SlideShare a Scribd company logo

Evolve 2017 - Vegas - Devops, Docker and Security

John Willis
John Willis

This document discusses DevOps, Docker, and security. It begins by introducing the speaker and their background in DevOps. It then discusses how DevOps practices like continuous delivery, automation, and culture can make organizations 2000x faster. It introduces Docker and how it can make deployments more effective. Finally, it discusses how applying supply chain principles from Toyota, such as limiting variability and ensuring visibility, can make systems 100x more reliable when combined with Docker and immutable infrastructure.

Technology
1 of 45
Downloaded 35 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
Devops, Docker and Security John Willis @botchagalupe
• One of the founding members of “Devopsdays” • Co-author of the “Devops Handbook”. • Author of the “Introduction to Devops” on Linux Foundation edX. • Podcaster at devopscafe.org • Devops Enterprise Summit - Cofounder • Nine person in at Chef (VP of Customer Enablement) • Formally Director of Devops at Dell • Found of Socketplane (Acquired by Docker) • 10 Startups over 25 years About Me https://github.com/botchagalupe/my-presentations
Evolve 2017 - Vegas - Devops, Docker and Security
Evolve 2017 - Vegas - Devops, Docker and Security
5 What If I told you you could be 2000 times faster than your competitors
6 What if I told you that you could be 100 times more reliable than your competitors
7 What if you could have both
Faster, Effective, Reliable • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 8 Immutable Service Delivery
Devops … faster
DTO Solutions
• CAMS
 • Culture • Automation • Measurement • Sharing Devops Taxonomies • The Three Ways •The First Way •The Second Way •The Third Way
Devops Practices and Patterns • Continuous Delivery • Everything in version control • Small batch principle • Trunk based deployments • Manage flow (WIP) • Automate everything
 • Culture • Everyone is responsible • Done means released • Stop the line when it breaks • Remove silos12 itrevolution.com/devops-handbook
30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling
30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling Faster Higher
 Quality More
 Effective 2555x
Fast CheapGood “Pick Two!” Conventional Wisdom
Devops Automated Deployment Pipeline 16 Source: Wikipedia - Continuous Delivery
Evolve 2017 - Vegas - Devops, Docker and Security
18 Devops Results Google • Over 15,000 engineers in over 40 offices • 4,000+ projects under active development • 5500+ code submissions per day (20+ p/m) • Over 75M test cases run daily • 50% of code changes monthly • Single source tree • Over 75M test cases run daily
19 Devops Results Amazon • 11.6 second mean time between deploys. • 1079 max deploys in a single hour. • 10,000 mean number of hosts simultaneously receiving a deploy. • 30,000 max number of hosts simultaneously receiving a deploy
20 Unicorns and Horses (Enterprises) Unicorns Enterprise Shamelessly stolen and repurposed from: Pete Cheslock
21 Devops Results Enterprise Organizations • Ticketmaster - 98% reduction in MTTR • Nordstrom - 20% shorter Lead Time • Target - Full Stack Deploy 3 months to minutes • USAA - Release from 28 days to 7 days • ING - 500 applications teams doing devops • CSG - From 200 incidents per release to 18
Docker … effective
• IBM 360/370 (1960/1970) • CHROOT - Version 7 Unix 1979 (Bell Labs) • BSD in 1982 (Berkley) • VMware (1998) • FreeBSD Jails 2000 • XEN 2003 • Solaris Zones 2004 • OpenVZ 2005 • Amazon Web Services 2006 • Namespaces 2007 • Cgroups (Google) 2007 • KVM 2007 • AIX LPARS (IBM) 2007 • Drawbridge (2008) • Hyper-V (2008) • Linux Containers - LXC (Parelles, IBM, Google) 2008 • Docker (Dotcloud Inc) 2013 • Microsoft Docker on Windows Server 2016 History of Virtualization
•Type 1 Virtualization •VMware ESX, XEN, Hyper-V
 •Type 2 Virtualization •KVM, Virtualbox, QEMU, VMware Workstation
 •OS Level Virtualization •OpenVZ, LXC, Docker Virtualization
