CloudOps for Kubernetes

3.3.x

Best Practices Overview

This section describes some recommended practices.

Securely Store Cluster Configuration Files

When you set up a CloudOps for Kubernetes cluster, you fill out a file named docker-compose.override.yml. As you change the cluster configuration, you update this file over time as discussed in Updating Cluster Configuration. The docker-compose.override.yml files typically contain sensitive values. A good practice is to store these files in a secure location that tracks change history so that:

  • Only people with a legitimate business need have access to the files. Only operations engineers should have access to view and change the files related to production clusters.
  • The change history of the files can be tracked.

A good option for storing the files is a separate Git repository that only the required people have access to. When you need to update the cluster, obtain the file from the Git repository and modify if needed. When you are done updating the cluster, merge the changed file into the git repository.

Use Custom Jobs to Configure Long-Lived Environments

When you set up and configure an Elastic Path Self Managed Commerce environment, you run a set of Jenkins jobs and make several decisions about Jenkins parameter values that affect the configuration of the resulting Self Managed Commerce environment. You must update these values over time as the environment configuration needs to change, such as when you update an allow-list.

A good practice is to create one or more wrapper Jenkins Pipelines for each of your long-lived Commerce environments to record and update that environment's configuration. These wrapper pipelines will call out-of-the-box pipelines such as deploy-or-delete-commerce-stack, create-or-delete-activemq-container, and the appropriate Database Server job and contain the parameter values for the jobs to effect the proper configuration of the specific environment.

As you update the environment over time, you update the pipeline's Jenkinsfile and run the pipeline to apply changes. Check these files into Git and keep them up to date. This approach is more effort, but allows you to define the environment configuration in code and to maintain a change history of the configuration.

Exercise the Automation Often

Your team should always maintain the knowledge and skill required to set up environments from scratch. Additionally, you should also regularly verify that the infrastructure automation continues to work properly. A good practice is to regularly repeat the procedures required to set up CloudOps for Kubernetes clusters and Commerce environments. You will require dedicated, and likely isolated, AWS accounts for this purpose so that you do not impact running environments.

Avoid Extensive Customization

The more extensively you customize CloudOps for Kubernetes, the more effort it will be to merge in and apply the required regular updates. For more information, see Customization Overview.

Last updated on 6/25/2024
Configure Application ContainersAccess and Tools