from git to cloud - open source solutions for enterprise ...€¦ · • devops speeds time to...

From Git to CloudSUSE’s vision for agile software development and

deployment in the Software Defined Datacenter

Joachim Werner

Senior Product Manager

joe@suse.com

Peter Chadwick

Director Product Management

pchadwick@suse.com

Wer Visionen hat,

sollte zum Arzt gehen!

If you have visions,

go to a doctor!

Helmut Schmidt

2

SUSE Vision:

To help companies become always open

enterprises that empower possibilities.

A software-defined, scalable, secure, agile and highly reliable IT infrastructure.

4

Ops:

Provide IT services to the line of business

Dev:

Develop and maintain the software

to run those services

5

Bimodal IT –

Challenges &

Opportunities

Mode 2Mode 1

Agile, DevOpsWaterfall, ITIL

New & Uncertain ProjectsConventional Projects

Short Cycle (days, weeks)Long-cycle Times (months)

AgilityReliability

The two brains of IT

What is DevOps?

DevOps is a business practice in which software developers (Dev) and IT operations professionals (Ops) collaborate to produce high-quality software fast, frequently, and reliably.

9

OPS

QADEV

DEV

OPS

Why DevOps?

Companies that practice DevOps report significant benefits:

• Reduce Time to Market

• Win, Serve, and Retain More Customers

• Improve Quality and Reliability

DevOps Trends (cont.)

13

DevOps Challenges

• Integrating others

• 3rd Party software vendors

• In-house departments that aren’t “on DevOps” yet (and maybe never will)

• Legacy Software

• Who wants to run a separate infrastructure for the legacy stuff?

• Keeping things portable

• Public Clouds

• Making sure you can scale (up and down)

14

45% of organizations claim to have some form of bimodal capability today.

By 2017, 75% of IT organizations will have a bimodal capability.

Traditional IT

Mode 1

Agile IT

Mode 2

Two Worlds of IT Need a Bridge

*Predicts 2015: Bimodal IT Is a Critical Capability for CIOs: Gartner

Bimodal?

“Transform your approach to infrastructure to enable the business to

capitalize on new innovations and data.”

Cost Complexity Compliance

The Three “Cs” of the IT Transformation Challenge

20

Our Vision of IT 2020

• It’s software-defined

• It’s scaleable

• It’s secure

• It’s agile

• It’s highly reliable

21

Software Defined Infrastructure

• Enabling Infrastructure as code

• All hardware components need to be• Remote manageable (via an API)

• predictive

23

Goals torwards Infrastructure as Code

Allow the “heavy lifting” to be written by the experts

Expose the actual ”variables” in an easy to use syntax (e.g. YAML)

• Cost (reduction)

• Speed (faster execution)

• Risk (remove errors and security violations)

24

On Site Self-Service Container Infrastructure

25Physical

Switch

On Site Self-Service Container Infrastructure

26Physical

Switch

or

On Site Self-Service Container Infrastructure

27Physical

Switch

or

Install Image

On Site Self-Service Container Infrastructure

28Physical

Switch

Infrastructure

Control

On Site Self-Service Container Infrastructure

29

Infrastructure

ControlPhysical

Switch

MicroOS

• Container optimized

• Updates are• transactional

• atomic

• automated

30

On Site Self-Service Container Infrastructure

31

Infrastructure

ControlPhysical

Switch

On Site Self-Service Container Infrastructure

32

Infrastructure

ControlPhysical

Switch

On Site Self-Service Container Infrastructure

33

Infrastructure

ControlPhysical

Switch

Monitor &

Audit

On Site Self-Service Container Infrastructure

34

Infrastructure

Control

Monitor &

Audit

Control

Physical

Switch

On Site Self-Service Container Infrastructure

35

Infrastructure

Control

Monitor &

Audit

Control Compute Compute Compute

Physical

Switch

On Site Self-Service Container Infrastructure

36

Infrastructure

Control

Monitor &

Audit

Control Compute Compute Compute Network

Physical

Switch

On Site Self-Service Container Infrastructure

37

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

ControlPhysical

Switch

On Site Self-Service Container Infrastructure

38

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Physical

Switch

SUSE Manager

On Site Self-Service Container Infrastructure

39

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Physical

Switch

SUSE Manager

Powered by Salt

OneView API

On Site Self-Service Container Infrastructure

40Physical

Switch

Powered by Salt

On Site Self-Service Container Infrastructure

41

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

ControlPhysical

Switch

On Site Self-Service Container Infrastructure

42

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Physical

Switch

On Site Self-Service Container Infrastructure

43

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

44

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

45

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

Ku

bern

ete

s

Clu

ste

r

An open source platform for automating

deployment, scaling, and operations of

application containers across clusters of

hosts, providing container-centric

infrastructure.

46

What is Kubernetes?

With Kubernetes, customers are able to quickly

and efficiently respond to customer demand:

• Deploy your applications quickly and

predictably.

• Scale your applications on the fly.

• Seamlessly roll out new features.

• Optimize use of your hardware by using

only the resources you need.

47

What is Kubernetes?