www.slideshare.net/ BodenRussell/realizing- linux-containerslxc
• Provision in milliseconds • Near bare metal runtime performance • VM-like agility – it’s still “virtualization” • Lightweight – Just enough Operating System (JeOS) • Supported with modern Linux kernel • Growing in popularity Why OS Level Virtualization
Evolve 2017 - Vegas - Devops, Docker and Security
• Isolation • Lightweight • Simplicity • Workflow • Security • Community Why Docker
29 Docker Security Enhancements • Docker Security Scanning • Docker Content Trust • Docker Trusted Registry • TLS by Default for Swarm/Docker Data Center • Read Only Containers • User Namespaces • Secomp and LSMS support • Enhanced System “Capabilities” support • Secrets Management • Immutable Operating System (Coming Soon)
30 Immutable Delivery
31 Immutable Delivery
Supply Chain … Reliable
33
Evolve 2017 - Vegas - Devops, Docker and Security
35 Supply&chain&advantage& Source:(Toyota(Supply(Chain( Management:(A(Strategic( Approach(to(Toyota’s( Renowned(System,(by(Ananth( Iyer(and(Sridhar(Seshadri( Toyota& Advantage& Toyota& Prius& Chevy& Volt& Unit%Retail%Price% 61%& $24,200% $39,900% Units%Sold/Month% 13x& 23,294% 1,788% In?House%ProducBon% 50%& 27%% 54%% Plant%Suppliers% 16%&& 125% 800% Firm@Wide(Suppliers( 4%# 224( 5,500(
Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
37 Variety • Determine your variety of offerings based on operational efficiency and market demand Velocity • Maintain a steady flow through all processes of the supply chain Variability • Manage inconsistencies carefully to reduce cost and improve quality Visibility • Ensure the transparency of all processes to enable continuous learning and improvement Toyota Production Systems - 4VL
38 Docker and the Three Ways of Devops
39 Variety • Learn faster, Limited frameworks, Limited operating systems, Limit vendors. Velocity • Small Batch, Small Teams, Microservices and Containers Variability • Docker and Immutable Delivery Visibility • Automated Testing, Docker Trust, Docker Security Scanning, Bounded Context, Bill of Materials Immutable Service Delivery (4VL) Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
40 Visibility - Docker - Bill of Material • Where and when was it built and why • What was its ancestor images • How do I start, validate, monitor and update it • What git repo is being built, what hash of that git repo was built • What are all the tags this specific container is known as at time of build • What’s the project name this belongs to • Have the ability to have arbitrary user supplied rich metadata Software Supply Chain - 4VL
Devops Automated Deployment Pipeline 41 Source: Wikipedia - Continuous Delivery
DevSecOps Requirements & Design Development CI Interval Trigger Assessment Production Application Risk Classification Security Requirement Definition Secure Libraries Static Analysis/IDE SCM Open Source Governance(CI) Secure Coding Standards Perimeter Assessment Dynamic Assessments Threat-Based Pen Test Web Application Firewalls Automated Attack/ Bot Defense Container Security Management Security Mavens (Security-Trained Developers and Operations) Role Based Software Security Training Continuous Monitoring, Analytics and KPI Gathering Preventative Detective Lightweight threat modeling approach Detailed manual assessments triggered automatically at appropriate interval; detached from release cycle Container Security Compliance (CI) Threat modeling Static Analysis (CI)
43 Immutable Service Delivery Fortune 500 Insurance Company • Tracks critical and high security defect rate per 10k lines of code • Started out with (10/10k) • After applying Devops practices and principles (4/10k) • After applying Toyota Supply Chain 4VL (1/10k ) • After Docker with Immutable Delivery (0.1/10k)
44 With Docker Fortune 500 Insurance Company • One Service • One Container • One Read Only File System • One Port
Immutable Service Delivery • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 45 2000x Faster and 100x Reliable

