SlideShare a Scribd company logo

WITS 2022_ModernizationAndInfrastructureAsCode.pptx

Shikha Srivastava
Shikha Srivastava

Cloud solutions have evolved tremendously in recent years, but many customers still shy away from moving their mission-critical workloads to the cloud, due to security and compliance concerns. Join our session to get insights on how Continuous Integration/Continuous Delivery/Security Pipelines and Infrastructure as Code can address these concerns and enable successful Hybrid Cloud Solutions. Key Takeaways: - Understand benefits of Hybrid Cloud - Understand cloud concepts, Dev/Sec/Ops and technologies for CI/CD and Infrastructure as Code - Identify practical scenarios for using Infrastructure as Code for multiple Industries considering Hybrid cloud deployments and solutions.

Engineering
1 of 21
Infrastructure as Code Helping You Conquer the Cloud Ana Biazetti, Distinguished Engineer, IBM Cloud for Financial Services Master Inventor Shikha Srivastava, Distinguished Engineer - IBM SaaS Master Inventor
Agenda • Landscape of Modernization and Hybrid Cloud • Challenges and Opportunities • Continuous Integration and Continuous Delivery • Infrastructure as Code • Scenarios and Examples • Summary and Call to Action
Rise of Cloud and Modernization Mainframe Client Server Web Cloud Pain Points with Monoliths • Large Applications are complex • Full application upgrade required for minor or major updates • Difficult to scale • Bug in one module brings down the entire application • Painful to adopt new technologies
Cloud has changed expectations Availability 24X7 Hyperscale Agility Start small and grow to enterprise scale Uptime with defined SLAs Deliver in-time and deliver at regular interval
An approach to modernization Rationalize and decommission 20% Hybrid IT Modernize and Migrate to Cloud …on any cloud platform Private Cloud on premises Dedicated/Hosted off-premises Public Cloud 20% Traditional on premises Re-Host (lift & shift) Re-Platform Re-Architect (Microservices / APIs) 10% 10% 15% Public SaaS Retain on Traditional + for selected apps: - Automate - Containerise Replace with “as a service” solution 10% 50% Refactor 15%
Hybrid Cloud – Best of the both worlds Public Cloud Fully Customizable Secure by Design Full control and robust management Elastic Pay-as-you go mode Low entry cost Maximize returns Match workload to best fit infrastructure Meet Capacity Highly scalable Innovate at the speed of your choice Private Cloud
What does it take to modernize Collaboration and Communication Continuous Integration Continuous Delivery Observability Change and incident management Security and Compliance Test and Quality Scale Plan Build Test Secure Release Operate Modernization Ideas Modernization Ideas Iterate
Dev and SRE collaboration Modernization requires Dev and SRE to work together towards DevSecOps approach Developers Create SRE Manage Shift Left SRE ( DevSecOps) Communication Collaboration Integration
Write application Code Write infrastructure as code and templatize Reliability as code Create your DevSecOps pipeline leveraging CICD Iterate Design Shikha Dev and SRE collaboration Modernization requires robust CI/CD pipeline
Write application Code Write infrastructure as code and templatize Reliability as code Create your DevSecOps pipeline leveraging CI/CD Iterate Design Dev and SRE collaboration Modernization requires robust CI/CD pipeline
CD Continuous Delivery CI Continuous Integration CD Continuous Deployment Production Ops Team Dev Team Source Code • Clear definition of tasks (“Runbook”) • Faster Delivery • Improved processes • Automation and reduction of errors Pipelines and CI/CD: Connecting Dev with Sec/Ops
/ Type DevOps GitOps GitOps Structure Each part of the pipeline is 1 YAML Each part of the pipeline is 1 YAML Only 1 Jenkins file Pipelines Manager X X -- Language Go Go Java with Plugins Tekton Tekton Server/VM K8s-native Part of K8 project (Cloud Native) Cloud Native No (Server/V M) Execution Multiple PODs Paralelis m Multiple PODs Only 1 POD, Sequential Execution V3.0 Pipeline Technologies
Everything as Code Automate Everything DevOps and Security have merged Speed with Control for Modernized Workloads on Hybrid Cloud Shift-Left Governance 1 3
Infrastructure as Code (IaC) helping with Modernization to Hybrid Cloud Codify infrastructure in a way that makes provisioning automated, faster, and repeatable. Infrastructure as Code Technology: ○ Terraform ○ Ansible ○ Chef ○ Puppet Benefits: ● Improve speed ● Improve reliability ● Prevent configuration drift ● Support experimentation, testing, and optimization
Terraform ● Terraform is an open source “Infrastructure as Code” tool, created by HashiCorp. ● A declarative coding tool, describes the desired “end-state” infrastructure ● simple syntax ● provision infrastructure across multiple cloud and on-premises data centers https://www.terraform.io/
Terraform Concepts: Templates, Modules and Providers
Terraform Example
Scenario: Financial Service Core Banking Application
Summary – Modernization is a journey Identify what to modernize Nail down the hybrid design and dependencies Reliable repeatable automation – “Everything- as-Code” Drive standardizati on and reuse Iterate Mitigate security risks as early as possible – “Shift-left”
References CI/CD Pipelines ● Continuous Integration ● Continuous Delivery ● Tekton ● Tekton versus Jenkins ● Speed and resiliency: two sides of the same coin ● DevSecOps Intro ● Pipelines enabling Audit and Compliance ● CI template ● CD template ● IBM Cloud for Financial Services pattern infrastructure as Code • Terraform • Infrastructure as Code • IBM Cloud Terraform Provider • IBM Cloud Terraform Modules • Terraform versus other infrastructure as code options
Thank You!

