How Netflix Builds and Deploys Code Using Nebula, Jenkins, Spinnaker, and AWS

Before code reaches the cloud, Netflix employs a suite of tools and technologies—including Nebula, Jenkins, Spinnaker, and AWS—to build the services that serve 75 million users worldwide.

The global continuous‑delivery pipeline, illustrated in the diagram, is built around Spinnaker.

Key steps prior to handing off to Spinnaker are: local compilation and testing with Nebula, committing code to a central Git repository, running Jenkins jobs that invoke Nebula to build, test, and package the application, creating Amazon Machine Images (AMIs), and then letting Spinnaker handle distribution, deployment, and release.

Netflix’s culture encourages engineers to use the best tools, and since 2008 the company has migrated its streaming business to AWS and adopted a Java‑based microservices architecture, enabling loosely coupled services that any team can update independently.

Nebula is a Gradle‑based build system enriched with multiple plugins that provides a unified build environment for all Java services, leveraging Gradle’s strong support for compilation, testing, packaging, dependency management, and publishing.

A typical build.gradle file includes the Nebula plugins, a dependency‑lock plugin that generates a .lock file capturing the full dependency graph, and the Netflix‑specific ospackage‑tomcat plugin for creating Debian or RPM packages.

After a successful Nebula build, the code is committed to Git, triggering a massive Jenkins master that schedules builds on dozens of Jenkins agents in AWS. Depending on the artifact type, Nebula produces a JAR uploaded to Artifactory or an OS package that is later baked into an AMI.

Netflix’s deployment strategy relies on immutable infrastructure: each release starts with a fresh AMI created by the Bakery service, which uses the Aminator tool. When a Jenkins job finishes, it triggers a Spinnaker pipeline that reads the Nebula‑produced package and calls the Bakery API to perform a bake.

Once the bake completes, Spinnaker rolls out the AMI to hundreds or thousands of servers, supporting multi‑region deployments, canary releases, blue‑green deployments, and runtime context injection. Automated integration tests run in the test environment before further promotion.

Overall, these tools enable rapid, automated delivery—Netflix can go from code commit to a cross‑region deployment in roughly sixteen minutes. Ongoing improvements focus on better dependency management via Nebula plugins, reducing bake times, and extending support to non‑JVM languages (Node.js, Python, Ruby, Go) through the Nebula ospackage plugin.

Source: Netflix Tech Blog ; reposted by JFrog杰蛙DevOps.