Rebuilding the airplane at 10 000mContinuous Deployment with Jenkins and Gerrit

R. Tyler

Hello and thanks for coming. I'm R. Tyler Croy, and today I'm going to talk to you about two things at the same time!

I'm going to tell you how we rebuilt our engineering organization "mid-flight" for Continuous Deployment and at the same time, I'm going to tell you how you can too with Jenkins and Gerrit


Jenkins Infrastructurewith


I work for Lookout

First of all, I work at Lookout Mobile Security, if you're an Android user you might already be familiar with some of our products.

If you're not familar with us, we are primarily known for our security app on Android.

My job at Lookout primarily involves ->

Hacking with Ruby

Hacking with Ruby, you see while we have a nice fancy Java-based Android application, we also have a *large* server-backend which handles device notifications, backups, analysis and much more.

That entire backend is written in Ruby, and can benefit from ->

Let's talk about:continuous deployment

Continuous Deployment, which is also known as "Continuous Delivery". For the context of this talk, I will always refer to it as "Continuous Deployment"

Before I talk too much about what it *is*, I'd like to talk about ->

What it is:


What Continuous Deployment is NOT.

Above all else, it is not something you do *once* and then you're finished and you can move on. Continous Deployment is a process and mind-set you and your team stick with

"Release everythingas soon as possible!"

Continuous Deployment doesn't mean you release EVERYTHING as soon as it's committed. It doesn't mean you *MUST* deploy every single commit either.

"Great! No need for a QA team"

One of the interesting things I've discovered at Lookout and at other organizations, is that Continuous Deployment, and some of the practices involved in it is that it will free up the QA team to *do their jobs*.

Good QA engineers are most useful when they're exploring, hunting for bugs. Having QA engineers running through test plans every day of the week is boring, slow and is a good candidate for replacement with automated testing tools

"Our users will be our testers!"

Lastly, I don't think Continuous Deployment means you can offload testing to your users.

To some extent this will be inevitable, as changes are more rapidly deployed, but I believe you should try everything you can to avoid your users experiencing issues because of bugs you've introduced

Continuous Deploymentis about

Continous Deployment, in my opinion, is all about ->


stability. It is about being able to deploy changes ->


More Confidence

faster and with more confidence. Releases shouldn't be scary or stressful, in fact the more boring a deployment is, the better!

In order to make that happen, it is important to have: * Well-thought out procedures for rapid deployment of changes * A good feedback loop from production, in order to inform your team about the current status of the production infrastructure

In my opinion, above everything else, these are the two most important factors to succeeding with Continuous Deployment

Overall, I think Continuous Deployment is ->

Continuous Deployment is


GOOD for your organization. Even if you don't end up rapidly deploying your software, the striving for continuous deployment will help improve so many other parts of your development process

So that's Continuous Deployment, and that's all well and good, but let's go back ->

Meanwhile at Lookout

to Lookout, and talk about "where we were" when we started our journey on the road towards Continuous Deployment

"In the olden days" we used ->

Subversion branches for releases

Subversion branches for all our releases. Whenever we were going to prepare a release, we would create a branch in Subversion and those branches would live ->

10-18 days per release branch

for 10-18 days. That means we would take around two weeks every time we wanted to take the code in trunk, and create a release from it

We also performed ->

manual code review

Manual code review. The code review process used to be "hey kyle, come look at this real quick before I commit it to trunk."

In addition to this loosely enforced manual code review process, we had ->

very little automation

very little automation. We actually had some automated tests running somewhere, but there wasn't a "culture of automation"

Being a huge fan of Jenkins and Continuous Deployment, this was very ->

Sad, besides being emotionally frustrating, if we look at the data, it was actually hurting us.

36%of deployments failed

This means that 1/3 of the time when we would try to deploy code into production, something would go wrong and we would have to rollback the deploy and find out what went wrong.

Unfortunately, since it took us two or more weeks to get the release out, we had on average ->

68commits per deployment

68 commits per deployment, so one or more commits out of 68 could have caused the failure.

After a rollback, we'd have to sift through all those commits and find the bug, fix it and then re-deploy.

Because of this ->

62%of deployments slipped

About 2/3rds of our deployments slipped their planned deployment dates. As an engineering organization, we couldn't really tell the product owner when changes were going to be live for customers with *any* confidence!

So I was pretty frustrated with all of this, and as I talked to more people in the engineering organization, they were frustrated too!

SO! ->

Let's fix this.

When we started to come up with a plan to drive towards continuous deployment, the first thing we needed to do was ->

Step One:Automate Development


Before we used a tool called Bitten, I won't tell you too much about Bitten, but it's not a great tool and we had a number of issues with it: * Practically zero developer insight into the test/build process * All the tests ran on *one* build machine which was hand-crafted by the Operations team for the task

We installed Jenkins and started to work on migration "jobs" over to Jenkins.

"Why don't our tests pass?"

The first major issue we had was that we noticed that we had tests that didn't actually *pass* reliably. Previously this was hidden from us, but after running the tests after every commit with Jenkins, we noticed that we had some technical debt in the test suite

Never stop automating.

Like Continuous Deployment itself, automation is a mind-set. In the past 12 months at Lookout we have gone from zero jobs in Jenkins to over 200 different jobs performing different tasks.

