SlideShare a Scribd company logo

Automated Governance - Continous Lifecycle 2019 - Schlomo Schapiro

Schlomo Schapiro
Schlomo Schapiro

Video: https://youtu.be/U4cHbXYy1FQ How to combine traditional IT governance with continuous delivery? Not At All! A highly automated continuous deployment environment creates a whole new world of challenges for companies to meet their compliance and governance requirements. Traditional - manual - processes don’t manage to keep up with quick and frequent releases. The solution to this conflict of interests is the automation of all compliance checks and the automated certification of every software delivery into production. Sounds obvious and simple, but it is difficult to implement. The talk shows how we tackle this topic at DB Systel and how we create solutions for automated compliance certification. See https://bit.ly/5pdops for more materials and the 5 DevOps Principles

Technology
1 of 24
Download to read offline
Automated Governance DB Systel GmbH | Schlomo Schapiro | Chief Technology Office | 12-13.11.2019 Platzhalter für Titelbild – Hier können Sie Bilder aus der Mediathek einfügen! Placeholder for title picture – You can insert here pictures from the Mediathek! Pixabay / 4423750 @schlomoschapiroThis work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License (with the exception of the stock images with copyright notice)
DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.20192 https://pixabay.com/i-3303396
Problem? What is governance? Ø Align IT strategy with business strategy Ø Make sure we have and keep rules DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.20193
4 git ?CI CD Engineering Teams DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
5 git ?CI CD Engineering Teams Architecture & Governance Security & Compliance DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.20196 20/day 20 / day / team ??? We can´t check everything! We can‘t work! Challanges: • Time to Market vs. Stability? • Change Frequency vs. Risk & Security? • Governance & Compliance? • You build it – you run it? • DevOps???
7 git ?CI CD Engineering Teams Non Functional Requirements DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
8 git ?CI CD Engineering Teams Non Functional Requirements DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
9 git ? git git CI CD Engineering Teams Governance Security DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
10 git ? git git CI CD Engineering Teams Governance Security Compliant! DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
11 git ? git git CI CD Engineering Teams Governance Security Compliant! Dev- Sec- Arc- Ops DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
What is automated? Ø „operated automatically“ Ø Synonyms: automatic, laborsaving, robotic, self- acting, self-operating, self-regulating Ø Not people doing it manually DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201912 Source: https://www.merriam-webster.com/dictionary/automated
Compliance Automation is Very Hard! DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201913 Automation friendly? How to check?
14 git ?CI CD Engineering Teams DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
15 git ?CI CD DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019 WHAT HOW Declarative Descriptions Deployment Automation Test for Compliance Test for Correctness Product Teams Platform Teams
Test for Compliance Declarative Descriptions Example DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201916 stage_deploy: script: - ssh user@host "mkdir htdocs/_tmp" - scp -r build/* user@host:htdocs/_tmp - ssh user@host "mv htdocs/live htdocs/_old && mv htdocs/_tmp htdocs/live" - ssh user@host "rm -rf htdocs/_old" gitlab-ci.yaml stage_deploy: image: deploy_with_ssh script: config.properties gitlab-ci.yaml #!/bin/bash source "$1" ssh $TARGET "mkdir $DIR/_tmp" scp -r $SRC/* "$TARGET:$DIR/_tmp" ssh $TARGET "mv $DIR/$NAME $DIR/_old && mv $DIR/_tmp $DIR/$NAME" ssh $TARGET "rm -rf $DIR/_old" Docker Image deploy_with_ssh ENTRYPOINT TARGET=user@host SRC=build DIR=htdocs NAME=live config.properties Test for Correctness Source: https://docs.gitlab.com/ee/ci/examples/deployment/composer-npm-deploy.html
Test for Compliance Declarative Descriptions Example DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201917 stage_deploy: script: - ssh user@host "mkdir htdocs/_tmp" - scp -r build/* user@host:htdocs/_tmp - ssh user@host "mv htdocs/live htdocs/_old && mv htdocs/_tmp htdocs/live" - ssh user@host "rm -rf htdocs/_old" gitlab-ci.yaml stage_deploy: image: deploy_with_ssh script: config.properties gitlab-ci.yaml #!/bin/bash source "$1" ssh $TARGET "mkdir $DIR/_tmp" scp -r $SRC/* "$TARGET:$DIR/_tmp" ssh $TARGET "mv $DIR/$NAME $DIR/_old && mv $DIR/_tmp $DIR/$NAME" ssh $TARGET "rm -rf $DIR/_old" Docker Image deploy_with_ssh ENTRYPOINT TARGET=user@host SRC=build DIR=htdocs NAME=live config.properties Test for Correctness Source: https://docs.gitlab.com/ee/ci/examples/deployment/composer-npm-deploy.html C ode (H ow ) Config (W hat)
Declarative Descriptions → Automated Governance DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201918 Config Tools Cloud Formation aws cf create Kubernetes Manifest kubectl apply Swagger YAML Terraform YAML … AndroidManifest.xml … Test Strategy Static Code Analysis Linting Integration Tests Unit Tests
Declarative Descriptions → Automated Governance DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201919 Config Cloud Formation Kubernetes Manifest Swagger YAML Terraform YAML … AndroidManifest.xml Compliance Check cfn-nag: Linting tool for CloudFormation templates K8S Admission Controller / OPA Gatekeeper zally: A minimalistic, simple-to-use API linter terraform-compliance.com . . . Tools aws cf create kubectl apply … ?CI CD Compliant! Automated Compliance Checks as Quality Gate for Deployments
Everything as code Managed Pipeline git commit Feedback-/ Improvement-Loop GitLabCI Certified Changes – Compliant by default! Certified Space AWS Azure K8S DB custom cloud services (DNS, Proxy …) DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201920 Non Functional Requirements Automation „on the border“ to the certified space
DevOps' Seven Deadly Diseases - John Willis DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201921 https://youtu.be/jdN3E9OwFoE https://itrevolution.com/book/devops-automated-governance-reference-architecture/
Summary: Compliant by Default! DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201922 1. Think in Code: Build Tools 2. Craft precise policies: Easy to automate checks 3. Production is Your Certified Space 4. Every Change in Pro- duction Starts in git 5. Declarative Descriptions
Q&A DevOps bit.ly/5pdops Contact @schlomoschapiro schlomo.schapiro@ deutschebahn.com Slides go.schapiro.org/slides DB Systel Vorträge DevOps ist normal Mittwoch, 14:00 Hörsaal Arnold Schönberg DevOps im Konzern: Autonomie von DevOps Teams vs. Betriebssicherheit Donnerstag, 14:00 Hörsaal Arnold Schönberg
Vielen Dank für Ihre Aufmerksamkeit

