SlideShare a Scribd company logo

Session on evaluation of DevSecOps

Download as PPTX, PDF
Abdullah al Mamun
Abdullah al Mamun

Session on evaluation of DevSecOps. This tutorial is made the very basic process of the DevOps cycle for the beginner level. So sometimes we won’t use very deep technical terms to understand.

Technology
1 of 60
Session on evaluation of DevSecOps Development Security Operations Presented By:- Md. Abdullah al Mamun Manager, DevSecOps, New Core Planning(NCP) Robi Axiata Limited
Student Management System
SDLC Software Development Life Cycle is the application of standard business practices to building software applications. It's typically divided into six to eight steps: Planning, Requirements, Design, Build, Document, Test, Deploy, Maintain.
Project Workflow 1. Planning 2. Analysis 3. Design 4. Implementation 5. Testing 6. Integration 7. Maintenance
Student Management System Roles 1. Students 2. Teacher 3. Admin Admin + Teachers 1. Dashboard: In this section, admin can see all detail in brief like Total Classes, Total Students, Total Class Notices and Total Public Notices. 2. Class: In this section, admin can manage class (Add/Update/Delete). 3. Students: In this section, admin can manage the students (Add/Update/Delete). 4. Notices: In this section, the admin can manage notices (Add/Update/Delete). 5. Public Notices: In this section, the admin can manage public notices. 6. Pages: In this section admin, can manage about us and contact us page of administration 7. Search: In this section admin, can search students by their student id. 8. Reports: In this section admin, can view how much students has been register in particular period. 9. Admin can also update his profile, change the password and recover the password. Students: 1. Dashboard: It is welcome page for students. 2. View: In this section, user can view notices which are announced by administrator. Can view marks to the exam result. 3. Student can also view his profile, change the password and recover the password..
Student Management System(Design)
Student Management System – Technical Specification • User Interface(UI): HTML, AJAX,JQUERY,JAVASCRIPT • Database: MySQL • Programming Language: PHP • PHP Framwork: Laravel • Sever: 8 Core Linux Server Bla bla bla…
Project Team Members Project Manager Business Developer SQA Security Cloud DBA Network 1 1 1 1 1 1 1 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository Local Computer Build Test Server Virtual Machine Build > Publish Deploy. Server Virtual Machine
Waterfall Methodology Waterfall Model methodology which is also known as Liner Sequential Life Cycle Model. Waterfall Model followed in the sequential order, and so project development team only moves to next phase of development or testing if the previous step completed successfully.
Advantages of Waterfall Model • It is one the easiest model to manage. Because of its nature, each phase has specific deliverables and a review process. • It works well for smaller size projects where requirements are easily understandable. • Faster delivery of the project • Process and results are well documented. • Easily adaptable method for shifting teams • This project management methodology is beneficial to manage dependencies. There are large number of project is being implemented by Waterfall Model
What’s Happen? • If Client change some requirements in the mid of the development? • If application can find a bug/vulnerable issue after staging? • If Client would like to add another modules like Student Advisor Role? • Something like that…. Waterfall Model methodology is unable to solve these types of problems!
Limitations of Waterfall Model • It is not an ideal model for a large size project • If the requirement is not clear at the beginning, it is a less effective method. • Very difficult to move back to makes changes in the previous phases. • The testing process starts once development is over. Hence, it has high chances of bugs to be found later in development where they are expensive to fix.
Agaile Agile is an iterative approach to project management and software development that helps teams deliver value to their customers faster and with fewer headaches.
Advantages of the Agile Model • It is focused client process. So, it makes sure that the client is continuously involved during every stage. • Agile teams are extremely motivated and self-organized so it likely to provide a better result from the development projects. • Agile software development method assures that quality of the development is maintained • The process is completely based on the incremental progress. Therefore, the client and team know exactly what is complete and what is not. This reduces risk in the development process.
Previous Problem? SOLVED! • Client changes requirements can easily integrable. • Application bug/vulnerable issue can be solvable. • Adding another modules is possible • Something like that…. Agile methodology is able to solve this types of problems!
Let’s imagine • Many of School is interested to use your “School Management System” • Your application business has been expanded Application-1 Database - 1 School-1 Application-2 Database - 2 School-2 Application-3 Database - 3 School-3 Application-N Database - N School-N
SaaS Model • “School Management System” need to implemented your business is as SasS Model. What is SaaS Model?
Software as a Service (SaaS) Model DB-1 DB-2 DB-3 Source Code Application-1 Application-2 Application-3
Project Team Members (Prev.) Project Manager Business Developer SQA Security Cloud DBA Network 1 1 1 1 1 1 1 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository Local Computer
Project Team Members (Now) Project Manager Business Developer SQA Security Cloud DBA Network 3 5 2 2 3 2 3 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository Local Computer How to source code can be manage for large development team ?
Why Version Control system is Important? As we know that a software product is developed in collaboration by a group of developers they might be located at different locations and each one of them contributes to some specific kind of functionality/features. So in order to contribute to the product, they made modifications to the source code(either by adding or removing). A version control system is a kind of software that helps the developer team to efficiently communicate and manage(track) all the changes that have been made to the source code along with the information like who made and what changes have been made Version Control System keeps track on changes made on a particular software and take a snapshot of every modification.
Version Control Systems Version control, also known as source control, is the practice of tracking and managing changes to software code. Version control systems are software tools that help software teams manage changes to source code over time. As development environments have accelerated, version control systems help software teams work faster and smarter.
Project Team Members (Now) Project Manager Business Developer SQA Security Cloud DBA Network 3 5 2 2 3 2 3 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository Local Computer Source Code Repository?
Source Code Repository(SCM) A code repository is an archive of the code itself that is being worked on. Beyond the code itself, you can keep things such as documentation, notes, web pages, and other items in your repository. A code repository is required for any successful software development project.
Github GitHub, Inc. is a provider of Internet hosting for software development and version control using Git. It offers the distributed version control and source code management (SCM) functionality of Git, plus its own features. It provides access control and several collaboration features such as bug tracking, feature requests, task management, continuous integration, and wikis for every project.
Project Team Members (Recap.) Project Manager Business Developer SQA Security Cloud DBA Network 3 5 2 2 3 2 3 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository GitLab Version Control Git
Development Cycle Source Code Software Developer(Local) Git PUSH/PULL Repository (GitLab) Source Code [Branches] Build Manual Database Source Code Database Test Server (VM) Check Testing Software Quality Testing (Selenium) Software Security Testing (SonarQube) feed back
In Real Development Project • Each sprint, it can be implemented more than hundred Features, Change Request, Bug, Tasks, Defect-testing and vulnerable related issue. • So, each day it can be more than thousand source code commit request can be made. • It is really difficult to make manual build after each source code commit. Isn’t it? To Solve this problem, We would like to introduced CI/CD pipeline automates
