Название: DevSecOps in Kubernetes Автор: Wei Lien Dang, Ajmal Kohgadai Издательство: O’Reilly Media, Inc. Год: 2021-07-22 Язык: английский Формат: pdf, epub Размер: 10.1 MB
For decades, software development and delivery were slow processes. Early enterprise software was delivered to customers by hand and installed by a trained technician. Cloud providers have changed all that, leveraging economies of scale to offer capabilities that many organizations couldn’t achieve on their own and making it cheaper and easier to use virtualization technologies.
In the cloud, automation is often referred to as orchestration, because there is one piece in the middle that has to keep all the elements in tempo and on key. Using a tool like Kubernetes to orchestrate the development, deployment, and runtime phases of containerized applications can help immensely with automating and scaling application delivery, but it’s not magic. You’ll still need to bring together all of the groups involved in development, orchestration, and deployment, because all of them will have different and important insights.
Security is now everyone's job. Whether your system is cloud native or lives in the cloud with a traditional architecture, moving off premises has made security more complex than ever. To protect your assets, you should consolidate the groups involved in development, orchestration, and deployment, because they'll all have different insights.
It’s complicated, but with cultural change within your organization and a shift in viewpoint, you can bring all the right people, perspectives, and insights together into a single team. That’s where DevOps in general, and the DevSecOps model in particular, can help. Don’t worry if you’re not sure what that means just yet. I’ll introduce you to DevOps in Chapter 1, and by Chapter 3 we’ll be wading into DevSecOps. Along the way, we will be using Kubernetes as an example of a technology that works well with a DevSecOps culture.
We’ll get into some of these cloud native technologies later on, but there are two big aspects of cloud native that Kubernetes can support. The first is automation. Kubernetes natively supports the automation of all of your elements so deployment of applications is easier and more manageable. On top of the automation, Kubernetes brings abstraction. Software development has long tried to abstract away from hardware as much as possible, and more granular levels of virtualization in application development and management take us much further away from the hardware. Kubernetes supports that abstraction, allowing developers to focus on functionality without needing to worry about how all the different components go together.