It is important that you constantly recognize manual processes that can and should be automated. Over time these little automations add up into pipelines of tasks that Jenkins can perform entirely on its own

Once we had automation in place, we needed to focus on ->

Step TwoBetter tools,processes

Better tools and better processes than what we were using before.

This meant evaluating what tools were working, and what wasn't. In the process we migrated away from Pivotal Tracker and dropped Subversion ->

(I don't like SVN)

I'm not going to rant against Subversion, if you like it, that's fine. There are ways to accomplish continuous deployment with Subversion. At Lookout however, we viewed it as one of the things standing in our way.

So we got rid of Subversion and instead opted for ->


Git, if you're not familiar with Git it can be used a number of different ways, there's the familiar ->

centralized workflow

This is more common for smaller companies

integration managerworkflow

This is common for GitHub-based projects

lieutenants workflow

This is how the Linux kernel is developed

Git + Gerrit

Git and Gerrit


Gerrit is a Git-based code review tool

code review


Developer Workflow

What this means for an individual developer is that they can iterate on their code in Gerrit, based on feedback from their colleagues.

Once the code is all polished up, it can then be integrated into the "main" repository

"Pre-tested" Commits

An integral part of our Git + Gerrit workflow involved pre-testing commits.

The whole concept behind "pre-testing" a commit is that only changes which have passed the "tests" will be allowed to be integrated or merged.

Gerrit Trigger plugin

Gerrit Trigger plugin

Feedback in Gerrit

The Cycle


Git + Gerritat the same time!

Instead of introducing Git as a separate tool to developers, we introduced at the same time so developers never learned a Git-based workflow that *didn't* involve Gerrit at its core.

We walked through the different teams, one by one with a fully set-up "demo" project to use for experimentation of creating commits, code reviewing them, verifying them with Jenkins and finally merging them into the "master" branch

By immediately starting developers with "here's how you do work now", we were able to finish the migration in a matter of a couple weeks instead of the months it's taken me at previous companies.

One thing we immediately realized after switching to Git + Gerrit was ->

"We need more builders!"

When we first started moving things into Jenkins we had 3 slaves that were properly configured for running our tests. As we started using pre-tested commits with Gerrit and Jenkins, we *very* quickly realized that we needed

In the very early stages of this, we used the same hand-crafted VM base image with VMWare ESX, and then spun up multiple new machines.

If you're going to use a pre-tested commit workflow with an active engineering organization, make sure plan ahead and have plenty of hardware, or virtualized hardware for Jenkins


Cleaning up and making the development part of the workflow was long overdue, and already was gaining us noticable improvements, even with our slow release process.

With every commit getting tested by Jenkins, the stability of our "master" branch had greatly improved, and our deploys became less error prone.

Continuous Deployment touches more than just your development team though, it affects your QA team, and your operations team too, so there's still work to be done! The next thing to be done is to ->

Step ThreeAutomate Everything Else

Automate *EVERYTHING*. There's so much more than writing code involved in getting software into the hands of your customers

Take for example ->

Deploying test environments

Deploying test environments, in the "olden days" QA engineers were responsible for deploying test environments manually.

Once the deployment of our test environments was managed through Jenkins, we could create pipelines with Jenkins, chaining off of a successful deployment to the test environment.

This opened us up to running ->

New kinds of tests

Entirely new kinds of tests! With deployment of a test environment driven from Jenkins, we could create downstream jobs which would spin up VMs with Sauce Labs to run hundreds of Selenium tests in parallel against the test environment, without any intervention from QA or developers.

With the automation of development, and then testing squared away, the last big thing to tackle was ->

Automating deploymentto


Automating the deployment of the production site is and was the hardest part of the entire workflow to accomplish. To automate a production deployment you need to be very confident in what code is going out and the sanity of the processes leading up to the production deployment.

Currently at Lookout production deployments are "manually automated" that means we have all the steps *right up* to deployment automated, and the deployment itself automated, but there is currently no process in place for changes to automatically flow through the entire system from a developers workstation, through Gerrit, and ultimately out to production

With Jenkins doing all of these things, you will likely have a similar realization to us, in that you need ->

Step FourMore Robots!

More robots

OpenStackand the

jclouds plugin

Slave Managementwith


As the number of slaves we operate grows, we have found the need to manage the slaves all at once. Currently we use a masterless Puppet set up for all of our slave images, they all have a cron job that checks the Git repository for new Puppet manifests every hour, and will apply any outstanding updates.

This allows us to bring new system dependencies, such as ImageMagick or libxml2, onto the slave machines without needing to log into them manually or re-image the whole cluster of VMs


(nobody's perfect)

No automated rollback

Currently there is no automated system for rolling back changes, if we notice any issues in production then must manually rollback the deployment.

No production acceptance testing

Tests are slow

Sure we have problems, but with: * Introducing a lot of Automation with Jenkins * Using Gerrit and Jenkins for code review and pre-testing all commits before the get into the master branch * And automating the pipeline from "merge to master" all the way through to "deploy to production"

We've managed to change entire engineering organization such that ->

2%of deployments failed

14commits per deployment

3%of deployments slipped


Thank you