A Best-of-Breed Toolbox for Using Cloud
The number of tools in the cloud native landscape has exploded in the past few years, and it’s sometimes difficult to know which tool is right for which job. We’re cloud and tool agnostic but opinionated and know that we can serve our customers best with a mix of open source and proprietary tools. For our customers that require commercial solutions, we have partnered with different industry leaders to create a full-stack technology solution that can be replicated across different platforms and adapted to unique requirements. Here is our best-of-breed toolbox for consuming cloud.
Code and Collaboration
DevOps practitioners all need collaborative and reliable places to put their code, which makes a source repository the base of any technology stack. GitHub offers a development platform for hosting and reviewing code, managing projects, and building software from open source to business. It is the most commonly used system for version control and is the base of our toolbox. We use GitHub and GitLab to create and store automation recipes across a variety of cloud native platforms.
Cloud native platforms can take many forms, and your unique business and technical requirements and long-term roadmap should influence your choice – whether you are pursuing a private, hybrid, regional, or hyperscale cloud offering. We have partnered with AWS, GCP, Azure, and cloud.ca, and have experience helping customers build and optimize their cloud platforms on single- and multi-cloud solutions. on all their platforms. We have remained cloud agnostic since our founding in 2005. We also have expertise helping customers build their own clouds and are knowledgeable with both OpenStack, Apache CloudStack and Packet.
Containerization is fundamental to any application modernization, but there are many tools for managing containers to choose from. Open source solutions require expertise but can offer full control over your deployments. Managed services, like GKE, EKS, or AKS, are easier to adopt but less flexible. Distributions are a sort of middle ground between open source tools and managed services. OpenShift and Rancher are both included in CloudOps’ toolbox of cloud native solutions as both can be easily integrated into pre-existing infrastructures and deployed over a multitude of cloud platforms. Interested? Read our blog posts on OpenShift and Rancher to learn about how their differences can suit different use cases.
Once containerized, applications become more lightweight and are able to flow through dynamic CI/CD pipelines. DevOps is a combination of tools and processes that accelerate the delivery of software. It removes traditional silos between development and operations, creating pipelines of continuous integration and delivery (CI/CD) that release features in faster and smaller cycles. A key component of DevOps tooling, CI/CD pipelines require the right tools. We use CloudBees’ end-to-end continuous software delivery system as the CI/CD component of our DevOps toolbox. This system facilitates the building and scaling of automated pipelines with Jenkins, a community-powered open source automation server.
Monitoring systems allow technical teams to detect and remedy vulnerabilities before they become problems. Developers and platform operators need to collaborate with each other to ensure effective monitoring for staging, testing, and development environments. Open source monitoring tools can make the process of monitoring DevOps lifecycles more efficient on multiple cloud platforms. We use Instana for application performance monitoring and Elastic for search and analytics. Together, they give us full visibility into the health of our code being pushed through CI/CD pipelines.
It’s easy to forget security when building technology stacks, but security is only becoming ever more important with all the data breaches happening today. Containers require different approaches for security. DevSecOps, the philosophy of integrating security into DevOps processes, requires shifting responsibility left from operations to development.To secure containers throughout the software delivery lifecycle, we recommend you adopt container-specific image vulnerability management tools and processes. Microscanner is a free image vulnerability scanner by Aqua that can help you better understand the traffic in distributed networks and enforce security policies. We also emphasize encrypting data in flight and at rest, and use HashiCorp Vault to securely store, access, and deploy sensitive information to applications and infrastructure. It allows us to transport dynamic secrets in multi-cloud environments. Read our blog post on securing containers at scale for a few more tips.
These are a few of the commercial partners we work with to deliver cloud solutions. We also work with customers that have investments in other solutions. It’s important to use the right tool for the right job, so you can build a toolbox of solutions that suit your unique business case.
The first step to navigating the cloud native landscape is equipping yourself with the right tools. Our DevOps workshops will give your technical teams a variety of skills needed to survive, even thrive, amidst its complexities. Check out our workshop calendar to view the dates of our upcoming public workshops, or contact us to request a private workshop customized to your platform.
Featured image by Cesar Carlevarino Aragon