DevOps & DevSecOps

Capability Deck
AGENDA
1
About Aspire

2
DevOps Practice

3
Value ADDS

4
Experiences

5
Q & A Session

2
 ABOUT ASPIRE
Global technology services firm with 23+ years of
experience and core DNA of Software Engineering
Specific areas of expertise around Software
Engineering, Digital Services, Testing and
3500+ employees; 150+ active Infrastructure & Application Support
customers
International headquarters in Singapore with
Vertical focus among Independent Software delivery capabilities across US, UK, Poland,
Vendors, Retail, Banking & Financial Services Netherland, Middle East , India & China
and Insurance

Recognized 12 consecutive times as

“Best Place to Work for” by GPW
Institute
CMMI Maturity Level 3, ISO 9001:2015
and ISO 27001 : 2013 certified

A Great Place to Work - 12

Technology Awards Quality Maturity Level
Glorious Wins in a Row

3
ASPIRE’S GLOBAL PRESENCE

UK Poland
US The Netherlands

Mexico Middle East

India

Singapore

4
 CLOUD DEVOPS MODERNIZATION FACTSHEET OF 2022

Average of 1.5 Opex Cost

25+ Applications 15+ Applications 100+ months for a reduction from 1 3 days of release
Lifted and Shifted Re-Architected Microservices Microservice million $ to 150k time for a
from On-Premise for Cloud Release Concept to at an organization MicroService on
Release level an Average

13M+ cost Concurrency of

8 + Cloud 100+ Executed
Migrated 7+ Migrated 60+ saving 6M request
Native and completed 75+ Active
Applications to TB of Data to achieved for per minute
Application projects in the customers
DBaaS Cloud period of 5 supported
Development past year
years

SonarQube
10+ End to End 4X Time to reach IaC implementations Average time per Reduced Release
Security metrics-
DevOps the market faster using Terraform reduced pull request came Deployment stability Duration from 2
Unit test coverage
implementations with automation of Infra provisioning from down to Less than 1 is Increased from Months to
percentage
from Scratch test cases 7 Days to less than 30 Day from 5 Days 50% to 95% 3 Days
increased from 70%
minutes
to 90 percentage 5
DEVOPS PRACTICE
PROMINENT CLIENTS
Active consultants and
80 engineers trained in
DevOps Tools and
practices

>
Executed and
150 completed projects in
the past year

80 Current & Active PARTNERSHIPS

Customers

6
 DEVOPS - WHY US?
Why do organizations approach us?
 Long testing cycles
 Too many delivered bugs
 Too many failed releases.
 Difficulty managing release notes and stories
 Difficulty migrating to cloud
 Insufficient cloud strategy
 To improve logging and auditing
 To implement a workflow for releases
 To migrate to cloud services
 To migrate between clouds
 To build a cloud-agnostic deployment
 To migrate to a Microservices architecture
How do we help?
 Experience deploying applications with over
500 self managed containers.
 Experience with most of the popular tools
and frameworks
 Over 50 Seasoned Engineers who can help
with automation of deployments and
infrastructure management.
 Experience in deploying and managing
micro-services based applications.
 Have helped numerous products and
services in increasing the speed of testing
cycles, reducing bug count with automated
regression testing and improved delivery
speed.
 Have done tight integrations with project
management tools such as Atlassian toolset. 7
CAPABILITIES (SPECIALITIES)

Cloud & Infra Micro-Services

Automation Deployment

Cloud Migration
CI / CD Pipelines
and consulting

CAPABILITIES

Productizing CI / Database & Queue

CD pipelines Deployments

Hybrid Custom DevOps

Deployments Solutions & Portals
8
CLOUD DEVOPS TOOLS AND TECHNOLOGY CAPABILITY


ORCHESTRATION & CI/CD TOOLS MULTI-CLOUD DEPLOYMENT & IAC

TOOLS AND TECHNOLOGY

STATIC CODE ANALYSIS TOOL


CAPABILITY
CONFIGURATION MANAGEMENT 


Containerization


 LOG AND SEARCH FRAMEWORKS

BUILD TOOLS


 SECURITY ANALYSIS TOOL

9
 PHILOSOPHY & APPROACH
EA, security Developers
Ops
Precommit Static code Peer code
checks Build IaC Unit test analysis review
Developers

