Slide 1

Slide 1 text

Wope DevOps Next Generation DevOps Team

Slide 2

Slide 2 text

DevOps to SRE

Slide 3

Slide 3 text

DevOps is a culture and a way of working whereby developers and operations engineers work as one team to achieve a common goal. DevOps is set of best practices that enable substantially faster, more ef f icient, and more agile delivery of high-quality software. Keys : Plan , Code , Build , Test , Release , Deploy , Operate , Monitor

Slide 4

Slide 4 text

WTF is SRE? Site reliability engineering (SRE) is a set of principles and practices that incorporates aspects of software engineering and applies them to infrastructure and operations problems. Toils SLI/SLO/SLA On-call Postmortem Incident Response

Slide 5

Slide 5 text

Skills needed in DevOps Roles The questions always comes up , “Where do I start ?” , “ What skills do I need ? ” , “What skills are sufficient to start applying for jobs ? ” , “What skills are nice to have ? ” etc. Foundational Knowledge Linux fundamentals Basic Programming Skills Git Networking Fundamentals Cloud Platform Fundamentals Technical Skills Continuous Integration Continuous Delivery & Deployment Containers Container Orchestration Everything as Code (EaC) SRE Security Non-Technical Skills DevOps Culture & Organization Communication Agile Lean

Slide 6

Slide 6 text

DevSecOps

Slide 7

Slide 7 text

What is Dev{Sec}Ops ? Discover vulnerability during the development.

Slide 8

Slide 8 text

Security Patterns : Old Path Vs. New Path •Embrace Secrecy •Just Pass Audit! •Enforce Stability •Build a Wall •Slow Validation •Certainly Testing •Test When DONE ! •Process Driven •Create Feedback Loops •Compliance adds Value •Create Chaos •Zero Trust Networks •Fast and Non-Blocking •Adversity Testing •Shift Left •The Paved Road

Slide 9

Slide 9 text

Patterns: Infrastructure Planning ✘Subscription per environment ✘Apply policies to control transparently and proactively ✘ Security Center ON from day 1 ✘Infrastructure as code. Period ✘ Production ONLY for CI/CD pipelines ✘ CI/CD pipeline is a heart of security

Slide 10

Slide 10 text

Patterns: Watch Every Step • Threat modeling • IDE Security plugins • Pre-commit hooks • Peer review • Static code analysis • Security unit tests • Container Security • Dependency management • IaC • Security scanning • Cloud configuration • Security acceptance tests • Security smoke tests • Security Configuration • Secret Management • Server Hardening • Continuous monitoring • Threat intelligence • Penetration Testing • Blameless postmortems

Slide 11

Slide 11 text

DevOps On-Call

Slide 12

Slide 12 text

SRE Trends & Challenges SRE approach di ff ers in being more proactive and working closely with developer teams, in order to guide them to take the necessary architectural decisions for the software stack. 
 SRE team will analyze the toils and proactively seek ways, either to eliminate or automate them. Besides, creating blameless Port-Mortems, which is a part of an SRE approach, is a must to continuously improve the production environment and take necessary lessons.

Slide 13

Slide 13 text

Incident Timeline

Slide 14

Slide 14 text

Incident Timeline

Slide 15

Slide 15 text

Key Takeaways

Slide 16

Slide 16 text

Chaos Engineering

Slide 17

Slide 17 text

No content

Slide 18

Slide 18 text

No content

Slide 19

Slide 19 text

No content

Slide 20

Slide 20 text

Phases of Chaos Engineering

Slide 21

Slide 21 text

No content

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

No content

Slide 24

Slide 24 text

No content

Slide 25

Slide 25 text

No content

Slide 26

Slide 26 text

No content

Slide 27

Slide 27 text

No content

Slide 28

Slide 28 text

No content