Automatics CI/CD Pipeline A CI/CD process automates your software delivery process. Automated pipelines remove manual errors and provide standardized feedback loops. Some of the CI/CD tools Continuous Integration (CI) Continuous Delivery/ Deployment(CD)
Development Cycle Source Code Software Developer Git PUSH/PULL Repository Source Code [Branches] Build CI/CD Database Source Code Database Test Server (VM) Check Testing Software Quality Testing (Selenium) Software Security Testing (SonarQube) feed back
Till Now We have completed… Half of the DevOps That is only Dev – Part from DevOps Dev = Development
Let’s move on – Ops (Operations) part from DevOps Move on Ops – Part from DevOps Ops = Operations
Development Cycle (Progress so far…) Source Code Software Developer Git PUSH/PULL Repository Source Code [Branches] CI/CD Database Source Code Database Test Server (VM) Check Testing Software Quality Testing (Selenium) Software Security Testing (SonarQube) feed back
Take a close Look…Development Cycle! Source Code Software Developer-1 Git [Git Branch: dev1] Commit (Branch: Dev1) Repository (GitLab) Source Code CI/CD Database Source Code Database Test Server (VM) Check Testing Selenium SonarQube feed back Source Code Software Developer-2 Git [Git Branch: dev2] Database Source Code Software Developer-3 Git [Git Branch: dev3] Database Dev1 Dev2 Dev3 TestBranch LiveBranch
Development Cycle (Con’t) Repository (GitLab) Source Code Dev1 Dev2 Dev3 TestBranch LiveBranch Server Machine Database Database Server (VM[RAM: 12 GB]) Live Application Server (VM[RAM: 12 GB]) Test Application Server (VM[RAM: 12 GB]) Resources Server (VM [RAM: 12 GB]) Source Code Media/File/Folder Source Code Build + Deploy Build + Deploy HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 What is VM? CI/CD
What is VM(Virtual Machine)? A Virtual Machine (VM) is a compute resource that uses software instead of a physical computer to run programs and deploy apps. Each virtual machine runs its own CPU, memory, network interface, and storage, created on a physical hardware system (located off- or on-premises). Virtual machines run on top of the hypervisor software, which imitates the physical infrastructure and divides the resources into multiple virtual machines. The hypervisor is also referred to as the host machine or a virtual machine monitor. VMs tend to be bulky and be many gigabytes in size because each VM contains its own guest operating system, kernel, binaries, libraries, and its application.
Let’s introduced Containerization instead of VM • Containers create isolated environments in a physical server by virtualizing the host operating system and running packaged applications on top of it. • Instead of virtualizing the hardware like virtual machines, containers virtualize the OS. It’s built on top of a host OS kernel and usually shares its libraries and binaries. • Because it shares most of its necessities, containers only pack the application and its dependencies. They’re much lighter than VMs and only megabytes in size.
Containerization vs. Virtualization
Container A Container is a piece of software that packages code and all of its dependencies. Containerization is the process of packaging software code along with all of its essential components.
Popular container providers
Docker Docker is a containerization platform for packaging your application along with all of its dependencies. Docker is a free and open platform for developing, deploying, and running software. Advantages of Docker: Some of the benefits Docker delivers at various stages of the software development lifecycle (SDLC) are as below, 1.Build 2.Test 3.Deploy 4.Maintain
Development Cycle (Container) Server Machine Live Applicaton Docker 3 Live Applicaton Docker Test Application Docker User Service Docker HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 File Manager Docker Auth Service Docker Database Docker Live Applicaton Docker 2 Geolocation Service Docker API Service Docker Database Docker 2 Repository (GitLab) Dev1 Dev2 Dev3 TestBranch LiveBranch 1 CI/CD How to manage large number of docker?
Development Cycle (Con’t) Server Machine Live Applicaton Docker 3 Live Applicaton Docker Test Application Docker User Service Docker HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 File Manager Docker Auth Service Docker Database Docker Live Applicaton Docker 2 Geolocation Service Docker API Service Docker Database Docker 2 Repository (GitLab) Dev1 Dev2 Dev3 TestBranch LiveBranch 1 Container Orchestration CI/CD
Container Orchestration Container Orchestration automates the deployment, management, scaling and networking of containers. It is useful for the enterprises to deploy and manage multiple containers and hosts. Purposes of using Container Orchestration: A container orchestrator automatically deploys and manages containerized apps. 1. It responds dynamically to changes in the environment. 2. It ensures all deployed container instances get updated if a new version of a service is released. I. Dynamically respond to changes II. Deploy the same application across different environments.
Container Orchestration Tools Container orchestration tools provide a framework for managing containers and microservices architecture at scale. They simplify container management and provide a framework for managing multiple containers as one entity. Some popular tools used for container lifecycle management are:
Development Cycle (Con’t) Server Machine Docker HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 Docker Docker Repository (GitLab) Dev1 Dev2 Dev3 TestBranch LiveBranch 1 Container Orchestration CI/CD Docker Docker Docker Docker Docker Docker Docker Docker Docker Configuration Management System
Configuration Management Configuration Management: It is a system engineering method that ensures a product’s characteristics remain consistent during its life cycle. It may cover non-IT assets and work products used to develop services. It provides a configuration model of the services, assets and infrastructure by recording the relationship between- Service assets configuration items Controlled environments Operational use Any change in configuration can dramatically impact to (1) Performance (2) Security (3) Functionality
Advantages of configuration management Increase the efficiency with a well-defined configuration process that improves visibility Optimize cost by having detailed knowledge of all the IT elements. Track requirements form specification to testing Identify and control software versions. Enhances system and process reliability by detection effects Manage the information about the configuration item Provides faster restoration of your service if a process failure occurs Facilitate the conduct of functional configuration audits
Development Cycle (Con’t) Server Machine Docker HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 Docker Docker Repository (GitLab) Dev1 Dev2 Dev3 TestBranch LiveBranch 1 Container Orchestration CI/CD Docker Docker Docker Docker Docker Docker Docker Docker Docker Configuration Management System Continuous Monitoring
Continuous Monitoring Continuous Monitoring is the ability to detect risk, compliance, and security issues in an operational environment. It acts as an auditing tool, where it can navigate through old monitoring data to analyse and improve the performance of the system. The roles of Continuous Monitoring are: Assists in the design of a reliable system Displays application behaviour during peak business hours Reduces cost by acquiring precise knowledge of software asset duplication Reduces the chance of an application going down Notifies you if there is a problem with your application service Retrieves and analyses historical data
Types of Continuous Monitoring
The deals with the Monitoring
Tools for Continuous Monitoring
DevOps Cycle
DevOps Tools
DevOps DevOps is a set of practice that aims to provide superior quality software quickly by integrating the processes between the development and the operation teams.
DevSecOps DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.
More Resources http://techntuts.com/story/DevOps-Tutorial DevOps Tutorial Outline:- 1.DevOps-1: Introduction to DevOps 2.DevOps-2: Learn about Linux 3.DevOps-3: Version Control System [Git] 4.DevOps-4: Source Code Management (SCM) [Github] 5.DevOps-5: CI/CD [Jenkins] 6.DevOps-6: Software and Automation Testing Framework [Selenium] 7.DevOps-7: Configuration Management [Ansible] 8.DevOps-8: Containerization [Docker] 9.DevOps-9: Continuous Monitoring [Nagios] 10.DevOps-10: Continuous Orchestration [Kubernetes]
Session on evaluation of DevSecOps
Session on evaluation of DevSecOps

