Articles

Datadog is an exceptional tool for DevOps teams, developers, and SREs. It’s suitable for a broad range of cloud applications of every size. However, despite its powerful capabilities, most businesses aren’t making the most of Datadog. Are you?

  • Can you see how newly launched features are affecting user experience?
  • Can you immediately see the root cause of an issue on your dashboard – without digging around? 
  • Are you managing Jira tickets directly in Datadog?

Datadog’s integrations help make the platform stand out, but using them to make Datadog more powerful can be confusing, as there are over 500 interesting tools to consider.

Source de l’article sur DZONE

Modern cloud environments are ever-changing, and so is the nature of cloud computing. The growing cloud assets accompany the attack surface expansion problem for organizations, which unveils the need for visibility of cloud resources. AWS Config addresses that exact demand. It can be challenging to understand resources within your infrastructure like:

  • Seeing what resources you have
  • Understanding your current configurations
  • Knowledge of configuration changes and change histories
  • Assessing if your resources are compliant with specific governances controls 
  • Having accurate and up-to-date audit information

Depending on the size of your AWS resources or deployment, overcoming these challenges and obtaining this information can become time-consuming and budget-intensive unless you use resource visibility and auditing tool like AWS Config

Source de l’article sur DZONE

When I first heard the term DevOps, What I understood from my peers is that,

“The process of deploying the application in any environment (dev/QA/prod) is called DevOps. It’s just another synonym for operations.”

Source de l’article sur DZONE

An IT project is never an end in itself, but a means to attain a business objective. In this day and age, when leaders and decision-makers are exposed to buzzwords, frameworks, and tech trends constantly, it is more important than ever to take a step back and reflect on the business goal before deciding on the technological way to get there.

Decades after the advent of information technology, the challenge remains the same: to successfully apply IT practices that improve revenue streams and unlock new DevOps opportunities. Organizations urgently need to establish frameworks to manage information systems and apply them to daily operations, contributing to delivering business value and improving economic performance.

Source de l’article sur DZONE

The goal for a successful continuous delivery process is to minimize the time it takes for development teams to go from idea to usable software by practicing agile techniques and automating the entire software delivery system: build, deploy, test, release. This Refcard explains detailed patterns and anti-patterns for core areas of CD, including the delivery and deployment phases, rollbacks, pipeline observability and monitoring, documentation, as well as communication across teams and within the organization.
Source de l’article sur DZONE

In scanning the IT landscape, the call for DevOps engineers remains toward the top of many companies’ priorities. A nationwide search through various job posting sites returns literally thousands of DevOps opportunities. However, reviewing these job postings shows that the skillsets required are widely varied. In comparison, software development job descriptions and requirements tend to have a narrower focus – broadly speaking, a language and a particular framework. DevOps job descriptions and requirements range from implementing continuous integration and continuous delivery (CI/CD) processes, to building infrastructure, to configuration management, to cloud operations, to writing code in any number of languages, and so on. It’s an impressive and intimidating list. Have you considered joining the DevOps wave but have been challenged in getting a clear picture of what DevOps is or means? If so, you’re not alone.

What is DevOps?

While many organizations have DevOps teams, even within a single organization, there are likely to be multiple roles within a DevOps team. Why is that? The reason is that DevOps is a process, and various roles within a DevOps team each contribute to the process. The DevOps process is a product of the evolution of Agile development processes. With Agile, production-quality software is iteratively delivered, which drives the need to deploy software more often. The process of getting software into production needed to be streamlined, thus the DevOps movement and process was born.

Source de l’article sur DZONE

Misconfigurations are the leading cause behind security incidents in Kubernetes-orchestrated or otherwise containerized environments. Without proper configuration in place, applications would run into problems ranging from noncompliance and inconsistencies to performance bottlenecks, security vulnerabilities, and functionality failure. Therefore, configuration management is a critical component in a software development lifecycle for maintaining systems in a desired, consistent state.

According to Red Hat’s State of Kubernetes Security report, misconfigurations were the leading cause behind security incidents in Kubernetes-orchestrated or otherwise containerized environments. Without proper configuration in place, applications would run into problems ranging from noncompliance and inconsistencies to performance bottlenecks, security vulnerabilities, and functionality failure. This would make cloud-native systems unstable and cause them to become a liability to businesses. For this reason, configuration management is a critical component in a software development lifecycle for maintaining systems in a desired, consistent state. However, the way configuration management is done has been evolving over the years. This post traces the history of configuration management, focusing on how GitOps handles this critical aspect of running cloud-native applications today.

Source de l’article sur DZONE

Kubernetes is an open-source container orchestration tool developed by Google and is also known as K8s. It is used in managing the complete lifecycle of containerized applications. Kubernetes provides high availability, scalability, and predictability to the containerized application. It automates the deployment, management, and scaling of containerized applications. Kubernetes also supports automated rollout and rollbacks,  service discovery, storage orchestration, scaling, batch execution, and more. Kubernetes provides the cluster where containerized applications can be deployed. Kubernetes is not the only container orchestration tool, but various “Kubernetes Alternatives” are available in the market.

Before we talk about the “Alternatives to Kubernetes,” let’s explore the key components of Kubernetes. The Kubernetes cluster consists of at least one worker node where containerized applications are deployed and one master node or control plane which manages the worker nodes. The Control plane or master node consists of Kube-API server, etcd, Kube-scheduler, and Kube-controller-manager, whereas the worker node consists of Kubelet, Kube-Proxy, and Container Runtime. 

Source de l’article sur DZONE

Vulnerabilities produce enormous reputational and financial risks. As a result, many companies are fascinated by security and desire to build a secure development life cycle (SSDLC). So, today we’re going to discuss SAST — one of the SSDLC components.

SAST (static application security testing) searches for security defects in application source code. SAST examines the code for potential vulnerabilities — possible SQL injections, XSS, SSRF, data encryption issues, etc. These vulnerabilities are included in OWASP Top 10, CWE Top 25, and other lists.

Source de l’article sur DZONE

Kubernetes offers developers tremendous advantages… if they can overcome the platform’s inherent complexities. It can be a big « if. » Without additional tooling, developers aren’t able to simply develop their applications on Kubernetes, but must also become experts in writing complex YAML templates to define Kubernetes resources. A relatively new tool called Shipa provides an application management framework that largely relieves developers of this burden, enabling dev teams to ship applications with no Kubernetes expertise required.

Having recently put the tool to the test, this article will demonstrate how to install and utilize Shipa to simplify Kubernetes and ease some common developer frustrations.

Source de l’article sur DZONE