Recommended

It summit 2014_migrating_applications_to_the_cloud-5
It summit 2014_migrating_applications_to_the_cloud-5It summit 2014_migrating_applications_to_the_cloud-5
It summit 2014_migrating_applications_to_the_cloud-5margaret_ronald
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetupcornelia davis
 
ClearScale: Continuous Automation with Docker on AWS
ClearScale: Continuous Automation with Docker on AWSClearScale: Continuous Automation with Docker on AWS
ClearScale: Continuous Automation with Docker on AWSAmazon Web Services
 
Best Practices for Building Hybrid-Cloud Architectures | Hans Jespersen
Best Practices for Building Hybrid-Cloud Architectures | Hans JespersenBest Practices for Building Hybrid-Cloud Architectures | Hans Jespersen
Best Practices for Building Hybrid-Cloud Architectures | Hans Jespersenconfluent
 
Faster, more Secure Application Modernization and Replatforming with PKS - Ku...
Faster, more Secure Application Modernization and Replatforming with PKS - Ku...Faster, more Secure Application Modernization and Replatforming with PKS - Ku...
Faster, more Secure Application Modernization and Replatforming with PKS - Ku...VMware Tanzu
 
GCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native ArchitecturesGCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native Architecturesnine
 
Enterprise DevOps and the Modern Mainframe Webcast Presentation
Enterprise DevOps and the Modern Mainframe Webcast PresentationEnterprise DevOps and the Modern Mainframe Webcast Presentation
Enterprise DevOps and the Modern Mainframe Webcast PresentationCompuware
 
.NET Cloud-Native Bootcamp- Los Angeles
.NET Cloud-Native Bootcamp- Los Angeles.NET Cloud-Native Bootcamp- Los Angeles
.NET Cloud-Native Bootcamp- Los AngelesVMware Tanzu
 

Recommended

It summit 2014_migrating_applications_to_the_cloud-5
It summit 2014_migrating_applications_to_the_cloud-5It summit 2014_migrating_applications_to_the_cloud-5
It summit 2014_migrating_applications_to_the_cloud-5margaret_ronald
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetupcornelia davis
 
ClearScale: Continuous Automation with Docker on AWS
ClearScale: Continuous Automation with Docker on AWSClearScale: Continuous Automation with Docker on AWS
ClearScale: Continuous Automation with Docker on AWSAmazon Web Services
 
Best Practices for Building Hybrid-Cloud Architectures | Hans Jespersen
Best Practices for Building Hybrid-Cloud Architectures | Hans JespersenBest Practices for Building Hybrid-Cloud Architectures | Hans Jespersen
Best Practices for Building Hybrid-Cloud Architectures | Hans Jespersenconfluent
 
Faster, more Secure Application Modernization and Replatforming with PKS - Ku...
Faster, more Secure Application Modernization and Replatforming with PKS - Ku...Faster, more Secure Application Modernization and Replatforming with PKS - Ku...
Faster, more Secure Application Modernization and Replatforming with PKS - Ku...VMware Tanzu
 
GCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native ArchitecturesGCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native Architecturesnine
 
Enterprise DevOps and the Modern Mainframe Webcast Presentation
Enterprise DevOps and the Modern Mainframe Webcast PresentationEnterprise DevOps and the Modern Mainframe Webcast Presentation
Enterprise DevOps and the Modern Mainframe Webcast PresentationCompuware
 
.NET Cloud-Native Bootcamp- Los Angeles
.NET Cloud-Native Bootcamp- Los Angeles.NET Cloud-Native Bootcamp- Los Angeles
.NET Cloud-Native Bootcamp- Los AngelesVMware Tanzu
 
Cloud native integration
Cloud native integrationCloud native integration
Cloud native integrationKim Clark
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeSanjeev Sharma
 
Jelastic for Hosting & MSP
Jelastic for Hosting & MSPJelastic for Hosting & MSP
Jelastic for Hosting & MSPDmitry Lazarenko
 
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativeKubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativecornelia davis
 
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativeKubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativeVMware Tanzu
 
56k.cloud training
56k.cloud training56k.cloud training
56k.cloud trainingBrian Christner
 
Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Sanjeev Sharma
 
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...Dmitry Lazarenko
 
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...Ian Choi
 
Deploying more technology to shift from agility to anti-fragility
Deploying more technology to shift from agility to anti-fragilityDeploying more technology to shift from agility to anti-fragility
Deploying more technology to shift from agility to anti-fragilitySpyros Lambrinidis
 
Morphis Technologies Overview
Morphis Technologies OverviewMorphis Technologies Overview
Morphis Technologies Overviewjrhartley62
 
Automating Applications with Habitat - Sydney Cloud Native Meetup
Automating Applications with Habitat - Sydney Cloud Native MeetupAutomating Applications with Habitat - Sydney Cloud Native Meetup
Automating Applications with Habitat - Sydney Cloud Native MeetupMatt Ray
 
.NET Cloud-Native Bootcamp
.NET Cloud-Native Bootcamp.NET Cloud-Native Bootcamp
.NET Cloud-Native BootcampVMware Tanzu
 
Innovation with Open Sources and App Modernization for Developers | Ian Y. Choi
Innovation with Open Sources and App Modernization for Developers | Ian Y. ChoiInnovation with Open Sources and App Modernization for Developers | Ian Y. Choi
Innovation with Open Sources and App Modernization for Developers | Ian Y. ChoiVietnam Open Infrastructure User Group
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Ken Owens
 
Lugano Tech Talks - Why Docker
Lugano Tech Talks - Why DockerLugano Tech Talks - Why Docker
Lugano Tech Talks - Why DockerBrian Christner
 
Episode 1: Building Kubernetes-as-a-Service
Episode 1: Building Kubernetes-as-a-ServiceEpisode 1: Building Kubernetes-as-a-Service
Episode 1: Building Kubernetes-as-a-ServiceMesosphere Inc.
 
Erik Baardse - Bringing Agility to Traditional application by docker
Erik Baardse - Bringing Agility to Traditional application by dockerErik Baardse - Bringing Agility to Traditional application by docker
Erik Baardse - Bringing Agility to Traditional application by dockerAgile Impact Conference
 
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...PROIDEA
 
Application Modernisation with PKS
Application Modernisation with PKSApplication Modernisation with PKS
Application Modernisation with PKSPhil Reay
 
ADDO_2022_SRE Architectural Patterns_Nov10.pptx
ADDO_2022_SRE Architectural Patterns_Nov10.pptxADDO_2022_SRE Architectural Patterns_Nov10.pptx
ADDO_2022_SRE Architectural Patterns_Nov10.pptxShikha Srivastava
 
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptx
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptxDevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptx
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptxShikha Srivastava
 

More Related Content

Similar to WITS 2022_ModernizationAndInfrastructureAsCode.pptx

Cloud native integration
Cloud native integrationCloud native integration
Cloud native integrationKim Clark
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeSanjeev Sharma
 
Jelastic for Hosting & MSP
Jelastic for Hosting & MSPJelastic for Hosting & MSP
Jelastic for Hosting & MSPDmitry Lazarenko
 
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativeKubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativecornelia davis
 
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativeKubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativeVMware Tanzu
 
Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Sanjeev Sharma
 
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...Dmitry Lazarenko
 
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...Ian Choi
 
Deploying more technology to shift from agility to anti-fragility
Deploying more technology to shift from agility to anti-fragilityDeploying more technology to shift from agility to anti-fragility
Deploying more technology to shift from agility to anti-fragilitySpyros Lambrinidis
 
Morphis Technologies Overview
Morphis Technologies OverviewMorphis Technologies Overview
Morphis Technologies Overviewjrhartley62
 
Automating Applications with Habitat - Sydney Cloud Native Meetup
Automating Applications with Habitat - Sydney Cloud Native MeetupAutomating Applications with Habitat - Sydney Cloud Native Meetup
Automating Applications with Habitat - Sydney Cloud Native MeetupMatt Ray
 
.NET Cloud-Native Bootcamp
.NET Cloud-Native Bootcamp.NET Cloud-Native Bootcamp
.NET Cloud-Native BootcampVMware Tanzu
 
Innovation with Open Sources and App Modernization for Developers | Ian Y. Choi
Innovation with Open Sources and App Modernization for Developers | Ian Y. ChoiInnovation with Open Sources and App Modernization for Developers | Ian Y. Choi
Innovation with Open Sources and App Modernization for Developers | Ian Y. ChoiVietnam Open Infrastructure User Group
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Ken Owens
 
Lugano Tech Talks - Why Docker
Lugano Tech Talks - Why DockerLugano Tech Talks - Why Docker
Lugano Tech Talks - Why DockerBrian Christner
 
Episode 1: Building Kubernetes-as-a-Service
Episode 1: Building Kubernetes-as-a-ServiceEpisode 1: Building Kubernetes-as-a-Service
Episode 1: Building Kubernetes-as-a-ServiceMesosphere Inc.
 
