3. TRUE DEVOPS – DEVELOPMENT + OPERATIONS
3
Development Team
„Developers“
Operations
Team
“SysAdmins“
Thirst for New Features.
velocity and productivity
Focus on Stability.
Performance, reliability, correctness
Conflict, distrust
different backgrounds,
skills, and incentives
DevOps SRE
“Engineers“
Implementing
progressive rollout
Quickly & accurately
detect Problems
Rolling back changes
quickly when
problems arise
Availability
Latency
Performance
Efficiency
Change Management
Monitoring
Emergency Response
Capacity Management
Projects Products
4. 4
My developer moves to another
company
We use 5 different programming
languages in our microservices
application
Difficult to support microservice
application in production
Developers complain about the
waiting time to build and deploy
I have to spend time to make sure
my application performs well
4
IBM 2019
Challenges faced by
microservices development
lead
5. 5
Standardize the framework of microservices for all developers?
Ensure SLA with ability to support the microservice in production without
resource issue
Make my developers more productive, work faster and more efficient
Test and monitor my microservice application
Have an end to end delivery pipeline that we can monitor
Adhere to enterprise standard for production deployment
What if I could …
7. 7
7
From a service
management perspective,
client teams still need to
accomplish the same goals,
but the roles, tools,
methods, and
responsibilities have
changed
Learn more at:
ibm.com/devops/method/content/archite
cture/serviceManagementArchitecture#
0_1
It also covers Cloud
Operations Lifecycle
9. Champ Jane
Champ the Solution
Architect
Jane the Enterprise
Developer
Innovation in Enterprises – The Art of
Balancing Choice and Risk
Empowers developers with
speed and agility while
meeting company policies
and approved technology
choices
Using pre-built, pre-
integrated collections
allows her to develop
faster, think less about
Kubernetes and
infrastructure
Kabanero, an Open Source Platform provides
effective bi-directional collaboration that empowers
Architects, Developers
10. 10
Integrated
Collections
Integrated
Developer Tools
Integrated
DevOps Toolchain
A modern microservices-based framework that
simplifies development, build, and continuous
deploy of apps for Kubernetes and Knative
Serving (Serverless)
Automated end-to-end toolchain from code
check-in to production Kubernetes deploy
Tekton and event driven DevOps
Completely customizable to meet
company policies and choices
Simplify building cloud-native apps in
containers for Kubernetes and Knative
Extensions to industry standard IDEs
Templates and developer focused CLI
100% open source frameworks and
runtimes optimized for cloud-native
Customizable build pipelines
Pre-built Kubernetes deployments
Knative IstioKubernetes
Lifecycle management
100% Open Source
14. UrbanCode DevOps Add-on for IBM Cloud Pak for Applications
Orchestrate and Deploy Applications in microservice and hybrid architectures
Deploy anything anywhere
• Works with traditional WebSphere and JBoss
• Enable a consistent experience across cloud native,
distributed, mobile and z/OS
• Automate deployments from simple to complex
• Enterprise scale: millions of deployments / year
Orchestrate across teams and pipelines of choice
• Coordinate across multiple services and tiers delivered by
different tools and teams
• Orchestrates with Kabenaro to coordinate cloud-native
and traditional
• Measure time to market improvements resulting from
application modernization
IBM Mobile Foundation
Jenkins
IBM Cloud Pak for
Applications
Build, extend deploy,
and run applications
IBM containerized
software
Container
platform and
operational services
IBM Cloud Pak for
Applications
DevOps Add-On
Development team
orchestration and governance
IBM containerize software
Container
platform and
operational services
15. 15
IBM URBANCODE
IS A LEADER!
THE FORRESTER WAVE™:
CONTINUOUS DELIVERY AND RELEASE
AUTOMATION, Q4 2018
Only vendor in the top 3 scores for each
of Product Strategy, Market Presence and
Current Offering
“IB ’s solution is ideal for the largest and
most diverse organizations looking for
enterprise-class product and support”
The Forrester Wave™ is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave™ are trademarks of Forrester Research, Inc. The Forrester Wave™ is a graphical
representation of Forrester's call on a market and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does not endorse any vendor,
product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.
Download the report <Link>
16. WAS
WAS
WAS
WAS
Scenario: DevOps Add-on
• UCD Server running on OpenShift.
• UCD agents on WAS or JBOSS VMs/machines anywhere.
• Pay for VPCs available on the WAS environment
(under management by UrbanCode Deploy)
Benefit from using the Add-on
UCD installs, updates WAS/JBOSS and deploys apps to WAS/JBOSS.
Important features: deployment automation, orchestration, configuration
management, and discovery. Also deploys apps and updates to Mobile
Foundation
Add UrbanCode Velocity for UrbanCode Deploy reporting
(for audit, analytics). Pay 5 VPCs for 1 floating user.
WAS
WAS
WAS
WAS
JBOSS
JBOSS
Mobile
Foundation
JBOSS
Deploy
Velocity
17. A
n
y
w
h
e
r
e
Scenario – DevOps Add-on
• UCD Server and Velocity running on OpenShift.
