GCP Checklist 4 — Application lifecycle management
Each application you deploy to GCP will have specific requirements for how it is managed through its life cycle . This includes the dev and test environments as well as the other stages that are part of the life cycle of an application . The following lists some guidance for your application lifecycle:
- Use folders and projects to group development teams and or applications
- Set up your CI/CD environment up early.
- Use version control — ensure you can roll back as easily as you can roll out updates
- Use the principle of Infrastructure as code to define environments . Treat your infrastructure environments as you do code. Treat your application code and the environment it will be deployed to together as a version
- Use labels — To identify components , who owns things, versionings , to classify
- When developing your application use small pieces of code ( micro services or functions), small functional units, use contracts between components , decouple , define the service boundary and how you implement that boundary ( for example firewall rules or RBAC rules for kubernetes)
- Test failure scenarios — Test failure scenarios if you are not comfortable doing this in production create a test environment that mirrors your production environment. Iterate on the learnings
- Automate all the things
- Use labels to make logical groupings of resources
- Design for scale — You may start out with a few users but anticipate rapid growth
- Treat security as a first class citizen when designing & developing your application
- Implement change management processes — Even though you automate as much as possible you do need to have a defined change management process
- Application security — How do you authenticate users logging on to your application? Have you given thought to how you authenticate calls to your API gateways or protect your application from potential threats
- If you need to comply with regulations that define who can have access to what in the application define these roles
- Elevated access should have more stringent controls around their use. Super user access should not be required as a daily part of access to an application , particularly where the application has sensitive data involved. It should be an exception.
- Create a launch checklist to ensure that you have all items or at least the ones you have thought about covered that will lead to a successful launch
You were expecting a reading list so I wasn’t going to disappoint you :
https://cloud.google.com/docs/tutorials
Labelling & grouping your GCP resources
https://landing.google.com/sre/book/chapters/reliable-product-launches.html
https://cloud.google.com/source-repositories/
https://cloud.google.com/solutions/automated-canary-analysis-kubernetes-engine-spinnaker
https://cloud.google.com/solutions/continuous-delivery-spinnaker-kubernetes-engine
https://cloud.google.com/solutions/ansible-with-spinnaker-tutorial
https://cloud.google.com/solutions/jenkins-on-kubernetes-engine-tutorial
https://cloud.google.com/solutions/continuous-delivery-jenkins-kubernetes-engine
https://cloud.google.com/solutions/continuous-delivery-jenkins-kubernetes-engine
https://cloud.google.com/docs/platform-launch-checklist
And here’s the Check list:
A list of all the checklists in the series can be found here