Bridging the Gap: DevOps, SRE, and the Cybersecurity Imperative
The tech world is a fast-paced arena, and staying ahead of the curve demands seamless collaboration. Development (Dev) and Operations (Ops) teams have long recognised the power of joining forces in a DevOps approach. Now, Site Reliability Engineering (SRE) adds another layer to this dynamic duo, with a laser focus on building reliable and scalable systems. But in this age of digital transformation, there's a third player demanding equal attention: Cybersecurity.
Mesoform's State of the Union report dives deep into this interconnected landscape. We're not just talking about tools and technologies – this report explores the people and the cultures that make these systems tick. From how teams are structured and how they communicate to the very foundations of their technology choices, we'll uncover the hidden links between DevOps, SRE, and the ever-present need for security.
If you're in the IT world, you've probably heard whispers of "platform engineering". But is it just another buzzword, or is it something more? Let me tell you, this is one trend you don't want to miss.
The IT industry has long sought a universal, cost-effective solution for deploying apps and cloud services, one that not only conserves time and resources but also expedites project delivery, elevates service reliability, and strengthens security from inception. Historically, these objectives often appeared to be at odds with one another.
However, with the introduction Mesoform's Athena Developer Platform, we're poised to transform the paradigm of cloud management. Athena champions the principles of "Shifting Down", redefining how organisations approach cloud deployment by empowering developers with greater control and autonomy; and improving on your ability to shift left.
This episode's musings are about security-in-depth with a daft analogy of Google Cloud's VPC Service Controls. Making use of multiple technologies to secure your IT.
This episode's thoughts are around project to product transformation - a white paper by Ross Clanton and Amy Walters:
This episode's thoughts on Google Kubernetes Engine and Scrum for DevOps Teams:
This month's thoughts are around:
This month's thoughts are a series of articles in a tale of technical debt:
In this particular project, Mesoform was employed, not only to provide site reliability, cloud and DevOps engineering but a complete technical architecture and technology management over the whole project. Guiding platform engineering, software engineering and DevOps, as well as architecture and UI design, our holistic approach aimed to optimise project performance and functionality in order to deploy a Crypto Trading App for a crypto trading startup.
This blog is on the importance of NGINX and will discuss how Mesoform implemented it despite facing challenges. Making use of multiple technologies to secure your IT.
This blog is on the importance of automated compliance enforcement and will discuss how Mesoform implemented it despite facing challenges. Making use of multiple technologies to secure your IT.
This blog is on the importance of having a centralised SIEM and will discuss how Mesoform created it despite facing challenges. Making use of multiple technologies to secure your IT.
Explore SRE (Site Reliability Engineering): Your guide to understanding Site Reliability Engineering’s transformative impact on software management.
Wondering how DevOps can transform software development? Discover expert solutions to streamline processes and optimise collaboration.
This blog is on the psychological influence of good DevOps and SRE practices: building stronger teams and enhancing productivity
Containers have been around now for quite a few years. We can trace the concept back to 1979 and the introduction of the chroot system call but it wasn't until BSD Jails, Solaris Zones and LXC in 2000, 2004 and 2008 when the technology started to mature. Zones in particular became incredibly stable very early on. With a very high level of isolation and performance, capable of multi-tenancy systems.
With the rise of VMWare and IaaS providers like AWS, container technologies took a back seat as the masses embraced cloud computing. Containers weren't fully able to satisfy the demands of ephemeral and dynamically scaling systems. However, in more recent years Docker has revitalised the interest back in this technology by introducing the idea of application containers and a powerful set of tools and infrastructure for maintaining container images.
Expanding the benefits beyond performance and resource utilisation gains, Docker improved standardisation, configuration management and portability, meaning containers are fast becoming the next hot technology (if they're not already). However, they do maintain some challenges in the Cloud. Specifically monitoring, orchestration (e.g. automated scheduling and auto-scaling) and service discovery are an additional burden.
Firstly, let me explain why I believe I know a little on the subject. I want to invite you to come back in time to the Technology Management Centre for a large Telco in the early 00s where a young man has just sat down for his first day on the job and his supervisor, Spencer hands him a drive bay (hot desking was serious business here) and says, "I recommend you do a stage 1 install of Gentoo because it'll will be a good learning exercise to set up the Operaing System from scratch. Then, when you're done, we'll go over this script I'm working on to automate some tests on our new Cisco 10K routers."
I'd never compiled an operating system before that point, so we never made it to the script but it was the first time in my career when I was suddenly plunged into a world of highly skilled engineers and architects, simply doing some amazing things under very tight requirements and needing to be "DevOps", just to ensure their success. Scripting and automating tests, building our own configuration management system, measuring everything that moved, working cross-functionally, high collaboration and information sharing across teams were all just the norm. We'd also virtualised our environments and were even running containers in production over ten years ago.
From that point, my work career continued in much the same way. Sure, there has been some challenges trying to help some people see the vision but now there is a DevOps community and a wealth of literature, those challenges mostly went away and the approach was less about pushing an agenda to simply agreeing with peoples ideas as they embraced the philosophies as well.