Software development pipeline - Design resilience

Tuesday, December 19, 2017 | Posted in Delivering software DevOps Pipeline design Software development pipeline

The third property to consider is resilience, which in this case means that the pipeline should be able to cope with expected and unexpected changes to the environment it executes in and uses.

David Woods defines four different types of ‘resilience’ in a paper in the journal of reliability engineering and system safety. One of the different types is the generally well known form of robustness, i.e. the ability to absorb pertubations or disturbances. In order to be robust for given disturbances one has to know in advance where the disturbances will come from, e.g. in the case of a development pipeline it might be expected that pipeline stages will fail and will polute or damage parts or all of the executor it was running on. Robustness in this case would be defined as the ability of the pipeline to handle this damage, for instance by repairing or replacing the executor. The other definitions for resilience are:

  • Rebound, the ability to recover from trauma: In order to achieve this capacity ahead of time is required, i.e. in order to recover from a disturbance one needs to be able to deploy capabilities and capacity that was available in excess before the issues occurred.
  • Graceful extensibility, the ability to extend adaptive capacity in the face of surprise. This is the ability to stretch resources and capabilities in the face of surprises.
  • Sustained adaptibility, which is the ability to adapt and grow new capabilities in the face of unexpected issues. In general this definition applies more to systems / layered networks where the loss of sub-systems can be compensated.

Which ever definition of resilience is used in general the goal is to be able to recover from unexpected changes and return back to the normal state, ideally with minimal intervention. An interesting side note is that returning back to normal after major trauma can be deceiving because the ‘normal’ as experienced before the trauma will be different from the 'normal' experienced after the trauma due to the lessons learned from the trauma and permanent changed caused by the trauma.

Additionally it is not just the unexpected or traumatic changes that are interesting in the case of a development pipeline but also the expected ones, e.g. upgrades, maintenance etc., because in general it is important for the pipeline to continue functioning while those changes are happening.

For a development pipeline resilience can be approached on different levels. For instance the pipeline should be resilient against:

  • Changes in the environment which range from small changes, e.g. additional tools being deployed, to big changes, e.g. migration of many of the services, and from expected, i.e. maintenance or planned upgrades, to unexpected
  • Changes in the inputs and the results of processing those inputs which may range from build and test errors to issues with executors
  • Invalid or incorrect configurations.

Once it is known what resilience actually means and what type of situations the pipeline is expected to be able to handle the next question is how the pipeline can handle these situations, both in terms of what the expected responses are and in terms of how the pipeline should be designed.

There are a mirriad of simple steps that can be taken to provide a base level of resilience. None of these simple steps will guard against major trauma but they will be able to either prevent or smooth out many of the smaller issues that would otherwise cause the development team to lose faith in the pipeline outputs. Some examples of simple steps that can be taken to improve resilience in a development pipeline are:

  • For each pipeline step ensure that it is executed in a clean ‘workspace’, i.e. a directory or drive, that will only ever be used by that specific single step. This workspace should be 'private' to the specific pipeline step and no other processes should be allowed to execute in this workspace. This prevents issues with unexpected changes to the file system. There are still cases where ‘unexpected’ changes to the file system can occur, for instance when running parallel executions within the same pipeline step in the same workspace. This type of behaviour should therefore be avoided as much as possible
  • Do not depend on global, i.e. machine, container or network, state. Global state has a tendency to change in random ways at random times.
  • Avoid using source which are external to the pipeline infrastructure becaues these are prone to unspected random changes. If a build step requires data from an external source then the external source should be mirrored and mirrors should be carefully controled for their content. This should prevent issues with external packages and inputs changing or disappearing, e.g.leftpad.
  • If external sources are suitably mirrored inside the pipeline infrastructure then it is possible to remove the caches for these external sources on the executors. By pulling data in fresh from the local data store cache polution issues can be prevented
  • Ensure that each resource is appropriately secured against undesirable acces. This is especially true for the executor resources. It is important to note that pipeline steps are essentially random scripts from an unknown source, even if the scripts are pulled from internal sources, because the scripts will not be security verified before being used. This means that the pipeline scripts should not be allowed to to make any changes or to obtain secrets that they shouldn't have access to.

