Thursday, August 13, 2020

Automation of CI / CD processes

Speaking of DevOps, it is also worth mentioning that the platform provides for the automatic execution of operations related to testing, compiling and containerizing an application. The platform allows you to upload the application code to the Git repository, after which every time you make changes to the code (or rather, every time you commit these changes to the repository), the compilation, testing and packaging processes are automatically started. The platform then creates an image of the container, which goes into the private repository. The modified version of the application is first published in a test environment so that QA engineers (testers) can check its work. When a decision on a new release is made based on the results, it is carefully delivered to the production environment, while the orchestration system first launches a new version of the program, makes sure that it works,

A farm instead of one pet

Using the platform means using containers - completely isolated environments in which only the components most necessary for its operation are available with the application. When the platform needs to launch an application, it creates new containers (and not one, but several identical ones), deploying them from the image that is available to it in the repository. No matter what happens inside the container, these changes will no longer go back to the repository, containers are constantly created and destroyed. Such an application will not be able to break and add any bookmarks to the code. Why? Firstly, all program files are tightly protected from writing, and, secondly, even if changes were somehow made, all these files are just a copy of the application: they are in a temporary ephemeral container,

Analysis and protection

At the same time, the platform allows you to analyze every request coming from the Internet for potential threats. Before being processed by the load balancer, the request goes through the web application firewall, which determines whether or not it should be allowed through. The firewall checks requests, guided by the signature database, which is constantly updated, while the customer has the ability to both open certain checks and add his own.

Good news!

This year we launched the TuchaKube platform , which provides a range of features. Often, the independent implementation of such functions requires long and painstaking work, comprehension of many fundamentally new concepts, as well as painful searches for an answer to the question: "Why do I need this?" And these functions are not just about security. The platform provides things like:

monitoring a huge number of metrics;

automatic horizontal scaling (by creating the required number of identical containers on various computational nodes, taking into account the current load);

automatic issuance of certificates for TLS connections;

automation of DevOps functions.

How we got there

Since last year, thanks to the wishes of some partners of our company, we were faced with the need to solve the problem of ensuring the automation of CI / CD processes. This led us to heavy use of Docker containers, and then to the use of the Kubernetes orchestration system. Having accumulated a sufficient amount of practical experience, we decided to systematize this experience and derive additional benefit from it for everyone: this is how the revolutionary TuchaKube platform appeared.

Where to find us systems support analyst

By the way, on our YouTube channel you will find two detailed video reviews that demonstrate:

automation of CI / CD processes ;

metrics monitoring and automatic horizontal scaling.

And very soon, we will release two more video reviews that demonstrate how to ensure data persistence and how to use a web application firewall.

No comments:

Post a Comment