Recommended

Compliant by Default - Digitaler Wandel - 14.08.2019 - Schlomo Schapiro
Compliant by Default - Digitaler Wandel - 14.08.2019 - Schlomo SchapiroCompliant by Default - Digitaler Wandel - 14.08.2019 - Schlomo Schapiro
Compliant by Default - Digitaler Wandel - 14.08.2019 - Schlomo Schapiro
Schlomo Schapiro
 
Compliant by Default - Continuous Delivery at DB Systel - 16.10.2018 - Schlom...
Compliant by Default - Continuous Delivery at DB Systel - 16.10.2018 - Schlom...Compliant by Default - Continuous Delivery at DB Systel - 16.10.2018 - Schlom...
Compliant by Default - Continuous Delivery at DB Systel - 16.10.2018 - Schlom...
Schlomo Schapiro
 
DevOps ist normal - DevOps Essentials 2019 - Schlomo Schapiro
DevOps ist normal - DevOps Essentials 2019 - Schlomo SchapiroDevOps ist normal - DevOps Essentials 2019 - Schlomo Schapiro
DevOps ist normal - DevOps Essentials 2019 - Schlomo Schapiro
Schlomo Schapiro
 
The GitOps Journey - GitOpsCon EU 2021 - Schlomo Schapiro
The GitOps Journey - GitOpsCon EU 2021 - Schlomo SchapiroThe GitOps Journey - GitOpsCon EU 2021 - Schlomo Schapiro
The GitOps Journey - GitOpsCon EU 2021 - Schlomo Schapiro
Schlomo Schapiro
 
Kubernetes - Shifting the mindset from servers to containers - microxchg 201...
Kubernetes - Shifting the mindset from servers to containers - microxchg 201...Kubernetes - Shifting the mindset from servers to containers - microxchg 201...
Kubernetes - Shifting the mindset from servers to containers - microxchg 201...
Schlomo Schapiro
 
The Role of GitOps in IT Strategy - June 2021 - Schlomo Schapiro
The Role of GitOps in IT Strategy - June 2021 - Schlomo SchapiroThe Role of GitOps in IT Strategy - June 2021 - Schlomo Schapiro
The Role of GitOps in IT Strategy - June 2021 - Schlomo Schapiro
Schlomo Schapiro
 
The Devops Driving School - DevOps Gathering 2019 - Schlomo Schapiro
The Devops Driving School - DevOps Gathering 2019 - Schlomo SchapiroThe Devops Driving School - DevOps Gathering 2019 - Schlomo Schapiro
The Devops Driving School - DevOps Gathering 2019 - Schlomo Schapiro
Schlomo Schapiro
 
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
Schlomo Schapiro
 

Recommended

Compliant by Default - Digitaler Wandel - 14.08.2019 - Schlomo Schapiro
Compliant by Default - Digitaler Wandel - 14.08.2019 - Schlomo SchapiroCompliant by Default - Digitaler Wandel - 14.08.2019 - Schlomo Schapiro
Compliant by Default - Digitaler Wandel - 14.08.2019 - Schlomo Schapiro
Schlomo Schapiro
 