Recommended

DevOps Presentation.pptx
DevOps Presentation.pptxDevOps Presentation.pptx
DevOps Presentation.pptxAbdullah al Mamun
 
DevOps Overview in my own words
DevOps Overview in my own wordsDevOps Overview in my own words
DevOps Overview in my own wordsSUBHENDU KARMAKAR
 
DevOps Engineering.pptx
DevOps Engineering.pptxDevOps Engineering.pptx
DevOps Engineering.pptxAbalBoot
 
Agile at scale
Agile at scaleAgile at scale
Agile at scaleEric Cattoir
 
DevOps and Build Automation
DevOps and Build AutomationDevOps and Build Automation
DevOps and Build AutomationHeiswayi Nrird
 
DevOps Practices in a Nutshell
DevOps Practices in a NutshellDevOps Practices in a Nutshell
DevOps Practices in a NutshellFibonalabs
 
Adm Initial Proposal
Adm Initial ProposalAdm Initial Proposal
Adm Initial Proposalcfry
 
Code in the Cloud - December 8th 2014
Code in the Cloud - December 8th 2014Code in the Cloud - December 8th 2014
Code in the Cloud - December 8th 2014Microsoft Developer Network (MSDN) - Belgium and Luxembourg
 

Recommended

DevOps Presentation.pptx
DevOps Presentation.pptxDevOps Presentation.pptx
DevOps Presentation.pptxAbdullah al Mamun
 
DevOps Overview in my own words
DevOps Overview in my own wordsDevOps Overview in my own words
DevOps Overview in my own wordsSUBHENDU KARMAKAR
 
DevOps Engineering.pptx
DevOps Engineering.pptxDevOps Engineering.pptx
DevOps Engineering.pptxAbalBoot
 
Agile at scale
Agile at scaleAgile at scale
Agile at scaleEric Cattoir
 
DevOps and Build Automation
DevOps and Build AutomationDevOps and Build Automation
DevOps and Build AutomationHeiswayi Nrird
 
DevOps Practices in a Nutshell
DevOps Practices in a NutshellDevOps Practices in a Nutshell
DevOps Practices in a NutshellFibonalabs
 
Adm Initial Proposal
Adm Initial ProposalAdm Initial Proposal
Adm Initial Proposalcfry
 
Code in the Cloud - December 8th 2014
Code in the Cloud - December 8th 2014Code in the Cloud - December 8th 2014
Code in the Cloud - December 8th 2014Microsoft Developer Network (MSDN) - Belgium and Luxembourg
 
Soft lifecycle
Soft lifecycleSoft lifecycle
Soft lifecyclesathyakamsundher30
 
Application Lifecycle Management with Visual Studio 2013
Application Lifecycle Management with Visual Studio 2013Application Lifecycle Management with Visual Studio 2013
Application Lifecycle Management with Visual Studio 2013Mahmoud Samara
 
About online examination system
About online examination systemAbout online examination system
About online examination systemLearning Spiral Pvt. Ltd
 
My 15 day intern report
My 15 day intern reportMy 15 day intern report
My 15 day intern reportBibekShahShankhar
 