Erik Baardse - Bringing Agility to Traditional application by docker
Erik Baardse - Bringing Agility to Traditional application by dockerErik Baardse - Bringing Agility to Traditional application by docker
Erik Baardse - Bringing Agility to Traditional application by dockerAgile Impact Conference
 
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...PROIDEA
 
Application Modernisation with PKS
Application Modernisation with PKSApplication Modernisation with PKS
Application Modernisation with PKSPhil Reay
 

Similar to WITS 2022_ModernizationAndInfrastructureAsCode.pptx (20)

Cloud native integration
Cloud native integrationCloud native integration
Cloud native integration
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scope
 
Jelastic for Hosting & MSP
Jelastic for Hosting & MSPJelastic for Hosting & MSP
Jelastic for Hosting & MSP
 
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativeKubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
 
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-nativeKubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
Kubo (Cloud Foundry Container Platform): Your Gateway Drug to Cloud-native
 
56k.cloud training
56k.cloud training56k.cloud training
56k.cloud training
 
Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014
 
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
Private PaaS & Container-as-a-Service for ISVs and Enterprise - Use Cases and...
 
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...
[OpenInfra Days Vietnam 2019] Innovation with open sources and app modernizat...
 
Deploying more technology to shift from agility to anti-fragility
Deploying more technology to shift from agility to anti-fragilityDeploying more technology to shift from agility to anti-fragility
Deploying more technology to shift from agility to anti-fragility
 
Morphis Technologies Overview
Morphis Technologies OverviewMorphis Technologies Overview
Morphis Technologies Overview
 
Automating Applications with Habitat - Sydney Cloud Native Meetup
Automating Applications with Habitat - Sydney Cloud Native MeetupAutomating Applications with Habitat - Sydney Cloud Native Meetup
Automating Applications with Habitat - Sydney Cloud Native Meetup
 
.NET Cloud-Native Bootcamp
.NET Cloud-Native Bootcamp.NET Cloud-Native Bootcamp
.NET Cloud-Native Bootcamp
 
Innovation with Open Sources and App Modernization for Developers | Ian Y. Choi
Innovation with Open Sources and App Modernization for Developers | Ian Y. ChoiInnovation with Open Sources and App Modernization for Developers | Ian Y. Choi
Innovation with Open Sources and App Modernization for Developers | Ian Y. Choi
 
Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015Application Centric Microservices from Redhat Summit 2015
Application Centric Microservices from Redhat Summit 2015
 
Lugano Tech Talks - Why Docker
Lugano Tech Talks - Why DockerLugano Tech Talks - Why Docker
Lugano Tech Talks - Why Docker
 
Episode 1: Building Kubernetes-as-a-Service
Episode 1: Building Kubernetes-as-a-ServiceEpisode 1: Building Kubernetes-as-a-Service
Episode 1: Building Kubernetes-as-a-Service
 
Erik Baardse - Bringing Agility to Traditional application by docker
Erik Baardse - Bringing Agility to Traditional application by dockerErik Baardse - Bringing Agility to Traditional application by docker
Erik Baardse - Bringing Agility to Traditional application by docker
 
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...
PLNOG15: Arista EOS Cloud Vision: Pivotal point in workload orchestration and...
 
Application Modernisation with PKS
Application Modernisation with PKSApplication Modernisation with PKS
Application Modernisation with PKS
 

More from Shikha Srivastava

ADDO_2022_SRE Architectural Patterns_Nov10.pptx
ADDO_2022_SRE Architectural Patterns_Nov10.pptxADDO_2022_SRE Architectural Patterns_Nov10.pptx
ADDO_2022_SRE Architectural Patterns_Nov10.pptxShikha Srivastava
 
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptx
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptxDevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptx
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptxShikha Srivastava
 
Using Cloud-Native and SRE Principles to Achieve Speed and Resiliency
Using Cloud-Native and SRE Principles to Achieve Speed and ResiliencyUsing Cloud-Native and SRE Principles to Achieve Speed and Resiliency
Using Cloud-Native and SRE Principles to Achieve Speed and ResiliencyShikha Srivastava
 
How kubernetes operators can rescue dev secops in midst of a pandemic updated
How kubernetes operators can rescue dev secops in midst of a pandemic updatedHow kubernetes operators can rescue dev secops in midst of a pandemic updated
How kubernetes operators can rescue dev secops in midst of a pandemic updatedShikha Srivastava
 
Managing integration in a multi cluster world
Managing integration in a multi cluster worldManaging integration in a multi cluster world
Managing integration in a multi cluster worldShikha Srivastava
 
Helm summit 2019_handling large number of charts_sept 10
Helm summit 2019_handling large number of charts_sept 10Helm summit 2019_handling large number of charts_sept 10
Helm summit 2019_handling large number of charts_sept 10Shikha Srivastava
 
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsKube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsShikha Srivastava
 
