Strategies for Deploying Modern Applications!
Pavan Belagatti
GenAI Evangelist (67k+)| Developer Advocate | Tech Content Creator | 30k Newsletter Subscribers | Empowering AI/ML/Data Startups
Kubernetes?has become the de-facto tool for container orchestration and has a solid community. The whole cloud-native era began with the evolution and Kubernetes and is still growing. As a result, Kubernetes is not just popular but has become a way of deploying applications to make sure they are highly available and scalable. The developer community is focused on this tool, and every day, many companies use Kubernetes to safely deploy their applications to production.?
Since it has become the talk of the cloud-native town, I thought of showing you how you can easily use Kubernetes to deploy a simple python application.
Here is the simple tutorial you can try - Deploying Modern Applications Using Kubernetes and Harness!
----------------------------------------------------------------------------------------------------------
Some days back, a friend of mine asked me about the stages of a CI/CD pipeline and I just wrote a simple article on the same.
Typical Stages of the CI/CD Pipeline
Source:
The source stage is where the organization maintains its source code in a centralized repository system. You can call it a version control system like GitHub, Bitbucket, GitLab or AWS CodeCommit. This stage and tools are essential to help developers coordinate and track who is doing what. This stage also acts as a collaboration booster as different development teams check in their code, do code reviews, and approve the code for further steps. Automation of version control can be done via IDEs like visual code.
Code Quality Analysis with Static Analysis Tools: Early on in the process, automated tools (e.g. SonarQube, VCS analysis tools) can check if the code follows a specific set of rules (e.g. if code is written in a certain language, if it’s well-documented, if it’s covered by tests). These rules are usually defined by a team or a workflow manager and help identify potential issues in the code early on. This is important because fixing them later would mean changing existing code, which may be problematic. Thus, using static code analysis tools can save you a lot of time and trouble in the future.
Test and Build:
Test and Build is the stage after developers push their code to a version control system. When a developer pushes the code to the organisation’s version control system, it triggers the continuous integration system/tool (something like Drone CI). Then the code goes through tests prescribed by the developer. Then finally, the compilation and building steps get completed.
Unit Testing with Automated Tests: Automated tests are crucial because they allow you to identify issues with the application’s functionality as soon as they occur. They are usually written as part of automated build processes and aim to check if the application is working correctly. Depending on the type of software you build and the programming language you use, you can choose from a wide array of automated testing tools.
Integration Testing and Manual QA: with Humans Integration testing ensures that components or services work well together. It is performed by a human tester responsible for testing the functionality expected to be delivered by a certain feature. Integration testing is crucial because it allows a tester to identify issues with different components of the system that were tested separately by development teams. This is when a tester executes the feature and checks if the application is working as it should. If there are issues with the functionality, it is up to the person responsible for the feature to fix them.
Deploy:
Finally, the deploy stage is where the code is ready to be deployed to a QA, pre-production or production environment per the organisation’s plan. Deploying of the software can be automated through continuous deployment. This is the stage where the organisations prefer the deployment strategies such as the canary, rolling, blue/green, etc.
Package and Deploy Automated Builds Using a CM tool: The moment the code passes all tests and a tester gives the go-ahead, this should trigger a process that automatically packages the application and deploys it to a testing environment. This is usually done by a Continuous Deployment tool that integrates with your CI server and allows you to define a certain deployment process. Depending on your needs, you can choose either a hosted solution or a self-hosted solution.
With the?Harness software delivery platform, automating your CI/CD pipelines can be very easy. Setting up CI/CD can be a daunting task for many organisations but Harness helps tackle these most complex CI/CD challenges, such as onboarding new developers, new technologies, validating/promoting your deployments, and actions in failure scenarios. All the orchestration needed in the form of tests, approvals, and validation can be easily connected in the Harness platform. Automate the build, test, and packaging of code to artifacts with Harness?Continuous Integration, and build deployment pipelines in minutes while safely deploying artifacts to production with Harness?Continuous Delivery.
领英推荐
----------------------------------------------------------------------------------------------------------
I recently published an article on TheNewStack that talks about the secrets management in our DevOps pipeline.
What Is Secrets Management?
Secrets management is a process of securely storing and protecting sensitive data. The need for secrets management arises when a company’s data is at risk of being compromised. The company may have to deal with the repercussions of a security breach that could result in the loss of confidential information, customer data and financial loss. Secrets management is a process that helps reduce the risks associated with sensitive data by identifying, classifying, labeling and storing it securely.
Secrets Management in CI/CD
In a CI/CD pipeline, secrets are used to authenticate and authorize applications, services and systems. Managing authentication credentials for the technologies used in your CI/CD pipeline is a challenging, time-consuming and frequently performed task. Therefore, security and reliability are the most critical features of CI/CD pipelines. Security is generally improved by securing secrets in protected areas, such as with private keys and tokens.
Securing secrets is a fundamental and necessary element of a great CI/CD platform. Confidential data and credentials must be safeguarded from unauthorized access. However, secrets management is often considered difficult because they are not immutable. They are complex and can rotate in and out of scope at any time.
There are many benefits to managing secrets in your CI/CD pipeline, such as standardization of credential storage, offline credential storage for failsafe use during emergencies and the ability to enforce strict access policies. This article will discuss secrets management in the context of continuous integration-delivery workflow and best practices for implementing secrets management.
Types of Secrets
Many types of secrets can be used in a CI/CD pipeline. Some popular kinds of secrets include:
Harness?includes a built-in secrets management feature that enables you to store encrypted secrets, such as access keys, and use them in your Harness applications.
Your MongoDB string URL can be easily stored in an encrypted fashion that no attacker can guess.
Read the full-article on TheNewStack - Managing Secrets in Your DevOps Pipeline
----------------------------------------------------------------------------------------------------------
If you missed my recent tech talk with Karan M.V, on DevOps best practices and building communities, here is the link to the recording.
BTW, in case if you are a part of any open-source project, please connect with me. My team at Harness is interested in knowing more about what you guys are building.
Thanks!