More Related Content

What's hot (20)

PPTX
Mediawiki to Confluence migration
Nils Hofmeister
 
PPTX
Getting a Neural Network Up and Running with OpenLab
Melvin Hillsman
 
PDF
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
Daniel Bryant
 
PDF
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
NCCOMMS
 
PDF
Micro Service – The New Architecture Paradigm
Eberhard Wolff
 
PDF
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
VMware Tanzu
 
PDF
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
PDF
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
Alfresco Software
 
KEY
Make It Cooler: Using Decentralized Version Control
indiver
 
KEY
CodeIgniter for Startups, cicon2010
Joel Gascoigne
 
PPTX
CD with spinnaker
AbdulBasit Kabir
 
PPTX
From java to scala at crowd mix
Stefano Galarraga
 
PDF
7 Apache Process Cloudstack Developer Day
Kimihiko Kitase
 
PPTX
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
Legacy Typesafe (now Lightbend)
 
PDF
CI/CD and Asset Serving for Single Page Apps
Mike North
 
PPTX
Cucumber jvm best practices v3
Ahmed Misbah
 
PDF
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltStack
 
PDF
Immutable infrastructure with Boxfuse
Lars Östling
 
PPTX
DevOps culture
Murughan Palaniachari
 
PDF
Operations for databases – the agile/devops journey
Eduardo Piairo
 
Mediawiki to Confluence migration
Nils Hofmeister
 
Getting a Neural Network Up and Running with OpenLab
Melvin Hillsman
 
DevoxxUK 2014 "Moving to a DevOps Mode: Easy, Hard, or Just Plain Terrifying?"
Daniel Bryant
 
O365Con19 - Sharing Code Efficiently in your Organisation - Elio Struyf
NCCOMMS
 
Micro Service – The New Architecture Paradigm
Eberhard Wolff
 
The Pivotal Engineering Dojo: Earning Your Black Belt in Cloud Foundry Engine...
VMware Tanzu
 
Javantura v4 - CroDuke Indy and the Kingdom of Java Skills - Branko Mihaljevi...
HUJAK - Hrvatska udruga Java korisnika / Croatian Java User Association
 
BP-10 Keeping Your Sanity – Rapid Development & Deployment Tools
Alfresco Software
 
Make It Cooler: Using Decentralized Version Control
indiver
 
CodeIgniter for Startups, cicon2010
Joel Gascoigne
 
CD with spinnaker
AbdulBasit Kabir
 
From java to scala at crowd mix
Stefano Galarraga
 
7 Apache Process Cloudstack Developer Day
Kimihiko Kitase
 
A Deeper Look Into Reactive Streams with Akka Streams 1.0 and Slick 3.0
Legacy Typesafe (now Lightbend)
 
CI/CD and Asset Serving for Single Page Apps
Mike North
 
Cucumber jvm best practices v3
Ahmed Misbah
 
SaltConf14 - Justin Carmony, Deseret Digital Media - Teaching Devs About DevOps
SaltStack
 
Immutable infrastructure with Boxfuse
Lars Östling
 
DevOps culture
Murughan Palaniachari
 
Operations for databases – the agile/devops journey
Eduardo Piairo
 

Similar to Evolve 2017 - Vegas - Devops, Docker and Security (20)

PDF
Immutable Service Delivery Shenzhen 2016
John Willis
 
PPTX
DevOps State of the Union 2015
Ernest Mueller
 
PDF
Immutable Awesomeness by John Willis and Josh Corman
Docker, Inc.
 
PDF
Dockercon USA 2016 - Immutable Awesomeness
John Willis
 
PPTX
DevOps 101
Donnie Berkholz
 
PPTX
You Build It, You Secure It: Introduction to DevSecOps
Sumo Logic
 
PDF
DevOps'n the Operating System
C4Media
 
PDF
Docker Containers in the Enterprise DevOps Journey
TechWell
 
PDF
Implementing dev ops to face a two speed it architecture
Davide Veronese
 
PPTX
DevOps 101+: From collaboration to microservices
Donnie Berkholz
 
PDF
Bluemix DevOps Meetup
Kyle Brown
 
PDF
DockerCon SF 2015: Faster, Cheaper, Safer
Docker, Inc.
 
