Nothing Special   »   [go: up one dir, main page]
Scribd Logo
Upload

Welcome to Scribd!

  • 45 views

    Asst. Prof. Dr. Ayse TOSUN Assoc. Prof. Dr. A. Cüneyd TANTUĞ

    Uploaded by

    Furkan Adıgüzel
    1) The document discusses DevOps, including defining DevOps as a set of practices that combines software development and IT operations to enable continuous delivery. 2) Key DevOps practices are mentioned, such as automated provisioning, infrastructure as code, continuous integration, continuous delivery, and measuring metrics. 3) DevSecOps is introduced as extending DevOps by incorporating security practices like automated security gates and empowering delivery teams to implement security controls from the start of the development process. The goal is to promote fast yet secure development through collaboration between development and security teams.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Asst. Prof. Dr. Ayse TOSUN Assoc. Prof. Dr. A. Cüneyd TANTUĞ

    Uploaded by

    Furkan Adıgüzel
    45 views23 pages
    1) The document discusses DevOps, including defining DevOps as a set of practices that combines software development and IT operations to enable continuous delivery. 2) Key DevOps practices are mentioned, such as automated provisioning, infrastructure as code, continuous integration, continuous delivery, and measuring metrics. 3) DevSecOps is introduced as extending DevOps by incorporating security practices like automated security gates and empowering delivery teams to implement security controls from the start of the development process. The goal is to promote fast yet secure development through collaboration between development and security teams.

    Original Description:

    Original Title

    12-DevOps

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    1) The document discusses DevOps, including defining DevOps as a set of practices that combines software development and IT operations to enable continuous delivery. 2) Key DevOps practices are mentioned, such as automated provisioning, infrastructure as code, continuous integration, continuous delivery, and measuring metrics. 3) DevSecOps is introduced as extending DevOps by incorporating security practices like automated security gates and empowering delivery teams to implement security controls from the start of the development process. The goal is to promote fast yet secure development through collaboration between development and security teams.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    45 views23 pages

    Asst. Prof. Dr. Ayse TOSUN Assoc. Prof. Dr. A. Cüneyd TANTUĞ

    Uploaded by

    Furkan Adıgüzel
    1) The document discusses DevOps, including defining DevOps as a set of practices that combines software development and IT operations to enable continuous delivery. 2) Key DevOps practices are mentioned, such as automated provisioning, infrastructure as code, continuous integration, continuous delivery, and measuring metrics. 3) DevSecOps is introduced as extending DevOps by incorporating security practices like automated security gates and empowering delivery teams to implement security controls from the start of the development process. The goal is to promote fast yet secure development through collaboration between development and security teams.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 23

    Asst. Prof. Dr. Ayse TOSUN Assoc. Prof. Dr. A.

    Cüneyd TANTUĞ
    Istanbul Technical University
    Computer Engineering Department
    1. Problems After Development
    2. DevOps Definition
    3. DevOps Practices

    1.2
    1. Problems After Development
    2. DevOps Definition
    3. DevOps Practices

     1 
    Source: https://channel9.msdn.com/Series/DevOps-Fundamentals/Introduction-to-DevOps
    Local Dev Prod

    Local Web Server


    Local/Test DB
    Mockup/Test Web Services
    Packages/Libraries
    ….

    • Different server configurations for different environments.


    • Manual deployment of application.
    • Server-side load balancing is implemented manually.
    • QA testing is done after deployment in dev environment.
    • A bugfix necessitates all these efforts to be repeated.
    • Replication of production issues in local or dev env. is challenging
    • Related logs are in each env.
    • A separate team works on deployment, rollback, transferring of logs to developers

    1.5
    1. Stop NGINX and GUNICORN services
    2. Check DB sessions
    3. Change DB to single-user mode
    4. Take a full backup
    5. Copy the app files
    6. Run Django Migrations
    7. Restart NGINX and GUNICORN services
    8. Click around on a few things
    9. Turn DB back to multi-user
    1.6
    7
    Developers want Operations want
    Agility & Change Availability & Stability

