• Create OCI Devops build pipeline.
• Build a sample application.
• Push the artifact to OCI Artifact repo.
• Use OCI Deployment pipeline with CANARY Deployment strategies.
• Validate deployment and manual role back.

• Create an OCI artifact registry & associated policies. https://docs.oracle.com/en-us/iaas/Content/artifacts/home.htm

• Set policies & create a devops project - https://docs.oracle.com/en-us/iaas/Content/devops/using/home.htm.
• Devops policies - https://docs.oracle.com/en-us/iaas/Content/devops/using/getting_started.htm#prereq.

• Create devops artifacts. - https://docs.oracle.com/en-us/iaas/Content/devops/using/artifacts.htm

• Select the type as Instance group deployment configuration.

• Select Artifact source as Artifact Registry repository and using select option ,select the Artifact repo created.

• Use a custom location ,provide a name for artifact path and version as ${BUILDRUN_HASH}

• You can clone this repo and push to an OCI Code repo .Or create github repo by using import option to this repo to your github profile.

  • Managing code repo for OCI Devops - https://docs.oracle.com/en-us/iaas/Content/devops/using/managing_coderepo.htm

• Create an OCI devops build pipeline. https://docs.oracle.com/en-us/iaas/Content/devops/using/create_buildpipeline.htm

• Add a manage build stage to the build pipe line . https://docs.oracle.com/en-us/iaas/Content/devops/using/add_buildstage.htm

• Accordingly select the code repo /connection type /repo name for primary code repository and save.

If you are using a code repo other than OCI code repo ,ensure to set an external connection - https://docs.oracle.com/en-us/iaas/Content/devops/using/create_connection.htm

• Add an Deliver artifacts stage to the build pipeline.

• Select the artifacts created.

• Associate the build stage output artifact name and save.

• Snippet from build_spec.yaml. with output artifacts.

outputArtifacts:
  - name: instace_deploy_manifest
    type: BINARY
    # this location tag doesn't effect the tag used to deliver the container image
    # to the Container Registry
    location: ${OCI_PRIMARY_SOURCE_DIR}/deploy_spec.yaml

• For the demo purpose we will be creating two instances of Oracle Linux

• Follow the document and create instances and necessary policies - https://docs.oracle.com/en-us/iaas/Content/Compute/Tasks/launchinginstance.htm

• We will be creating 2 production instances and 1 canary instance.

• Use Create instances

• Use the first instance name as production-vm use default placements.

• Use Oralce Linux 8 as image and use the default shape.

• Use a virtual cloud network and a public network ,Or you create one for demo using Create new options.

• Use Assign public IPV4 address option.

• Use an appropriate SSH Keys option ,you would need this to login (You may use an existing one or create a new one)

• Use the advanced > Oracle Cloud Agent option and ensure that Compute Instance Run Command is enabled .

• In the same page under Management add an Inline cloud-init script and a free-form tag as below

environment production 

• Add Cloud init script is as below too ,

#cloud-config
users:
  - default
  - name: ocarun
    sudo: ALL=(ALL) NOPASSWD:ALL

• Proceed the same step with a different instance name as production-vm-1 as our second production host.

• Once done Use Create instances again and create a new instance for canary.

• Use the instance name as canary-vm-1 and use default placements.

• Use Oralce Linux 8 as image and use the default shape.

• Use a virtual cloud network and a public network ,Or you create one for demo using Create new options.

• Use Assign public IPV4 address option.

• Use an appropriate SSH Keys option ,you would need this to login (You may use an existing one or create a new one)

• Use the advanced > Oracle Cloud Agent option and ensure that Compute Instance Run Command is enabled .

• In the same page under Management add an Inline cloud-init script and a free-form tag as below

environment canary

• Cloud init script is as below ,

#cloud-config
users:
  - default
  - name: ocarun
    sudo: ALL=(ALL) NOPASSWD:ALL

• Create two new devops environment as type Instance Group.- https://docs.oracle.com/en-us/iaas/Content/devops/using/create_instancegroup_environment.htm

• Create an environment for Production environment.

• Go to next tab and use Query option.

• Click on Edit query

• Use the query as below .

freeformTags.key = 'environment' && freeformTags.value = 'production'

• Once it list all the production servers click on Add instance query

• Click Create environment and save the config.

• Create an environment for canary environment.

• Go to next tab and use Query option.

• Click on Edit query

• Use the query as below .

freeformTags.key = 'environment' && freeformTags.value = 'canary'

• Once it list the server green-webserver click on Add instance query

• Click Create environment and save the config.

• Now let us create a new Load Balancers under Networking

• Use Load Balancer wizard.

• Provide a name and use Public visibility and IP address as Ephemeral IP.

• Use default shapes and select the Virtual Cloud Network and Subnet same as that of the the instances created.

• Use Next and click on Add Backends

• Select all the servers created .

• As this a test ,select the Health check policy as http and port as 80 and go next.

• Configure a http listner.

• Keep the logs with default options and Submit

• Wait untill the loadbalancer become active.

• We need to create an ingress rule to allow our application traffic .
• Do so ,use OCI Virtual cloud networks(VCN) service > Click on the VCN considered.

