If you didn’t know about it, Red Hat is running a DevSecOps Roadshow right now! They’re going on tour from city to city spreading the good word of Red Hat OpenShift and the value it delivers in a DevSecOps pipeline, and the benefit it draws into the Software Development Lifecycle. I was fortunate enough to join them in Atlanta and I’ve got to say it is a treasure trove of information so if there’s one in a city near you, try to clear a spot on your calendar for it because this is something you don’t want to miss!
As many of you know, one of the things that sets Fierce Software apart and a cut above the rest is our ability to deploy workshops almost anywhere. In fact, we recently executed on a DevSecOps workshop in Ft Worth for some of the friendly folk over at Red Hat. During this workshop, we started with high-level 10,000ft concepts of what DevOps, Continuous Integration, Continuous Delivery, and Containers are. With that, we had a workshop session where we worked directly with containers in our Containers 101 Workshop. With the next workshop session, we spent time on DevOps, and how security needs to “shift-left” into every step of the Software Development Lifecycle instead of being an afterthought that causes the process sometimes to start anew.
Over those days our conversations naturally focused on what DevOps means to different parts of the organization, how everyone is excited about employing these strategies and tools, and I’ve got to say, the enthusiasm was palpable.
DevOps and YOU!
DevOps has many meanings and different entanglements depending on what hat you wear. On the Operations side of the house, it means automation, control, and ease of management. Over in the Developer encampment, they see the wonders of having the resources they need, removing manual development labor, and better quality code. Universally DevOps means a culture shift and a technological investment in standardization, automation, and optimization.
Navigating the vast DevOps landscapes can sometimes be difficult. There are so many collaboration platforms, some with different communication features, and varying integrations. If you think there are too many types of cookies to choose from, there are even more source code, asset, and artifact storage solutions out there. Now let’s not forget about integrating security, as we shift security left into each step of our pipeline instead of as a bolt-on after-thought.
With this in mind, I’d like to introduce you to the new Fierce Software DevOps Starter Pack! Quickly wrap your mind some of the core components in an Enterprise DevOps Environment, and drive innovation across your organization with some key platforms and methods. Of course, we’re able to help put these solutions together and get them in your hands fast so think of us as a one-stop-shop!
Start with Culture (just like in Civilizations)
First thing’s first, we need to get everyone on the same page. This means increasing thoughtful communication and productivity across teams. Our friends over at Atlassian fill this need with their best-of-breed Jira, Confluence, and Trello platforms. Track your projects and progress, communicate without the distractions, and organize and collaborate in one central place.
Manageable Source Code Management
Centralize your repository in-house or in the cloud with GitLab and integrate with the same tools you use today.
Continuous Things with Enterprise Jenkins
Jenkins Sprawl is a real thing, almost in some dictionaries in fact. Wrangle in these disparate Jenkins environments lurking around every corner cubicle, manage build environments across teams with Team Masters, and give your star running-back Jenkins the field it needs to excel with Cloudbees Core and the new CloudBees Enterprise Jenkins Support.
Spot the landmines
Every DevOps strategy needs to start employing security in every step of the workflow. This can range from binary analysis tools to container scanning, the possibilities are endless but it’s important to not carry security measure out in batch at the end of the workflow. As we integrate these different security mechanisms into the fold at different stages we start to see our security methods “shift-left” from the end of the pipeline into earlier stages. Get started with Static Code Analysis and find the common issues, potential vulnerabilities, and the general health of your code base by employing Continuous Inspection with SonarQube.
Give your developers not only the resources they need but also the platform they need, and not just some developers, all your developers. By standardizing with Red Hat OpenShift Container Platform you can enable every DevOps workflow your developers could want across all the languages they use such as Java, Node.JS, PHP, and more.
Keep your environment from turning into the Wild Wild West. Add an additional layer of security with SysDig Secure and gain valuable analytics and metrics across your entire environment by harnessing the rich insights of SysDig Monitor. Naturally, the SysDig Platform integrates with Red Hat OpenShift, CloudBees Core, and every other part seamlessly.
Of course, this is only the start in many DevOps journeys. If you’ve had a chance to take a look at the Cloud Native Landscape, you may notice many more application stacks, programs, and DevOps-y drop-ins. Just because you’ve heard about a solution being used somewhere else does not mean it’s a good fit for your particular DevOps pipelines. We at Fierce Software have had the great pleasure of guiding organizations along their DevOps journey and seeing them grow along the way. Contact us and a Fierce Software Account Executive will promptly respond to start the process of helping you and your team along the way to very own DevOps strategy. Outside of getting a quote in your hands quickly, we can help you strategize and architect your solution, set up proof-of-concepts and demos, coordinate trial subscriptions, and of course, can deliver workshops on-site to help better enable your organization. Just drop us a line and let us know how we can help you as well!