Book Image

Learning DevOps.

By : Mikael Krief
Book Image

Learning DevOps.

By: Mikael Krief

Overview of this book

The implementation of DevOps processes requires the efficient use of various tools, and the choice of these tools is crucial for the sustainability of projects and collaboration between development (Dev) and operations (Ops). This book presents the different patterns and tools that you can use to provision and configure an infrastructure in the cloud. You'll begin by understanding DevOps culture, the application of DevOps in cloud infrastructure, provisioning with Terraform, configuration with Ansible, and image building with Packer. You'll then be taken through source code versioning with Git and the construction of a DevOps CI/CD pipeline using Jenkins, GitLab CI, and Azure Pipelines. This DevOps handbook will also guide you in containerizing and deploying your applications with Docker and Kubernetes. You'll learn how to reduce deployment downtime with blue-green deployment and the feature flags technique, and study DevOps practices for open source projects. Finally, you'll grasp some best practices for reducing the overall application lead time to ensure faster time to market. By the end of this book, you'll have built a solid foundation in DevOps, and developed the skills necessary to enhance a traditional software delivery process using modern software delivery tools and techniques
Table of Contents (23 chapters)
Free Chapter
1
Section 1: DevOps and Infrastructure as Code
6
Section 2: DevOps CI/CD Pipeline
9
Section 3: Containerized Applications with Docker and Kubernetes
12
Section 4: Testing Your Application
16
Section 5: Taking DevOps Further

Using the Secure DevOps Kit for Azure

We'll now talk about another very interesting tool that allows you to check the security of Azure infrastructure resources. It is a tool provided by Microsoft, called Secure DevOps Kit for Azure (AzSK) and its complete documentation is here: https://azsk.azurewebsites.net/README.html.

Unlike InSpec, AzSK does not verify the compliance of your Azure infrastructure with architectural requirements but rather will verify that the recommendations and good security practices are applied to your Azure subscription and resources.

AzSK also integrates seamlessly into a CI/CD pipeline and thus allows developers and operational staff to continuously ensure that their Azure resources are secure and do not open security vulnerabilities to unwanted people.

We'll see how to install AzSK; then we'll look at how it is used to verify the security...