Incremental model
Incremental modelIncremental model
Incremental modelSajid Ali Laghari
 
Dev ops lpi-701
Dev ops lpi-701Dev ops lpi-701
Dev ops lpi-701Radhouen Assakra
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
 
Soft.Engg. UNIT 1.pptx
Soft.Engg. UNIT 1.pptxSoft.Engg. UNIT 1.pptx
Soft.Engg. UNIT 1.pptxKalpna Saharan
 
Testing in the new age of DevOps
Testing in the new age of DevOpsTesting in the new age of DevOps
Testing in the new age of DevOpsMoataz Mahmoud
 
what-is-devops.ppt
what-is-devops.pptwhat-is-devops.ppt
what-is-devops.pptMohammadSamiuddin10
 
About online examination system
About online examination systemAbout online examination system
About online examination systemLearning Spiral Pvt. Ltd
 
Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402Rosalind Radcliffe
 
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)Sogeti Nederland B.V.
 
ISE_Lecture Week 2-SW Process Models.ppt
ISE_Lecture Week 2-SW Process Models.pptISE_Lecture Week 2-SW Process Models.ppt
ISE_Lecture Week 2-SW Process Models.pptHumzaWaris1
 
Making software development processes to work for you
Making software development processes to work for youMaking software development processes to work for you
Making software development processes to work for youAmbientia
 
Webinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseWebinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseDBmaestro - Database DevOps
 
ITFT - Software development life cycle
ITFT - Software development life cycleITFT - Software development life cycle
ITFT - Software development life cycleShruti Kunwar
 
Best SQA Document.pdf
Best SQA Document.pdfBest SQA Document.pdf
Best SQA Document.pdfAzmatIqbal2
 
DevOps Pipeline for Liferay Application
DevOps Pipeline for Liferay ApplicationDevOps Pipeline for Liferay Application
DevOps Pipeline for Liferay ApplicationMaruti Gollapudi
 
Introduction to Software Engineering
Introduction to Software EngineeringIntroduction to Software Engineering
Introduction to Software EngineeringSibel Kuzgun AKIN
 
Underfitting and Overfitting in Machine Learning
Underfitting and Overfitting in Machine LearningUnderfitting and Overfitting in Machine Learning
Underfitting and Overfitting in Machine LearningAbdullah al Mamun
 
Recurrent Neural Networks (RNNs)
Recurrent Neural Networks (RNNs)Recurrent Neural Networks (RNNs)
Recurrent Neural Networks (RNNs)Abdullah al Mamun
 

More Related Content

Similar to Session on evaluation of DevSecOps

Application Lifecycle Management with Visual Studio 2013
Application Lifecycle Management with Visual Studio 2013Application Lifecycle Management with Visual Studio 2013
Application Lifecycle Management with Visual Studio 2013Mahmoud Samara
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
 
Soft.Engg. UNIT 1.pptx
Soft.Engg. UNIT 1.pptxSoft.Engg. UNIT 1.pptx
Soft.Engg. UNIT 1.pptxKalpna Saharan
 
Testing in the new age of DevOps
Testing in the new age of DevOpsTesting in the new age of DevOps
Testing in the new age of DevOpsMoataz Mahmoud
 
Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402Rosalind Radcliffe
 
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)Sogeti Nederland B.V.
 
ISE_Lecture Week 2-SW Process Models.ppt
ISE_Lecture Week 2-SW Process Models.pptISE_Lecture Week 2-SW Process Models.ppt
ISE_Lecture Week 2-SW Process Models.pptHumzaWaris1
 
Making software development processes to work for you
Making software development processes to work for youMaking software development processes to work for you
Making software development processes to work for youAmbientia
 
Webinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseWebinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseDBmaestro - Database DevOps
 
ITFT - Software development life cycle
ITFT - Software development life cycleITFT - Software development life cycle
ITFT - Software development life cycleShruti Kunwar
 
Best SQA Document.pdf
Best SQA Document.pdfBest SQA Document.pdf
Best SQA Document.pdfAzmatIqbal2
 
DevOps Pipeline for Liferay Application
DevOps Pipeline for Liferay ApplicationDevOps Pipeline for Liferay Application
DevOps Pipeline for Liferay ApplicationMaruti Gollapudi
 
Introduction to Software Engineering
Introduction to Software EngineeringIntroduction to Software Engineering
Introduction to Software EngineeringSibel Kuzgun AKIN
 

Similar to Session on evaluation of DevSecOps (20)

Soft lifecycle
Soft lifecycleSoft lifecycle
Soft lifecycle
 
Application Lifecycle Management with Visual Studio 2013
Application Lifecycle Management with Visual Studio 2013Application Lifecycle Management with Visual Studio 2013
Application Lifecycle Management with Visual Studio 2013
 
About online examination system
About online examination systemAbout online examination system
About online examination system
 
My 15 day intern report
My 15 day intern reportMy 15 day intern report
My 15 day intern report
 
Incremental model
Incremental modelIncremental model
Incremental model
 
Dev ops lpi-701
Dev ops lpi-701Dev ops lpi-701
Dev ops lpi-701
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks
 
Soft.Engg. UNIT 1.pptx
Soft.Engg. UNIT 1.pptxSoft.Engg. UNIT 1.pptx
Soft.Engg. UNIT 1.pptx
 
Testing in the new age of DevOps
Testing in the new age of DevOpsTesting in the new age of DevOps
Testing in the new age of DevOps
 
what-is-devops.ppt
what-is-devops.pptwhat-is-devops.ppt
what-is-devops.ppt
 
About online examination system
About online examination systemAbout online examination system
About online examination system
 
Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402Dev ops for mainframe innovate session 2402
Dev ops for mainframe innovate session 2402
 
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)
Imagine Digital Safety Assured - Arno van de Velde (Micro Focus)
 
