CI/CD tools can help a team automate development, deployment, and testing. Some tools specifically handle the source code integration (CI), some manage development and deployment (CD), while others specialize in continuous testing or related functions. Below are some of the industry standard CI/CD tools,
- Azure DevOps
Artefact repository stores the artifacts built using the CI / CD pipelines, an artifact repository should have the below capabilities,
- Support for artefact signing
- RBAC support
- Integration with vulnerability scanners
- Continuous security scanning
JFrog Artifactory and Nexus along with cloud artifact registries address this space
Observability is the extent to which you can understand the internal state or condition of a complex system based only on knowledge of its external outputs. It also refers to software tools and practices for aggregating, correlating and analyzing a steady stream of performance data from a distributed application along with the hardware and network it runs on, in order to more effectively monitor, troubleshoot and debug the application and the network to meet customer experience expectations, service level agreements (SLAs) and other business requirements. Observability focuses on three main telemetry types:
- Logs. Logs are granular, timestamped, complete and immutable records of application events. Among other things, logs can be used to create a high-fidelity, record of every event, complete with surrounding context for troubleshooting and debugging purposes.
- Metrics. Metrics are fundamental measures of application and system health over a given period of time, such as how much memory or CPU capacity an application uses over a five-minute span, or how much latency an application experiences during a spike in usage.
- Traces. Traces record the end-to-end ‘journey’ of every user request, from the UI or mobile app through the entire distributed architecture and back to the user.
Below Observability stack is the industry standard open-source choice
A managed infrastructure ensures that the resources are secured, load-balanced, configured, regularly backed up and monitored for compliance, and can scale up or down according to the requirement. However, manually performing these tasks for multiple enterprise-level solutions is not feasible. That is why infrastructure automation is a sought-after practice in DevOps. Infrastructure automation enables developers or the operations team to automatically manage, monitor, and facilitate resources instead of manually configuring hardware, software, or operating systems. There are two approaches to program an infrastructure: declarative programming and imperative programming. Infrastructure automation tools using declarative programming approach such as Terraform and Ansible are preferred
Containers are a common option for deploying and managing software in the cloud. Containers are used to abstract applications from the physical environment in which they are running. A container packages all dependencies related to a software component, and runs them in an isolated environment. Containerized applications are easier to migrate to the cloud. Containers also make it easier to leverage the extensive automation capabilities of the cloud—they can easily be deployed, cloned or modified using APIs provided by the container engine or orchestrator. Containers provide an easier way to modernize a legacy application (a model known as “lift and shift”).
Docker is a software platform that allows you to build, test, and deploy applications it packages software into containers that have everything the software needs to run including libraries, system tools, code, and runtime. Docker is an operating system for containers. Similar to how a virtual machine virtualizes (removes the need to directly manage) server hardware, containers virtualize the operating system of a server. Docker is installed on each server and provides simple commands you can use to build, start, or stop containers.
With application workloads increasingly getting containerized, Kubernetes automatically manages, scales, and maintains multi-container workloads in desired states. Kubernetes turns a collection of physical or virtual hosts (servers) into a platform that:
- Hosts containerized workloads, providing them with compute, storage, and network resources, and
- Automatically manages large numbers of containerized applications — keeping them healthy and available by adapting to changes and challenge
Kubernetes could be realized on cloud as a managed service provided by the cloud service provider or it could be self-managed. It is recommended to adopt cloud managed Kubernetes service like EKS in AWS cloud as it manages the availability and scalability of the Kubernetes control plane nodes which are responsible for scheduling containers, managing application availability, and storing cluster meta-data.
Ref our DevSecOps articles for an in-depth coverage on security
Source code repository & Build
Git based source code reposities like GitHub, BitBucket & GitLab are widely used ones across the industry. Language specific tools are used build , for Ex ANT or Maven for Java, etc.