PDF
Le cloudvupardesexperts 9pov-curationparloicsimon-clubclouddespartenaires
Club Alliances
 
PDF
Docker enables agile_devops
Boyd Hemphill
 
PPTX
Delivering Applications Continuously to Cloud
IBM UrbanCode Products
 
PDF
DTS-1778 Understanding DevOps - IBM InterConnect Session
Sanjeev Sharma
 
PDF
Microservices 101: From DevOps to Docker and beyond
Donnie Berkholz
 
PDF
You build it - Cyber Chicago Keynote
John Willis
 
PDF
Introduction to Dev Ops and Containerisation with Docker
Shakthi Weerasinghe
 
PDF
Incluit - Studio DevOps
Jonathan Martin Brizio
 
Immutable Service Delivery Shenzhen 2016
John Willis
 
DevOps State of the Union 2015
Ernest Mueller
 
Immutable Awesomeness by John Willis and Josh Corman
Docker, Inc.
 
Dockercon USA 2016 - Immutable Awesomeness
John Willis
 
DevOps 101
Donnie Berkholz
 
You Build It, You Secure It: Introduction to DevSecOps
Sumo Logic
 
DevOps'n the Operating System
C4Media
 
Docker Containers in the Enterprise DevOps Journey
TechWell
 
Implementing dev ops to face a two speed it architecture
Davide Veronese
 
DevOps 101+: From collaboration to microservices
Donnie Berkholz
 
Bluemix DevOps Meetup
Kyle Brown
 
DockerCon SF 2015: Faster, Cheaper, Safer
Docker, Inc.
 
Le cloudvupardesexperts 9pov-curationparloicsimon-clubclouddespartenaires
Club Alliances
 
Docker enables agile_devops
Boyd Hemphill
 
Delivering Applications Continuously to Cloud
IBM UrbanCode Products
 
DTS-1778 Understanding DevOps - IBM InterConnect Session
Sanjeev Sharma
 
Microservices 101: From DevOps to Docker and beyond
Donnie Berkholz
 
You build it - Cyber Chicago Keynote
John Willis
 
Introduction to Dev Ops and Containerisation with Docker
Shakthi Weerasinghe
 
Incluit - Studio DevOps
Jonathan Martin Brizio
 
Ad

More from John Willis (20)

PDF
Automated Governance
John Willis
 
PDF
Devops Long Strange Trip
John Willis
 
PDF
I Got 99 Problems and a Bash DSL Ain't One of Them
John Willis
 
PDF
Math is cool
John Willis
 
PDF
The 7 deadly diseases of DevOps 2019
John Willis
 
PDF
Next Generation Infrastructure - Devops Enterprise Summit 2018
John Willis
 
PDF
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
John Willis
 
PDF
Divine and felonios cyber security devopsdays austin 2018
John Willis
 
PDF
Devops - A Long Strange Trip It's Been
John Willis
 
PDF
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
John Willis
 
PDF
Art of the Possible - Serverless Conference NYC 2017
John Willis
 
PDF
Why Executives Can't Change
John Willis
 
PDF
Devops Kaizen - DevopsDays Dallas 2017
John Willis
 
PDF
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
PDF
Alibaba Cloud Conference 2016 - Docker Enterprise
John Willis
 
PDF
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
John Willis
 
PDF
Breaking Bad Equilibrium - Devops Connect 2016 LA
John Willis
 
PDF
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
John Willis
 
PDF
Turning Human Capital into High Performance Organizational Capital
John Willis
 
