DEVOPS IN ADVANCE

Practical DevOps in enterprise

 Practical DevOps in enterprise

Scenarios before digital transformation

DevOps mindset adoption

Agenda
DevOps Strategy and Roadmap

How-to DevSecOps organization and implementation

Conclusion

Workshop of DevSecOps culture

Scenarios before digital transformation: Practical DevOps in enterprise

Circumstance:
• Technological base for business capability
• Infrastructure
• Software development life-cycle
• ITIL services
 Scenarios before digital transformation: Practical DevOps in enterprise
Technological base for business capability :
• Web-based internet banking
• Mobile applications
• Core banking T24, integrated with NAPAS, VISA, etc.
Issues:
• All monolithic – hard to scale or upgrade …
• No e-documentation support
• No API at-scale support
• No big data nor AI/ML
• Limit and poor security implementation
 Scenarios before digital transformation: Practical DevOps in enterprise
Infrastructure:
• Almost are traditional virtualized technology that hosted by a local
vendor
Issues:

• Many limits on scalability

• No on-demand
• No pay-as-you-go, huge front-up payment
• Almost manually on provisioning, configuration and
maintenance
 Scenarios before digital transformation: Practical DevOps in enterprise
Software development life-cycle:
• Fundamental with agile/scrum
• Development and operation teams work separately
• Rare and unscheduled but huge changes
• Deployment, monitor almost done manually
• Manual test only
• Etc.
Issues:
• Slow and limited test development process
• Unreliable and no roll-backable deployment
• Monitoring with eyes and phone calls
• Almost major issues are appeared in production
• Etc.
 Scenarios before digital transformation: Practical DevOps in enterprise

ITIL services:
• Full manual operation
• Processes are based on email
• Etc.
Issues:
• Very slow processes
• Tracked and trusted by human
• Etc.
DevOps mindset adoption: Practical DevOps in enterprise

Content:
• Main principal
• Big pictures and impacts
 DevOps mindset adoption: Practical DevOps in enterprise

Main principal:
• Leaning in over always saying “NO”
• Data & Security Science over fear, uncertainty and doubt
• Open Contribution & Collaboration over security-only requirements
• Consumable Security Services with APIs over mandated security controls & paperwork
• Business Driven Security Scores over rubber stamp security
• Red & Blue Team Exploit Testing over relying on scans & theoretical vulnerabilities
• 24x7 Proactive Security Monitoring over reacting after being informed of an incident
• Shared Threat Intelligence over keeping info to ourselves
• Compliance Operations over clipboards & checklists
 DevOps mindset adoption: Practical DevOps in enterprise

Big pictures and impacts:

DevOps mindset adoption: Practical DevOps in enterprise

Strategy:

• Cloud first – Multiple cloud

• DevSecOps Adoption
• Landing Zones
• Mass migration
• Enterprise service model
• Trust based on data
 DevOps mindset adoption: Practical DevOps in enterprise

Cloud first – Multiple cloud:

• All environments, systems will be based on cloud with no exception

• Go with 1 major provider first – AWS
• Expand to have active/passive or active/active with the second later - Azure
 DevOps mindset adoption: Practical DevOps in enterprise

DevSecOps Adoption:
• All environments, systems, projects will go with DevSecOps
• Build a pure native cloud DevSecOps toolchains that can be
provision and serve through on-premise, AWS, Azure
• Shift-left testing strategy with automation and performance
• Secured everywhere, everything, every time
 DevOps mindset adoption: Practical DevOps in enterprise

Landing Zones:
• Standardized identity and access management
• Standardized services and resources
• Standardized provision, maintenance and management
 DevOps mindset adoption: Practical DevOps in enterprise

Mass migration – 6R strategy:

• Rehosting ( “lift-and-shift”)
• Re-platforming (“lift-tinker-and-shift”)
• Repurchasing (migrate to a different product/license, often SaaS)
• Refactoring (re-architect or re-imagine leveraging cloud-native capabilities)
• Retire (get rid of)
• Retain (do nothing, usually “revisit later”)
 DevOps mindset adoption: Practical DevOps in enterprise

Enterprise service model:

• Integration services: Queue, Stream, Pub/Sub, API, etc.