Compliant by Default - Continuous Delivery at DB Systel - 16.10.2018 - Schlom...
Compliant by Default - Continuous Delivery at DB Systel - 16.10.2018 - Schlom...Compliant by Default - Continuous Delivery at DB Systel - 16.10.2018 - Schlom...
Compliant by Default - Continuous Delivery at DB Systel - 16.10.2018 - Schlom...
Schlomo Schapiro
 
DevOps ist normal - DevOps Essentials 2019 - Schlomo Schapiro
DevOps ist normal - DevOps Essentials 2019 - Schlomo SchapiroDevOps ist normal - DevOps Essentials 2019 - Schlomo Schapiro
DevOps ist normal - DevOps Essentials 2019 - Schlomo Schapiro
Schlomo Schapiro
 
The GitOps Journey - GitOpsCon EU 2021 - Schlomo Schapiro
The GitOps Journey - GitOpsCon EU 2021 - Schlomo SchapiroThe GitOps Journey - GitOpsCon EU 2021 - Schlomo Schapiro
The GitOps Journey - GitOpsCon EU 2021 - Schlomo Schapiro
Schlomo Schapiro
 
Kubernetes - Shifting the mindset from servers to containers - microxchg 201...
Kubernetes - Shifting the mindset from servers to containers - microxchg 201...Kubernetes - Shifting the mindset from servers to containers - microxchg 201...
Kubernetes - Shifting the mindset from servers to containers - microxchg 201...
Schlomo Schapiro
 
The Role of GitOps in IT Strategy - June 2021 - Schlomo Schapiro
The Role of GitOps in IT Strategy - June 2021 - Schlomo SchapiroThe Role of GitOps in IT Strategy - June 2021 - Schlomo Schapiro
The Role of GitOps in IT Strategy - June 2021 - Schlomo Schapiro
Schlomo Schapiro
 
The Devops Driving School - DevOps Gathering 2019 - Schlomo Schapiro
The Devops Driving School - DevOps Gathering 2019 - Schlomo SchapiroThe Devops Driving School - DevOps Gathering 2019 - Schlomo Schapiro
The Devops Driving School - DevOps Gathering 2019 - Schlomo Schapiro
Schlomo Schapiro
 
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
The GitOps Journey - Schlomo Schapiro - Berlin DevOps Meetup 2021-11
Schlomo Schapiro
 
GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
Schlomo Schapiro
 
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Schlomo Schapiro
 
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital AgeGUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
Schlomo Schapiro
 
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
Schlomo Schapiro
 
Generative models in the arts
Generative models in the artsGenerative models in the arts
Generative models in the arts
Jorge Davila-Chacon
 
DevOps in a Nutshell
DevOps in a NutshellDevOps in a Nutshell
DevOps in a Nutshell
Arne Roßmann
 
Replatforming and-cloud-journey cwin18-milan
Replatforming and-cloud-journey cwin18-milanReplatforming and-cloud-journey cwin18-milan
Replatforming and-cloud-journey cwin18-milan
Capgemini
 
Telekom Techtalk - Practical DevOps
Telekom Techtalk - Practical DevOpsTelekom Techtalk - Practical DevOps
Telekom Techtalk - Practical DevOps
Schlomo Schapiro
 
IBM Bluemix Paris Meetup #26 - 20171114 - Extreme Blue Interships
IBM Bluemix Paris Meetup #26 - 20171114 - Extreme Blue IntershipsIBM Bluemix Paris Meetup #26 - 20171114 - Extreme Blue Interships
IBM Bluemix Paris Meetup #26 - 20171114 - Extreme Blue Interships
IBM France Lab
 
10 Lessons We Learned with Cloud Foundry
10 Lessons We Learned with Cloud Foundry10 Lessons We Learned with Cloud Foundry
10 Lessons We Learned with Cloud Foundry
VMware Tanzu
 
Digital transformation buzzword or reality - Alon Fliess
Digital transformation buzzword or reality - Alon FliessDigital transformation buzzword or reality - Alon Fliess
Digital transformation buzzword or reality - Alon Fliess
CodeValue
 
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
VMware Tanzu
 
Creating Web and Mobile Apps with Angular 2 - George Saadeh
Creating Web and Mobile Apps with Angular 2 - George SaadehCreating Web and Mobile Apps with Angular 2 - George Saadeh
Creating Web and Mobile Apps with Angular 2 - George Saadeh
ITCamp
 
Cloud Ambassador Programs
Cloud Ambassador ProgramsCloud Ambassador Programs
Cloud Ambassador Programs
Cloud Study Network
 
Devops, Agile and AI - Cue your Robot Underlords #CLUS2019
Devops, Agile and AI - Cue your Robot Underlords #CLUS2019Devops, Agile and AI - Cue your Robot Underlords #CLUS2019
Devops, Agile and AI - Cue your Robot Underlords #CLUS2019
Marco Coulter
 