PDF
DOES16 London - Better Faster Cheaper .. How?
John Willis
 
Automated Governance
John Willis
 
Devops Long Strange Trip
John Willis
 
I Got 99 Problems and a Bash DSL Ain't One of Them
John Willis
 
Math is cool
John Willis
 
The 7 deadly diseases of DevOps 2019
John Willis
 
Next Generation Infrastructure - Devops Enterprise Summit 2018
John Willis
 
swampUP - 2018 - The Divine and Felonious Nature of Cyber Security
John Willis
 
Divine and felonios cyber security devopsdays austin 2018
John Willis
 
Devops - A Long Strange Trip It's Been
John Willis
 
DevopsdaysNYC - Almost 10 Years - What A Strange Long Trip It's Been
John Willis
 
Art of the Possible - Serverless Conference NYC 2017
John Willis
 
Why Executives Can't Change
John Willis
 
Devops Kaizen - DevopsDays Dallas 2017
John Willis
 
Alibaba Cloud Conference 2016 - Docker Open Source
John Willis
 
Alibaba Cloud Conference 2016 - Docker Enterprise
John Willis
 
Breaking Bad Equilibrium - Devops Connect 2017 RSAC
John Willis
 
Breaking Bad Equilibrium - Devops Connect 2016 LA
John Willis
 
All daydevops 2016 - Turning Human Capital into High Performance Organizati...
John Willis
 
Turning Human Capital into High Performance Organizational Capital
John Willis
 
DOES16 London - Better Faster Cheaper .. How?
John Willis
 
Ad

Recently uploaded (20)

PDF
Windsurf Meetup Ottawa 2025-07-12 - Planning Mode at Reliza.pdf
Pavel Shukhman
 
PPTX
MSP360 Backup Scheduling and Retention Best Practices.pptx
MSP360
 
PDF
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
PDF
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
PDF
Predicting the unpredictable: re-engineering recommendation algorithms for fr...
Speck&Tech
 
PDF
Persuasive AI: risks and opportunities in the age of digital debate
Speck&Tech
 
PDF
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
PDF
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
PDF
Human-centred design in online workplace learning and relationship to engagem...
Tracy Tang
 
PDF
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
PDF
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
PPTX
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
PDF
Impact of IEEE Computer Society in Advancing Emerging Technologies including ...
Hironori Washizaki
 
PDF
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
PDF
Why Orbit Edge Tech is a Top Next JS Development Company in 2025
mahendraalaska08
 
PDF
Building Resilience with Digital Twins : Lessons from Korea
SANGHEE SHIN
 
PDF
Achieving Consistent and Reliable AI Code Generation - Medusa AI
medusaaico
 
PDF
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
PDF
Log-Based Anomaly Detection: Enhancing System Reliability with Machine Learning
Mohammed BEKKOUCHE
 
PDF
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 
Windsurf Meetup Ottawa 2025-07-12 - Planning Mode at Reliza.pdf
Pavel Shukhman
 
MSP360 Backup Scheduling and Retention Best Practices.pptx
MSP360
 
TrustArc Webinar - Data Privacy Trends 2025: Mid-Year Insights & Program Stra...
TrustArc
 
Using FME to Develop Self-Service CAD Applications for a Major UK Police Force
Safe Software
 
Predicting the unpredictable: re-engineering recommendation algorithms for fr...
Speck&Tech
 
Persuasive AI: risks and opportunities in the age of digital debate
Speck&Tech
 
HCIP-Data Center Facility Deployment V2.0 Training Material (Without Remarks ...
mcastillo49
 
Empower Inclusion Through Accessible Java Applications
Ana-Maria Mihalceanu
 
Human-centred design in online workplace learning and relationship to engagem...
Tracy Tang
 
CIFDAQ Weekly Market Wrap for 11th July 2025
CIFDAQ
 
Complete JavaScript Notes: From Basics to Advanced Concepts.pdf
haydendavispro
 
Top iOS App Development Company in the USA for Innovative Apps
SynapseIndia
 
Impact of IEEE Computer Society in Advancing Emerging Technologies including ...
Hironori Washizaki
 
