Prepared by :Anish Cheriyan, Director, Huawei
Prepared By Anish Cheriyan, Director, Huawei Technologies
Topics
• DevOps & SecOps• Practices in Detail• Summary
Background
• Application & Embedded Development.• Network Management System• Protocol Stack
Traditional Quality Assurance
Gated Approach for Quality Assurance
Requirement
Design
Coding
Unit Test
Functional Testing includes
ities
Independent V&V
Launch
DevOps
DevOps is a set of practices intended to reduce the time between committing a change to a system and the change being placed into normal production, while ensuring high quality
Security
Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b01a73dba51f6970d-pi
‘To err is human, to really screw up you need root password’
SecOps
SecOps built into the Deployment Pipeline. Dev & Ops Collaborate and ensure desired level of Security
Picture Courtesy: http://threatgeek.typepad.com/.a/6a0147e41f3c0a970b01a73dba51f6970d-pi
Case Study• Consider and CRM System which uses a Modeling tool to
automate the business processes.• The system which has two key parts-Workflow Engine and
Workflow Modeling tool (UI) team . Workflow Engine works based on the rule engine. Modeling Tool uses the Engine. Total team size is around 60.
• What are factors you will consider to designing your Continuous Delivery Architecture.
Short Feedback Loops
DevOps
Delivery
Deployment
Picture Coutesy: https://www.flickr.com/photos/
•Requirement documentation at right granularity
•OPS Perspective- deployability, modifiability, monitoribility
Requirements
Picture Coutesy: https://www.flickr.com/photos/libramano/9372711893/
. Architecture Readiness for CD- deployability, modifiability, monitoribility , testability
. Continuous Delivery Architecture
. Build Pipeline
Architecture
Picture Coutesy: https://www.flickr.com/
Infrastructure Readiness
•Environment Provisioning based on customer requirement analysis (OPS)
•Right Tool Usage (VM, Container like Docker etc) for the respective requirement
Picture Coutesy: https://www.flickr.com/
Build Pipeline
http://blog.xebialabs.com/2016/02/09/how-ing-increased-software-deployments-to-twice-a-day/continuous-deployment-pipeline/
Syst
em A
rchi
tect
ure
L1CI
Arh
itect
ure
L2De
ploy
men
t Pi
pelin
eL3
C1
C2
C3
M1
C1 Continuous Integration System
C2 Continuous Integration System
C3 Continuous Integration System
C1 Deployment Pipeline
C2 Deployment PipelineC3 Deployment Pipeline
Hierarchical Approach for CD and DevOps
Quality Assurance in the PipelineInspection /Static
QA
Test QA
Security Assuranc
eConfiguration QA
'ities' Assuranc
e
Inspection/Static QA
Simian Rules for managing the rules
Test QA
Read at : http://www.thinkinginagile.com/2015/07/agile-testing-practices-mapped-to.html
Security Assurance
Static/Dynamic Analysis
Scanning
Security Test
(Threat Model)
Attack
Configuration QA• Single Source Repository
for all items• Build Script Quality
(abstraction, modularization, coding guidelines) (Automatic or manual way)
Analysis of the Build Pipeline
BuildPrivate Build
Version Build
Function Build
ities Build
Deployment Build
Build 01 Pass Pass Fail Fail FailBuild 02 Pass Pass Pass Fail FailBuild 03 Pass Pass Fail Fail FailBuild 04 Pass Pass Pass Fail FailBuild 05 Pass Pass Fail Fail FailBuild 06 Pass Pass Fail Fail FailBuild 07 Pass Pass Fail Fail Fail
Test your Deployment pipeline
Repeatability
Performance
Reliability
Recoverabili
ty
Interoperabil
ity
Testability
Modifiability
Cross Cutting Collaboration
Summary
• Continuous attention to technical excellenceand good design enhances agility
• Lets Build Quality & Security into the deployment pipeline