As mentioned the afforementioned steps form a decent base for improving resilience and they are fairly easy to implement, hence they make a good first stage in the improvement of the resilience of the development pipeline. Once these steps have been implemented more complex steps can be taken to futher improve the state of the development pipeline. These additional steps can be divided into items that help prevent issues, items that test and verify the current state, items that aid in recovery and finally items, like logging and metrics, that help during post-mortems of failure cases.

One way prevention of trauma / outages can partially be improved is by ensuring that all parts of the development pipeline are able to handle different error states which can be achieved by building in extensive error handling capabilities, both for known cases, e.g. service offline, and general error handling for unexpected cases. For the tooling / script side of the pipeline this means for instance adding error handling structures nearly everywhere and providing the ability to retry actions. For the infrastructure side of the pipeline this could mean providng highly available services and ensuring that service delivery gracefully degrades if it can no longer be provided at the required standard.

Even if every possible precaution is taken it is not possible to prevent all modes of failure. Unexpected failures will always occur no matter what the capabilities of the development pipeline are. This means that some of the way to improve resilience is to provide capabilities to recover from failures and to recognise that unexpected conditions exist and to notify the users and administrators of this situation. It should be noted that providing these capabilities may be much harder to implement due to the flexible nature of the issues that are being solved for these cases.

By exposing the system continuously to semi-controlled unexpected conditions it is possible to provide early and controlled feedback to the operators and administrators regarding the resilience of the development pipeline. One example of this is the chaos monkey approach which tests the resilience of a system by randomly taking down parts of the system. In a well designed system this should result in a response of the system in order to restore the now missing capabilities.

The actual handling of unexpected conditions requires that the system has some capability to instigate recovery which can for instance consist of having fall-back options for the different sub-systems, providing automatic remediation services which monitor the system state and apply different standard recovery techniques like restarting failing services or machines or creating new resources to replace missing ones.

From the high level descriptions given above it is hopefully clear that it will not be easy to create a resilient development pipeline and depending on the demands placed on the pipeline many hours of work will be consumed by improving the current state and learning from failures. In order to ensure that this effort is not a wasted effort it is definitely worth applying iterative improvement approaches and only continuing the improvement process if there is actual demand for improvements.

Software development pipeline - Design performance

Sunday, November 5, 2017 | Posted in Delivering software DevOps Pipeline design Software development pipeline

The second property to consider is performance, which in this case means that the pipeline should provide feedback on the quality of the current input set as soon as possible in order to reduce the length of the feedback cycle. As is known having a short feedback cycle makes it easier for the development teams to make improvements and fix issues.

There are two main components to development pipeline performance:

  • How quickly can one specific input set be processed completely by the pipeline. In other words how much time does it take to push a single input set through the pipeline from the initial change to the delivery of the final artefacts. This depends on the number of steps in the development pipeline and how quickly each step can be executed.
  • How quickly can a large set of input sets be processed. The maximum number of executors will most likely be limited to some maximum value. The pipeline is limited in the number of simultaneous input sets it can process by the number of available executors. How quickly the pipeline can process large number of input sets depends both on the time necessary to process a single input set and the relation between the total number of input sets and the number of executors

Optimizing the combination of these two components will lead to a development pipeline which is designed for maximum throughput for the development team. One important note to make is that a high performing pipeline will not not necessarily be the most resource efficient pipeline. For instance the development pipeline may only be fully loaded a few times a week. From a resource perspective the pipeline components are more than capable of dealing with the load, in fact the components may even be oversized. However because one of the main goals of the pipeline is to deliver fast feedback to the development teams the actual sizing of the pipeline and its components depends more on the way the pipeline will be loaded over time, e.g. will the jobs come as a constant stream or in blocks, will the jobs be small or large or will it be a mixture of both. In some cases the loading pattern can be accurately predicted while in other cases it is completely unpredictable. In general the pattern will depend on the workflow followed by the development team and the geographical distribution of the team. For instance when the team follows the Scrum methodology it is likely, though not necessary, that there will be more builds in the middle of the sprint than at the start or end. On the other hand when using the Kanban methodology the load on the system should be fairly consistent. Additionally geographical distribution of the development team influences the times that the pipeline will be loaded. If all of the team is in a single geographical location then higher loads can be expected during the day while lighter loads are be expected during the evening and night. However if the team is distributed across the globe it is more likely that the loading will be more consistent across the day due to the fact that the different locations have ‘office hours’ at different times in the day, as seen from the perspective of the different servers which are part of the development pipeline. Taking these issues into account when sizing the capacity of the development pipeline may lead to increasing the capacity of the pipeline because the the current peak loading during working hours results in wait times which are too large.

