1) The document discusses delivering software at speed using Chef Automate and AWS OpsWorks for Chef Automate. It describes how Chef Automate provides capabilities for continuous automation, compliance, and visibility across infrastructure, applications, and workflows.
2) AWS OpsWorks for Chef Automate is introduced as a native Amazon service that provides a fully managed Chef server on AWS, allowing customers to take advantage of Chef Automate's capabilities in an AWS environment.
3) The document argues that Chef Automate is foundational for DevOps initiatives by enabling organizations to define infrastructure and compliance as code, increase speed of software delivery, improve efficiency, and decrease risk through continuous automation and compliance monitoring.
Vector Search -An Introduction in Oracle Database 23ai.pptx
AWS OpsWorks for Chef Automate
1. Delivering
Software at Speed
AWS OpsWorks for Chef Automate
Amazon Web Services Sydney User Group
Matt Ray
Manager, Solutions Architect for APJ
February 1, 2017
2. 5x
Apps and experiences are the new interface
Disrupt or be disrupted. Outperform the competition with digital transformation.
Success with digital transformation is key to business growth
Idea Ship
PROBLEM
Most enterprises aren’t very
good at shipping software
▪ Slow time-to-market
▪ Poor user experience
▪ High cost
▪ Poor predictability
▪ Vulnerabilities and risk
POTENTIAL
1—Gartner, Delivering Value at Speed
2—GartnerApps, November 2016
REQUIREMENT
For organizations that have
implemented DevOps, 66%
saw faster realization of
business value1
.
Gartner predicts that through
2021 market demand for app
development will outstrip
supply by 5x.
66%
3. 1. BMC
2. Splunk
3. IBM
4. HP
5. New Relic
6. AWS
7. Servicenow
8. CA
9. Microsoft
10. Chef
11. Solarwinds
12. Atlassian
Chef has driven the automation revolution
Our platform is a leader in Continuous Automation
Infrastructure Automation
Compliance Automation
Application Automation
Strategic Vendor of F500OSS Leadership
With which vendor do you think you
will be spending the most on IT tools
in three years?
Goldman Sachs Spending Survey, 2016
Key Partners
4. Sliding Scale of Hybrid
% of Traditional
Infrastructure
% of Modern
Infrastructure
Legacy tooling
Legacy process
Modern tooling
Modern process
”
Most enterprises are going to operate in hybrid mode for many years to come
Andy Jassy, CEO, Amazon Web Services (re:Invent 2016)
6. LOBLOB
FOCUS ON SPEED
Tension caused by the
demands placed on teams…
…can be resolved by vertical
integration and automation…
…to deliver a future of developer
services and software at speed
SHARED SERVICES
Vertical Integration is key to velocity
A balance of increasing speed, improved efficiency and decreasing risk
FOCUS ON RISK
SHARED SERVICES
DEVELOPER SERVICES
BUILD • DEPLOY • MANAGE
LOB
Line of
Business
LOB
Line of
Business
LOB
SHARED SERVICES
LOB
7. ”
Business Value with Developer Services
Shifting capabilities to match business requirements
Developer Services Engineer
Line of Business Development Team
I provide services that developers and development teams
use to build and deliver applications.
Developer Services TeamsTraditional Central IT
System Administrator
Centralized Enterprise IT Team
I manage and deliver infrastructure required to run
software in my organization.
MANAGE Enabling development teams to get insights into
speed, efficiency and risk of delivery of their software
Reducing risk to my organization from my
infrastructure and software that runs on it
Enabling development teams to ship software at speed
while maintaining quality and reducing risk
Reliably managing changes to infrastructure
requirements DEPLOY
Providing on-demand, self-service infrastructure and
services tailored to developer needs
Managing and lowering costs of running,
configuring, and maintaining infrastructure
Don’t measure me on traditional IT metrics, but on the metrics of the business
Jim Fowler, CIO, GE Capital
BUILD
8. The impact of outperformance
5x Revenue Growth, 8x Profitability Growth, 2x Shareholder Return Growth
4.3% 13.5% 18.1%
0.8%
-1.8%
10.3%
B2B digital leaders turn in
stronger financial performance.