Bluemix application monitoring
Bluemix application monitoring Bluemix application monitoring
Bluemix application monitoring Shikha Srivastava
 
Modernization: Moving workloads to cloud
Modernization: Moving workloads to cloud Modernization: Moving workloads to cloud
Modernization: Moving workloads to cloud Shikha Srivastava
 
Kibana globalization at the RTP meetup
Kibana globalization at the RTP meetupKibana globalization at the RTP meetup
Kibana globalization at the RTP meetupShikha Srivastava
 
Localizing kibana for the global language landscape
Localizing kibana for the global language landscapeLocalizing kibana for the global language landscape
Localizing kibana for the global language landscapeShikha Srivastava
 
From Containerized Application to Secure and Scaling With Kubernetes
From Containerized Application to Secure and Scaling With KubernetesFrom Containerized Application to Secure and Scaling With Kubernetes
From Containerized Application to Secure and Scaling With KubernetesShikha Srivastava
 
Developing and Deploying Microservices to IBM Cloud Private
Developing and Deploying Microservices to IBM Cloud PrivateDeveloping and Deploying Microservices to IBM Cloud Private
Developing and Deploying Microservices to IBM Cloud PrivateShikha Srivastava
 
4789 creating production-ready, secure and scalable applications in ibm cloud...
4789 creating production-ready, secure and scalable applications in ibm cloud...4789 creating production-ready, secure and scalable applications in ibm cloud...
4789 creating production-ready, secure and scalable applications in ibm cloud...Shikha Srivastava
 
Panelist at women breakfast discussing latest technology trends at Elasticon
Panelist at women breakfast discussing latest technology trends at Elasticon Panelist at women breakfast discussing latest technology trends at Elasticon
Panelist at women breakfast discussing latest technology trends at Elasticon Shikha Srivastava
 

More from Shikha Srivastava (16)

ADDO_2022_SRE Architectural Patterns_Nov10.pptx
ADDO_2022_SRE Architectural Patterns_Nov10.pptxADDO_2022_SRE Architectural Patterns_Nov10.pptx
ADDO_2022_SRE Architectural Patterns_Nov10.pptx
 
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptx
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptxDevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptx
DevOpsEnterpriseSummit_SaaSAnd DisasterRecovery.pptx
 
Using Cloud-Native and SRE Principles to Achieve Speed and Resiliency
Using Cloud-Native and SRE Principles to Achieve Speed and ResiliencyUsing Cloud-Native and SRE Principles to Achieve Speed and Resiliency
Using Cloud-Native and SRE Principles to Achieve Speed and Resiliency
 
How kubernetes operators can rescue dev secops in midst of a pandemic updated
How kubernetes operators can rescue dev secops in midst of a pandemic updatedHow kubernetes operators can rescue dev secops in midst of a pandemic updated
How kubernetes operators can rescue dev secops in midst of a pandemic updated
 
Managing integration in a multi cluster world
Managing integration in a multi cluster worldManaging integration in a multi cluster world
Managing integration in a multi cluster world
 
Helm summit 2019_handling large number of charts_sept 10
Helm summit 2019_handling large number of charts_sept 10Helm summit 2019_handling large number of charts_sept 10
Helm summit 2019_handling large number of charts_sept 10
 
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor appsKube con china_2019_7 missing factors for your production-quality 12-factor apps
Kube con china_2019_7 missing factors for your production-quality 12-factor apps
 
Why Ibm cloud private
Why Ibm cloud private Why Ibm cloud private
Why Ibm cloud private
 
Bluemix application monitoring
Bluemix application monitoring Bluemix application monitoring
Bluemix application monitoring
 
Modernization: Moving workloads to cloud
Modernization: Moving workloads to cloud Modernization: Moving workloads to cloud
Modernization: Moving workloads to cloud
 
Kibana globalization at the RTP meetup
Kibana globalization at the RTP meetupKibana globalization at the RTP meetup
Kibana globalization at the RTP meetup
 
Localizing kibana for the global language landscape
Localizing kibana for the global language landscapeLocalizing kibana for the global language landscape
Localizing kibana for the global language landscape
 
From Containerized Application to Secure and Scaling With Kubernetes
From Containerized Application to Secure and Scaling With KubernetesFrom Containerized Application to Secure and Scaling With Kubernetes
From Containerized Application to Secure and Scaling With Kubernetes
 
Developing and Deploying Microservices to IBM Cloud Private
Developing and Deploying Microservices to IBM Cloud PrivateDeveloping and Deploying Microservices to IBM Cloud Private
Developing and Deploying Microservices to IBM Cloud Private
 
4789 creating production-ready, secure and scalable applications in ibm cloud...
4789 creating production-ready, secure and scalable applications in ibm cloud...4789 creating production-ready, secure and scalable applications in ibm cloud...
4789 creating production-ready, secure and scalable applications in ibm cloud...
 