Merge to
QA trunk
VCS

Business
Integrated
build
Backlog

RM
Design
ideas Artifact
laC repository
Application and
operational Release Release Manual API-based test Release
Customer
analytics automation decision QA automation automation

Service and network Test data

EA virtualization management TDM EA
Deployed applications Business QA Developers Ops 10
ACCELERATOR -
DEVOPS PORTAL
DEVOPS PORTAL
Cloud

Devops Portal

Devops
Microservice
Build/ Release
Predefined
Build
Release Build/ Release
Pipelines, Server Adapters
Predefined
Docker
CD

Predefined
Cloud
lac
VSTS/Jenkins Deployment
Templates
Microservice Engines
Cluster
Deployment 12
ACCELERATOR:DEVOPS PORTAL

13
VALUE ADDS
VALUE ADDS

PROPEL TECHCELLO

Centrally managed Multi-tenancy framework

MULTI-CLOUD that gives tenancy, billing,
Deployment Portal log mgmt and many more. 15
VALUE ADDS - PROPEL EXPLAINED
Cloud
FEATURES
MULTI-CLOUD DEPLOYMENTS
Enabled by a variety of cloud Cost
deployment engines, Propel enables Devops Portal Explorer

deployments on all popular cloud

platforms Devops
Microservice
Build/ Release

Predefined Build
Release Build/ Release
TEMPLATE DRIVE Pipelines, Server Adapters
Predefined
Backed by IaC templates, a generic Docker
CD
template can be created as an
abstraction to individual IaC templates
Predefined lac
Cloud Deployment Templates
VSTS/Jenkins
Engines
Microservice
Cluster
Deployment
IMMERSIVE PORTAL
A dashboard of information that covers
o Introduces the idea of cloud agnostic
the entire gamut of development
operations deployments
Benefits o Easy to utilize and leverage
o API based services that allow Integrations
16
 VALUE ADDS - TECHCELLO EXPLAINED
FEATURES
Multi-Tenancy & SaaS - Out of the box
TechCello is an SaaS enabler framework that
can help introduce multi-tenancy without the
hassle of building something new.

Billing, Identity Management & many more

TechCello provides Identity management,
billing, metadata service, auditing, logging,
licensing and many more features that can help
anyone build a SaaS application quickly

UI & Dashboard with Admin controls

TechCello comes with an Admin console
and a portal to allow management and
querying the data.
o Pluggable Multi-tenancy
Benefits o All associated features required for self
subscription
17
OUR ENGAGEMENT MODEL
Resource Requirement Managed Platform
Parameters
Oriented Oriented Services

Resources deployed based on the Package of tasks based on the

Working model Managing DevOps platform
Client’s requirements Client’s requirements

SLA focused approach to achieve

Duration Time and Material approach Annual Contract
business goals

Global Delivery model Onsite, Offshore and Near shore Onsite, Offshore and Near shore Onsite, Offshore and Near shore

Fixed monthly fee based on

T&M or Fixed Cost based on Annual cost along with Service
Cost number & skills of resources
mutually agreed SOW level agreement
deployed

Solution Architect and DevOps Solution Architect and DevOps Solution Architect and DevOps
Team composition
Engineers Engineers Engineers

Availability Time zone specific Flexible work timings 24x7 or time zone specific
18
CASE STUDIES
 CLOUD NATIVE APPLICATION ARCHITECTURE ON AZURE
MicroServices Azure Approved Tier 1
Singapore Implementation Cloud Security Vendor