Top-quartile digital
B2B companies
Rest of B2B
sample
Revenue growth,
CAGR,2010-15
Operating profit (EBIT)
Growth, CAGR, 2010-15
Return to shareholder (TRS)
growth, CAGR, 2010-15
~5X ~8X ~2X
Firms with high performing IT
organizations were twice as likely to
exceed their profitability, market
share, and productivity goals
The State of DevOps, 2016
HIGH PERFORMING IT ORGANIZATIONS:
▪ 200x more frequent releases
▪ 24x faster at recovering from failures
▪ 3x lower change failure rate
▪ 255x shorter lead times
No high velocity company has gotten there without automation as a foundation
2x
9. Velocity: time from idea to ship
Software success metrics
Quantifying outcomes to deliver software at speed
Deployment
frequency
Time from
commit to deploy
Mean time
to resolve
Time deploying
remediation
Change failure
rate
SPEED
Measure of rate
of software change
EFFICIENCY
Measure of effectiveness
of software change
RISK
Measure of quality
of software change
Compliance testing
coverage
Idea Ship
10. Standard Bank pushes ideas from commit to deploy in 18 minutes with Chef
Focus on Speed
Measuring the rate of software change
HIGH IT
PERFORMERS
MEDIUM IT
PERFORMERS
LOW IT
PERFORMERS
On-demand Week - Month
Month – 6
Month
< 1 Hour Week - Month
Month - 6
month
USE CASES INCLUDE:
▪ Application Delivery
▪ Build Pipelines
DEPLOYMENT
FREQUENCY
TIME FROM COMMIT
TO DEPLOY
11. Delivering software at speed
The capabilities needed across infrastructure,
applications and compliance
Workflow • Local development • Integration • Tooling (APIs & SDKs)
COLLABORATE
▪ Package
▪ Test
▪ Approve
BUILD
▪ Provision
▪ Configure
▪ Execute
▪ Update
DEPLOY
▪ Secure
▪ Comply
▪ Audit
▪ Measure
▪ Log
MANAGE
“
Continuous
configuration
automation tools (aka
infrastructure as code)
are foundational to
DevOps initiatives.
—Gartner, Inc.
Market Guide for Continuous Configuration
Automation Tools, Dec 2016
“
How..?
CAN YOU DELIVER SOFTWARE
AT SPEED FOR YOUR BUSINESS
12. The Chef Automate Platform
Continuous Automation for High Velocity IT
Workflow • Local development • Integration • Tooling (APIs & SDKs)
COLLABORATE
▪ Package
▪ Test
▪ Approve
BUILD
▪ Provision
▪ Configure
▪ Execute
▪ Update
DEPLOY
▪ Secure
▪ Comply
▪ Audit
▪ Measure
▪ Log
MANAGE
Infrastructure Automation Compliance AutomationApplication Automation
OSS AUTOMATION ENGINES
Increase Speed
▪ Package infrastructure and app
configuration as code
▪ Continuously automate
infrastructure and app updates
Improve Efficiency
▪ Define and execute standard
workflows and automation
▪ Audit and measure effectiveness of
automation
Decrease Risk
▪ Define compliance rules as code
▪ Deliver continuous compliance as
part of standard workflow
13. Chef
▪ Manages deployment
and on-going automation
▪ Define reusable resources
and infrastructure state as code
▪ Scale elegantly from one to tens of
thousands of managed nodes across
multiple complex environments
▪ Community, Certified Partner, and
Chef supported content available
for all common automation tasks
Infrastructure automation
and delivery at scale
windows_feature ‘IIS-WebServerRole’ do
action :install
end
windows_feature ‘IIS-ASPNET’ do
action :install
end
iis_pool FooBarPool do
runtime_version “4.0”
action :add
end
package "apache" do
action :install
end
template “/etc/httpd/https.conf” do
source “httpd.conf.erb”
mode 0075
owner “root”
group “root”
end
service “apache2” do
action :start
done
14. PART OF A PROCESS OF CONTINUOUS COMPLIANCE
Scan for
Compliance
Build & Test
Locally
Build & Test
CI/CD Remediate Verify
A SIMPLE EXAMPLE OF AN INSPEC CIS RULE
InSpec
▪ Translate compliance into Code
▪ Clearly express statements of policy
▪ Move risk to build/test from runtime
▪ Find issues early
▪ Write code quickly
▪ Run code anywhere
▪ Inspect machines, data and APIs
Turn security and
compliance into code
control ‘cis-1.4.1’ do
title ‘1.4.1 Enable SELinux in /etc/grub.conf’
desc ‘
Do not disable SELinux and enforcing in your
GRUB configuration. These are important security features that
prevent attackers from escalating their access to your systems.
