Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Open Source Infrastructure / Development & Security > How to make it work?

776 views

Published on

Beginning of November 2017; Kangaroot was present at the IT & Digital Leaders / Noord Infosec Dialogue Benelux. Peter Dens explained how open source is used and gave some insights on containers and how to leverage you DevOps into a more secure environment.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Open Source Infrastructure / Development & Security > How to make it work?

  1. 1. Open source Infrastructure / Development and Security how to make it work Peter Dens peter@kangaroot.net
  2. 2. belgium’s top linux and open source service provider 100% independent 17 years of experience in Open Source Consultancy, Architecture, Implementation and Support For big and small companies About us Benchmark and Test both hardware and software
  3. 3. Open Source + Kangaroot = Product + Support + Expertise Consulting credits Support service
  4. 4. OPEN SOURCE USAGE Why/Where do organisations use Open Source ? • Infrastructure • Development / Code
  5. 5. INFRASTRUCTURE OPEN SOURCE = ORGANIC • Started underground • No formal process for updates/patches • Make sure you have ALL supporting processes • Patching • Configuration Management • Backup • Monitoring & Alerting • Centralised logging
  6. 6. INFRAsTRUCTURE • Patching : Red Hat satellite, Suse Manager, …. • Configuration Management : Chef, Ansible, Puppet • Backup : any… as long as you test it • Monitoring : • Regular Monitoring : Zabbix, Icinga, Nagios, … • API driven monitoring : Prometheus • Centralized Logging • Elastic search (ELK) • Correlate events
  7. 7. INFRAsTRUCTURE OPEN SOURCE = INNOVATION • New challenges • CI/CD & Containers • Developers in the driver’seat ? • Do they care about Security ? • What after a release ?
  8. 8. Transform to Hybrid Infrastructure Hybrid Infrastructure -Move from large, monolithic applications -Reduce operational cost with automation -Reduce CapEx with the appropriate resource utilization -Transform culture: more dev, less ops -Deliver “always-on” services -Auto-scale to maximize your business’ growth potential -Optimize IT with a mix of internal and external services -Empower a rising developer class to build apps and microservices fast
  9. 9. DOCKER : 5Y TREND
  10. 10. Containers
  11. 11. Containers BUT : • Developers build containers • You don’t patch containers , you replace them • Do your OPS people know what’s inside ? • Secrets Management ? • Where do they run ? • You thought VM sprawl was bad … ?
  12. 12. Containers
  13. 13. Containers Our recommendations : • Scan all containers in the container registry • CLAIR • Twistlock, Docker Scan, … • Central Secrets database : Hashicorp Vault, … • Container Management Platform : Rancher, Openshift, … • Get a full grip on CI/CD • Auditability • Capacity Planning • Trusted Docker images ( e.g. Red Hat Container Catalog, … )
  14. 14. DEVELOPMENT
  15. 15. DEVELOPMENT Issues : • Developers re-use existing code • Access to code, libraries, etc is easier than ever What you need : • Vulnerability Inventory • Licensing Inventory
  16. 16. DEVELOPMENT
  17. 17. DEVELOPMENT
  18. 18. DEVELOPMENT
  19. 19. QUESTIONS ?
  20. 20. WWW.KANGAROOT.NET ROOT Open Source Breakfast Sessions www.kangaroot.net/root kangarootlinux @kangarootlinux Kangaroot-linux-solutions Let us advise | design | implement | support your open it infrastructure Stay in touch magazine. KANGAROOT .NET

×