ISE_Lecture Week 2-SW Process Models.ppt
ISE_Lecture Week 2-SW Process Models.pptISE_Lecture Week 2-SW Process Models.ppt
ISE_Lecture Week 2-SW Process Models.ppt
 
Making software development processes to work for you
Making software development processes to work for youMaking software development processes to work for you
Making software development processes to work for you
 
Webinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterpriseWebinar - Devops platform for the evolving enterprise
Webinar - Devops platform for the evolving enterprise
 
ITFT - Software development life cycle
ITFT - Software development life cycleITFT - Software development life cycle
ITFT - Software development life cycle
 
Best SQA Document.pdf
Best SQA Document.pdfBest SQA Document.pdf
Best SQA Document.pdf
 
DevOps Pipeline for Liferay Application
DevOps Pipeline for Liferay ApplicationDevOps Pipeline for Liferay Application
DevOps Pipeline for Liferay Application
 
Introduction to Software Engineering
Introduction to Software EngineeringIntroduction to Software Engineering
Introduction to Software Engineering
 

More from Abdullah al Mamun

Underfitting and Overfitting in Machine Learning
Underfitting and Overfitting in Machine LearningUnderfitting and Overfitting in Machine Learning
Underfitting and Overfitting in Machine LearningAbdullah al Mamun
 
Recurrent Neural Networks (RNNs)
Recurrent Neural Networks (RNNs)Recurrent Neural Networks (RNNs)
Recurrent Neural Networks (RNNs)Abdullah al Mamun
 
Principal Component Analysis PCA
Principal Component Analysis PCAPrincipal Component Analysis PCA
Principal Component Analysis PCAAbdullah al Mamun
 
Natural Language Processing (NLP)
Natural Language Processing (NLP)Natural Language Processing (NLP)
Natural Language Processing (NLP)Abdullah al Mamun
 
Multilayer Perceptron Neural Network MLP
Multilayer Perceptron Neural Network MLPMultilayer Perceptron Neural Network MLP
Multilayer Perceptron Neural Network MLPAbdullah al Mamun
 
Ensemble Method (Bagging Boosting)
Ensemble Method (Bagging Boosting)Ensemble Method (Bagging Boosting)
Ensemble Method (Bagging Boosting)Abdullah al Mamun
 
Convolutional Neural Networks CNN
Convolutional Neural Networks CNNConvolutional Neural Networks CNN
Convolutional Neural Networks CNNAbdullah al Mamun
 
Artificial Neural Network ANN
Artificial Neural Network ANNArtificial Neural Network ANN
Artificial Neural Network ANNAbdullah al Mamun
 
Reinforcement Learning, Application and Q-Learning
Reinforcement Learning, Application and Q-LearningReinforcement Learning, Application and Q-Learning
Reinforcement Learning, Application and Q-LearningAbdullah al Mamun
 
Artificial Intelligence: Classification, Applications, Opportunities, and Cha...
Artificial Intelligence: Classification, Applications, Opportunities, and Cha...Artificial Intelligence: Classification, Applications, Opportunities, and Cha...
Artificial Intelligence: Classification, Applications, Opportunities, and Cha...Abdullah al Mamun
 
Python Virtual Environment.pptx
Python Virtual Environment.pptxPython Virtual Environment.pptx
Python Virtual Environment.pptxAbdullah al Mamun
 
Artificial intelligence Presentation.pptx
Artificial intelligence Presentation.pptxArtificial intelligence Presentation.pptx
Artificial intelligence Presentation.pptxAbdullah al Mamun
 
An approach to empirical Optical Character recognition paradigm using Multi-L...
An approach to empirical Optical Character recognition paradigm using Multi-L...An approach to empirical Optical Character recognition paradigm using Multi-L...
An approach to empirical Optical Character recognition paradigm using Multi-L...Abdullah al Mamun
 
Automatic Speaker Recognition system using MFCC and VQ approach
Automatic Speaker Recognition system using MFCC and VQ approachAutomatic Speaker Recognition system using MFCC and VQ approach
Automatic Speaker Recognition system using MFCC and VQ approachAbdullah al Mamun
 

More from Abdullah al Mamun (20)

Underfitting and Overfitting in Machine Learning
Underfitting and Overfitting in Machine LearningUnderfitting and Overfitting in Machine Learning
Underfitting and Overfitting in Machine Learning
 
Recurrent Neural Networks (RNNs)
Recurrent Neural Networks (RNNs)Recurrent Neural Networks (RNNs)
Recurrent Neural Networks (RNNs)
 
Random Forest
Random ForestRandom Forest
Random Forest
 
Principal Component Analysis PCA
Principal Component Analysis PCAPrincipal Component Analysis PCA
Principal Component Analysis PCA
 
Natural Language Processing (NLP)
Natural Language Processing (NLP)Natural Language Processing (NLP)
Natural Language Processing (NLP)
 
Naive Bayes
Naive BayesNaive Bayes
Naive Bayes
 
Multilayer Perceptron Neural Network MLP
Multilayer Perceptron Neural Network MLPMultilayer Perceptron Neural Network MLP
Multilayer Perceptron Neural Network MLP
 
Long Short Term Memory LSTM
Long Short Term Memory LSTMLong Short Term Memory LSTM
Long Short Term Memory LSTM
 
Linear Regression
Linear RegressionLinear Regression
Linear Regression
 
K-Nearest Neighbor(KNN)
K-Nearest Neighbor(KNN)K-Nearest Neighbor(KNN)
K-Nearest Neighbor(KNN)
 
Hidden Markov Model (HMM)
Hidden Markov Model (HMM)Hidden Markov Model (HMM)
Hidden Markov Model (HMM)
 
Ensemble Method (Bagging Boosting)
Ensemble Method (Bagging Boosting)Ensemble Method (Bagging Boosting)
Ensemble Method (Bagging Boosting)
 
Convolutional Neural Networks CNN
Convolutional Neural Networks CNNConvolutional Neural Networks CNN
Convolutional Neural Networks CNN
 
Artificial Neural Network ANN
Artificial Neural Network ANNArtificial Neural Network ANN
Artificial Neural Network ANN
 
Reinforcement Learning, Application and Q-Learning
Reinforcement Learning, Application and Q-LearningReinforcement Learning, Application and Q-Learning
Reinforcement Learning, Application and Q-Learning
 
Artificial Intelligence: Classification, Applications, Opportunities, and Cha...
Artificial Intelligence: Classification, Applications, Opportunities, and Cha...Artificial Intelligence: Classification, Applications, Opportunities, and Cha...
Artificial Intelligence: Classification, Applications, Opportunities, and Cha...
 
