Practice Safe DevOps

Transcript

1. Practice Safe DevOps Practice Safe DevOps Developer Tooling for the

   Enterprise Nov 16, 2016

2. EVENT AGENDA Introductions GitHub Enterprise OpenShift Container Platform 5 minute

   break Integrated Pipelines & Deployment Lifecycles Security Integrated Pipelines Wrap-up Q&A Drinks/Social

3. //safe devops

4. //safe devops

5. //safe devops

6. //safe devops

7. //safe devops YOUR services, under YOUR control WHERE you need

   them WHEN you need them HOWEVER you want them

8. //tech tools Develop Collaborate Protect

9. GitHub Enterprise Why? Architecture Key Highlights

10. //why? “your organization's private copy of GitHub contained within a

    virtual machine” All transferred and stored data is under your control You are protected against public outages Or user error

11. //why? “your organization's private copy of GitHub contained within a

    virtual machine” All transferred and stored data is under your control You are protected against public outages Or user error

12. //architecture GitHub Enterprise VM Stuff Stuff Stuff Stuff

13. //architecture OpenShift Container Platform GitHub Enterprise OAuth WebHook Sample Project

    Dev Jenkins myapp Sample Project QA myapp.qa OAuth Build updates Chat Project Prod rocket chat hubot

14. DEMO GitHub Enterprise

15. OpenShift Container Platform Why? Architecture OCP 3.3 Highlights

16. //why?

17. //why?

18. //what is openshift • A secure multi-tenant distribution of Kubernetes

    • Optimized for team software development and deployment • Able to create and deploy applications in seconds • And run and support all of the stateful parts of an application • Developer Web UI • Build/Deployment Workflow (S2I, registy) • Full stack templates & images • Logging, metrics, & auth • Policies and tooling • SDN/Network Isolation • Automated routing layers For the Business For the Developers and Operations Teams

19. //openshift architecture

20. //management interfaces

21. //management interfaces

22. //ocp 3.3 updates Kubernetes 1.3 & Docker 1.10 CI /

    CD Pipelines based on Jenkins Pipelines in alpha Application configuration and management improvements Web Console navigation & usability Add to Project from Docker image or template via Web Console A/B deployment routing configuration Significant performance improvements Improvements in image management and updates to Registry 2.4 Better debugging of applications in the web console and CLI Idling / unidling of applications Kerberos CLI support and improved security, authorization, and OAuth tools Improvements in scheduling - affinity, anti-affinity, and more

23. BREAK

24. DEMO Pipeline Platform Integration & Lifecycle Management

25. Pipeline Security Integration

26. //blackduck and openscap OpenSCAP Profile driven compliance policy engine Vendor

    vulnerability data is only one part of component policy Integrated directly with RedHat Atomic, Satellite, CloudForms Black Duck Hub integration Broad vulnerability data for most open source components Addresses vulnerability, license compliance, and operational risk Integration with Red Hat and other developer tooling (ie. Jenkins) Containerized instances available, as well as simple cli tooling

27. //security and vulnerability reporting

28. //sample pipeline flow GitHub Enterprise OCP Build Jenkins Pipeline Black

    Duck Hub Scan OCP Deploy CloudForms OpenSCAP git push OCP Scale CloudForms Monitoring webhook pipeline plugin hub plugin API event notificatio n pipeline plugin pipeline plugin API event notificatio n Feedback loop (ie: issues, PR notes, tags, etc)

29. DEMO Pipeline Security Integration

30. WHAT’S NEXT? Some of Our Ideas ChatOps and Automated Workflows?

    Day 2 Operations for OpenShift Container Platform OpenShift for Developers 1-day Starter Workshop Mobile Platform Development with OpenShift (MBaaS… yeah) What do YOU want to see?