book

Fundamentals of DevOps and Software Delivery

Name: Fundamentals of DevOps and Software Delivery
Author: Yevgeniy Brikman
ISBN: 9781098174590

by Yevgeniy Brikman

May 2025

Intermediate to advanced

552 pages

14h 57m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Includes

Sandbox

Preface
Why I Wrote This BookThe Impact of World-Class Software DeliveryWhere DevOps Came FromWatch Out for SnakesWho Should Read This BookWhat You’ll Find in This BookWhat You Won’t Find in This BookOpen Source Code ExamplesOpinionated Code ExamplesYou Have to Get Your Hands DirtyUsing Code ExamplesConventions Used in This BookO’Reilly Online LearningHow to Contact UsAcknowledgments
1. How to Deploy Your App
Example: Deploy the Sample App LocallyDeploying an App on a ServerOn-Prem and Cloud HostingExample: Deploy an App via PaaS (Render)Example: Deploy an App via IaaS (AWS)Comparing Deployment OptionsOn Prem Versus the CloudIaaS Versus PaaSThe Evolution of DevOpsAdopting DevOps PracticesConclusion
2. How to Manage Your Infrastructure as Code
The Benefits of IaCAd Hoc ScriptsExample: Deploy an EC2 Instance by Using a Bash ScriptHow Ad Hoc Scripts Stack UpConfiguration Management ToolsExample: Deploy an EC2 Instance by Using AnsibleExample: Configure a Server by Using AnsibleHow Configuration Management Tools Stack UpServer Templating ToolsExample: Create a VM Image by Using PackerHow Server Templating Tools Stack UpProvisioning ToolsExample: Deploy an EC2 Instance by Using OpenTofuExample: Update and Destroy Infrastructure by Using OpenTofuExample: Deploy an EC2 Instance by Using an OpenTofu ModuleExample: Deploy an EC2 Instance by Using an OpenTofu Registry ModuleHow Provisioning Tools Stack UpUsing Multiple IaC Tools TogetherProvisioning Plus Configuration ManagementProvisioning Plus Server TemplatingProvisioning Plus Server Templating Plus OrchestrationAdopting IaCConclusion
3. How to Manage Your Apps by Using Orchestration Tools
An Introduction to OrchestrationServer OrchestrationExample: Deploy an App Securely and Reliably by Using AnsibleExample: Deploy a Load Balancer by Using Ansible and nginxExample: Roll Out Updates with AnsibleVM OrchestrationExample: Build a VM Image by Using PackerExample: Deploy a VM Image in an Auto Scaling Group by Using OpenTofuExample: Deploy an Application Load Balancer by Using OpenTofuExample: Roll Out Updates with OpenTofu and Auto Scaling GroupsContainer OrchestrationExample: A Crash Course on DockerExample: Create a Docker Image for a Node.js AppExample: Deploy a Dockerized App with KubernetesExample: Deploy a Load Balancer with KubernetesExample: Roll Out Updates with KubernetesExample: Deploy a Kubernetes Cluster in AWS by Using EKSExample: Push a Docker Image to ECRExample: Deploy a Dockerized App into an EKS ClusterServerless OrchestrationExample: Deploy a Serverless Function with AWS LambdaExample: Create a Lambda Function URLExample: Roll Out Updates with AWS LambdaComparing Orchestration OptionsConclusion
4. How to Version, Build, and Test Your Code
Version ControlExample: Turn Your Code into a Git RepoExample: Store Your Code in GitHubVersion-Control RecommendationsBuild SystemExample: Configure Your Build by Using npmDependency ManagementExample: Add Dependencies in npmAutomated TestingExample: Add Automated Tests for the Node.js AppExample: Add Automated Tests for the OpenTofu CodeTesting RecommendationsConclusion
5. How to Set Up Continuous Integration and Continuous Delivery
Continuous IntegrationDealing with Merge ConflictsPreventing Breakages with Self-Testing BuildsMaking Large ChangesExample: Run Automated Tests for Apps in GitHub ActionsMachine User Credentials and Automatically Provisioned CredentialsExample: Configure OIDC with AWS and GitHub ActionsExample: Run Automated Tests for Infrastructure in GitHub ActionsContinuous DeliveryDeployment StrategiesDeployment PipelinesDeployment Pipeline RecommendationsConclusion
6. How to Work with Multiple Teams and Environments
Breaking Up Your DeploymentsWhy Deploy Across Multiple EnvironmentsHow to Set Up Multiple EnvironmentsChallenges with Multiple EnvironmentsExample: Set Up Multiple AWS AccountsBreaking Up Your CodebaseWhy Break Up Your CodebaseHow to Break Up Your CodebaseChallenges with Breaking Up Your CodebaseExample: Deploy Microservices in KubernetesConclusion
7. How to Set Up Networking
Public NetworkingPublic IP AddressesDomain Name SystemExample: Register and Configure a Domain Name in Amazon Route 53Private NetworkingPhysical Private NetworksVirtual Private NetworksAccessing Private NetworksCastle-and-Moat ModelZero Trust ArchitectureSSHRDPVPNService Communication in Private NetworksService DiscoveryService Communication ProtocolService MeshExample: Istio Service Mesh with Kubernetes MicroservicesConclusion
8. How to Secure Communication and Storage
Cryptography PrimerEncryptionHashingSecure StorageSecrets ManagementEncryption at RestSecure CommunicationTransport Layer SecurityExample: HTTPS with Let’s Encrypt and AWS Secrets ManagerEnd-to-End EncryptionConclusion
9. How to Store Data
Local Storage: Hard DrivesPrimary Data Store: Relational DatabasesReading and Writing DataACID TransactionsSchemas and ConstraintsExample: PostgreSQL, Lambda, and Schema MigrationsCaching: Key-Value Stores and CDNsKey-Value StoresCDNsFile Storage: File Servers and Object StoresFile ServersObject StoresExample: Serving Files with S3 and CloudFrontSemistructured Data and Search: Document StoresReading and Writing DataACID TransactionsSchemas and ConstraintsAnalytics: Columnar DatabasesColumnar Database BasicsAnalytics Use CasesAsynchronous Processing: Queues and StreamsMessage QueuesEvent StreamsScalability and AvailabilityRelational DatabasesNoSQL and NewSQL DatabasesDistributed SystemsBackup and RecoveryBackup StrategiesBackup RecommendationsExample: Backups and Read Replicas with PostgreSQLConclusion