Cloud computing
Cloud computingCloud computing
Cloud computing
Petr Kozlik
 
Becoming Product-Centric
Becoming Product-Centric Becoming Product-Centric
Becoming Product-Centric
VMware Tanzu
 
Integration Monday - Logic Apps: Development Experiences
Integration Monday - Logic Apps: Development ExperiencesIntegration Monday - Logic Apps: Development Experiences
Integration Monday - Logic Apps: Development Experiences
BizTalk360
 
Architecting the Transformation
Architecting the TransformationArchitecting the Transformation
Architecting the Transformation
Asanka Abeysinghe
 
Hippo nuxeo world
Hippo nuxeo worldHippo nuxeo world
Hippo nuxeo world
serraalink
 
Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo SchapiroWant Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
Schlomo Schapiro
 
Better Than BASH: Scripting Kotlin
Better Than BASH: Scripting KotlinBetter Than BASH: Scripting Kotlin
Better Than BASH: Scripting Kotlin
VMware Tanzu
 

More Related Content

What's hot

GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
Schlomo Schapiro
 
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital AgeGUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
Schlomo Schapiro
 
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
Schlomo Schapiro
 
Telekom Techtalk - Practical DevOps
Telekom Techtalk - Practical DevOpsTelekom Techtalk - Practical DevOps
Telekom Techtalk - Practical DevOps
Schlomo Schapiro
 
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
VMware Tanzu
 
Hippo nuxeo world
Hippo nuxeo worldHippo nuxeo world
Hippo nuxeo world
serraalink
 

What's hot (20)

GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
GUUG FFG 2017 - DevOps for Everybody - How the entire company can benefit fro...
 
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
Open Source Contribution Policy at DB Systel - Schlomo Schapiro - AK Open Sou...
 
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital AgeGUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
GUUG FFG 2017 - DevOps for Everybody - A Workplace Strategy for the Digital Age
 
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
The Role of GitOps in IT-Strategy - November 2021 - Schlomo Schapiro - Contin...
 
Generative models in the arts
Generative models in the artsGenerative models in the arts
Generative models in the arts
 
DevOps in a Nutshell
DevOps in a NutshellDevOps in a Nutshell
DevOps in a Nutshell
 
Replatforming and-cloud-journey cwin18-milan
Replatforming and-cloud-journey cwin18-milanReplatforming and-cloud-journey cwin18-milan
Replatforming and-cloud-journey cwin18-milan
 
Telekom Techtalk - Practical DevOps
Telekom Techtalk - Practical DevOpsTelekom Techtalk - Practical DevOps
Telekom Techtalk - Practical DevOps
 
IBM Bluemix Paris Meetup #26 - 20171114 - Extreme Blue Interships
IBM Bluemix Paris Meetup #26 - 20171114 - Extreme Blue IntershipsIBM Bluemix Paris Meetup #26 - 20171114 - Extreme Blue Interships
IBM Bluemix Paris Meetup #26 - 20171114 - Extreme Blue Interships
 
10 Lessons We Learned with Cloud Foundry
10 Lessons We Learned with Cloud Foundry10 Lessons We Learned with Cloud Foundry
10 Lessons We Learned with Cloud Foundry
 
Digital transformation buzzword or reality - Alon Fliess
Digital transformation buzzword or reality - Alon FliessDigital transformation buzzword or reality - Alon Fliess
Digital transformation buzzword or reality - Alon Fliess
 
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
Pivotal Digital Transformation Forum: Requirements to Deliver Innovation to M...
 
Creating Web and Mobile Apps with Angular 2 - George Saadeh
Creating Web and Mobile Apps with Angular 2 - George SaadehCreating Web and Mobile Apps with Angular 2 - George Saadeh
Creating Web and Mobile Apps with Angular 2 - George Saadeh
 
Cloud Ambassador Programs
Cloud Ambassador ProgramsCloud Ambassador Programs
Cloud Ambassador Programs
 
Devops, Agile and AI - Cue your Robot Underlords #CLUS2019
Devops, Agile and AI - Cue your Robot Underlords #CLUS2019Devops, Agile and AI - Cue your Robot Underlords #CLUS2019
Devops, Agile and AI - Cue your Robot Underlords #CLUS2019
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Becoming Product-Centric
Becoming Product-Centric Becoming Product-Centric
Becoming Product-Centric
 
Integration Monday - Logic Apps: Development Experiences
Integration Monday - Logic Apps: Development ExperiencesIntegration Monday - Logic Apps: Development Experiences
Integration Monday - Logic Apps: Development Experiences
 
Architecting the Transformation
Architecting the TransformationArchitecting the Transformation
Architecting the Transformation
 
Hippo nuxeo world
Hippo nuxeo worldHippo nuxeo world
Hippo nuxeo world
 

Similar to Automated Governance - Continous Lifecycle 2019 - Schlomo Schapiro

Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo SchapiroWant Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
Schlomo Schapiro
 
