Hashicorp App Delivery flow and Tools
The workflow
A) DEVELOPMENT:
First the developer develops the App
B) TESTING:
Once the app is developed, we then move to the next stage of Testing
TDD is complete
C) STATIC Code Analysis:
The next stage is Packaging. This is where we come to the stage of using
1) Configuraiton Management
2) Security
3) Compliance
Take all of the above and transform the code into something, that is a production worthy image.
Once we have packaged our application, then how do we do provisioning
1) Day 1 - nothing running, where we go from nothing to something
2) Day 2 - how do we continue to Evolve ?
Day2 challenge is much mor eimportant and challenging because we are in production.
Our Next challenge is Deployment
How do we take an application that we manage and Deploy on the infrastructure we just provisioned
The Goal here is two fold
Once we do our deployment, now we have to monitor it to make sure it stays up and running
Monitoring is its own universe:
It is everything from , logging, telemetry, tracing, health checking and alerting
Once our application is in production, will we be notified if it goes down
1) Logs
2) Telemetry
3) Tracing
4) Health Check
5) Alert *
6)
Any production system is a big black bog
Do we have enough observability ?
The ability to have enough probes and hooks into the system to understand whats gone wrong once we get alerted.
What do we do to get the alert remediated and get the system online
Security ?:
How do we harden this this ?
What we really have to do is to think about security throughout the pipeline and harden so that we do not have any weakest link.
Hashicorp has strong adoptability over Workflow
Tight UNIX philosophy
Do one thing and do it well
Vagrant - Test phase
Provide a developer environment - local VM or a dockerized environment , so that we have a dev test parity.
VAGRANT File:
Describe everything we need to build a developer environment
When i join the company - i run vagrant up and i have a developer environment
Goal of packer is to consume all the inputs and specify what our output is .
src, config ,
What we need output of all the configuration is to get out an AMI
Version it , checkou t the files
Understand incrementally , who changed what ?
Manually point to and clicking one of the golden images
A) DEVELOPMENT:
First the developer develops the App
B) TESTING:
Once the app is developed, we then move to the next stage of Testing
TDD is complete
C) STATIC Code Analysis:
The next stage is Packaging. This is where we come to the stage of using
1) Configuraiton Management
2) Security
3) Compliance
Take all of the above and transform the code into something, that is a production worthy image.
Once we have packaged our application, then how do we do provisioning
1) Day 1 - nothing running, where we go from nothing to something
2) Day 2 - how do we continue to Evolve ?
Day2 challenge is much mor eimportant and challenging because we are in production.
Our Next challenge is Deployment
How do we take an application that we manage and Deploy on the infrastructure we just provisioned
The Goal here is two fold
Once we do our deployment, now we have to monitor it to make sure it stays up and running
Monitoring is its own universe:
It is everything from , logging, telemetry, tracing, health checking and alerting
Once our application is in production, will we be notified if it goes down
1) Logs
2) Telemetry
3) Tracing
4) Health Check
5) Alert *
6)
Any production system is a big black bog
Do we have enough observability ?
The ability to have enough probes and hooks into the system to understand whats gone wrong once we get alerted.
What do we do to get the alert remediated and get the system online
Security ?:
How do we harden this this ?
What we really have to do is to think about security throughout the pipeline and harden so that we do not have any weakest link.
Hashicorp has strong adoptability over Workflow
Tight UNIX philosophy
Do one thing and do it well
Vagrant - Test phase
Provide a developer environment - local VM or a dockerized environment , so that we have a dev test parity.
VAGRANT File:
Describe everything we need to build a developer environment
When i join the company - i run vagrant up and i have a developer environment
Goal of packer is to consume all the inputs and specify what our output is .
src, config ,
What we need output of all the configuration is to get out an AMI
Version it , checkou t the files
Understand incrementally , who changed what ?
Manually point to and clicking one of the golden images
Your point about security being baked into every stage is spot on—it’s usually the weakest link in most pipelines. I also liked the UNIX philosophy reference, since HashiCorp tools really do feel modular and focused. Do you plan to dive deeper into how Vault fits into secure application delivery in one of your future posts?
ReplyDelete