Successfully reported this slideshow.
Your SlideShare is downloading. ×

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossplane

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Loading in …3
×

Check these out next

1 of 23 Ad

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossplane

Download to read offline

In this session, we’ve partnered with Upbound to showcase how to effectively manage application delivery while maintaining a high level of security using Weave GitOps and Upbound. Managing a stateful application deployment with a relational database, Weave GitOps can recognize if there is a policy violation and correct it before deploying the application.

Join us as we demonstrate the scenarios where:

All changes to application configuration are managed through Git workflows
Upbound’s Universal Crossplane allows you to build, deploy, and manage your cloud platforms
GitOps provides an extra layer of security by removing the need for direct access to Kubernetes clusters
Policy-as-Code guarantees security, resilience and coding standards compliance

Watch the recording: xx

In this session, we’ve partnered with Upbound to showcase how to effectively manage application delivery while maintaining a high level of security using Weave GitOps and Upbound. Managing a stateful application deployment with a relational database, Weave GitOps can recognize if there is a policy violation and correct it before deploying the application.

Join us as we demonstrate the scenarios where:

All changes to application configuration are managed through Git workflows
Upbound’s Universal Crossplane allows you to build, deploy, and manage your cloud platforms
GitOps provides an extra layer of security by removing the need for direct access to Kubernetes clusters
Policy-as-Code guarantees security, resilience and coding standards compliance

Watch the recording: xx

Advertisement
Advertisement

More Related Content

More from Weaveworks (20)

Recently uploaded (20)

Advertisement

Shift Deployment Security Left with Weave GitOps & Upbound’s Universal Crossplane