With this high level information it is possible to start improving the performance of the development pipeline. This obviously leads to the question: “What practical steps can we take”. As per normal when dealing with performance improvements it is hard to provide solutions because these depend on the specific situation. It is however possible to provide some more general advise.

The very first step to take when dealing with performance is always to measure everything. In the case of the development pipeline it will be useful to gather metrics constantly and to automatically process these metrics into several key performance indicators, e.g. the number of input sets per time span, which describes the loading pattern, the waiting times for each input set before it is processed and the time taken to process each input set. These key performance indicators can then be used to keep track of performance improvements as changes are made to the pipeline.

One important issue to keep in mind with regards to performance is that unlike with accuracy performance may change over time even if there are no changes to the system because the performance of the underlying infrastructure might change, for instance when disks fill up, the network load changes or the hardware ages. This means it will be important to track performance trends over longer periods of time to average out the influences of temporary infrastructure changes, e.g. network loading.

With all that out of the way some of the standard steps that can be taken are:

  • Each pipeline stage should only perform the necessary steps to achieve the desired goal. This for instance means that partial builds are better than full rebuilds, from a performance perspective.
  • Only gather data that will be used during the current stage. Gathering data that is not required wastes time, thus smaller input sets are quicker to process.
  • When pulling data locality matters. Pulling data off the local disk is faster than pulling it off the network, pulling data off the local network is faster than pulling it from the WAN or the internet. Additionally data that is not local should be cached so that it only needs to be retrieved once.
  • Ensure that pipeline stages run on suitable ‘hardware’, either physical or virtual. Ideally the stage is executed on hardware that is optimized for the performance demands of the step, e.g. execute I/O bound steps on hardware that has fast I/O etc.

In addition to these improvements it will be important to review and improve the ability of the pipeline to execute many input sets in parallel.

  • Ensure that the pipeline applications which deal with the distribution of input sets are efficient at this task. It's not very useful to start processing an input set only to find out that there are no executors which can process this given input set (I'm looking at you TFS2013).
  • Splitting a single stage into multiple parallel stages will improve throughput for a single input set. However it might decrease overall throughput due to the fact that a single input set requires the use of multiple executors. Note that splitting a single stage into many parallel stages might lead to reductions in performance due to the overhead of transitioning between stages.

The mentioned improvements form a start for improving the performance of the pipeline. Depending on the specific characteristics of a given pipeline other improvements and design choices may be valid.

Finally it must be mentioned that some performance improvements will have negative influences on the other properties. For instance using partial builds may influence accuracy. In the end a trade-off will need to be made when it comes to changes that influence multiple properties.

Exportable Linux virtual hard-drives for Hyper-V

Thursday, September 14, 2017 | Posted in Hyper-V Preseed Ubuntu Unattend

As part of learning more about infrastructure creation, testing and deployment one of the projects I'm working on is creating a set of virtual machine images for Windows and Linux which can be used as a base for more complex virtual machine based resources, e.g. a consul host or a docker host.

The main virtualization technology I use is Hyper-V on both Windows 10 and Windows 2016 which allows creating Generation 2 virtual machines. Some of the benefits of a generation 2 virtual machine are:

  • Boot volume up to 64 Tb
  • Use of UEFI for the boot process
  • Faster boot

The initial version of the base resources allowed creating a virtual machine with Packer and exporting that virtual machine to be used as a base. However ideally all one would need is the virtual hard-drive. The virtual machine configuration can easily be created for each individual resource and the configuration is usually specific to the original host by virtue of it containing the absolute path of the virtual hard drive, the name of the network interfaces etc..