• Click on the Subnet name from Subnets menu.

• Select the security list - Click the Default one .Click on Add ingress Rules

• Use Source CIDR as 0.0.0.0/0 and Destination Port Range as 80 and add the rule.

• Create a new devops deployment pipeline.
  • https://docs.oracle.com/en-us/iaas/Content/devops/using/deployment_pipelines.htm
  • Ensure to set the correct policies ,dynamic groups to run commands on instances - https://docs.oracle.com/en-us/iaas/Content/devops/using/devops_iampolicies.htm#deploy_policies

• Add a stage as Canary Strategy.

• Select the Deployment type as Instance Group and select the environment created.

• Associate the the Canary environment with the canary devops environment created.

• Select the Instance group deployment configuration using Add Artifact option .

• Select the Load balancer created earlier from the list.

• Select the Listener

• Use 80 as Backend port.

• USe Instance rollour by percentage and value as 50 (half of instances) and the Delay between batches(seconds) as 5 and click on Next.

• As its a demo keep the Validation controls as Noneor you may connect with a function to validate the deployment got to Next.

• Set the % of traffic to be shifted to canary (a value between 0 to 25).For this demo let us keep 25 % and click on Next.

• Enable the Approval controls and add 1 as the number of approvers and click Next.

• For Production canary stage ,associate it with the production environment and provide 50 as rollout percentage and a Delay of 5 seconds .

• Click add to add the stages.

• Switch back to Build pipeline and add a Trigger Deployment stage.Select the deployment pipeline and associate.Ensure to check the Send build pipelines Parameters option.

• The build pipeline should be as below .

• Go back to build pipeline and do click Start manual run.

• Wait untill all the build stages completed.

• Switch to the deployment pipeline and click on the Deployments and deployment which is in progress.

• Click on it and view the progress.

• After a while pipeline will be pending for Approval stage.Click on the 3 dots and approve the stage .

• Wait for all the Deployment stages to finish.

• Launch the application using the public ip address via browser.

• Now to realize the Canary effect ,do a re-run ,do a manual run of Build pipeline.
• Wait for all the Build stages to finish

• Follow the Deployments progress and wait untill Traffic Shift to Canary is finished (just before the approval).

• Launch the application using the public ip address via browser. Since the canary % of shift is 25 ,25 % of request now will be served via Canary environment.Along the previous output you will additionally see the canary deployed application view as well. (For a demo we are using an icon to differentiate).

• Give the Approval and finish the deployment .

• You may do a application change via updating the file app_version.config to a different value and re - run the build pipeline .

app_version=0.0.1 

• Since we are not using a test loadbalancer , you may launch the canary vm IP via browser to test the changes during the Traffic shift to Canary stage completion and approve further for production deployment and once the end of Production Canary stage ,the new version will be available via production loadbalancer.

• To do a rollback ,click on the 3 dots of Last stage of Deployment pipeline and use Manual rollback.

• Validate the current deployment values and references.

• Select a valid deployment from the list and initiate the rollback.

• Follow the progress and once done ,validate the application via production loadbalancer.

• You may encounter deployment failure incase the policies ,sudo enablement or compute agent status not running on instances etc ,refer the OCI official documentations given above for such cases . Since this is made for demo we have used limited number of instances and blank sudo previledge ,which is not advised for production usecases.

• OCI Devops - https://docs.oracle.com/en-us/iaas/Content/devops/using/home.htm.
• OCI Reference architectures - https://docs.oracle.com/solutions/
• OCI Devops samples - https://github.com/oracle-devrel/oci-devops-examples

This project is open source. Please submit your contributions by forking this repository and submitting a pull request! Oracle appreciates any contributions that are made by the open source community.

Copyright (c) 2022 Oracle and/or its affiliates.

Licensed under the Universal Permissive License (UPL), Version 1.0.

See LICENSE for more details.

ORACLE AND ITS AFFILIATES DO NOT PROVIDE ANY WARRANTY WHATSOEVER, EXPRESS OR IMPLIED, FOR ANY SOFTWARE, MATERIAL OR CONTENT OF ANY KIND CONTAINED OR PRODUCED WITHIN THIS REPOSITORY, AND IN PARTICULAR SPECIFICALLY DISCLAIM ANY AND ALL IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY, AND FITNESS FOR A PARTICULAR PURPOSE. FURTHERMORE, ORACLE AND ITS AFFILIATES DO NOT REPRESENT THAT ANY CUSTOMARY SECURITY REVIEW HAS BEEN PERFORMED WITH RESPECT TO ANY SOFTWARE, MATERIAL OR CONTENT CONTAINED OR PRODUCED WITHIN THIS REPOSITORY. IN ADDITION, AND WITHOUT LIMITING THE FOREGOING, THIRD PARTIES MAY HAVE POSTED SOFTWARE, MATERIAL OR CONTENT TO THIS REPOSITORY WITHOUT ANY REVIEW. USE AT YOUR OWN RISK.

• Author : Rahul M R
• Colloboroators : NA
• Last release : March 2022