  1. 1. Confidential do not distribute Successfully Shift Left Security in Application Delivery with Weave GitOps Enterprise and Upbound’s Universal Crossplane In partnership with:
  2. 2. 2 Webinar Platform - FAQs Using Zoom • You are in listen only mode • This webinar is being recorded • Q&A session will follow the presentation, please use the Q&A panel to submit questions • Hit escape to exit full screen • Slides and recording will be shared after the webinar Technical Issues - please visit Zoom Help https://support.zoom.us/hc/en-us/articles/206175806-Top-Questions
  3. 3. 3 Dan Mangum Principal Software Engineer, Upbound Dan Mangum is a Principal Software Engineer at Upbound and a maintainer of the Crossplane project. In addition to his work in the Crossplane community, Dan has held technical leadership roles in the upstream Kubernetes community. Paul Curtis Principal Solutions Architect, Weaveworks Paul started as a developer working in financial institutions. Paul proceeded to take on technical account management at Netscape & Sun, along with system and dev operations at start ups. Paul now provides field enablement and engineering in the big data world. Speaker introductions
  4. 4. Confidential do not distribute 4 The problem: ● Service and resource provisioning slows development ● Resources are spread between different environments (Kubernetes, VMs, Provider Services) ● Managing current state, recovery, and rollbacks is difficult The solution: ● Declarative and auditable provisioning across all resources ● Application and resource lifecycle management with GitOps ● Policy enforcement across all resources Shifting Security Left in Application Delivery
  5. 5. Confidential do not distribute 5 Weave GitOps Enterprise with Upbound demo Weave GitOps Enterprise ● Policy guardrails for every declarative action ● Declarative deployment of applications and deployment pipelines across multiple clusters ● Declarative provisioning of Kubernetes clusters and bootstrapping services Upbound ● All the benefits of GitOps across any resource ● Declarative, audited, and observable ● Lifecycle management of resources external to Kubernetes
  6. 6. Confidential do not distribute Weaveworks is backed by solid investors Weaveworks is a key partner with all the major infrastructure and Kubernetes vendors Weaveworks: the GitOps company Weaveworks is deeply committed to the Open Source Community
  7. 7. Confidential do not distribute 7 Test IDE Build GitOps – An Operating Model for Cloud Native Unifying Deployment, Monitoring and Management. Git as the single source of truth of a system’s desired state ALL intended operations are committed by pull request ALL diffs between intended and observed state with automatic convergence ALL changes are observable, verifiable and auditable Kubernetes GitOps Continuous Integration GIT “Immutability Firewall” Deployment (clusters, apps) Monitoring Logging (Observability) Management (operations)
  8. 8. Confidential do not distribute 8 Continuous Application Delivery - use GitOps to deploy and operate applications. Automation increases deployment velocity and developer productivity. Weave GitOps - Use Cases Kubernetes Everywhere - in the cloud or the datacenter Kubernetes is a universal platform that’s easy to manage with GitOps. DevOps Automation - Lifecycle management of the entire platform. All clusters and services, using automation and policy. 1 4 2 5 3 6 Self-Service Platforms - a complete platform giving developers autonomy while ensuring consistency and manageability. Trusted Delivery - shift policy and security left - governance, risk, and compliance are non-negotiable. Progressive Delivery - deploy services across many environments and regions reliably using GitOps
  9. 9. 9 ● Built on OPA standard - Rego ● Curated library of 100+ policies ● SOC II, PCI-DSS, GDPR, HIPAA, MITRE ATTACK ● Security, resilience and coding standards ● Validation throughout SDLC ○ Commit, Pull Request ○ Build ○ Deploy ○ Runtime ● Automatic remediation via pull request Weave GitOps PaC
  10. 10. Control Plane Revolution 11 🔥 3,000+ Companies in Production 🔥 7,000+ Slack channel members 🔥 6,000+ GitHub stars 🔥 40M+ Pulls on Docker Hub 🔥 Open Source and CNCF project Scripting • Legacy • Imperative Configuration Infrastructure As Code (Terraform, Ansible, Chef) • Declarative Configuration • Configuration Management • Provisioning Management • Sprawling Complexity Control Planes The Crossplane Revolution • Compliment IaC • Declarative API • Self-Service • Full Automation 2020s 1990s Who is
  11. 11. ● Founders of ● Growing 700% YoY ● Commercial, Open-Core Company ○ Ease-of-Use: UX, Marketplace ○ Enterprise-Grade: Scalable, Secure, Controlled ○ Solution-Agnostic: Any cloud, Any environment, Any service ● Complement, rather than compete Who is
  12. 12. Why Now Enterprises are Re-Platforming - Again! Security Cost Multiple Vendors Developer Productivity Standardization Enforcing best-practices and controls consistently across the entire organization Future Proofing
  13. 13. Standardizing on Kubernetes API Abstractions Interfaces Control Plane Infrastructure
  14. 14. Standardizing on Kubernetes + Crossplane API Abstractions Interfaces Control Plane A B Infrastructure
  15. 15. Standardizing on Crossplane Interfaces API Abstractions Control Plane A B C D Infrastructure
  16. 16. Standardizing Existing Processes Interfaces API Abstractions Infrastructure Control Plane A B C D IaC Vendors
  17. 17. An Extension of Kubernetes Uniform Declarative Metadata Asynchronous Controllers Authorization Policy Admission Control Audit Logging Composition - Low Code Controllers External Naming and Identity Cross Resource References Connection Secrets Package Manager KRM XRM
  18. 18. 19 Confidential do not distribute Demo Architecture
  19. 19. 1. Configure management cluster with UXP and the Crossplane package for Discourse on AWS 2. Create a pull request to a repository added as a Weaveworks GitOps source 3. Observe policy violation 4. Fix policy violation 5. Weaveworks GitOps syncs manifest to cluster 6. UXP provisions infrastructure and application, providing the necessary connection data
  20. 20. 21 Confidential do not distribute Questions? (Please use the Q&A panel in your Zoom menu)
  21. 21. 22 Whitepaper: Shifting Security Left with GitOps and Trusted Delivery https://bit.ly/3MvzXgQ Learn more about Weave GitOps www.weave.works/enterprise Request a personal demo www.weave.works/contact Thank You
  22. 22. Next Steps Sign Up Create a Free Account Learn More About UXP Universal Crossplane Visit the Marketplace https://marketplace.upbound.io

×