Articles

Continuous Delivery Patterns and Anti-Patterns

,

The goal for a successful continuous delivery process is to minimize the time it takes for development teams to go from idea to usable software by practicing agile techniques and automating the entire software delivery system: build, deploy, test, release. This Refcard explains detailed patterns and anti-patterns for core areas of CD, including the delivery and deployment phases, rollbacks, pipeline observability and monitoring, documentation, as well as communication across teams and within the organization.
Source de l’article sur DZONE

/par

Jump Into the DevOps Pool. The Water is Fine.

,

In scanning the IT landscape, the call for DevOps engineers remains toward the top of many companies’ priorities. A nationwide search through various job posting sites returns literally thousands of DevOps opportunities. However, reviewing these job postings shows that the skillsets required are widely varied. In comparison, software development job descriptions and requirements tend to have a narrower focus – broadly speaking, a language and a particular framework. DevOps job descriptions and requirements range from implementing continuous integration and continuous delivery (CI/CD) processes, to building infrastructure, to configuration management, to cloud operations, to writing code in any number of languages, and so on. It’s an impressive and intimidating list. Have you considered joining the DevOps wave but have been challenged in getting a clear picture of what DevOps is or means? If so, you’re not alone.

What is DevOps?

While many organizations have DevOps teams, even within a single organization, there are likely to be multiple roles within a DevOps team. Why is that? The reason is that DevOps is a process, and various roles within a DevOps team each contribute to the process. The DevOps process is a product of the evolution of Agile development processes. With Agile, production-quality software is iteratively delivered, which drives the need to deploy software more often. The process of getting software into production needed to be streamlined, thus the DevOps movement and process was born.

Source de l’article sur DZONE

/par

The Evolution of Configuration Management: IaC vs. GitOps

,

Misconfigurations are the leading cause behind security incidents in Kubernetes-orchestrated or otherwise containerized environments. Without proper configuration in place, applications would run into problems ranging from noncompliance and inconsistencies to performance bottlenecks, security vulnerabilities, and functionality failure. Therefore, configuration management is a critical component in a software development lifecycle for maintaining systems in a desired, consistent state.

According to Red Hat’s State of Kubernetes Security report, misconfigurations were the leading cause behind security incidents in Kubernetes-orchestrated or otherwise containerized environments. Without proper configuration in place, applications would run into problems ranging from noncompliance and inconsistencies to performance bottlenecks, security vulnerabilities, and functionality failure. This would make cloud-native systems unstable and cause them to become a liability to businesses. For this reason, configuration management is a critical component in a software development lifecycle for maintaining systems in a desired, consistent state. However, the way configuration management is done has been evolving over the years. This post traces the history of configuration management, focusing on how GitOps handles this critical aspect of running cloud-native applications today.

Source de l’article sur DZONE

/par

The Most Popular Kubernetes Alternatives and Competitors

,

Kubernetes is an open-source container orchestration tool developed by Google and is also known as K8s. It is used in managing the complete lifecycle of containerized applications. Kubernetes provides high availability, scalability, and predictability to the containerized application. It automates the deployment, management, and scaling of containerized applications. Kubernetes also supports automated rollout and rollbacks,  service discovery, storage orchestration, scaling, batch execution, and more. Kubernetes provides the cluster where containerized applications can be deployed. Kubernetes is not the only container orchestration tool, but various “Kubernetes Alternatives” are available in the market.

Before we talk about the “Alternatives to Kubernetes,” let’s explore the key components of Kubernetes. The Kubernetes cluster consists of at least one worker node where containerized applications are deployed and one master node or control plane which manages the worker nodes. The Control plane or master node consists of Kube-API server, etcd, Kube-scheduler, and Kube-controller-manager, whereas the worker node consists of Kubelet, Kube-Proxy, and Container Runtime. 