• Infrastructure services: Network, Security, Landing zones, etc.
• DevSecOps services: CI/CD, monitoring, integrated testing etc.
 DevOps mindset adoption: Practical DevOps in enterprise

Trust based on data:

• All data is collected and processed (Data lake + Data warehouse)
• All employees join to collect and process data based on data management framework
• All report, analyze, decision should be based on data
 DevOps mindset adoption: Practical DevOps in enterprise

Roadmap – Maturity model:

 Practical DevOps in enterprise

How-to DevSecOps organization and

implementation:
Organization:

• Division: Digital Transformation Office & IT

• Projects: IT strategy & Business & BAU
• IT enterprise services
• Multifunction squads & specialties ( Architecture, security, etc.)
 Practical DevOps in enterprise

How-to DevSecOps organization and

implementation:
Implementation:
• TCB Software development life-cycle
• TCB DevSecOps Toolchains (Hybrid)
• TCB Landing Zones
• TCB Mass migration
 Practical DevOps in enterprise

How-to DevSecOps organization and

implementation:
TCB Software development life-cycle:

Organization:
 Practical DevOps in enterprise

How-to DevSecOps organization and

implementation:
TCB Software development life-cycle:
Agile/Scrum:
 Practical DevOps in enterprise
How-to DevSecOps organization and
implementation:

TCB Software development life-cycle:

Gitflow:
 Practical DevOps in enterprise
How-to DevSecOps organization and
implementation:
TCB DevSecOps Toolchains (Hybrid):
• Git service: GitLab
• Artifact repository: Nexus
• Job runner: Jenkins
• Configuration as code: Puppet + Ansible
• Infrastructure as code: Terraform
• Metrics: Prometheus + Grafana
• Logging: EFK
• Container runtime platform: OpenShift
• Automation test: Selenium
• Performance test: Jmeter
• Etc.
 Practical DevOps in enterprise

Conclusion :

Pros:
• Huge investment
• Built up experienced and skilled teams
 Practical DevOps in enterprise

Conclusion :
Cons:
• Conflict between new and old way of working
• No deep culture
• Bad on planning and collaboration at mass scale
 Practical DevOps in enterprise

References :

 understanding landing zones

 considering a mass migration to the cloud
 Practical DevOps in enterprise

Q&A
 Practical DevOps in enterprise

Workshop
 Workshop
Practical DevOps in enterprise

Start with main questions:

• Why DevOps ?
• What is your DevOps culture current state ?
• Where do you want to go with DevOps culture journey ?
• How we can archive it ?
 Workshop
Practical DevOps in enterprise

Project lists:
• MyTV
• MyVNPT - VAS
• DigiLife - VAS
• VNPTMoney -
• IPCC
• TNVN - VAS
 Workshop
Practical DevOps in enterprise

DevOps objectives:
Collaboration: Velocity: Reliability:
• Planning and tracking • Lead time management • Functionality
• Change management • Etc. • Security
• Notification/Alert • Performance
• Etc. • Etc.
 Workshop
Practical DevOps in enterprise

DevOps in practical:

Collaboration: Velocity: Reliability:

• Agile/scrum • Automation (CICD) • Automation test
• Branching strategy • Containerized • Performance test
• Local store/caching • Security integration
• Infrastructure as code • Etc.
• Etc.
 Workshop
Practical DevOps in enterprise

DevOps Enterprise best practices :

• Microservices
• Enterprise services
• TechOps model
• Maturity roadmaps
• Etc.
 Workshop
Practical DevOps in enterprise

DevOps Enterprise best practices :

• Unified processes (Git-flow, JIRA, Confluence)

• Unified technical stack and architecture
• Unified of DevOps toolchain (CICD, Monitoring)
 Workshop
Practical DevOps in enterprise

DevOps Enterprise best practices :

• Unified processes (Git-flow, JIRA, Confluence)

• Unified technical stack and architecture
• Unified of DevOps toolchain (CICD, Monitoring)