Python Virtual Environment.pptx
Python Virtual Environment.pptxPython Virtual Environment.pptx
Python Virtual Environment.pptx
 
Artificial intelligence Presentation.pptx
Artificial intelligence Presentation.pptxArtificial intelligence Presentation.pptx
Artificial intelligence Presentation.pptx
 
An approach to empirical Optical Character recognition paradigm using Multi-L...
An approach to empirical Optical Character recognition paradigm using Multi-L...An approach to empirical Optical Character recognition paradigm using Multi-L...
An approach to empirical Optical Character recognition paradigm using Multi-L...
 
Automatic Speaker Recognition system using MFCC and VQ approach
Automatic Speaker Recognition system using MFCC and VQ approachAutomatic Speaker Recognition system using MFCC and VQ approach
Automatic Speaker Recognition system using MFCC and VQ approach
 

Recently uploaded

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 

Recently uploaded (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 

Session on evaluation of DevSecOps

  • 1. Session on evaluation of DevSecOps Development Security Operations Presented By:- Md. Abdullah al Mamun Manager, DevSecOps, New Core Planning(NCP) Robi Axiata Limited
  • 3. SDLC Software Development Life Cycle is the application of standard business practices to building software applications. It's typically divided into six to eight steps: Planning, Requirements, Design, Build, Document, Test, Deploy, Maintain.
  • 4. Project Workflow 1. Planning 2. Analysis 3. Design 4. Implementation 5. Testing 6. Integration 7. Maintenance
  • 5. Student Management System Roles 1. Students 2. Teacher 3. Admin Admin + Teachers 1. Dashboard: In this section, admin can see all detail in brief like Total Classes, Total Students, Total Class Notices and Total Public Notices. 2. Class: In this section, admin can manage class (Add/Update/Delete). 3. Students: In this section, admin can manage the students (Add/Update/Delete). 4. Notices: In this section, the admin can manage notices (Add/Update/Delete). 5. Public Notices: In this section, the admin can manage public notices. 6. Pages: In this section admin, can manage about us and contact us page of administration 7. Search: In this section admin, can search students by their student id. 8. Reports: In this section admin, can view how much students has been register in particular period. 9. Admin can also update his profile, change the password and recover the password. Students: 1. Dashboard: It is welcome page for students. 2. View: In this section, user can view notices which are announced by administrator. Can view marks to the exam result. 3. Student can also view his profile, change the password and recover the password..
  • 7. Student Management System – Technical Specification • User Interface(UI): HTML, AJAX,JQUERY,JAVASCRIPT • Database: MySQL • Programming Language: PHP • PHP Framwork: Laravel • Sever: 8 Core Linux Server Bla bla bla…
  • 8. Project Team Members Project Manager Business Developer SQA Security Cloud DBA Network 1 1 1 1 1 1 1 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository Local Computer Build Test Server Virtual Machine Build > Publish Deploy. Server Virtual Machine
  • 9. Waterfall Methodology Waterfall Model methodology which is also known as Liner Sequential Life Cycle Model. Waterfall Model followed in the sequential order, and so project development team only moves to next phase of development or testing if the previous step completed successfully.
  • 10. Advantages of Waterfall Model • It is one the easiest model to manage. Because of its nature, each phase has specific deliverables and a review process. • It works well for smaller size projects where requirements are easily understandable. • Faster delivery of the project • Process and results are well documented. • Easily adaptable method for shifting teams • This project management methodology is beneficial to manage dependencies. There are large number of project is being implemented by Waterfall Model
  • 11. What’s Happen? • If Client change some requirements in the mid of the development? • If application can find a bug/vulnerable issue after staging? • If Client would like to add another modules like Student Advisor Role? • Something like that…. Waterfall Model methodology is unable to solve these types of problems!
  • 12. Limitations of Waterfall Model • It is not an ideal model for a large size project • If the requirement is not clear at the beginning, it is a less effective method. • Very difficult to move back to makes changes in the previous phases. • The testing process starts once development is over. Hence, it has high chances of bugs to be found later in development where they are expensive to fix.
  • 13. Agaile Agile is an iterative approach to project management and software development that helps teams deliver value to their customers faster and with fewer headaches.
  • 14. Advantages of the Agile Model • It is focused client process. So, it makes sure that the client is continuously involved during every stage. • Agile teams are extremely motivated and self-organized so it likely to provide a better result from the development projects. • Agile software development method assures that quality of the development is maintained • The process is completely based on the incremental progress. Therefore, the client and team know exactly what is complete and what is not. This reduces risk in the development process.
  • 15. Previous Problem? SOLVED! • Client changes requirements can easily integrable. • Application bug/vulnerable issue can be solvable. • Adding another modules is possible • Something like that…. Agile methodology is able to solve this types of problems!
  • 16. Let’s imagine • Many of School is interested to use your “School Management System” • Your application business has been expanded Application-1 Database - 1 School-1 Application-2 Database - 2 School-2 Application-3 Database - 3 School-3 Application-N Database - N School-N
  • 17. SaaS Model • “School Management System” need to implemented your business is as SasS Model. What is SaaS Model?
  • 18. Software as a Service (SaaS) Model DB-1 DB-2 DB-3 Source Code Application-1 Application-2 Application-3
  • 19. Project Team Members (Prev.) Project Manager Business Developer SQA Security Cloud DBA Network 1 1 1 1 1 1 1 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository Local Computer