Panelist at women breakfast discussing latest technology trends at Elasticon
Panelist at women breakfast discussing latest technology trends at Elasticon Panelist at women breakfast discussing latest technology trends at Elasticon
Panelist at women breakfast discussing latest technology trends at Elasticon
 

Recently uploaded

HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2RajaP95
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx959SahilShah
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...srsj9000
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVRajaP95
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort servicejennyeacort
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLDeelipZope
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxDeepakSakkari2
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfAsst.prof M.Gokilavani
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024Mark Billinghurst
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girlsssuser7cb4ff
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfAsst.prof M.Gokilavani
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...VICTOR MAESTRE RAMIREZ
 

Recently uploaded (20)

HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2HARMONY IN THE HUMAN BEING - Unit-II UHV-2
HARMONY IN THE HUMAN BEING - Unit-II UHV-2
 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
 
Application of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptxApplication of Residue Theorem to evaluate real integrations.pptx
Application of Residue Theorem to evaluate real integrations.pptx
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
Gfe Mayur Vihar Call Girls Service WhatsApp -> 9999965857 Available 24x7 ^ De...
 
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IVHARMONY IN THE NATURE AND EXISTENCE - Unit-IV
HARMONY IN THE NATURE AND EXISTENCE - Unit-IV
 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
 
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort serviceGurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
Gurgaon ✡️9711147426✨Call In girls Gurgaon Sector 51 escort service
 
Current Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCLCurrent Transformer Drawing and GTP for MSETCL
Current Transformer Drawing and GTP for MSETCL
 
Biology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptxBiology for Computer Engineers Course Handout.pptx
Biology for Computer Engineers Course Handout.pptx
 
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Serviceyoung call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
young call girls in Rajiv Chowk🔝 9953056974 🔝 Delhi escort Service
 
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdfCCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
CCS355 Neural Network & Deep Learning Unit II Notes with Question bank .pdf
 
IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024IVE Industry Focused Event - Defence Sector 2024
IVE Industry Focused Event - Defence Sector 2024
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Call Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call GirlsCall Girls Narol 7397865700 Independent Call Girls
Call Girls Narol 7397865700 Independent Call Girls
 
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(ANVI) Koregaon Park Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdfCCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
CCS355 Neural Network & Deep Learning UNIT III notes and Question bank .pdf
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...Software and Systems Engineering Standards: Verification and Validation of Sy...
Software and Systems Engineering Standards: Verification and Validation of Sy...
 