When building Ubuntu virtual disk images one of the issues with using a Generation 2 virtual machine is that it uses UEFI for the boot process. It turns out that the Ubuntu install process stores the UEFI files in the virtual machine configuration file. This means that when one creates a new virtual machine from the base virtual disk image it runs into a problem when booting because the boot files are not present in the new machine. The result is this

Hyper-V error message due to missing UEFI sector

The solution to this issue obviously is to force the Ubuntu installer to write the UEFI files to the virtual hard disk which can be achieved by adding the correct configuration values to the preseed file. Unfortunately the documentation for the different options in the preseed files is hard to find. In the end a combination of the ubuntu sample preseed file, bug reports, old forum messages and a few blog posts allowed me to determine that to make the Ubuntu installer place the UEFI files in the correct location two parts of the preseed file needed to be changed from the default Ubuntu one. The first part is the partitioning section which requires that at least an EFI partition and (most likely) a boot partition are defined. This almost requires that a custom recipe is defined. The one I currently use looks as follows:

# Or provide a recipe of your own...
# If not, you can put an entire recipe into the preconfiguration file in one
# (logical) line. This example creates a small /boot partition, suitable
# swap, and uses the rest of the space for the root partition:
d-i partman-auto/expert_recipe string       \
    grub-efi-boot-root ::                   \
        1 1 1 free                          \
            $bios_boot{ }                   \
            method{ biosgrub }              \
        .                                   \
        256 256 256 fat32                   \
            $primary{ }                     \
            method{ efi }                   \
            format{ }                       \
        .                                   \
        512 512 512 ext4                    \
            $primary{ }                     \
            $bootable{ }                    \
            method{ format }                \
            format{ }                       \
            use_filesystem{ }               \
            filesystem{ ext4 }              \
            mountpoint{ /boot }             \
        .                                   \
        4096 4096 4096 linux-swap           \
            $lvmok{ }                       \
            method{ swap }                  \
            format{ }                       \
        .                                   \
        10000 20000 -1 ext4                 \
            $lvmok{ }                       \
            method{ format }                \
            format{ }                       \
            use_filesystem{ }               \
            filesystem{ ext4 }              \
            mountpoint{ / }                 \
        .

Note that syntax for the partioner section is very particular. Note especially the dots (.) at the end of each section. If the syntax isn't completely correct nothing will work but no sensible error messages will be provided. Additionally the Ubuntu install complained when there was no swap section so I added one. This shouldn't be necessary to get the UEFI files in the correct location but it is apparently necessary to get Ubuntu to install in the first place.

The second part of the preseed file that should be changed is the grub-installer section. There the following line should be added

d-i grub-installer/force-efi-extra-removable boolean true

This line indicates that grub should force install the UEFI files, thus overriding the normal state of not installing the UEFI boot files.

This means that the complete preseed file looks as follows

# preseed configuration file for Ubuntu.
# Based on: https://help.ubuntu.com/lts/installation-guide/armhf/apbs04.html

#
# *** Localization ***
#
# Originally from: https://help.ubuntu.com/lts/installation-guide/armhf/apbs04.html#preseed-l10n
#

# Preseeding only locale sets language, country and locale.
d-i debian-installer/locale string en_US.utf8

# Keyboard selection.
# Disable automatic (interactive) keymap detection.
d-i console-setup/ask_detect boolean false
d-i console-setup/layout string us

d-i kbd-chooser/method select American English

#
# *** Network configuration ***
#
# Originally from: https://help.ubuntu.com/lts/installation-guide/armhf/apbs04.html#preseed-network
#

# netcfg will choose an interface that has link if possible. This makes it
# skip displaying a list if there is more than one interface.
d-i netcfg/choose_interface select auto

# If you want the preconfiguration file to work on systems both with and
# without a dhcp server, uncomment these lines and the static network
# configuration below.
d-i netcfg/dhcp_failed note ignore
d-i netcfg/dhcp_options select Configure network manually