Openbar 2 - Leuven - Faros - Invisible Infrastructure
Openbar 2 - Leuven - Faros - Invisible InfrastructureOpenbar 2 - Leuven - Faros - Invisible Infrastructure
Openbar 2 - Leuven - Faros - Invisible Infrastructure
Openbar
 
DevSecCon Seattle 2019: Decentralized Authorization - Implementing Fine Grain...
DevSecCon Seattle 2019: Decentralized Authorization - Implementing Fine Grain...DevSecCon Seattle 2019: Decentralized Authorization - Implementing Fine Grain...
DevSecCon Seattle 2019: Decentralized Authorization - Implementing Fine Grain...
DevSecCon
 
JavaOne 2015 Devops and the Darkside CON6447
JavaOne 2015 Devops and the Darkside CON6447JavaOne 2015 Devops and the Darkside CON6447
JavaOne 2015 Devops and the Darkside CON6447
Steve Poole
 

Similar to Automated Governance - Continous Lifecycle 2019 - Schlomo Schapiro (20)

Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo SchapiroWant Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
Want Digitalisation, have Cloud - DevSecOps Days 2021 - Schlomo Schapiro
 
Better Than BASH: Scripting Kotlin
Better Than BASH: Scripting KotlinBetter Than BASH: Scripting Kotlin
Better Than BASH: Scripting Kotlin
 
Building a Data Exchange with Spring Cloud Data Flow
Building a Data Exchange with Spring Cloud Data FlowBuilding a Data Exchange with Spring Cloud Data Flow
Building a Data Exchange with Spring Cloud Data Flow
 
Infrastructure-as-Code with Pulumi - Better than all the others (like Ansible)?
Infrastructure-as-Code with Pulumi - Better than all the others (like Ansible)?Infrastructure-as-Code with Pulumi - Better than all the others (like Ansible)?
Infrastructure-as-Code with Pulumi - Better than all the others (like Ansible)?
 
SDLC for Pivotal Platform powered by Spring Initializr and Concourse
SDLC for Pivotal Platform powered by Spring Initializr and ConcourseSDLC for Pivotal Platform powered by Spring Initializr and Concourse
SDLC for Pivotal Platform powered by Spring Initializr and Concourse
 
Policy Enforcement on Kubernetes with Open Policy Agent
Policy Enforcement on Kubernetes with Open Policy AgentPolicy Enforcement on Kubernetes with Open Policy Agent
Policy Enforcement on Kubernetes with Open Policy Agent
 
DriveBuild: Automation of Simulation-based Testing of Autonomous Vehicles
DriveBuild: Automation of Simulation-based Testing of Autonomous VehiclesDriveBuild: Automation of Simulation-based Testing of Autonomous Vehicles
DriveBuild: Automation of Simulation-based Testing of Autonomous Vehicles
 
AI APIs as a Catalyst for Machine Learning Initiatives
AI APIs as a Catalyst for Machine Learning InitiativesAI APIs as a Catalyst for Machine Learning Initiatives
AI APIs as a Catalyst for Machine Learning Initiatives
 
Openbar 2 - Leuven - Faros - Invisible Infrastructure
Openbar 2 - Leuven - Faros - Invisible InfrastructureOpenbar 2 - Leuven - Faros - Invisible Infrastructure
Openbar 2 - Leuven - Faros - Invisible Infrastructure
 
DevSecCon Seattle 2019: Decentralized Authorization - Implementing Fine Grain...
DevSecCon Seattle 2019: Decentralized Authorization - Implementing Fine Grain...DevSecCon Seattle 2019: Decentralized Authorization - Implementing Fine Grain...
DevSecCon Seattle 2019: Decentralized Authorization - Implementing Fine Grain...
 
Decentralized Authorization
Decentralized AuthorizationDecentralized Authorization
Decentralized Authorization
 
Modern Data Platforms
Modern Data Platforms Modern Data Platforms
Modern Data Platforms
 
Power bi and azure ml
Power bi and azure mlPower bi and azure ml
Power bi and azure ml
 
Build Machine Learning Models with Amazon SageMaker (April 2019)
Build Machine Learning Models with Amazon SageMaker (April 2019)Build Machine Learning Models with Amazon SageMaker (April 2019)
Build Machine Learning Models with Amazon SageMaker (April 2019)
 
Simplified Data Preparation for Machine Learning in Hybrid and Multi Clouds
Simplified Data Preparation for Machine Learning in Hybrid and Multi CloudsSimplified Data Preparation for Machine Learning in Hybrid and Multi Clouds
Simplified Data Preparation for Machine Learning in Hybrid and Multi Clouds
 
Cloud Foundry for Data Science
Cloud Foundry for Data ScienceCloud Foundry for Data Science
Cloud Foundry for Data Science
 
Informix into the future13 july2017
Informix into the future13 july2017Informix into the future13 july2017
Informix into the future13 july2017
 
The future of AI & ML in Cognitive Discovery
The future of AI & ML in Cognitive DiscoveryThe future of AI & ML in Cognitive Discovery
The future of AI & ML in Cognitive Discovery
 
