Book Image

Learning DevOps

By : Mikael Krief
Book Image

Learning DevOps

By: Mikael Krief

Overview of this book

The implementation of DevOps processes requires the efficient use of various tools, and the choice of these tools is crucial for the sustainability of projects and collaboration between development (Dev) and operations (Ops). This book presents the different patterns and tools that you can use to provision and configure an infrastructure in the cloud. You'll begin by understanding DevOps culture, the application of DevOps in cloud infrastructure, provisioning with Terraform, configuration with Ansible, and image building with Packer. You'll then be taken through source code versioning with Git and the construction of a DevOps CI/CD pipeline using Jenkins, GitLab CI, and Azure Pipelines. This DevOps handbook will also guide you in containerizing and deploying your applications with Docker and Kubernetes. You'll learn how to reduce deployment downtime with blue-green deployment and the feature flags technique, and study DevOps practices for open source projects. Finally, you'll grasp some best practices for reducing the overall application lead time to ensure faster time to market. By the end of this book, you'll have built a solid foundation in DevOps, and developed the skills necessary to enhance a traditional software delivery process using modern software delivery tools and techniques
Table of Contents (23 chapters)
Free Chapter
1
Section 1: DevOps and Infrastructure as Code
6
Section 2: DevOps CI/CD Pipeline
9
Section 3: Containerized Applications with Docker and Kubernetes
12
Section 4: Testing Your Application
16
Section 5: Taking DevOps Further

Security in the DevOps Process with DevSecOps

In this book, we have discussed, in detail, DevOps culture as well as the DevOps tools that will facilitate communication and collaboration between developers and operational people (IT Ops).

However, in this union, we have noticed that a very important aspect is often missing, which is security. Indeed, CI/CD pipelines and Infrastructure as Code (IaC) allow faster deployment of infrastructure and applications, but the problem is that to deploy faster, we do not include security teams, which causes the following:

  • Security teams block or slow down deployments and therefore lead to longer deployment cycles.
  • Security problems are detected very late in the infrastructure and in applications.

This is why, for some time now, security has been included in the DevOps culture by becoming a DevSecOps culture more broadly. There is nothing...