From Git to CloudSUSE’s vision for agile software development and
deployment in the Software Defined Datacenter
Joachim Werner
Senior Product Manager
Peter Chadwick
Director Product Management
Wer Visionen hat,
sollte zum Arzt gehen!
If you have visions,
go to a doctor!
Helmut Schmidt
2
SUSE Vision:
To help companies become always open
enterprises that empower possibilities.
A software-defined, scalable, secure, agile and highly reliable IT infrastructure.
4
Ops:
Provide IT services to the line of business
Dev:
Develop and maintain the software
to run those services
5
Bimodal IT –
Challenges &
Opportunities
Mode 2Mode 1
Agile, DevOpsWaterfall, ITIL
New & Uncertain ProjectsConventional Projects
Short Cycle (days, weeks)Long-cycle Times (months)
AgilityReliability
The two brains of IT
What is DevOps?
DevOps is a business practice in which software developers (Dev) and IT operations professionals (Ops) collaborate to produce high-quality software fast, frequently, and reliably.
9
OPS
QADEV
DEV
OPS
Why DevOps?
Companies that practice DevOps report significant benefits:
• Reduce Time to Market
• Win, Serve, and Retain More Customers
• Improve Quality and Reliability
DevOps Trends (cont.)
13
DevOps Challenges
• Integrating others
• 3rd Party software vendors
• In-house departments that aren’t “on DevOps” yet (and maybe never will)
• Legacy Software
• Who wants to run a separate infrastructure for the legacy stuff?
• Keeping things portable
• Public Clouds
• Making sure you can scale (up and down)
14
45% of organizations claim to have some form of bimodal capability today.
By 2017, 75% of IT organizations will have a bimodal capability.
Traditional IT
Mode 1
Agile IT
Mode 2
Two Worlds of IT Need a Bridge
*Predicts 2015: Bimodal IT Is a Critical Capability for CIOs: Gartner
Bimodal?
“Transform your approach to infrastructure to enable the business to
capitalize on new innovations and data.”
Cost Complexity Compliance
The Three “Cs” of the IT Transformation Challenge
20
Our Vision of IT 2020
• It’s software-defined
• It’s scaleable
• It’s secure
• It’s agile
• It’s highly reliable
21
Software Defined Infrastructure
• Enabling Infrastructure as code
• All hardware components need to be• Remote manageable (via an API)
• predictive
23
Goals torwards Infrastructure as Code
Allow the “heavy lifting” to be written by the experts
Expose the actual ”variables” in an easy to use syntax (e.g. YAML)
• Cost (reduction)
• Speed (faster execution)
• Risk (remove errors and security violations)
24
On Site Self-Service Container Infrastructure
25Physical
Switch
On Site Self-Service Container Infrastructure
26Physical
Switch
or
On Site Self-Service Container Infrastructure
27Physical
Switch
or
Install Image
On Site Self-Service Container Infrastructure
28Physical
Switch
Infrastructure
Control
On Site Self-Service Container Infrastructure
29
Infrastructure
ControlPhysical
Switch
MicroOS
• Container optimized
• Updates are• transactional
• atomic
• automated
30
On Site Self-Service Container Infrastructure
31
Infrastructure
ControlPhysical
Switch
On Site Self-Service Container Infrastructure
32
Infrastructure
ControlPhysical
Switch
On Site Self-Service Container Infrastructure
33
Infrastructure
ControlPhysical
Switch
Monitor &
Audit
On Site Self-Service Container Infrastructure
34
Infrastructure
Control
Monitor &
Audit
Control
Physical
Switch
On Site Self-Service Container Infrastructure
35
Infrastructure
Control
Monitor &
Audit
Control Compute Compute Compute
Physical
Switch
On Site Self-Service Container Infrastructure
36
Infrastructure
Control
Monitor &
Audit
Control Compute Compute Compute Network
Physical
Switch
On Site Self-Service Container Infrastructure
37
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
ControlPhysical
Switch
On Site Self-Service Container Infrastructure
38
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Physical
Switch
SUSE Manager
On Site Self-Service Container Infrastructure
39
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Physical
Switch
SUSE Manager
Powered by Salt
OneView API
On Site Self-Service Container Infrastructure
40Physical
Switch
Powered by Salt
On Site Self-Service Container Infrastructure
41
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
ControlPhysical
Switch
On Site Self-Service Container Infrastructure
42
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Physical
Switch
On Site Self-Service Container Infrastructure
43
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
44
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
45
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
Ku
bern
ete
s
Clu
ste
r
An open source platform for automating
deployment, scaling, and operations of
application containers across clusters of
hosts, providing container-centric
infrastructure.
46
What is Kubernetes?
With Kubernetes, customers are able to quickly
and efficiently respond to customer demand:
• Deploy your applications quickly and
predictably.
• Scale your applications on the fly.
• Seamlessly roll out new features.
• Optimize use of your hardware by using
only the resources you need.
47
What is Kubernetes?