Chris Elwell Woburn, MA - Passionate About IT Innovation
Chris Elwell Woburn, MA
 
Why Orbit Edge Tech is a Top Next JS Development Company in 2025
mahendraalaska08
 
Building Resilience with Digital Twins : Lessons from Korea
SANGHEE SHIN
 
Achieving Consistent and Reliable AI Code Generation - Medusa AI
medusaaico
 
Smart Trailers 2025 Update with History and Overview
Paul Menig
 
Log-Based Anomaly Detection: Enhancing System Reliability with Machine Learning
Mohammed BEKKOUCHE
 
SWEBOK Guide and Software Services Engineering Education
Hironori Washizaki
 

Evolve 2017 - Vegas - Devops, Docker and Security

  • 1. Devops, Docker and Security John Willis @botchagalupe
  • 2. • One of the founding members of “Devopsdays” • Co-author of the “Devops Handbook”. • Author of the “Introduction to Devops” on Linux Foundation edX. • Podcaster at devopscafe.org • Devops Enterprise Summit - Cofounder • Nine person in at Chef (VP of Customer Enablement) • Formally Director of Devops at Dell • Found of Socketplane (Acquired by Docker) • 10 Startups over 25 years About Me https://github.com/botchagalupe/my-presentations
  • 5. 5 What If I told you you could be 2000 times faster than your competitors
  • 6. 6 What if I told you that you could be 100 times more reliable than your competitors
  • 8. Faster, Effective, Reliable • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 8 Immutable Service Delivery
  • 11. • CAMS
 • Culture • Automation • Measurement • Sharing Devops Taxonomies • The Three Ways •The First Way •The Second Way •The Third Way
  • 12. Devops Practices and Patterns • Continuous Delivery • Everything in version control • Small batch principle • Trunk based deployments • Manage flow (WIP) • Automate everything
 • Culture • Everyone is responsible • Done means released • Stop the line when it breaks • Remove silos12 itrevolution.com/devops-handbook
  • 13. 30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling
  • 14. 30x 200x more frequent deployments faster lead times 60x 168x the change success rate faster mean time to recover (MTTR) 2x 50% more likely to exceed profitability, market share & productivity goals higher market capitalization growth over 3 years* High performers compared to their peers… Data from 2014/2015 State of DevOps Report - https://puppetlabs.com/2015-devops-report Recent IT Performance Data is Compelling Faster Higher
 Quality More
 Effective 2555x
  • 16. Devops Automated Deployment Pipeline 16 Source: Wikipedia - Continuous Delivery
  • 18. 18 Devops Results Google • Over 15,000 engineers in over 40 offices • 4,000+ projects under active development • 5500+ code submissions per day (20+ p/m) • Over 75M test cases run daily • 50% of code changes monthly • Single source tree • Over 75M test cases run daily
  • 19. 19 Devops Results Amazon • 11.6 second mean time between deploys. • 1079 max deploys in a single hour. • 10,000 mean number of hosts simultaneously receiving a deploy. • 30,000 max number of hosts simultaneously receiving a deploy
  • 20. 20 Unicorns and Horses (Enterprises) Unicorns Enterprise Shamelessly stolen and repurposed from: Pete Cheslock
  • 21. 21 Devops Results Enterprise Organizations • Ticketmaster - 98% reduction in MTTR • Nordstrom - 20% shorter Lead Time • Target - Full Stack Deploy 3 months to minutes • USAA - Release from 28 days to 7 days • ING - 500 applications teams doing devops • CSG - From 200 incidents per release to 18
  • 23. • IBM 360/370 (1960/1970) • CHROOT - Version 7 Unix 1979 (Bell Labs) • BSD in 1982 (Berkley) • VMware (1998) • FreeBSD Jails 2000 • XEN 2003 • Solaris Zones 2004 • OpenVZ 2005 • Amazon Web Services 2006 • Namespaces 2007 • Cgroups (Google) 2007 • KVM 2007 • AIX LPARS (IBM) 2007 • Drawbridge (2008) • Hyper-V (2008) • Linux Containers - LXC (Parelles, IBM, Google) 2008 • Docker (Dotcloud Inc) 2013 • Microsoft Docker on Windows Server 2016 History of Virtualization