• UCD agents installed on any endpoint
• Pay for VPCs available on endpoints managed by UCD
• Pay 5 VPCs for each Velocity floating user
Benefit: During the application modernization process, many apps will
be “hybrid”- composed of microservices and traditional components
(like a database). UrbanCode provides deployment automation and
orchestration for hybrid applications. Customers may use Tekton for
Continuous Delivery of microservices, and UrbanCode Deploy or
Jenkins for the traditional components. Velocity manages the multiple
pipelines and provides reporting (for audit, analytics).
Additional Benefit:
UrbanCode provides consistent continuous delivery capabilities for the
application modernization processes made possible by ICPA.
Tekton Microservices
Traditional components
Deploy
Velocity
18. A
n
y
w
h
e
r
e
Scenario: DevOps Add-on
• Tekton used to deploy cloud native apps developed in
Kabanero
• Velocity, running on OpenShift, coordinates across pipelines,
also provides analytics
• Pay 5 VPCs for each Velocity floating user
Benefit:
UrbanCode Velocity coordinates Tekton pipelines – especially
important when there are many microservices to orchestrate.
Tekton
Microservices
Microservices
Microservices
Microservices
Microservices
Velocity
20. Security risks in
microservices
applications
External threat OWASP Top 10
REST API Security
Internal threat – malicious code
Vulnerabilities in the various components
within the container
High business impact to financial industry
21. Securing your
Microservices
Use OAuth for user identity and access control
Use 'defence in depth' to prioritize key services
Don’t write your own crypto code
Use automatic security updates
Use a distributed firewall with centralized control
Get your containers out of the public network
Use security scanners for your containers
Monitor everything with a tool
22. How IBM helps
Your Company
secure your
microservices
application?
Vulnerability advisor
Mutation advisor
Establish Devsecops pipeline
Use trusted Java engine Websphere Liberty
Secure API with security gateway
Implement Istio service mesh
Secure mobile application with mobile platform
23. Deliver application with quality
• Testing is a must
• Shift left testing
• Automate testing with tools
• Integrate testing to the CI/CD
Pipeline
24. Modern testing needs to adapt to the DevOps world
Dev
Dev
Dev
Test
Test
Test
Dev QA
Dev QA
Dev QA
Before DevOps
manual testing
could keep up
In the DevOps
world manual
testing can’t keep
up!
Testing needs to
change with
automation and
collaboration
25. IBM DevOps Solution for Continuous Testing
Presentation
layer
Middleware,
Data, Services
Systems of Record
components
Functional Tester
Web UI Tester
Rational Test Workbench
Integration Tester
Rational
Performance
Test Server
Performance
TesterRational Test
Virtualization Server
RPT
on Cloud
RPT
VT Packs
26. Day 2 Operations
• Implement Cloud Service Management and
Operations
• Monitoring and logging of your multi cloud
Kubernetes
• Manage cloud events and automate the recovery
actions
• Establish centralized control of your Kubernetes and
application clusters
27. IBM Cloud Pak for Multicloud Management
Applications, Security, Data, Operational Services
Overall Solution Capability
Container Environments Red Hat OpenShift
& Others
Cloud Native Workloads
Ansible Automation
PlatformManagement
Private
Clouds
VMwareRHVRHOSPHyperVPowerSystem Z
Private
Clouds
VMwareRHVRHOSPHyperVPowerSystem Z
Virtual Environments – OpenStack, RHEV,
VMware, Public Clouds
Traditional Workloads
Container Environment Management VM environment Management
Application Lifecycle Management
Application and
Infrastructure Monitoring
Event Management &
Remediation
Cloud Workload Protection & Compliance
Backup and
Availability
IBM Confidential - Not for External Distribution
Chargeback
28. Application
Lifecycle
▪ How are conditional gates
enforced with tamper-proof
controls?
▪ How do applications scale on
demand to not only conserve
resources and costs but
account for peak usage?
▪ How are applications’
performance going to be
optimized
Infrastructure
Lifecycle
▪ How do you reduce provisioning
new infrastructure from
hours/days down to seconds?
▪ How are VMs & containers built,
packaged, and deployed across
all clouds?
▪ How is new infrastructure
created? What specifications
required and where should it be
deployed?
▪ Is there an automated process
to scale up or take down
excessive capacity
Cluster
Lifecycle
▪ One cluster can have as many as
5000 nodes, 150,000 pods and
300,000 containers
▪ How are clusters created, scaled
up or down, and retired?
▪ How are nodes within the cluster
kept up to date with the latest
operating system and
Kubernetes patches?
▪ How is tenancy associated with
clusters maintained?
Security &
Compliance Lifecycle
▪ How is identity managed across a
hybrid architecture?
▪ How are the overall compliance
and risk management controls
enforced and audited?
▪ How are keys and certificates
managed for access and
revocation?
Cloud Pak for Multicloud Management – Accelerate with Control
Cloud Pak for Multicloud Management
App and
Infrastructure Multicluster
Security and Compliance
Management
#cpmcm-sales-win-room for all questions