WITS 2022_ModernizationAndInfrastructureAsCode.pptx

  • 1. Infrastructure as Code Helping You Conquer the Cloud Ana Biazetti, Distinguished Engineer, IBM Cloud for Financial Services Master Inventor Shikha Srivastava, Distinguished Engineer - IBM SaaS Master Inventor
  • 2. Agenda • Landscape of Modernization and Hybrid Cloud • Challenges and Opportunities • Continuous Integration and Continuous Delivery • Infrastructure as Code • Scenarios and Examples • Summary and Call to Action
  • 3. Rise of Cloud and Modernization Mainframe Client Server Web Cloud Pain Points with Monoliths • Large Applications are complex • Full application upgrade required for minor or major updates • Difficult to scale • Bug in one module brings down the entire application • Painful to adopt new technologies
  • 4. Cloud has changed expectations Availability 24X7 Hyperscale Agility Start small and grow to enterprise scale Uptime with defined SLAs Deliver in-time and deliver at regular interval
  • 5. An approach to modernization Rationalize and decommission 20% Hybrid IT Modernize and Migrate to Cloud …on any cloud platform Private Cloud on premises Dedicated/Hosted off-premises Public Cloud 20% Traditional on premises Re-Host (lift & shift) Re-Platform Re-Architect (Microservices / APIs) 10% 10% 15% Public SaaS Retain on Traditional + for selected apps: - Automate - Containerise Replace with “as a service” solution 10% 50% Refactor 15%
  • 6. Hybrid Cloud – Best of the both worlds Public Cloud Fully Customizable Secure by Design Full control and robust management Elastic Pay-as-you go mode Low entry cost Maximize returns Match workload to best fit infrastructure Meet Capacity Highly scalable Innovate at the speed of your choice Private Cloud
  • 7. What does it take to modernize Collaboration and Communication Continuous Integration Continuous Delivery Observability Change and incident management Security and Compliance Test and Quality Scale Plan Build Test Secure Release Operate Modernization Ideas Modernization Ideas Iterate
  • 8. Dev and SRE collaboration Modernization requires Dev and SRE to work together towards DevSecOps approach Developers Create SRE Manage Shift Left SRE ( DevSecOps) Communication Collaboration Integration
  • 9. Write application Code Write infrastructure as code and templatize Reliability as code Create your DevSecOps pipeline leveraging CICD Iterate Design Shikha Dev and SRE collaboration Modernization requires robust CI/CD pipeline
  • 10. Write application Code Write infrastructure as code and templatize Reliability as code Create your DevSecOps pipeline leveraging CI/CD Iterate Design Dev and SRE collaboration Modernization requires robust CI/CD pipeline
  • 11. CD Continuous Delivery CI Continuous Integration CD Continuous Deployment Production Ops Team Dev Team Source Code • Clear definition of tasks (“Runbook”) • Faster Delivery • Improved processes • Automation and reduction of errors Pipelines and CI/CD: Connecting Dev with Sec/Ops
  • 12. / Type DevOps GitOps GitOps Structure Each part of the pipeline is 1 YAML Each part of the pipeline is 1 YAML Only 1 Jenkins file Pipelines Manager X X -- Language Go Go Java with Plugins Tekton Tekton Server/VM K8s-native Part of K8 project (Cloud Native) Cloud Native No (Server/V M) Execution Multiple PODs Paralelis m Multiple PODs Only 1 POD, Sequential Execution V3.0 Pipeline Technologies
  • 13. Everything as Code Automate Everything DevOps and Security have merged Speed with Control for Modernized Workloads on Hybrid Cloud Shift-Left Governance 1 3
  • 14. Infrastructure as Code (IaC) helping with Modernization to Hybrid Cloud Codify infrastructure in a way that makes provisioning automated, faster, and repeatable. Infrastructure as Code Technology: ○ Terraform ○ Ansible ○ Chef ○ Puppet Benefits: ● Improve speed ● Improve reliability ● Prevent configuration drift ● Support experimentation, testing, and optimization
  • 15. Terraform ● Terraform is an open source “Infrastructure as Code” tool, created by HashiCorp. ● A declarative coding tool, describes the desired “end-state” infrastructure ● simple syntax ● provision infrastructure across multiple cloud and on-premises data centers https://www.terraform.io/
  • 16. Terraform Concepts: Templates, Modules and Providers
  • 18. Scenario: Financial Service Core Banking Application
  • 19. Summary – Modernization is a journey Identify what to modernize Nail down the hybrid design and dependencies Reliable repeatable automation – “Everything- as-Code” Drive standardizati on and reuse Iterate Mitigate security risks as early as possible – “Shift-left”
  • 20. References CI/CD Pipelines ● Continuous Integration ● Continuous Delivery ● Tekton ● Tekton versus Jenkins ● Speed and resiliency: two sides of the same coin ● DevSecOps Intro ● Pipelines enabling Audit and Compliance ● CI template ● CD template ● IBM Cloud for Financial Services pattern infrastructure as Code • Terraform • Infrastructure as Code • IBM Cloud Terraform Provider • IBM Cloud Terraform Modules • Terraform versus other infrastructure as code options