Source de l’article sur DZONE

/par

SAST in Secure SDLC: 3 Reasons to Integrate It in a DevSecOps Pipeline

,

Vulnerabilities produce enormous reputational and financial risks. As a result, many companies are fascinated by security and desire to build a secure development life cycle (SSDLC). So, today we’re going to discuss SAST — one of the SSDLC components.

SAST (static application security testing) searches for security defects in application source code. SAST examines the code for potential vulnerabilities — possible SQL injections, XSS, SSRF, data encryption issues, etc. These vulnerabilities are included in OWASP Top 10, CWE Top 25, and other lists.

Source de l’article sur DZONE

/par

How to Use Shipa to Make Kubernetes Adoption Easier for Developers

,

Kubernetes offers developers tremendous advantages… if they can overcome the platform’s inherent complexities. It can be a big « if. » Without additional tooling, developers aren’t able to simply develop their applications on Kubernetes, but must also become experts in writing complex YAML templates to define Kubernetes resources. A relatively new tool called Shipa provides an application management framework that largely relieves developers of this burden, enabling dev teams to ship applications with no Kubernetes expertise required.

Having recently put the tool to the test, this article will demonstrate how to install and utilize Shipa to simplify Kubernetes and ease some common developer frustrations.

Source de l’article sur DZONE

/par

Lessons to Learn from Etsy’s DevOps Strategy

,

Every organization adopting DevOps has stories to tell to the world. Some of them turned out to be success stories, while others are more like lessons to learn. While it’s true that Etsy is one of such organizations that benefited a lot from their DevOps adoption, they also learned a few lessons from their mistakes during their journey. Today, we will be talking in brief about those lessons in detail. But first, let’s try to understand why Etsy first became interested in DevOps.

Why Did Etsy Adopt DevOps?

Back in 2005, Etsy’s engineering teams were siloed into developers, operations teams, and database admins. Although the team was relatively small — close to 35 employees — they faced many team collaboration challenges. This barrier was hindering Etsy’s progress as an organization. 

Source de l’article sur DZONE

/par

Infrastructure as Code: Everything You Need to Know

,

Infrastructure is one of the core tenets of a software development process — it is directly responsible for the stable operation of a software application. This infrastructure can range from servers, load balancers, firewalls, and databases all the way to complex container clusters.

Infrastructure considerations are valid beyond production environments, as they spread across the entire development process. They include tools and platforms such as CI/CD platforms, staging environments, and testing tools. These infrastructure considerations increase as the level of complexity of the software product increases. Very quickly, the traditional approach for manually managing infrastructure becomes an unscalable solution to meet the demands of DevOps modern rapid software development cycles. And that’s how Infrastructure as Code (IaC) has become the de facto solution in development today.

Source de l’article sur DZONE

/par

Azure Infrastructure Made Immutable With Locks

,

After an application is deployed to production, developers should lock down its underlying infrastructure to prevent accidental changes. Some of the common accidents that can affect the availability of an application in production are: moving, renaming, or deleting the resource crucial to the function of the application. You can use locks that prevent anyone from performing a forbidden action to avoid such mishaps.

Creating Locks

Almost every resource in Azure supports locks, so you will find the lock option in the settings section of nearly all resources in the portal. For example, the following screenshot illustrates locks on resource groups:

Source de l’article sur DZONE

/par

Delete Multiple Resources and Resource Groups in Azure With Tags

,

You might have noticed that resources comprising some Azure services such as Azure Kubernetes Service (AKS) span multiple resource groups by default. In some cases, you might intentionally want to segregate resources such as disks and network interfaces from VMs by placing them in different resource groups for better management. A common problem arising from the resource spread is that you might find it challenging to delete multiple resources and resource groups to entirely remove a service from a subscription.

We can solve the problem by using resource tags to associate resources and resource groups to a service. Tags are key-value pairs that can be applied to your Azure resources, resource groups, and subscriptions. Of course, you can use tags for many other purposes apart from resource management. The Azure docs website has a detailed guide on the various resource naming and tagging strategies and patterns.

Source de l’article sur DZONE

/par