# Any hostname and domain names assigned from dhcp take precedence over
# values set here. However, setting the values still prevents the questions
# from being shown, even if values come from dhcp.
d-i netcfg/get_hostname string unassigned-hostname
d-i netcfg/get_domain string unassigned-domain

# Disable that annoying WEP key dialog.
d-i netcfg/wireless_wep string


#
# *** Account setup ***
#
# Originally from: https://help.ubuntu.com/lts/installation-guide/armhf/apbs04.html#preseed-account
#

# To create a normal user account.
d-i passwd/user-fullname string localadmin
d-i passwd/username string localadmin

# Normal user's password, either in clear text
d-i passwd/user-password password reallygoodpassword
d-i passwd/user-password-again password reallygoodpassword

# The installer will warn about weak passwords. If you are sure you know
# what you're doing and want to override it, uncomment this.
d-i user-setup/encrypt-home boolean false
d-i user-setup/allow-password-weak boolean true

# Set to true if you want to encrypt the first user's home directory.
d-i user-setup/encrypt-home boolean false


#
# *** Clock and time zone setup ***
#
# Originally from: https://help.ubuntu.com/lts/installation-guide/armhf/apbs04.html#preseed-time
#

# Controls whether or not the hardware clock is set to UTC.
d-i clock-setup/utc boolean true
d-i clock-setup/utc-auto boolean true

# You may set this to any valid setting for $TZ; see the contents of
# /usr/share/zoneinfo/ for valid values.
d-i time/zone string UTC


#
# *** Partitioning ***
#
# Originally from: https://help.ubuntu.com/lts/installation-guide/armhf/apbs04.html#preseed-partman
#

# This makes partman automatically partition without confirmation, provided
# that you told it what to do using one of the methods below.
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true

# In addition, you'll need to specify the method to use.
# The presently available methods are:
# - regular: use the usual partition types for your architecture
# - lvm:     use LVM to partition the disk
# - crypto:  use LVM within an encrypted partition
d-i partman-auto/method string lvm
d-i partman-auto/purge_lvm_from_device boolean true

# If one of the disks that are going to be automatically partitioned
# contains an old LVM configuration, the user will normally receive a
# warning. This can be preseeded away...
d-i partman-lvm/device_remove_lvm boolean true
d-i partman-lvm/device_remove_lvm_span boolean true

# And the same goes for the confirmation to write the lvm partitions.
d-i partman-lvm/confirm boolean true
d-i partman-lvm/confirm_nooverwrite boolean true

# For LVM partitioning, you can select how much of the volume group to use
# for logical volumes.
d-i partman-auto-lvm/guided_size string max
d-i partman-auto-lvm/new_vg_name string system

# You can choose one of the three predefined partitioning recipes:
# - atomic: all files in one partition
# - home:   separate /home partition
# - multi:  separate /home, /usr, /var, and /tmp partitions
d-i partman-auto/choose_recipe select grub-efi-boot-root

d-i partman-partitioning/confirm_write_new_label boolean true

# If you just want to change the default filesystem from ext3 to something
# else, you can do that without providing a full recipe.
d-i partman/default_filesystem string ext4

# Or provide a recipe of your own...
# If not, you can put an entire recipe into the preconfiguration file in one
# (logical) line. This example creates a small /boot partition, suitable
# swap, and uses the rest of the space for the root partition:
d-i partman-auto/expert_recipe string       \
    grub-efi-boot-root ::                   \
        1 1 1 free                          \
            $bios_boot{ }                   \
            method{ biosgrub }              \
        .                                   \
        256 256 256 fat32                   \
            $primary{ }                     \
            method{ efi }                   \
            format{ }                       \
        .                                   \
        512 512 512 ext4                    \
            $primary{ }                     \
            $bootable{ }                    \
            method{ format }                \
            format{ }                       \
            use_filesystem{ }               \
            filesystem{ ext4 }              \
            mountpoint{ /boot }             \
        .                                   \
        4096 4096 4096 linux-swap           \
            $lvmok{ }                       \
            method{ swap }                  \
            format{ }                       \
        .                                   \
        10000 20000 -1 ext4                 \
            $lvmok{ }                       \
            method{ format }                \
            format{ }                       \
            use_filesystem{ }               \
            filesystem{ ext4 }              \
            mountpoint{ / }                 \
        .