For reference see …
‘
impact 1.0
expect(grub_conf.param ‘selinux’).to_not eq ‘0’
expect(grub_conf.param ‘enforcing’).to_not eq ‘0’
end
15. Habitat
▪ Ease the burden of managing microservice
apps and bring benefits of apps architected
for microservices to traditional applications
▪ Gain consistent management of new
and traditional applications across their lifecycle
▪ Provides application portability for new and traditional
apps
▪ Autonomous nodes self-manage runtime state
of application based upon policy you define
▪ APIs expose application behaviors
as data for better management
▪ Works in tandem with infrastructure automation
▪ Makes applications running on containers,
PaaS, virtual machines, bare metal, … better
Automation that travels with the app
16. The Chef Automate Platform
Continuous Automation for High Velocity IT
Workflow • Local development • Integration • Tooling (APIs & SDKs)
COLLABORATE
▪ Package
▪ Test
▪ Approve
BUILD
▪ Provision
▪ Configure
▪ Execute
▪ Update
DEPLOY
▪ Secure
▪ Comply
▪ Audit
▪ Measure
▪ Log
MANAGE
Infrastructure Automation Compliance AutomationApplication Automation
OSS AUTOMATION ENGINES
Increase Speed
▪ Package infrastructure and app
configuration as code
▪ Continuously automate
infrastructure and app updates
Improve Efficiency
▪ Define and execute standard
workflows and automation
▪ Audit and measure effectiveness of
automation
Decrease Risk
▪ Define compliance rules as code
▪ Deliver continuous compliance as
part of standard workflow
17. Chef Automate is at the heart of software delivery
The vendors you trust, trust Chef for continuous automation
Technology Partners:
Workflow • Local development • Integration • Tooling (APIs & SDKs)
COLLABORATE
▪ Package
▪ Test
BUILD
▪ Secure
▪ Comply
MANAGE
Infrastructure
Automation
Compliance
Automation
Application
Automation
OSS AUTOMATION ENGINES
▪ Provision
▪ Configure
DEPLOY
FORMAT RUNTIME
WORKFLOW
ENVIRONMENT
18. Chef Automate: Jumpstart your automation
● A complete suite of enterprise
capabilities for workflow, visibility
and compliance
● Workflow: A pipeline for continuous
delivery of infrastructure and
applications
● Compliance: Customizable analytics
to identify compliance issues,
security risks and outdated software
● Visibility: Gives you views into
operational, compliance and
workflow process events
19. Workflow: Continuous delivery of any code
Improve collaboration across
infrastructure & applications
● Cross-team productivity enhanced by
consistent overall pipeline shape
● Specific teams given flexibility to configure
pipeline automation specific to their app
● Service dependencies across pipelines are
easily mapped and tested
Stakeholder visibility keeps teams in the
know and involved as needed
Robust governance ensures compliance
controls are enforced
20. Visibility: Real-time data collection & analysis
● Search, analyze, audit, and report on workflow
processes and environment behaviors
○ Multiple Chef Servers
○ Chef Solo
○ InSpec
○ Chef Compliance
○ Habitat
○ Chef Automate Workflow
● Better manage ephemeral, long-lived, and large
federated environments
● Easily export data to 3rd party analytic platforms
and event notification systems
21. Continuous Compliance/Audit: Compliance built into
Automation
● Discovery and analysis of compliance risks
across environments
● Automated checking of compliance
criteria with analytics
● Embed compliance into the software
delivery pipeline
● Move compliance risk checking from
runtime into build/test stage
● Structured review process during
development
● Improve patch management and
remediation
22. AWS OpsWorks for Chef Automate
Native Amazon Service
Managed Chef Server
▪ Utilizes RDS and other native
services
▪ May be externally accessible
AWS Native
▪ Auto Scaling in your VPC
▪ Automatic backups and upgrades
OpsWorks Stacks
▪ New name for previous version of
OpsWorks
● Partnership between Amazon and Chef, jointly
developed and maintained
● Fully managed AWS service with frequent updates
● Fully compatible with open source Chef
● Amazon is your support and billing
● All Chef Automate features will be supported
○ Visibility and Workflow today
○ Compliance soon
○ Currently Northern Virginia, Oregon & Ireland
with more planned