JavaOne 2015 Devops and the Darkside CON6447
JavaOne 2015 Devops and the Darkside CON6447JavaOne 2015 Devops and the Darkside CON6447
JavaOne 2015 Devops and the Darkside CON6447
 
BRKINI-1679.pdf
BRKINI-1679.pdfBRKINI-1679.pdf
BRKINI-1679.pdf
 

More from Schlomo Schapiro

The Role of GitOps in IT-Strategy v2 - July 2022 - Schlomo Schapiro
The Role of GitOps in IT-Strategy v2 - July 2022 - Schlomo SchapiroThe Role of GitOps in IT-Strategy v2 - July 2022 - Schlomo Schapiro
The Role of GitOps in IT-Strategy v2 - July 2022 - Schlomo Schapiro
Schlomo Schapiro
 
Root for all - measuring DevOps adoption - microxchg 2018 - Schlomo Schapiro
Root for all - measuring DevOps adoption - microxchg 2018 - Schlomo SchapiroRoot for all - measuring DevOps adoption - microxchg 2018 - Schlomo Schapiro
Root for all - measuring DevOps adoption - microxchg 2018 - Schlomo Schapiro
Schlomo Schapiro
 
OSDC 2016 - Hybrid Cloud - A Cloud Migration Strategy
OSDC 2016 - Hybrid Cloud - A Cloud Migration StrategyOSDC 2016 - Hybrid Cloud - A Cloud Migration Strategy
OSDC 2016 - Hybrid Cloud - A Cloud Migration Strategy
Schlomo Schapiro
 
SE 2015 DevOps Risk Mitigation - Test Driven Infrastructure
SE 2015 DevOps Risk Mitigation - Test Driven InfrastructureSE 2015 DevOps Risk Mitigation - Test Driven Infrastructure
SE 2015 DevOps Risk Mitigation - Test Driven Infrastructure
Schlomo Schapiro
 
OSDC 2014 Test Driven Infrastructure
OSDC 2014 Test Driven InfrastructureOSDC 2014 Test Driven Infrastructure
OSDC 2014 Test Driven Infrastructure
Schlomo Schapiro
 
PyCon 2013 - Distributed Monitoring Configuration
PyCon 2013 - Distributed Monitoring ConfigurationPyCon 2013 - Distributed Monitoring Configuration
PyCon 2013 - Distributed Monitoring Configuration
Schlomo Schapiro
 
PyCon 2013 - Open Source Sponsoring - und den Chef damit überzeugen
PyCon 2013 - Open Source Sponsoring - und den Chef damit überzeugenPyCon 2013 - Open Source Sponsoring - und den Chef damit überzeugen
PyCon 2013 - Open Source Sponsoring - und den Chef damit überzeugen
Schlomo Schapiro
 
Viele Server - Wenig Arbeit: Betriebsautomation bei ImmobilienScout24
Viele Server - Wenig Arbeit: Betriebsautomation bei ImmobilienScout24Viele Server - Wenig Arbeit: Betriebsautomation bei ImmobilienScout24
Viele Server - Wenig Arbeit: Betriebsautomation bei ImmobilienScout24
Schlomo Schapiro
 
Linux tag 2013 Data Center Automation with YADT
Linux tag 2013 Data Center Automation with YADTLinux tag 2013 Data Center Automation with YADT
Linux tag 2013 Data Center Automation with YADT
Schlomo Schapiro
 

More from Schlomo Schapiro (17)

The Role of GitOps in IT-Strategy v2 - July 2022 - Schlomo Schapiro
The Role of GitOps in IT-Strategy v2 - July 2022 - Schlomo SchapiroThe Role of GitOps in IT-Strategy v2 - July 2022 - Schlomo Schapiro
The Role of GitOps in IT-Strategy v2 - July 2022 - Schlomo Schapiro
 
Schlomo Schapiro - Why I like to use the proprietary Cloud services without f...
Schlomo Schapiro - Why I like to use the proprietary Cloud services without f...Schlomo Schapiro - Why I like to use the proprietary Cloud services without f...
Schlomo Schapiro - Why I like to use the proprietary Cloud services without f...
 
DevOps + Continuous Delivery + Cloud: The Three Drivers of Enterprise Agility...
DevOps + Continuous Delivery + Cloud: The Three Drivers of Enterprise Agility...DevOps + Continuous Delivery + Cloud: The Three Drivers of Enterprise Agility...
DevOps + Continuous Delivery + Cloud: The Three Drivers of Enterprise Agility...
 