d-i partman-partitioning/no_bootable_gpt_biosgrub boolean false
d-i partman-partitioning/no_bootable_gpt_efi boolean false

# enforce usage of GPT - a must have to use EFI!
d-i partman-basicfilesystems/choose_label string gpt
d-i partman-basicfilesystems/default_label string gpt
d-i partman-partitioning/choose_label string gpt
d-i partman-partitioning/default_label string gpt
d-i partman/choose_label string gpt
d-i partman/default_label string gpt

# Keep that one set to true so we end up with a UEFI enabled
# system. If set to false, /var/lib/partman/uefi_ignore will be touched
d-i partman-efi/non_efi_system boolean true


#
# *** Package selection ***
#
# originally from: https://help.ubuntu.com/lts/installation-guide/armhf/apbs04.html#preseed-pkgsel
#

tasksel tasksel/first multiselect standard, ubuntu-server

# Minimum packages (see postinstall.sh). This includes the hyper-v tools
d-i pkgsel/include string openssh-server ntp linux-tools-$(uname -r) linux-cloud-tools-$(uname -r) linux-cloud-tools-common

# Upgrade packages after debootstrap? (none, safe-upgrade, full-upgrade)
# (note: set to none for speed)
d-i pkgsel/upgrade select none

# Policy for applying updates. May be "none" (no automatic updates),
# "unattended-upgrades" (install security updates automatically), or
# "landscape" (manage system with Landscape).
d-i pkgsel/update-policy select none

# Language pack selection
d-i pkgsel/install-language-support boolean false

#
# Boot loader installation
#

# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
d-i grub-installer/only_debian boolean true

# This one makes grub-installer install to the MBR if it also finds some other
# OS, which is less safe as it might not be able to boot that other OS.
d-i grub-installer/with_other_os boolean true

# Alternatively, if you want to install to a location other than the mbr,
# uncomment and edit these lines:
d-i grub-installer/bootdev string /dev/sda
d-i grub-installer/force-efi-extra-removable boolean true


#
# *** Preseed other packages ***
#

d-i debconf debconf/frontend select Noninteractive
d-i finish-install/reboot_in_progress note

choose-mirror-bin mirror/http/proxy string

The complete preseed file can also be found in the http preseed directory of the Ops-Tools-BaseImage project. This project also publishes a NuGet package which has all the configuration files and scripts that were used to create the Ubuntu base virtual hard drive.

Software development pipeline - Design accuracy

Monday, September 4, 2017 | Posted in Delivering software DevOps Pipeline design Software development pipeline

ISO defines accuracy as the combination of correctness, in agreement with the true facts, and consistency, always behaving or performing in a similar way.

The reason to value accuracy as the number one characteristic of the development pipeline is because it is important for the development teams to be able to rely on the outputs of the pipeline, whether they are product artefacts, test results or output logs. Without the accuracy the development teams will eventually lose their trust in the development pipeline, meaning that they will start ignoring the results because the teams assume that a failure is one of the system instead of one caused by the input set. Once the development teams lose the trust in the pipeline it will take a lot of work to regain their trust.

Once we know that having a development pipeline which delivers correct results is important the next step is to determine how accuracy can be built into the development pipeline. In theory this task is a simple one, all one has to do is to ensure that all the parts that form the pipeline behave correctly for all input sets. However as indicated by many -

In theory there is no difference between theory and practice. In practice there is

which means that practically achieving accuracy is a difficult task due to the many, often complex, interactions between the pipeline components. As a reminder the components the development pipeline consists of are:

  • The scripts that are used during the different parts of the cycle, i.e. the build, test and release scripts.
  • The continuous integration system which is used to execute the different scripts.
  • The tools, like the compiler, test frameworks, etc.