  • 20. Project Team Members (Now) Project Manager Business Developer SQA Security Cloud DBA Network 3 5 2 2 3 2 3 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository Local Computer How to source code can be manage for large development team ?
  • 21. Why Version Control system is Important? As we know that a software product is developed in collaboration by a group of developers they might be located at different locations and each one of them contributes to some specific kind of functionality/features. So in order to contribute to the product, they made modifications to the source code(either by adding or removing). A version control system is a kind of software that helps the developer team to efficiently communicate and manage(track) all the changes that have been made to the source code along with the information like who made and what changes have been made Version Control System keeps track on changes made on a particular software and take a snapshot of every modification.
  • 22. Version Control Systems Version control, also known as source control, is the practice of tracking and managing changes to software code. Version control systems are software tools that help software teams manage changes to source code over time. As development environments have accelerated, version control systems help software teams work faster and smarter.
  • 23. Project Team Members (Now) Project Manager Business Developer SQA Security Cloud DBA Network 3 5 2 2 3 2 3 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository Local Computer Source Code Repository?
  • 24. Source Code Repository(SCM) A code repository is an archive of the code itself that is being worked on. Beyond the code itself, you can keep things such as documentation, notes, web pages, and other items in your repository. A code repository is required for any successful software development project.
  • 25. Github GitHub, Inc. is a provider of Internet hosting for software development and version control using Git. It offers the distributed version control and source code management (SCM) functionality of Git, plus its own features. It provides access control and several collaboration features such as bug tracking, feature requests, task management, continuous integration, and wikis for every project.
  • 26. Project Team Members (Recap.) Project Manager Business Developer SQA Security Cloud DBA Network 3 5 2 2 3 2 3 Prepared Documentatio n & Analysis Computer Source Code Database Software Quality Test Selenium Software Security Test SonarQube Network Configuration Deployment (cPanel/Cloud) Repository GitLab Version Control Git
  • 27. Development Cycle Source Code Software Developer(Local) Git PUSH/PULL Repository (GitLab) Source Code [Branches] Build Manual Database Source Code Database Test Server (VM) Check Testing Software Quality Testing (Selenium) Software Security Testing (SonarQube) feed back
  • 28. In Real Development Project • Each sprint, it can be implemented more than hundred Features, Change Request, Bug, Tasks, Defect-testing and vulnerable related issue. • So, each day it can be more than thousand source code commit request can be made. • It is really difficult to make manual build after each source code commit. Isn’t it? To Solve this problem, We would like to introduced CI/CD pipeline automates
  • 29. Automatics CI/CD Pipeline A CI/CD process automates your software delivery process. Automated pipelines remove manual errors and provide standardized feedback loops. Some of the CI/CD tools Continuous Integration (CI) Continuous Delivery/ Deployment(CD)
  • 30. Development Cycle Source Code Software Developer Git PUSH/PULL Repository Source Code [Branches] Build CI/CD Database Source Code Database Test Server (VM) Check Testing Software Quality Testing (Selenium) Software Security Testing (SonarQube) feed back
  • 31. Till Now We have completed… Half of the DevOps That is only Dev – Part from DevOps Dev = Development
  • 32. Let’s move on – Ops (Operations) part from DevOps Move on Ops – Part from DevOps Ops = Operations
  • 33. Development Cycle (Progress so far…) Source Code Software Developer Git PUSH/PULL Repository Source Code [Branches] CI/CD Database Source Code Database Test Server (VM) Check Testing Software Quality Testing (Selenium) Software Security Testing (SonarQube) feed back
  • 34. Take a close Look…Development Cycle! Source Code Software Developer-1 Git [Git Branch: dev1] Commit (Branch: Dev1) Repository (GitLab) Source Code CI/CD Database Source Code Database Test Server (VM) Check Testing Selenium SonarQube feed back Source Code Software Developer-2 Git [Git Branch: dev2] Database Source Code Software Developer-3 Git [Git Branch: dev3] Database Dev1 Dev2 Dev3 TestBranch LiveBranch
  • 35. Development Cycle (Con’t) Repository (GitLab) Source Code Dev1 Dev2 Dev3 TestBranch LiveBranch Server Machine Database Database Server (VM[RAM: 12 GB]) Live Application Server (VM[RAM: 12 GB]) Test Application Server (VM[RAM: 12 GB]) Resources Server (VM [RAM: 12 GB]) Source Code Media/File/Folder Source Code Build + Deploy Build + Deploy HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 What is VM? CI/CD
  • 36. What is VM(Virtual Machine)? A Virtual Machine (VM) is a compute resource that uses software instead of a physical computer to run programs and deploy apps. Each virtual machine runs its own CPU, memory, network interface, and storage, created on a physical hardware system (located off- or on-premises). Virtual machines run on top of the hypervisor software, which imitates the physical infrastructure and divides the resources into multiple virtual machines. The hypervisor is also referred to as the host machine or a virtual machine monitor. VMs tend to be bulky and be many gigabytes in size because each VM contains its own guest operating system, kernel, binaries, libraries, and its application.
  • 37. Let’s introduced Containerization instead of VM • Containers create isolated environments in a physical server by virtualizing the host operating system and running packaged applications on top of it. • Instead of virtualizing the hardware like virtual machines, containers virtualize the OS. It’s built on top of a host OS kernel and usually shares its libraries and binaries. • Because it shares most of its necessities, containers only pack the application and its dependencies. They’re much lighter than VMs and only megabytes in size.