Aspiration Solution & Execution Benefits

• Client has a massive monolithic • Utilized Aspire Accelerator For

application for Tax Planning and
Compliance. The existing technology
is outdated.
• Release cycle takes more than 3
months
• Maintenance is a huge issue
• Scalability is an issue. Peak loads are
not able to be met. Load in expected to
further increase 5x
Microservices And SaaS Platform • Cost optimized
• More than 19 Microservices Migrated in a
short span significantly due to elasticity
• Fully Automated Testing • Independent Release of MicroServices
• Centralized Microservices
Platform To Be Used For Future • 2 Cloud/DevOps for All MicroServices
Application
• Pragmatic Migration
• Complete Infrastructure Automation using
Terraform scripts.
• End-to-end CI/CD Implemented
• Service Mesh – Istio and envoy
• Monitoring – Datadog, Azure monitor,
Prometheus, Grafana,
Elasticsearch+Logstash+Kibana,

Scalability of migrated Concept to MVP of

Lesser than 1 day for a release
Key Success MicroServices tested MicroService in lesser20
of MicroService
with 5x load than 1.5 months
MONOLITHIC TO MICROSERVICES MIGRATION ON AZURE
AKS Azure CDN

Azure SQL API

Databases Management

Application
Event Grid
Gateway

Storage Queues
Important Azure Azure AD
Services
Azure Container
App Insights
Registry

ARM Templates Azure Key Vault

Azure Sentinel Azure DevOps

21
YOKOGAWA – LEADER IN ELECTRICAL ENGINEERING & SOFTWARE ENGINEERING

• Customer: A Leader in Industrial Automation and Test and

Measurement solutions
• Business Model: Measurement, Control, and information technology
• Revenue : USD 3.7 Billion and above

Business Challenges
• Our client releases their product consumes a lot of time for the customer to deploy it to various Cloud Environments
• Enabling Infrastructure Provisioning & governance and Centralized Application deployment and Monitoring.
• Implementing of Micro Services & deploy in Multi Cloud in different AZ’s In minimal time.
• Regression testing had huge number of test cases to be executed from the real time for each product and hence they faced the challenges
• Long testing hours
• Build and deployment taking longer time
• End-to-end regression had manual dependencies
• Time, effort and cost were high due to these factors.
• Environmental configuration changes leading to human errors.
• Migration of scripts is taking too long.
22
SOLUTION PROVIDED

Automated continuous
Integration, continuous
ArgoCD /Azure DevOps Rancher is used for Fully
deployment & continuous
/Spinnaker is used for Multi managed Kubernetes Clusters
testing where product suites
Cloud Continuous deployment on On-Premises.
were tested with strong
Deployments.
promotion strategy.

Maintained single source of Implemented Blue/Green

Supports for Multi Cloud and
source code in all the deployment with roll back
Hybrid Deployments.
Environments option

23
TOOLS AND TECHNOLOGY
Technology

Container & Orchestration: Docker, Kubernetes, AKS, Cisco vSphere, EKS, Helm, Istio

Continuous Integration: Jenkins

Continuous Deployment: Spinnaker

SCM: GitHub

Platform: Azure, On-Premises

Configuration Management Tools: Ansible, Terraform, Confd, HashiCorp Vault

Languages/Scripting: .Net, Angular

RDBMS/NO SQL: PostgreSQL, Cassandra, InfluxDB, MangoDB

Storage: Azure Cloud Storage, NFS

Service Mesh: Istio

Monitoring Tools: Prometheus, Grafana, Elasticsearch+Logstash+Kibana, DataDog, Fluend