Root for all - measuring DevOps adoption - microxchg 2018 - Schlomo Schapiro
Root for all - measuring DevOps adoption - microxchg 2018 - Schlomo SchapiroRoot for all - measuring DevOps adoption - microxchg 2018 - Schlomo Schapiro
Root for all - measuring DevOps adoption - microxchg 2018 - Schlomo Schapiro
 
OSDC 2016 - Hybrid Cloud - A Cloud Migration Strategy
OSDC 2016 - Hybrid Cloud - A Cloud Migration StrategyOSDC 2016 - Hybrid Cloud - A Cloud Migration Strategy
OSDC 2016 - Hybrid Cloud - A Cloud Migration Strategy
 
WARNING is a waste of my time
WARNING is a waste of my timeWARNING is a waste of my time
WARNING is a waste of my time
 
SE 2015 DevOps Risk Mitigation - Test Driven Infrastructure
SE 2015 DevOps Risk Mitigation - Test Driven InfrastructureSE 2015 DevOps Risk Mitigation - Test Driven Infrastructure
SE 2015 DevOps Risk Mitigation - Test Driven Infrastructure
 
DevOps, Agile and Open Source at ImmobilienScout24
DevOps, Agile and Open Source at ImmobilienScout24DevOps, Agile and Open Source at ImmobilienScout24
DevOps, Agile and Open Source at ImmobilienScout24
 
EuroPython 2014 YAML Reader Lightning Talk
EuroPython 2014 YAML Reader Lightning TalkEuroPython 2014 YAML Reader Lightning Talk
EuroPython 2014 YAML Reader Lightning Talk
 
EuroPython 2014 Devops Risk Mitigation
EuroPython 2014 Devops Risk MitigationEuroPython 2014 Devops Risk Mitigation
EuroPython 2014 Devops Risk Mitigation
 
OSDC 2014 Test Driven Infrastructure
OSDC 2014 Test Driven InfrastructureOSDC 2014 Test Driven Infrastructure
OSDC 2014 Test Driven Infrastructure
 
PyCon 2013 - Distributed Monitoring Configuration
PyCon 2013 - Distributed Monitoring ConfigurationPyCon 2013 - Distributed Monitoring Configuration
PyCon 2013 - Distributed Monitoring Configuration
 
PyCon 2013 Test Driven Infrastructure
PyCon 2013 Test Driven InfrastructurePyCon 2013 Test Driven Infrastructure
PyCon 2013 Test Driven Infrastructure
 
PyCon 2013 - Open Source Sponsoring - und den Chef damit überzeugen
PyCon 2013 - Open Source Sponsoring - und den Chef damit überzeugenPyCon 2013 - Open Source Sponsoring - und den Chef damit überzeugen
PyCon 2013 - Open Source Sponsoring - und den Chef damit überzeugen
 
Viele Server - Wenig Arbeit: Betriebsautomation bei ImmobilienScout24
Viele Server - Wenig Arbeit: Betriebsautomation bei ImmobilienScout24Viele Server - Wenig Arbeit: Betriebsautomation bei ImmobilienScout24
Viele Server - Wenig Arbeit: Betriebsautomation bei ImmobilienScout24
 
LinuxTag 2013 Relax and Recover - Disaster Recovery for UEFI Systems
LinuxTag 2013 Relax and Recover - Disaster Recovery for UEFI SystemsLinuxTag 2013 Relax and Recover - Disaster Recovery for UEFI Systems
LinuxTag 2013 Relax and Recover - Disaster Recovery for UEFI Systems
 
Linux tag 2013 Data Center Automation with YADT
Linux tag 2013 Data Center Automation with YADTLinux tag 2013 Data Center Automation with YADT
Linux tag 2013 Data Center Automation with YADT
 

Recently uploaded

08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 

Recently uploaded (20)