On Site Self-Service Container Infrastructure
48
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
49
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
50
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
51
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
52
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
53
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
54
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
On Site Self-Service Container Infrastructure
55
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
Ku
bern
ete
s
Clu
ste
r
Containers as a Service Platform (CASP)
56
Node NodeNode NodeNode
Infrastructure
Control
Ku
bern
ets
Clu
ste
r
Physical
Switch
Containers as a Service Platform (CASP)
57
Allow customers to provision, manage,
and scale container-based applications.
A container application development
and hosting platform that automates the tedious
management tasks allowing customers to focus
on development and writing apps to meet
business goals.
Containers as a Service Platform (CASP)
58
• Enable DevOps and microservices applications
• Enterprise-grade security and scalability
• Running everywhere
• Accelerate business innovation
On Site Self-Service Container Infrastructure
59
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
Ku
bern
ete
s
Clu
ste
r
On Site Self-Service Container Infrastructure
60
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
Ku
bern
ete
s
Clu
ste
r
Full Platform as a Service (Cloud Foundry) and Physical Server deployments are just special cases!
61
Scalable
62
CASP
63
Node NodeNode NodeNode
Infrastructure
ControlPhysical
Switch
CASP
64
Node NodeNode NodeNode
Infrastructure
ControlPhysical
Switch
CASP
65
Node NodeNode NodeNode
Infrastructure
Control
Node
Physical
Switch
CASP
66
Node NodeNode NodeNode
Infrastructure
Control
Node
Physical
Switch
Public Cloud
CASP
67
Node NodeNode NodeNode
Infrastructure
Control
Node
Physical
Switch
Public Cloud
CASP
68
Node NodeNode NodeNode
Infrastructure
Control
Node
Physical
Switch
Public Cloud
CASP
69
Node NodeNode NodeNode
Infrastructure
Control
Node
Physical
Switch
Public Cloud
CASP
70
Node NodeNode Node
Infrastructure
Control
Node
Physical
Switch
Public Cloud
Secure
71
Building your defenses
First line of defense:
• Full control over incoming code
Internal code is always built in a verified build environment with tests and checks
External code is only adopted after inspection and built from known sources in a verified
build environment
Pre-built, verified & signed packages and containers from SUSE and SUSE partners
Second line of defense:
• Scanning of all layers of the infrastructure
Verify at all times that only trusted and fully updated stacks are running in your
environment, across physical, virtual, cloud and container/PaaS
Online drift detection
72
Compliance
• How do I ensure that all software that goes into production is
compliant?
• Who owns compliance?
• Who owns security?
73
Yesterday in the coffee kitchen …
Developer:
I’m using the latest code from GitHub. I need the features, and I know
that upstream is only fixing the latest versions if I report bugs to them.
I’m using Docker images from Docker Hub. It saves me a lot of time, and
it’s so easy to use from the Docker toolchain.
Compliance Officer:
We can’t just run code downloaded from untrusted sources from the
Internet.
And look at the images on the Docker Hub. Who is making sure they are
patched and secure?
74
Continuous Integration Today
75
Code
Repository
Code
Repository
Code
Repository
Code
Repository
Docker
Hub
Application Container
Continuous Integration how it should be …
76
Code
Repository
Code
Repository
SUSE
Customer
Center
Code
Repository
Application Container
Open
Build
Service
Package
Hub
Container
Hub
Code
Repository
77
Code
Repository
Code
Repository
SUSE
Customer
Center
Code
Repository
Application Container
Open
Build
Service
Package
Hub
Container
Hub
Code
RepositoryISV
78
Code
Repository
Code
Repository
SUSE
Customer
Center
Code
Repository
Application Container
Open
Build
Service
Package
Hub
Container
Hub
Code
RepositoryISV
SUSE Manager
SUSE Manager
79
Code
Repository
Code
Repository
SUSE
Customer
Center
Code
Repository
Application
Open
Build
Service
Package
Hub
Container
Hub
Code
RepositoryISV
SUSE Manager
80
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
Control
Op
en
Sta
ck
Cep
h
Physical
Switch
Compliant CI with SUSE
Our goals
• Provide you with the compliance you need
• Don’t slow down processes because of compliance
82
Agile
83
Reliable
84
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
ControlPhysical
Switch
Highly Available and Redundant
85
Monitor &
AuditCompute ComputeControl StorageNetworkCompute
Infrastructure
ControlPhysical
Switch
Summary
Thinking DevOps? Think SUSE.
• Every company today is a software company.
• DevOps speeds time to market and helps companies compete.
• SUSE has a proven record of helping companies move to DevOps,
with open source technologies, processes, and tools.
• SUSE provides a full reference framework of solutions and tools to
work with all stages of the DevOps process — and we share our own
DevOps experience.
• SUSE can create and integrate the infrastructure management,
orchestration, and automation capabilities companies need to be more
agile.
88
SUSE Solutions for DevOps: Flexible Infrastructure
89
With SUSE, you can build a flexible and reliable infrastructure
to:
• Quickly deliver IT resources to developers for prototyping
and experimentation with new technologies
• Faster time to market with infrastructure management
solutions that provide on-demand access to resources and
standardization of services.
• Intelligently sense and respond to infrastructure
demands with monitoring and automation tools. Adapt your
infrastructure in real time.
Top Related