    1.8
    1. Our highest priority is to satisfy the customer through early and continuous
    delivery of valuable software.
    2. Welcome changing requirements, even late in development. Agile processes
    harness change for the customer's competitive advantage.
    3. Deliver working software frequently, from a couple of weeks to a couple of
    months, with a preference to the shorter timescale.
    4. Business people and developers must work together daily throughout the project.
    5. Build projects around motivated individuals. Give them the environment and
    support they need, and trust them to get the job done.
    6. The most efficient and effective method of conveying information to and within a
    development team is face-to-face conversation.
    7. Working software is the primary measure of progress.
    8. Agile processes promote sustainable development. The sponsors, developers,
    and users should be able to maintain a constant pace indefinitely.
    9. Continuous attention to technical excellence and good design enhances agility.
    10. Simplicity--the art of maximizing the amount of work not done--is essential.
    11. The best architectures, requirements, and designs emerge from self-organizing
    teams.
    12. At regular intervals, the team reflects on how to become more effective, then
    tunes and adjusts its behavior accordingly.
    Introduction & UML 9
    From To
    Waterfall projects and big heavy releases. Small batches delivered frequently, leading to
    more frequent deployments and faster cycle
    times.
    Slow feedback cycles with a lot of manual reviews Real-time feedback and metrics driven by
    and approvals; long wait times. automated workflows.
    Process-heavy and time-intensive management of Collaborative software development, automated
    change requests. Having to provide context to delivery pipelines and decisions made by teams
    approvers who are not directly involved with the doing the work.
    work.
    Teams are organized by technology or functional Early stakeholder involvement across the value
    boundaries. Manual handoffs between stream at every stage of the delivery lifecycle:
    siloed teams. Misaligned incentives. design, build, deploy, monitor and maintenance.
    Stakeholders include auditing, compliance,
    change management, security, network, storage,
    middleware and enterprise architects. Teams are
    aligned to business goals.

    Source: Puppet-State-of-DevOps-Report-2020
    1.10
    1. Problems After Development
    2. DevOps Definition
    3. DevOps Practices

     3.1 
    DevOps is a set of practices intended to reduce the time between committing a change to a system and
    the change being placed into normal production, while ensuring high quality.
    Len Bass, Ingo Weber, and Liming Zhu, CMU-SEI

    DevOps is a set of practices that combines software development (Dev) and IT operations (Ops). It aims
    to shorten the systems development life cycle and provide continuous delivery with high software quality
    Wikipedia, 2020

    DevOps is the union of people, process, and products to enable continuous delivery of value to our end
    users.

    Donovan Brown, Microsoft


    DevOps represents a change in IT culture, focusing on rapid IT service delivery through the adoption of
    agile, lean practices in the context of a system-oriented approach. DevOps emphasizes people (and
    culture), and seeks to improve collaboration between operations and development teams. DevOps
    implementations utilize technology — especially automation tools that can leverage an increasingly
    programmable and dynamic infrastructure from a life cycle perspective.

    Gartner

    1.12
    13
     CAMS

    o Culture
    o Automation
    o Measurements
    o Sharing

    1.14
     Automated Provisioning, Infrastructure as Code
     Small frequent changes
     Version Control
     Continuous Integration (including automated testing)
     Continuous Delivery / Release Management
     Measuring metrics
     Feature flags (develop on trunk), Canary Releases, Dark
    Launches

    Introduction & UML 1.15


    1.16
    17
    1.18
    Source: Deliverin Consulting Sevices
    1.19
    1.20
    DevSecOps means thinking about application
    and infrastructure security from the start. It
    also means automating some security gates to
    keep the DevOps workflow from slowing
    down.

    The traditional centralised security team


    model must adopt a federated model allowing
    each delivery team the ability to factor in the
    correct security controls into their DevOps
    practices.

    The goal of DevSecOps is to promote the fast


    development of a secure codebase. Instead of
    prioritizing development speed or security, the
    DevSecOps methodology helps developers and
    security professionals find a healthy balance.
    Through the application of an agile framework,
    Source: RedHat development and security teams can
    collaborate on a continuous basis.
    1.21
    DevOps DevSecOps

    Microservices
    Automated
    Security

    Shift
    Infrastructure
    as Code (IaC) Security to
    the Left

    Continuous
    Policy as Code
    (PaC) Feedback
    Loop
    Introduction & UML 1.23

    You might also like