On Site Self-Service Container Infrastructure

48

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

49

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

50

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

51

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

52

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

53

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

54

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

On Site Self-Service Container Infrastructure

55

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

Ku

bern

ete

s

Clu

ste

r

Containers as a Service Platform (CASP)

56

Node NodeNode NodeNode

Infrastructure

Control

Ku

bern

ets

Clu

ste

r

Physical

Switch

Containers as a Service Platform (CASP)

57

Allow customers to provision, manage,

and scale container-based applications.

A container application development

and hosting platform that automates the tedious

management tasks allowing customers to focus

on development and writing apps to meet

business goals.

Containers as a Service Platform (CASP)

58

• Enable DevOps and microservices applications

• Enterprise-grade security and scalability

• Running everywhere

• Accelerate business innovation

On Site Self-Service Container Infrastructure

59

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

Ku

bern

ete

s

Clu

ste

r

On Site Self-Service Container Infrastructure

60

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

Ku

bern

ete

s

Clu

ste

r

Full Platform as a Service (Cloud Foundry) and Physical Server deployments are just special cases!

61

Scalable

62

CASP

63

Node NodeNode NodeNode

Infrastructure

ControlPhysical

Switch

CASP

64

Node NodeNode NodeNode

Infrastructure

ControlPhysical

Switch

CASP

65

Node NodeNode NodeNode

Infrastructure

Control

Node

Physical

Switch

CASP

66

Node NodeNode NodeNode

Infrastructure

Control

Node

Physical

Switch

Public Cloud

CASP

67

Node NodeNode NodeNode

Infrastructure

Control

Node

Physical

Switch

Public Cloud

CASP

68

Node NodeNode NodeNode

Infrastructure

Control

Node

Physical

Switch

Public Cloud

CASP

69

Node NodeNode NodeNode

Infrastructure

Control

Node

Physical

Switch

Public Cloud

CASP

70

Node NodeNode Node

Infrastructure

Control

Node

Physical

Switch

Public Cloud

Secure

71

Building your defenses

First line of defense:

• Full control over incoming code

Internal code is always built in a verified build environment with tests and checks

External code is only adopted after inspection and built from known sources in a verified

build environment

Pre-built, verified & signed packages and containers from SUSE and SUSE partners

Second line of defense:

• Scanning of all layers of the infrastructure

Verify at all times that only trusted and fully updated stacks are running in your

environment, across physical, virtual, cloud and container/PaaS

Online drift detection

72

Compliance

• How do I ensure that all software that goes into production is

compliant?

• Who owns compliance?

• Who owns security?

73

Yesterday in the coffee kitchen …

Developer:

I’m using the latest code from GitHub. I need the features, and I know

that upstream is only fixing the latest versions if I report bugs to them.

I’m using Docker images from Docker Hub. It saves me a lot of time, and

it’s so easy to use from the Docker toolchain.

Compliance Officer:

We can’t just run code downloaded from untrusted sources from the

Internet.

And look at the images on the Docker Hub. Who is making sure they are

patched and secure?

74

Continuous Integration Today

75

Code

Repository

Code

Repository

Code

Repository

Code

Repository

Docker

Hub

Application Container

Continuous Integration how it should be …

76

Code

Repository

Code

Repository

SUSE

Customer

Center

Code

Repository

Application Container

Open

Build

Service

Package

Hub

Container

Hub

Code

Repository

77

Code

Repository

Code

Repository

SUSE

Customer

Center

Code

Repository

Application Container

Open

Build

Service

Package

Hub

Container

Hub

Code

RepositoryISV

78

Code

Repository

Code

Repository

SUSE

Customer

Center

Code

Repository

Application Container

Open

Build

Service

Package

Hub

Container

Hub

Code

RepositoryISV

SUSE Manager

SUSE Manager

79

Code

Repository

Code

Repository

SUSE

Customer

Center

Code

Repository

Application

Open

Build

Service

Package

Hub

Container

Hub

Code

RepositoryISV

SUSE Manager

80

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

Control

Op

en

Sta

ck

Cep

h

Physical

Switch

Compliant CI with SUSE

Our goals

• Provide you with the compliance you need

• Don’t slow down processes because of compliance

82

Agile

83

Reliable

84

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

ControlPhysical

Switch

Highly Available and Redundant

85

Monitor &

AuditCompute ComputeControl StorageNetworkCompute

Infrastructure

ControlPhysical

Switch

Summary

Thinking DevOps? Think SUSE.

• Every company today is a software company.

• DevOps speeds time to market and helps companies compete.

• SUSE has a proven record of helping companies move to DevOps,

with open source technologies, processes, and tools.

• SUSE provides a full reference framework of solutions and tools to

work with all stages of the DevOps process — and we share our own

DevOps experience.

• SUSE can create and integrate the infrastructure management,

orchestration, and automation capabilities companies need to be more

agile.

88

SUSE Solutions for DevOps: Flexible Infrastructure

89

With SUSE, you can build a flexible and reliable infrastructure

to:

• Quickly deliver IT resources to developers for prototyping

and experimentation with new technologies

• Faster time to market with infrastructure management

solutions that provide on-demand access to resources and

standardization of services.

• Intelligently sense and respond to infrastructure

demands with monitoring and automation tools. Adapt your

infrastructure in real time.