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 

Automated Governance - Continous Lifecycle 2019 - Schlomo Schapiro

  • 1. Automated Governance DB Systel GmbH | Schlomo Schapiro | Chief Technology Office | 12-13.11.2019 Platzhalter für Titelbild – Hier können Sie Bilder aus der Mediathek einfügen! Placeholder for title picture – You can insert here pictures from the Mediathek! Pixabay / 4423750 @schlomoschapiroThis work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License (with the exception of the stock images with copyright notice)
  • 2. DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.20192 https://pixabay.com/i-3303396
  • 3. Problem? What is governance? Ø Align IT strategy with business strategy Ø Make sure we have and keep rules DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.20193
  • 4. 4 git ?CI CD Engineering Teams DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
  • 5. 5 git ?CI CD Engineering Teams Architecture & Governance Security & Compliance DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
  • 6. DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.20196 20/day 20 / day / team ??? We can´t check everything! We can‘t work! Challanges: • Time to Market vs. Stability? • Change Frequency vs. Risk & Security? • Governance & Compliance? • You build it – you run it? • DevOps???
  • 7. 7 git ?CI CD Engineering Teams Non Functional Requirements DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
  • 8. 8 git ?CI CD Engineering Teams Non Functional Requirements DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
  • 9. 9 git ? git git CI CD Engineering Teams Governance Security DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
  • 10. 10 git ? git git CI CD Engineering Teams Governance Security Compliant! DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
  • 11. 11 git ? git git CI CD Engineering Teams Governance Security Compliant! Dev- Sec- Arc- Ops DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
  • 12. What is automated? Ø „operated automatically“ Ø Synonyms: automatic, laborsaving, robotic, self- acting, self-operating, self-regulating Ø Not people doing it manually DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201912 Source: https://www.merriam-webster.com/dictionary/automated
  • 13. Compliance Automation is Very Hard! DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201913 Automation friendly? How to check?
  • 14. 14 git ?CI CD Engineering Teams DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019
  • 15. 15 git ?CI CD DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.2019 WHAT HOW Declarative Descriptions Deployment Automation Test for Compliance Test for Correctness Product Teams Platform Teams
  • 16. Test for Compliance Declarative Descriptions Example DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201916 stage_deploy: script: - ssh user@host "mkdir htdocs/_tmp" - scp -r build/* user@host:htdocs/_tmp - ssh user@host "mv htdocs/live htdocs/_old && mv htdocs/_tmp htdocs/live" - ssh user@host "rm -rf htdocs/_old" gitlab-ci.yaml stage_deploy: image: deploy_with_ssh script: config.properties gitlab-ci.yaml #!/bin/bash source "$1" ssh $TARGET "mkdir $DIR/_tmp" scp -r $SRC/* "$TARGET:$DIR/_tmp" ssh $TARGET "mv $DIR/$NAME $DIR/_old && mv $DIR/_tmp $DIR/$NAME" ssh $TARGET "rm -rf $DIR/_old" Docker Image deploy_with_ssh ENTRYPOINT TARGET=user@host SRC=build DIR=htdocs NAME=live config.properties Test for Correctness Source: https://docs.gitlab.com/ee/ci/examples/deployment/composer-npm-deploy.html
  • 17. Test for Compliance Declarative Descriptions Example DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201917 stage_deploy: script: - ssh user@host "mkdir htdocs/_tmp" - scp -r build/* user@host:htdocs/_tmp - ssh user@host "mv htdocs/live htdocs/_old && mv htdocs/_tmp htdocs/live" - ssh user@host "rm -rf htdocs/_old" gitlab-ci.yaml stage_deploy: image: deploy_with_ssh script: config.properties gitlab-ci.yaml #!/bin/bash source "$1" ssh $TARGET "mkdir $DIR/_tmp" scp -r $SRC/* "$TARGET:$DIR/_tmp" ssh $TARGET "mv $DIR/$NAME $DIR/_old && mv $DIR/_tmp $DIR/$NAME" ssh $TARGET "rm -rf $DIR/_old" Docker Image deploy_with_ssh ENTRYPOINT TARGET=user@host SRC=build DIR=htdocs NAME=live config.properties Test for Correctness Source: https://docs.gitlab.com/ee/ci/examples/deployment/composer-npm-deploy.html C ode (H ow ) Config (W hat)
  • 18. Declarative Descriptions → Automated Governance DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201918 Config Tools Cloud Formation aws cf create Kubernetes Manifest kubectl apply Swagger YAML Terraform YAML … AndroidManifest.xml … Test Strategy Static Code Analysis Linting Integration Tests Unit Tests
  • 19. Declarative Descriptions → Automated Governance DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201919 Config Cloud Formation Kubernetes Manifest Swagger YAML Terraform YAML … AndroidManifest.xml Compliance Check cfn-nag: Linting tool for CloudFormation templates K8S Admission Controller / OPA Gatekeeper zally: A minimalistic, simple-to-use API linter terraform-compliance.com . . . Tools aws cf create kubectl apply … ?CI CD Compliant! Automated Compliance Checks as Quality Gate for Deployments
  • 20. Everything as code Managed Pipeline git commit Feedback-/ Improvement-Loop GitLabCI Certified Changes – Compliant by default! Certified Space AWS Azure K8S DB custom cloud services (DNS, Proxy …) DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201920 Non Functional Requirements Automation „on the border“ to the certified space
  • 21. DevOps' Seven Deadly Diseases - John Willis DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201921 https://youtu.be/jdN3E9OwFoE https://itrevolution.com/book/devops-automated-governance-reference-architecture/
  • 22. Summary: Compliant by Default! DB Systel | Schlomo Schapiro | @schlomoschapiro | 13-14.11.201922 1. Think in Code: Build Tools 2. Craft precise policies: Easy to automate checks 3. Production is Your Certified Space 4. Every Change in Pro- duction Starts in git 5. Declarative Descriptions
  • 23. Q&A DevOps bit.ly/5pdops Contact @schlomoschapiro schlomo.schapiro@ deutschebahn.com Slides go.schapiro.org/slides DB Systel Vorträge DevOps ist normal Mittwoch, 14:00 Hörsaal Arnold Schönberg DevOps im Konzern: Autonomie von DevOps Teams vs. Betriebssicherheit Donnerstag, 14:00 Hörsaal Arnold Schönberg
  • 24. Vielen Dank für Ihre Aufmerksamkeit