Based on this categorization of the pipeline parts and the previous statement one possible way of approaching accuracy for a development pipeline is to first ensure that all the parts are individually accurate. As a second stage the changes in accuracy due to interaction between the parts can be dealt with.

For the scripts, tools and continuous integration system this means that each input returns a correct response and does so consistently for each input set. Fortunately most scripts and tools do so for the majority of the inputs. In cases where a tool returns an incorrect response the standard software development process should be followed by recording an issue, scheduling the issue and implementing, testing and deploying a new version of the tool. In this process it is important to test thoroughly to ensure that the changes do not negatively impact tool accuracy. Additionally it is important to execute both (automated) regression testing against known input sets as well as high level (automated) smoke tests of the entire development pipeline to validate that the issue has been fixed and no further issues have been introduced. In order to minimize disruption to the development teams tests should be conducted outside business hours if no test environment is available, i.e. if the production development pipeline has to be used for the final tests. It is of course better if a test environment is available so that testing can take place during business hours without affecting the development teams. As a side note; having a test environment with a copy of the development pipeline allows for the development of new features and other changes while the production pipeline is in use, thus making it easier and quicker to evolve the pipeline and its capabilities.

With the approach to development and improvement of the tools taken care of the other area that needs to be carefully controlled is the infrastructure on top of which the development pipeline executes. For infrastructure the biggest issues are related to outages of different parts of the infrastructure, e.g. the network or the different services. In most cases failures on the infrastructure level do not directly influence the correctness of the development pipeline. It is obviously possible for a failure in the infrastructure to lead to an incorrect service being used, e.g. the test package manager instead of the production one. However unless other issues are present, i.e. the test package manager has packages of the same version but different content, it is unlikely that a failure in the infrastructure will allow artefacts to pass the development pipeline while they should not. A more likely result is that failures in the infrastructure lead to failures in the development pipeline thus affecting the ability of the pipeline to deliver the correct results consistently.

The types of issues mentioned can mostly be prevented by using the modern approaches to IT operations like configuration management and immutable servers to ensure that the state of the infrastructure is known, monitoring to ensure that those responsible for operations are notified of issues and standard operating procedures and potentially auto-remediation scripts to quickly resolve issues that arise.

It should be noted that it is not necessary, though extremely helpful, for the infrastructure to be robust in order to provide an accurate development pipeline. Tooling can, and probably should, be adapted to handle and correct for infrastructure failures as much as possible. However as one expects it is much easier to build a development pipeline on top of a robust infrastructure.

The final part of the discussion on the accuracy of the development pipeline deals with the relation between accuracy and the interaction of the tools and infrastructure. The main issue with interaction issues is that they are often hard to understand due to the, potentially large, number of components involved. Additionally certain interaction issues may only occur under specific circumstances like high load or specific times of the day / month / year, e.g. daylight savings or on leap days.

Because of the complexity it is important when building and maintaining a development pipeline to following the normal development process, i.e. using version control, (unit) testing, continuous integration, delivery or deployment, work item tracking and extensive testing etc. for all changes to the pipeline. This applies to the scripts and tools as well as the infrastructure. Additionally it is especially important to execute thorough regression testing for any change to the pipeline to ensure that a change to a single part does not negatively influence the correctness of the pipeline.

Finally in order to ensure that the correctness of the pipeline can be maintained, and improved if required, it is sensible to provide monitoring of the pipeline and the underlying infrastructure as well as ensuring that all parts of the pipeline are versioned, tools and infrastructure alike, and versions of all the parts are tracked for each input set.

nBuildKit release - V0.10.2

Monday, August 28, 2017 | Posted in nBuildKit

Version 0.10.2 of nBuildKit has been released.

This release made the following minor changes

  • Removed the custom tasks assembly from the nBuildKit.MsBuild.Actions NuGet package because those were never used from that package as they are also in the nBuildKit.MsBuild.Tasks NuGet package
  • Added a deployment step to get VCS information during the deploy process.
  • Fixed missing bootstrap steps in the test and deploy stages.

All the work items that have been closed for this release can be found on github in the milestone list for the 0.10.2 release.