  • 39. Container A Container is a piece of software that packages code and all of its dependencies. Containerization is the process of packaging software code along with all of its essential components.
  • 41. Docker Docker is a containerization platform for packaging your application along with all of its dependencies. Docker is a free and open platform for developing, deploying, and running software. Advantages of Docker: Some of the benefits Docker delivers at various stages of the software development lifecycle (SDLC) are as below, 1.Build 2.Test 3.Deploy 4.Maintain
  • 42. Development Cycle (Container) Server Machine Live Applicaton Docker 3 Live Applicaton Docker Test Application Docker User Service Docker HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 File Manager Docker Auth Service Docker Database Docker Live Applicaton Docker 2 Geolocation Service Docker API Service Docker Database Docker 2 Repository (GitLab) Dev1 Dev2 Dev3 TestBranch LiveBranch 1 CI/CD How to manage large number of docker?
  • 43. Development Cycle (Con’t) Server Machine Live Applicaton Docker 3 Live Applicaton Docker Test Application Docker User Service Docker HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 File Manager Docker Auth Service Docker Database Docker Live Applicaton Docker 2 Geolocation Service Docker API Service Docker Database Docker 2 Repository (GitLab) Dev1 Dev2 Dev3 TestBranch LiveBranch 1 Container Orchestration CI/CD
  • 44. Container Orchestration Container Orchestration automates the deployment, management, scaling and networking of containers. It is useful for the enterprises to deploy and manage multiple containers and hosts. Purposes of using Container Orchestration: A container orchestrator automatically deploys and manages containerized apps. 1. It responds dynamically to changes in the environment. 2. It ensures all deployed container instances get updated if a new version of a service is released. I. Dynamically respond to changes II. Deploy the same application across different environments.
  • 45. Container Orchestration Tools Container orchestration tools provide a framework for managing containers and microservices architecture at scale. They simplify container management and provide a framework for managing multiple containers as one entity. Some popular tools used for container lifecycle management are:
  • 46. Development Cycle (Con’t) Server Machine Docker HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 Docker Docker Repository (GitLab) Dev1 Dev2 Dev3 TestBranch LiveBranch 1 Container Orchestration CI/CD Docker Docker Docker Docker Docker Docker Docker Docker Docker Configuration Management System
  • 47. Configuration Management Configuration Management: It is a system engineering method that ensures a product’s characteristics remain consistent during its life cycle. It may cover non-IT assets and work products used to develop services. It provides a configuration model of the services, assets and infrastructure by recording the relationship between- Service assets configuration items Controlled environments Operational use Any change in configuration can dramatically impact to (1) Performance (2) Security (3) Functionality
  • 48. Advantages of configuration management Increase the efficiency with a well-defined configuration process that improves visibility Optimize cost by having detailed knowledge of all the IT elements. Track requirements form specification to testing Identify and control software versions. Enhances system and process reliability by detection effects Manage the information about the configuration item Provides faster restoration of your service if a process failure occurs Facilitate the conduct of functional configuration audits
  • 49. Development Cycle (Con’t) Server Machine Docker HDD: 18TB 7200 RPM SATA CPU: Intel Xeon, Core: 32, Clock: 2.70-4.00GHz, Cache: 48MB RAM: 64GB DDR4 Docker Docker Repository (GitLab) Dev1 Dev2 Dev3 TestBranch LiveBranch 1 Container Orchestration CI/CD Docker Docker Docker Docker Docker Docker Docker Docker Docker Configuration Management System Continuous Monitoring
  • 50. Continuous Monitoring Continuous Monitoring is the ability to detect risk, compliance, and security issues in an operational environment. It acts as an auditing tool, where it can navigate through old monitoring data to analyse and improve the performance of the system. The roles of Continuous Monitoring are: Assists in the design of a reliable system Displays application behaviour during peak business hours Reduces cost by acquiring precise knowledge of software asset duplication Reduces the chance of an application going down Notifies you if there is a problem with your application service Retrieves and analyses historical data
  • 51. Types of Continuous Monitoring
  • 52. The deals with the Monitoring
  • 53. Tools for Continuous Monitoring
  • 56. DevOps DevOps is a set of practice that aims to provide superior quality software quickly by integrating the processes between the development and the operation teams.
  • 57. DevSecOps DevSecOps (short for development, security, and operations) is a development practice that integrates security initiatives at every stage of the software development lifecycle to deliver robust and secure applications.
  • 58. More Resources http://techntuts.com/story/DevOps-Tutorial DevOps Tutorial Outline:- 1.DevOps-1: Introduction to DevOps 2.DevOps-2: Learn about Linux 3.DevOps-3: Version Control System [Git] 4.DevOps-4: Source Code Management (SCM) [Github] 5.DevOps-5: CI/CD [Jenkins] 6.DevOps-6: Software and Automation Testing Framework [Selenium] 7.DevOps-7: Configuration Management [Ansible] 8.DevOps-8: Containerization [Docker] 9.DevOps-9: Continuous Monitoring [Nagios] 10.DevOps-10: Continuous Orchestration [Kubernetes]

Editor's Notes

  1. https://www.guru99.com/waterfall-vs-agile.html
  2. http://techntuts.com/story/DevOps-Version-Control-System-Git
  3. http://techntuts.com/story/DevOps-Version-Control-System-Git
  4. http://techntuts.com/story/DevOps-Source-Code-Management-SCM-Github
  5. http://techntuts.com/story/DevOps-Source-Code-Management-SCM-Github
  6. http://techntuts.com/story/DevOps-Containerization-Docker
  7. http://techntuts.com/story/DevOps-Continuous-Orchestration-Kubernetes
  8. http://techntuts.com/story/DevOps-Continuous-Orchestration-Kubernetes