O slideshow foi denunciado.
Utilizamos seu perfil e dados de atividades no LinkedIn para personalizar e exibir anúncios mais relevantes. Altere suas preferências de anúncios quando desejar.

Open Source Infrastructure / Development & Security > How to make it work?

930 visualizações

Publicada em

Beginning of November 2017; Kangaroot was present at the IT & Digital Leaders / Noord Infosec Dialogue Benelux. Peter Dens explained how open source is used and gave some insights on containers and how to leverage you DevOps into a more secure environment.

Publicada em: Tecnologia
  • Seja o primeiro a comentar

  • Seja a primeira pessoa a gostar disto

Open Source Infrastructure / Development & Security > How to make it work?

  1. 1. Open source Infrastructure / Development and Security how to make it work Peter Dens peter@kangaroot.net
  2. 2. belgium’s top linux and open source service provider 100% independent 17 years of experience in Open Source Consultancy, Architecture, Implementation and Support For big and small companies About us Benchmark and Test both hardware and software
  3. 3. Open Source + Kangaroot = Product + Support + Expertise Consulting credits Support service
  4. 4. OPEN SOURCE USAGE Why/Where do organisations use Open Source ? • Infrastructure • Development / Code
  5. 5. INFRASTRUCTURE OPEN SOURCE = ORGANIC • Started underground • No formal process for updates/patches • Make sure you have ALL supporting processes • Patching • Configuration Management • Backup • Monitoring & Alerting • Centralised logging
  6. 6. INFRAsTRUCTURE • Patching : Red Hat satellite, Suse Manager, …. • Configuration Management : Chef, Ansible, Puppet • Backup : any… as long as you test it • Monitoring : • Regular Monitoring : Zabbix, Icinga, Nagios, … • API driven monitoring : Prometheus • Centralized Logging • Elastic search (ELK) • Correlate events
  7. 7. INFRAsTRUCTURE OPEN SOURCE = INNOVATION • New challenges • CI/CD & Containers • Developers in the driver’seat ? • Do they care about Security ? • What after a release ?
  8. 8. Transform to Hybrid Infrastructure Hybrid Infrastructure -Move from large, monolithic applications -Reduce operational cost with automation -Reduce CapEx with the appropriate resource utilization -Transform culture: more dev, less ops -Deliver “always-on” services -Auto-scale to maximize your business’ growth potential -Optimize IT with a mix of internal and external services -Empower a rising developer class to build apps and microservices fast
  9. 9. DOCKER : 5Y TREND
  10. 10. Containers
  11. 11. Containers BUT : • Developers build containers • You don’t patch containers , you replace them • Do your OPS people know what’s inside ? • Secrets Management ? • Where do they run ? • You thought VM sprawl was bad … ?
  12. 12. Containers
  13. 13. Containers Our recommendations : • Scan all containers in the container registry • CLAIR • Twistlock, Docker Scan, … • Central Secrets database : Hashicorp Vault, … • Container Management Platform : Rancher, Openshift, … • Get a full grip on CI/CD • Auditability • Capacity Planning • Trusted Docker images ( e.g. Red Hat Container Catalog, … )
  14. 14. DEVELOPMENT
  15. 15. DEVELOPMENT Issues : • Developers re-use existing code • Access to code, libraries, etc is easier than ever What you need : • Vulnerability Inventory • Licensing Inventory
  16. 16. DEVELOPMENT
  17. 17. DEVELOPMENT
  18. 18. DEVELOPMENT
  19. 19. QUESTIONS ?
  20. 20. WWW.KANGAROOT.NET ROOT Open Source Breakfast Sessions www.kangaroot.net/root kangarootlinux @kangarootlinux Kangaroot-linux-solutions Let us advise | design | implement | support your open it infrastructure Stay in touch magazine. KANGAROOT .NET

×