We live in this technical landscape (Technical Map)
Access Management (IAM): Keycloak, Java
- Pipelines: Yaml Pipelines, Powershell
- Scrum Board
- Artefact feeds (nuget, npm)
- Git, Mono Repository
- Wiki
- Office, Outlook, Teams
We implement exciting concepts
DevOps Concepts:CICD
- release flow - automatic SemVer tags based on git branch
- continuous integration (CI): automatically build each module (written in azure-pipelines yaml, powershell, bash)
- continuous deployment (CD): automatically deploy each module into production (written in azure-pipelines yaml, powershell, bash, internal tools written in C# and JavaScript)
Infrastructure as Code (IaC)
provision Azure resources using ARM templates (VMs, Storage Accounts, DBs, virtual networks, Key Vault, DNS Zone)
Policy as Code (PaC)
bring policies into code and collaborate together as a team, e.g. Workflows, Roles and Permissions to access Azure and other platforms
GitOps Operato
- Watch new docker tags and trigger deployments (based on predefined rules)
- Run deployment - generate kubernetes manifests from kustomize templates, apply changes to the cluster
internal tools to bridge the full deployment automation gap
- Deployment-status-controller - reports on the latest versions, so that the deployment pipeline can check if all the deployment changes have taken place
- Sql-configurator - sets up an initial database and creates users and schemas so that the applications can pick up from there (otherwise the initial setup would have to be done by a sysadmin)
- Iam-configurator - create/update users and permissions (the configuration is stored in code)
the visual abstraction layer on top of infrastructure automation APIs for convenient use UIs, leverage git ops and generate audittrails, make automation APIs more accessible (democratize)
- Chats - talk to a chatbot that can access lower level automation APIs
- Dashboards - see your infrastructure all in one place and make configuration changes conveniently over an UI
- Wizards - user workflows via UI for complex human-machine processes, e.g. create new release (1. create release branch, 2. build all modules, 3. create release notes)
SecOps (Security Operations)
work with security engineers early on to avoid big surprises
AIOps (Artificial Intelligence Operations)
@future: use machine learning and big data to enhance IT operations analytics, e.g.: performance monitoring, event correlations, anomaly, fault and failure (AFF) detection and analysis.
different execution runtimes - design a system that runs on different execution runtimes
- windows-desktop
- windows-server
- kubernetes
- acceptance tests written in Given-When-Then style (Gherkin) that serve as the communication layer for the 3 amigos (tester, developer, product owner)
- all modules in a single process and in-memory,
- separate processes with mocks&stubs,
- staging system with real external dependencies,
- in production
- build testable systems - software cell, ports and adapters
- build test infrastructure: create building blocks to fully automate the testing process
- pipeline automation: automatically create new environments, deploy platform modules, execute acceptance tests
Observability - what you can't measure you can't improve
Establish a Site Reliability Engineering (SRE) culture with SLIs, SLOs, SLAs