  • 24. •Type 1 Virtualization •VMware ESX, XEN, Hyper-V
 •Type 2 Virtualization •KVM, Virtualbox, QEMU, VMware Workstation
 •OS Level Virtualization •OpenVZ, LXC, Docker Virtualization
  • 26. • Provision in milliseconds • Near bare metal runtime performance • VM-like agility – it’s still “virtualization” • Lightweight – Just enough Operating System (JeOS) • Supported with modern Linux kernel • Growing in popularity Why OS Level Virtualization
  • 28. • Isolation • Lightweight • Simplicity • Workflow • Security • Community Why Docker
  • 29. 29 Docker Security Enhancements • Docker Security Scanning • Docker Content Trust • Docker Trusted Registry • TLS by Default for Swarm/Docker Data Center • Read Only Containers • User Namespaces • Secomp and LSMS support • Enhanced System “Capabilities” support • Secrets Management • Immutable Operating System (Coming Soon)
  • 32. Supply Chain … Reliable
  • 33. 33
  • 36. Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
  • 37. 37 Variety • Determine your variety of offerings based on operational efficiency and market demand Velocity • Maintain a steady flow through all processes of the supply chain Variability • Manage inconsistencies carefully to reduce cost and improve quality Visibility • Ensure the transparency of all processes to enable continuous learning and improvement Toyota Production Systems - 4VL
  • 38. 38 Docker and the Three Ways of Devops
  • 39. 39 Variety • Learn faster, Limited frameworks, Limited operating systems, Limit vendors. Velocity • Small Batch, Small Teams, Microservices and Containers Variability • Docker and Immutable Delivery Visibility • Automated Testing, Docker Trust, Docker Security Scanning, Bounded Context, Bill of Materials Immutable Service Delivery (4VL) Use their highest quality parts Use fewer, better suppliers Track which parts you use & where
  • 40. 40 Visibility - Docker - Bill of Material • Where and when was it built and why • What was its ancestor images • How do I start, validate, monitor and update it • What git repo is being built, what hash of that git repo was built • What are all the tags this specific container is known as at time of build • What’s the project name this belongs to • Have the ability to have arbitrary user supplied rich metadata Software Supply Chain - 4VL
  • 41. Devops Automated Deployment Pipeline 41 Source: Wikipedia - Continuous Delivery
  • 42. DevSecOps Requirements & Design Development CI Interval Trigger Assessment Production Application Risk Classification Security Requirement Definition Secure Libraries Static Analysis/IDE SCM Open Source Governance(CI) Secure Coding Standards Perimeter Assessment Dynamic Assessments Threat-Based Pen Test Web Application Firewalls Automated Attack/ Bot Defense Container Security Management Security Mavens (Security-Trained Developers and Operations) Role Based Software Security Training Continuous Monitoring, Analytics and KPI Gathering Preventative Detective Lightweight threat modeling approach Detailed manual assessments triggered automatically at appropriate interval; detached from release cycle Container Security Compliance (CI) Threat modeling Static Analysis (CI)
  • 43. 43 Immutable Service Delivery Fortune 500 Insurance Company • Tracks critical and high security defect rate per 10k lines of code • Started out with (10/10k) • After applying Devops practices and principles (4/10k) • After applying Toyota Supply Chain 4VL (1/10k ) • After Docker with Immutable Delivery (0.1/10k)
  • 44. 44 With Docker Fortune 500 Insurance Company • One Service • One Container • One Read Only File System • One Port
  • 45. Immutable Service Delivery • Devops (Faster) • Docker (Effective) • Supply Chain (Reliable) 45 2000x Faster and 100x Reliable