24
BENEFITS

Full fledged micro-services

architecture

40% Cost Saving using

Containers that enable auto
scaling and self healing Easy upgrades

25
 AZURE DEVOPS AND CLOUD SECURITY IMPLEMENTATION
India &
UAE
Aspiration
• The part of the digital banking
initiative the Bank was looking to
build new Digital Banking Application.
• Aspire was designated to setup the
Azure infrastructure with the security
compliances recommended by the
bank
• Build the CI/CD pipeline for the digital
banking application within a short
timeline of 3 months.
Built Azure infrastructure
Key Success with the Security compliances
Azure DevOps Azure
Implementation Cloud Security
Solution & Execution
• Built Azure Security complaint to the
following Azure Security Benchmark
ISO 27001,PCI DSS 3.2.1,SOC TSP
• IaaC implemented using Terraform
• Azure AD SSO, MCAS security
solution implemented for 3rd party
applications
• Built complete DevOps pipeline
SonarQube, Checkmarx and Intune for
device security
• O365 security compliances
implemented working along bank
GISO
• Implemented Next-Gen Palo-alto
End to End Azure DevOps
Implementation
Approved Tier 1
Vendor
Benefits
• Automation IaaC using Terraform scripts.
• Able to spin-up any new environment
within 30 minutes
• Complaint to the Azure Security Center
standards
• Achieved 99% in Azure security center
score
• Achieved 40% cost saving by implanting
end to end automated deployment.
Automated Seamless26
Infrastructure Provisioning
Q&A

27
THANK YOU!
 EXPERIENCES
Case 4 - DevOps as a service Deployment Architecture
A US based insurance product company required self provisioning
capabilities for their own product to enable internal teams to self
provision instances of their product on AWS. Aspire helped them
design build a self provisioning portal using required AWS tools.

Features
Multi-Tenant portal
Aspire built a microservices based multi-tenant portal using Spring
Boot, Netflix OSS and Angular. The automation of deployment was
done using a variety of AWS based DevOps tools

Automatic deployment using AWS tools

The Java based product was built and deployed into various
environments using AWS Cloud Formation, Code Build, Code Pipeline
and a few other tools.

Pluggable framework for testing tools

The automation framework enabled post-scripts to be executed to
allow running any test tools post deployment. This helped o The self provisioning tool freed up the DevOps
development teams to integrate and sequence the deployment with
team
test tools.
Benefits o Improved efficiency for development teams 29
o Pluggable architecture for enabling Dev Teams to
 EXPERIENCES
Case 2 - CI / CD On Azure Deployment Architecture
Aspire worked with an Industry leading consulting firm and
enabled it to build its products and services on Azure. With its
clientele, there was no margin for error and no quarters for
manual triages. So we built a complete platform with the
following features

Features

Approval based deployment workflow

A clear CI & CD use case with multiple stages of deployment to
filter out bugs and issues. Each stage had an approval mechanism
to enable a ledger of approvals.

Cloud Services for all Data

All data storage was cloud managed with geo replication and
regular backups.

Automated deployments
o Full fledged multi-tenant application ecosystem
All Deployments and upgrades were automated and the entire o Reduced Production Defects 30
flow was done without manual intervention. Benefits o Improved Efficiency
o Improved Traceability
 EXPERIENCES
Case 1 – Migration to AWS on Containers Deployment architecture
Aspire worked with a world’s leading education publishing and assessment
service provider that recently sold-off its US courseware division to a private
equity firm. This strategical move, required that some of their applications
had to be moved to AWS cloud in a containerized . Aspire systems came up
with a program called “Trio Migration” involving administrative migration,
data center migration and Database migration.

Features
Container based micro-services architecture
The applications that were migrated were refactored and rebuilt as
docker containers that were then pushed to ECR. The containers are part
of a larger micro-services architecture that provides for resilience of the Log Aggregation
application.
Centralized Log Management
Application logs are streamed from containers to Cloudwatch using
Fluentd. Once logs reach Cloudwatch, lambda functions are used to
stream the logs from Cloudwatch to Elastic search. Here we use AWS
native service (combination of Elastic search & Kibana)

Kubernetes managed deployments

All container deployments and clusters are managed by Kubernetes o Full fledged micro-services architecture
o Containers that enable autoscaling and self healing
(Amazon EKS) where machines are monitored, auto-scaled and auto-
healed. Benefitso Easy upgrades 31
o Centralized Logging