Book Image

Learning DevOps

By : Mikael Krief

Book Image

Learning DevOps

By: Mikael Krief

Overview of this book

The implementation of DevOps processes requires the efficient use of various tools, and the choice of these tools is crucial for the sustainability of projects and collaboration between development (Dev) and operations (Ops). This book presents the different patterns and tools that you can use to provision and configure an infrastructure in the cloud. You'll begin by understanding DevOps culture, the application of DevOps in cloud infrastructure, provisioning with Terraform, configuration with Ansible, and image building with Packer. You'll then be taken through source code versioning with Git and the construction of a DevOps CI/CD pipeline using Jenkins, GitLab CI, and Azure Pipelines. This DevOps handbook will also guide you in containerizing and deploying your applications with Docker and Kubernetes. You'll learn how to reduce deployment downtime with blue-green deployment and the feature flags technique, and study DevOps practices for open source projects. Finally, you'll grasp some best practices for reducing the overall application lead time to ensure faster time to market. By the end of this book, you'll have built a solid foundation in DevOps, and developed the skills necessary to enhance a traditional software delivery process using modern software delivery tools and techniques

Preface

Who this book is for

What this book covers

To get the most out of this book

Free Chapter

Section 1: DevOps and Infrastructure as Code

Section 1: DevOps and Infrastructure as Code

DevOps Culture and Practices

DevOps Culture and Practices

Getting started with DevOps

Implementing CI/CD and continuous deployment

Understanding IaC practices

Further reading

Provisioning Cloud Infrastructure with Terraform

Provisioning Cloud Infrastructure with Terraform

Technical requirements

Installing Terraform

Configuring Terraform for Azure

Writing a Terraform script to deploy Azure infrastructure

Deploying the infrastructure with Terraform

Terraform command lines and life cycle

Protecting tfstate in a remote backend

Further reading

Using Ansible for Configuring IaaS Infrastructure

Using Ansible for Configuring IaaS Infrastructure

Technical requirements

Installing Ansible

Creating an inventory for targeting Ansible hosts

Writing the first playbook

Executing Ansible

Protecting data with Ansible Vault

Using a dynamic inventory for Azure infrastructure

Further reading

Optimizing Infrastructure Deployment with Packer

Optimizing Infrastructure Deployment with Packer

Technical requirements

An overview of Packer

Creating Packer templates for Azure VMs with scripts

Using Ansible in a Packer template

Executing Packer

Using a Packer image with Terraform

Further reading

Section 2: DevOps CI/CD Pipeline

Section 2: DevOps CI/CD Pipeline

Managing Your Source Code with Git

Managing Your Source Code with Git

Technical requirements

Overviewing Git and its command lines

Understanding the Git process and GitFlow pattern

Further reading

Continuous Integration and Continuous Delivery

Continuous Integration and Continuous Delivery

Technical requirements

The CI/CD principles

Using a package manager

Using Azure Pipelines

Using GitLab CI

Further reading

Section 3: Containerized Applications with Docker and Kubernetes

Section 3: Containerized Applications with Docker and Kubernetes

Containerizing Your Application with Docker

Containerizing Your Application with Docker

Technical requirements

Installing Docker

Creating a Dockerfile

Building and running a container on a local machine

Pushing an image to Docker Hub

Deploying a container to ACI with a CI/CD pipeline

Further reading

Managing Containers Effectively with Kubernetes

Managing Containers Effectively with Kubernetes

Technical requirements

Installing Kubernetes

First example of Kubernetes application deployment

Using HELM as a package manager

Creating a CI/CD pipeline for Kubernetes with Azure Pipelines

Further reading

Section 4: Testing Your Application

Section 4: Testing Your Application

Testing APIs with Postman

Testing APIs with Postman

Technical requirements

Creating a Postman collection with requests

Using environments and variables to dynamize requests

Writing Postman tests

Executing Postman request tests locally

Understanding the Newman concept

Preparing Postman collections for Newman

Running the Newman command line

Integration of Newman in the CI/CD pipeline process

Further reading

Static Code Analysis with SonarQube

Static Code Analysis with SonarQube

Technical requirements

Exploring SonarQube

Installing SonarQube

Real-time analysis with SonarLint

Executing SonarQube in continuous integration

Further reading

Security and Performance Tests

Security and Performance Tests

Technical requirements

Applying web security and penetration testing with ZAP

Running performance tests with Postman

Further reading

Section 5: Taking DevOps Further

Section 5: Taking DevOps Further

Security in the DevOps Process with DevSecOps

Security in the DevOps Process with DevSecOps

Technical requirements

Testing Azure infrastructure compliance with Chef InSpec

Using the Secure DevOps Kit for Azure

Preserving data with HashiCorp's Vault

Further reading

Reducing Deployment Downtime

Reducing Deployment Downtime

Technical requirements

Reducing deployment downtime with Terraform

Understanding blue-green deployment concepts and patterns

Applying blue-green deployments on Azure

Introducing feature flags

Using an open source framework for feature flags

Using the LaunchDarkly solution

Further reading

DevOps for Open Source Projects

DevOps for Open Source Projects

Technical requirements

Storing the source code in GitHub

Contributing using pull requests

Managing the changelog and release notes

Sharing binaries in GitHub releases

Using Travis CI for continuous integration

Getting started with GitHub Actions

Analyzing code with SonarCloud

Detecting security vulnerabilities with WhiteSource Bolt

Further reading

DevOps Best Practices

DevOps Best Practices

Automating everything

Choosing the right tool

Writing all your configuration in code

Designing the system architecture

Building a good CI/CD pipeline

Integrating tests

Applying security with DevSecOps

Monitoring your system

Evolving project management

Further reading

Assessments

Chapter 1: DevOps Culture and Practices

Chapter 2: Provisioning Cloud Infrastructure with Terraform

Chapter 3: Using Ansible for Configuring IaaS Infrastructure

Chapter 4: Optimizing Infrastructure Deployment with Packer

Chapter 5: Managing Your Source Code with Git

Chapter 6: Continuous Integration and Continuous Delivery

Chapter 7: Containerizing Your Application with Docker

Chapter 8: Managing Containers Effectively with Kubernetes

Chapter 9: Testing APIs with Postman

Chapter 10: Static Code Analysis with SonarQube

Chapter 11: Security and Performance Tests

Chapter 12: Security in the DevOps Process with DevSecOps

Chapter 13: Reducing Deployment Downtime

Chapter 14: DevOps for Open Source Projects

Chapter 15: DevOps Best Practices

Other Books You May Enjoy

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

0

4 star

0

3 star

0

2 star

0

1 star

0

Preserving data with HashiCorp's Vault

Today, when we talk about security in information systems, the most expected topic is the protection of sensitive data between different components of the system. This sensitive data that needs to be protected includes server access passwords, database connections, API authentication tokens, and application user accounts. Indeed, many security attacks occur because this type of data is decrypted in the source code of applications or in poorly protected files that are exposed to local workstations. There are many known tools that can be used to secure this sensitive data, such as these:

KeyPass (https://keepass.info/)
LastPass (https://www.lastpass.com/)
Ansible Vault, the use of which we discussed Chapter 3, Using Ansible for Configuring IaaS Infrastructure
Vault from HashiCorp

Also, cloud providers offer secret protection services...