is about culture, automation, and continuous improvement. By implementing these best practices, teams can achieve faster delivery, better quality, and improved collaboration.

DevOps Best Practices

DevOps is essential for modern software delivery. Let's explore best practices for CI/CD, IaC, and automation.

CI/CD Pipelines

GitHub Actions Example

```yaml

on:

push:

branches: [main]

pull_request:

branches: [main]

jobs:

build:

runs-on: ubuntu-latest

steps:

- uses: actions/checkout@v3

- name: Set up Node.js

uses: actions/setup-node@v3

with:

node-version: '18'

- name: Install dependencies

run: npm ci

- name: Run tests

run: npm test

- name: Build

run: npm run build

- name: Deploy to Azure

uses: azure/webapps-deploy@v2

with:

app-name: 'my-app'

publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}

```

Jenkins Pipeline

```groovy

pipeline {

agent any

stages {

stage('Build') {

steps {

sh 'mvn clean package'

}

stage('Test') {

steps {

sh 'mvn test'

}

stage('Docker Build') {

steps {

sh 'docker build -t myapp:latest .'

}

stage('Deploy') {

steps {

sh 'kubectl apply -f k8s/'

}

```

Infrastructure as Code

Terraform Example

```hcl

Provider configuration

terraform {

required_providers {

azurerm = {

source = "hashicorp/azurerm"

version = "~> 3.0"

}

provider "azurerm" {

features {}

}

Resource Group

resource "azurerm_resource_group" "main" {

name = "my-resources"

location = "East US"

}

App Service Plan

resource "azurerm_app_service_plan" "main" {

name = "my-app-plan"

location = azurerm_resource_group.main.location

resource_group_name = azurerm_resource_group.main.name

sku {

tier = "Standard"

size = "S1"

}

App Service

resource "azurerm_app_service" "main" {

name = "my-web-app"

location = azurerm_resource_group.main.location

resource_group_name = azurerm_resource_group.main.name

app_service_plan_id = azurerm_app_service_plan.main.id

site_config {

dotnet_framework_version = "v6.0"

}

```

Docker Best Practices

Multi-Stage Dockerfile

```dockerfile

Build stage

FROM node:18-alpine AS builder

WORKDIR /app

COPY package*.json ./

RUN npm ci --only=production

COPY . .

RUN npm run build

Production stage

FROM node:18-alpine

WORKDIR /app

COPY --from=builder /app/dist ./dist

COPY --from=builder /app/node_modules ./node_modules

EXPOSE 3000

CMD ["node", "dist/main.js"]

```

Kubernetes Deployment

```yaml

apiVersion: apps/v1

kind: Deployment

metadata:

spec:

replicas: 3

selector:

matchLabels:

app: myapp

template:

metadata:

labels:

app: myapp

spec:

containers:

- name: myapp

image: myapp:latest

ports:

- containerPort: 3000

resources:

requests:

memory: "64Mi"

CPU: "250m"

limits:

memory: "128Mi"

cpu: "500m"

livenessProbe:

httpGet:

path: /health

port: 3000

initialDelaySeconds: 30

periodSeconds: 10

---

apiVersion: v1

kind: Service

metadata:

spec:

selector:

app: myapp

ports:

- port: 80

targetPort: 3000

type: LoadBalancer

```

Monitoring and Logging

Prometheus Configuration

```yaml

global:

scrape_interval: 15s

scrape_configs:

- job_name: 'myapp'

static_configs:

- targets: ['localhost:3000']

```

ELK Stack Setup

- **Elasticsearch**: Store logs

- **Logstash**: Process logs

- **Kibana**: Visualize logs

Security Best Practices

1. **Secret Management**: Use tools like HashiCorp Vault

2. **Image Scanning**: Scan containers for vulnerabilities

3. **Network Policies**: Restrict pod-to-pod communication

4. **RBAC**: Implement role-based access control

5. **Security Scanning**: Use tools like SonarQube, Snyk

GitOps with ArgoCD

```yaml

apiVersion: argoproj.io/v1alpha1

kind: Application

metadata:

spec:

project: default

source:

repoURL: https://github.com/myorg/myapp

targetRevision: HEAD

path: k8s

destination:

server: https://kubernetes.default.svc

namespace: production

syncPolicy:

automated:

prune: true

selfHeal: true

```

Best Practices Summary

1. **Automate Everything**: Build, test, deploy, and monitoring

2. **Version Control**: All code and infrastructure

3. **Immutable Infrastructure**: Replace, don't modify

4. **Monitoring and Alerting**: Know what's happening

5. **Security First**: Build security into pipeline

6. **Documentation**: Keep runbooks updated

7. **Disaster Recovery**: Test backup and recovery procedures

Conclusion

DevOps is about culture, automation, and continuous improvement. By implementing these best practices, teams can achieve faster delivery, better quality, and improved collaboration.

DevOps Best Practices: CI/CD, Infrastructure as Code & Automation

DevOps Best Practices

CI/CD Pipelines

GitHub Actions Example

Jenkins Pipeline

Infrastructure as Code

Terraform Example

Provider configuration

Resource Group

App Service Plan

App Service

Docker Best Practices

Multi-Stage Dockerfile

Build stage

Production stage

Kubernetes Deployment

Monitoring and Logging

Prometheus Configuration

ELK Stack Setup

Security Best Practices

GitOps with ArgoCD

Best Practices Summary

Conclusion

Tags

Found this article helpful?

DevOps Best Practices: CI/CD, Infrastructure as Code & Automation

DevOps Best Practices

CI/CD Pipelines

GitHub Actions Example

Jenkins Pipeline

Infrastructure as Code

Terraform Example

Provider configuration

Resource Group

App Service Plan

App Service

Docker Best Practices

Multi-Stage Dockerfile

Build stage

Production stage

Kubernetes Deployment

Monitoring and Logging

Prometheus Configuration

ELK Stack Setup

Security Best Practices

GitOps with ArgoCD

Best Practices Summary

Conclusion

Tags

Found this article helpful?