10. How to Monitor Your Systems
LogsLog LevelsLog FormattingStructured LoggingLog Files and RotationLog AggregationMetricsTypes of MetricsUsing MetricsExample: Metrics in CloudWatchEventsObservabilityTracingTesting in ProductionAlertsTriggersNotificationsOn CallIncident ResponseExample: Alerts in CloudWatchConclusion
11. The Future of DevOps and Software Delivery
InfrastructurelessGenerative AISecure by DefaultPlatform EngineeringThe Future of Infrastructure CodeConclusion
Index
About the Author

Content preview from Fundamentals of DevOps and Software Delivery

Chapter 7. How to Set Up Networking

In Chapter 6, you learned how to split your deployments into multiple environments and how to split your codebase into multiple services. Both actions rely heavily on networking—namely, services need to be able to talk to other services over the network, and environments need to be isolated from one another so they can’t talk to each other over the network. In other words, networking plays two key roles: connectivity and security.

In this chapter, you’ll go deeper into networking, learning the high-level concepts you need in order to connect and secure your applications. In particular, this chapter will walk you through the concepts and examples shown in Table 7-1.

Table 7-1. Concepts and examples you’ll go through in this chapter
Concept	Description	Example
Public networking	Manage access to your apps over the public internet with public IPs and domain names.	Deploy servers with public IPs in AWS and register a domain name for them in Route 53.
Private networking	Run your apps in a private network to protect them from public internet access.	Create a VPC in AWS and deploy servers into it.
Network access	Learn how to securely access private networks by using SSH, RDP, and VPN.	Connect to a server in a VPC in AWS by using a bastion host and SSH.
Service communication	Securely connect apps in a microservice architecture.	Use Istio as a service mesh for microservices running in Kubernetes.

Let’s start with the first item, which ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781098174583Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Fundamentals of DevOps and Software Delivery

by Yevgeniy Brikman

Chapter 7. How to Set Up Networking

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.