Editor's Notes

  1. Manage Infrastructure Manage configurations Observability Manage Alerts Manage Changes in production Manage security incidents Manage networking ----------------- Take requirements Design feature and function Write code Write tests ( may be) Test and automate test (may be) Refactor Push to production -----------------
  2. Take requirements Design feature and function Write code Write tests ( may be) Test and automate test (may be) Refactor Push to production -----------------
  3. Challenges organizations face today: Lack of deep security expertise in app dev teams Manual effort for audit and compliance readiness Ever changing security landscape Custom DevOps investments across teams Dev, Ops and Security teams working in silos Continuous integration is a software development process where developers integrate the new code they've written more frequently throughout the development cycle, adding it to the code base at least once a day. Automated testing is done against each iteration of the build to identify integration issues earlier, when they are easier to fix , which also helps avoid problems at the final merge for the release. Overall, continuous integration helps streamline the build process, resulting in higher-quality software and more predictable delivery schedules. Continuous delivery is the automated movement of code through the development lifecycle (sometimes called the delivery lifecycle); continuous deployment is the automated movement of that code into production, once it passes the required automated tests.
  4. Others, like Travis, GitLab CI. etc How to get started: Instrument legacy CI/CD orchestration with reusable assets for evidence collection Orchestrate legacy tools using DevSecOps reference implementation Fully leverage DevSecOps reference implementation, eliminating legacy tools https://developer.ibm.com/videos/tekton-versus-Jenkins
  5. DevOps premise: Velocity and quality can coexist!   DevOps practices have become mainstream   Supported by vibrant ecosystem of open source and commercial tools   Automate everything Manual/human processes and handoffs remain a bottleneck, in addition to introducing error and inconsistency We’ve seen progress in quality – More consumable static analysis, lighter-weight test automation frameworks like Junit, cloud-based test labs, architectures that limited blast-radius, canary testing etc. reduce or eliminate traditional test cycles We’ve seen progress in deployments – Microservice architectures, containers, and technique like canary testing and progressive rollout speed up and de-risk deployments. No blackout windows, release weekend events, etc.   PLUG OUR TEKTON WORK HERE--- Everything as code Consistent management, governance, auditability, branching/exploration model, sharing/contribution model, etc. break-down silos of specialized tools/expertise and enable the “full-stack developer”. While maintaining Separation of concerns E.g. Terraform, Ansible, Schematics, Tekton, …   What are we seeing now? PLUG GITSECURE HERE---- “DevSecOps” – Emphasis on Security and Compliance Standardizing automation, e.g. through common pipeline tasks, of release-readiness checks, e.g. vulnerability scanning, test automation, code coverage, code review, etc. Maintaining audit-readiness by capturing results/outputs of above checks Shift-left – Risk is reduced and velocity increased the sooner feedback reaches the developer How many of the release readiness checks can be done on every pull request before it’s merged? E.g. scanning for source, package, OS vulnerabilities “GitOps” – extend Kubernetes-style declarative/state-based approach to describing production systems E.g. Razee, ArgoCD, … Consolidation/standardization through open source communities E.g. Continuous Delivery Foundation, under LF, has mission to drive tools AND approaches/practices E.g. Tekton  
  6. IaC uses code to define, deploy and update a given infrastructure. This means that networks, routes, load balancer, compute instances, storage buckets, etc are managed in code IaC allows developers to codify infrastructure in a way that makes provisioning automated, faster, and repeatable. It’s a key component of Agile and DevOps practices such as version control, continuous integration, and continuous deployment. Infrastructure as code can help with the following: Improve speed: Automation is faster than manually navigating an interface when you need to deploy and/or connect resources. Improve reliability: If your infrastructure is large, it becomes easy to misconfigure a resource or provision services in the wrong order. With IaC, the resources are always provisioned and configured exactly as declared. Prevent configuration drift: Configuration drift occurs when the configuration that provisioned your environment no longer matches the actual environment. (See ‘Immutable infrastructure’ below.) Support experimentation, testing, and optimization: Because Infrastructure as Code makes provisioning new infrastructure so much faster and easier, you can make and test experimental changes without investing lots of time and resources; and if you like the results, you can quickly scale up the new infrastructure for production. IaC tools include: - Provisioning tools - configuration management tools (eg, Chef , Puppet)– focus on installation an management of SW on existent servers) Also declarative versus procedural: Terraform and Puppet: declararive Ansible and Chef: procedural Terraform is purely a declarative tool (see above), Ansible combines both declarative and procedural configuration. In procedural configuration, you specify the steps, or the precise manner, in which you want to provision infrastructure to the desired state. Procedural configuration is more work but it provides more control. While Terraform is cloud agnostic, CloudFormation is a managed service offered by AWS that comes with a common language for modeling and provisioning third-party app resources. It is done for your cloud platform with a single point of reference for infrastructure mapping & development.
  7. A declarative coding tool, Terraform enables developers to describe the desired “end-state” cloud or on-premises infrastructure for running an application. It then generates a plan for reaching that end-state and executes the plan to provision the infrastructure. Because Terraform uses a simple syntax, can provision infrastructure across multiple cloud and on-premises data centers, and can safely and efficiently re-provision infrastructure in response to configuration changes, it is currently one of the most popular infrastructure automation tools available, specially for hybrid cloud or multicloud environments The deployment of a solution consists of three stages: the init-stage, the plan-stage and the apply-stage. In the init-stage, the modules that the solution are dependent on will be downloaded to the hidden directory .terraform . In the plan-stage, Terraform will determine what differences there are between the configuration file(s) and the environment where the solution is deployed to. Plan will also return what objects will be added, changed or deleted. The deployment itself is done in a seperate step, which is called terraform apply. The deployment can be removed using terraform destroy. 
  8. A terraform template is a collection of files that, together, define the state of your infrastructure to be achieved. They include different configuration files such as variables, resources, and modules. Terraform modules are small, reusable Terraform configurations for multiple infrastructure resources that are used together. Terraform modules are useful because they allow complex resources to be automated with re-usable, configurable constructs. Writing even a very simple Terraform file results in a module. A module can call other modules—called child modules—which can make assembling configuration faster and more concise. Terraform providers are plugins that implement resource types. Providers contain all the code needed to authenticate and connect to a service—typically from a public cloud provider—on behalf of the user. You can find providers for the cloud platforms and services you use, add them to your configuration, and then use their resources to provision infrastructure. Providers are available for nearly every major cloud provider,
  9. https://cloud.ibm.com/docs/solution-tutorials?topic=solution-tutorials-plan-create-update-deployments
  10. Reliable repeatable automation – “Everything-as-Code” Application-as-Code Infrastructure-as-Code Reliability-as-Code Continuous integration, delivery and deployment as-Code Mitigate security risks as early as possible – “Shift-left” Automate scanning/testing throughout development (i.e., every change) Gate progression of changes with automated policies Maintain history with evidence for audit readiness integrated with Security and Compliance Center Drive standardization and reuse Toolchain templates embody DevSecOps practices Reference architectures include toolchain automation Integrating mix of tools from third parties, open source, in-house