section1

DEVOPS IN ADVANCE
Practical DevOps in enterprise

Scenarios before digital transformation
DevOps mindset adoption
Agenda
DevOps Strategy and Roadmap
How-to DevSecOps organization and implementation
Conclusion
Workshop of DevSecOps culture

Scenarios before digital transformation: Practical DevOps in enterprise
Circumstance:
• Technological base for business capability
• Infrastructure
• Software development life-cycle
• ITIL services
Technological base for business capability :
• Web-based internet banking
• Mobile applications
• Core banking T24, integrated with NAPAS, VISA, etc.
Issues:
• All monolithic – hard to scale or upgrade …
• No e-documentation support
• No API at-scale support
• No big data nor AI/ML
• Limit and poor security implementation
Infrastructure:
• Almost are traditional virtualized technology that hosted by a local
vendor
Issues:
• Many limits on scalability

• No on-demand
• No pay-as-you-go, huge front-up payment
• Almost manually on provisioning, configuration and
maintenance
Software development life-cycle:
• Fundamental with agile/scrum
• Development and operation teams work separately
• Rare and unscheduled but huge changes
• Deployment, monitor almost done manually
• Manual test only
• Etc.
Issues:
• Slow and limited test development process
• Unreliable and no roll-backable deployment
• Monitoring with eyes and phone calls
• Almost major issues are appeared in production
• Etc.
ITIL services:
• Full manual operation
• Processes are based on email
• Etc.
Issues:
• Very slow processes
• Tracked and trusted by human
• Etc.
DevOps mindset adoption: Practical DevOps in enterprise
Content:
• Main principal
• Big pictures and impacts
Main principal:
• Leaning in over always saying “NO”
• Data & Security Science over fear, uncertainty and doubt
• Open Contribution & Collaboration over security-only requirements
• Consumable Security Services with APIs over mandated security controls & paperwork
• Business Driven Security Scores over rubber stamp security
• Red & Blue Team Exploit Testing over relying on scans & theoretical vulnerabilities
• 24x7 Proactive Security Monitoring over reacting after being informed of an incident
• Shared Threat Intelligence over keeping info to ourselves
• Compliance Operations over clipboards & checklists
Big pictures and impacts:

Strategy:
• Cloud first – Multiple cloud

• DevSecOps Adoption
• Landing Zones
• Mass migration
• Enterprise service model
• Trust based on data
Cloud first – Multiple cloud:
• All environments, systems will be based on cloud with no exception

• Go with 1 major provider first – AWS
• Expand to have active/passive or active/active with the second later - Azure
DevSecOps Adoption:
• All environments, systems, projects will go with DevSecOps
• Build a pure native cloud DevSecOps toolchains that can be
provision and serve through on-premise, AWS, Azure
• Shift-left testing strategy with automation and performance
• Secured everywhere, everything, every time
Landing Zones:
• Standardized identity and access management
• Standardized services and resources
• Standardized provision, maintenance and management
Mass migration – 6R strategy:

• Rehosting ( “lift-and-shift”)
• Re-platforming (“lift-tinker-and-shift”)
• Repurchasing (migrate to a different product/license, often SaaS)
• Refactoring (re-architect or re-imagine leveraging cloud-native capabilities)
• Retire (get rid of)
• Retain (do nothing, usually “revisit later”)
Enterprise service model:
• Integration services: Queue, Stream, Pub/Sub, API, etc.

• Infrastructure services: Network, Security, Landing zones, etc.
• DevSecOps services: CI/CD, monitoring, integrated testing etc.
Trust based on data:

• All data is collected and processed (Data lake + Data warehouse)
• All employees join to collect and process data based on data management framework
• All report, analyze, decision should be based on data
Roadmap – Maturity model:

How-to DevSecOps organization and

implementation:
Organization:
• Division: Digital Transformation Office & IT

• Projects: IT strategy & Business & BAU
• IT enterprise services
• Multifunction squads & specialties ( Architecture, security, etc.)

implementation:
Implementation:
• TCB Software development life-cycle
• TCB DevSecOps Toolchains (Hybrid)
• TCB Landing Zones
• TCB Mass migration

implementation:
TCB Software development life-cycle:
Organization:

implementation:
Agile/Scrum:
implementation:

Gitflow:
implementation:
TCB DevSecOps Toolchains (Hybrid):
• Git service: GitLab
• Artifact repository: Nexus
• Job runner: Jenkins
• Configuration as code: Puppet + Ansible
• Infrastructure as code: Terraform
• Metrics: Prometheus + Grafana
• Logging: EFK
• Container runtime platform: OpenShift
• Automation test: Selenium
• Performance test: Jmeter
• Etc.
Conclusion :
Pros:
• Huge investment
• Built up experienced and skilled teams
Conclusion :
Cons:
• Conflict between new and old way of working
• No deep culture
• Bad on planning and collaboration at mass scale
References :
 understanding landing zones

 considering a mass migration to the cloud
Q&A
Workshop
Workshop
Start with main questions:

• Why DevOps ?
• What is your DevOps culture current state ?
• Where do you want to go with DevOps culture journey ?
• How we can archive it ?
Workshop
Project lists:
• MyTV
• MyVNPT - VAS
• DigiLife - VAS
• VNPTMoney -
• IPCC
• TNVN - VAS
Workshop
DevOps objectives:
Collaboration: Velocity: Reliability:
• Planning and tracking • Lead time management • Functionality
• Change management • Etc. • Security
• Notification/Alert • Performance
• Etc. • Etc.
Workshop
DevOps in practical:
Collaboration: Velocity: Reliability:

• Agile/scrum • Automation (CICD) • Automation test
• Branching strategy • Containerized • Performance test
• Local store/caching • Security integration
• Infrastructure as code • Etc.
• Etc.
Workshop
DevOps Enterprise best practices :

• Microservices
• Enterprise services
• TechOps model
• Maturity roadmaps
• Etc.
Workshop
• Unified processes (Git-flow, JIRA, Confluence)

• Unified technical stack and architecture
• Unified of DevOps toolchain (CICD, Monitoring)
Workshop
• Unified processes (Git-flow, JIRA, Confluence)

• Unified technical stack and architecture
• Unified of DevOps toolchain (CICD, Monitoring)

section1

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

section1

Uploaded by

Copyright:

Available Formats

DEVOPS IN ADVANCE

Practical DevOps in enterprise

Scenarios before digital transformation

DevOps mindset adoption

How-to DevSecOps organization and implementation

Workshop of DevSecOps culture

• Many limits on scalability

Big pictures and impacts:

• Cloud first – Multiple cloud

Cloud first – Multiple cloud:

• All environments, systems will be based on cloud with no exception

Mass migration – 6R strategy:

Enterprise service model:

• Integration services: Queue, Stream, Pub/Sub, API, etc.

Trust based on data:

Roadmap – Maturity model:

How-to DevSecOps organization and

• Division: Digital Transformation Office & IT

How-to DevSecOps organization and

How-to DevSecOps organization and

How-to DevSecOps organization and

TCB Software development life-cycle:

 understanding landing zones

Start with main questions:

Collaboration: Velocity: Reliability:

DevOps Enterprise best practices :

DevOps Enterprise best practices :

• Unified processes (Git-flow, JIRA, Confluence)

DevOps Enterprise best practices :

• Unified processes (Git-flow, JIRA, Confluence)

You might also like