A Best-of-Breed Toolbox for Using Cloud

29-10-2019 / CloudOps

The number of tools in the cloud native landscape has exploded in the past few years, and it can be difficult to know which tool is right for which job. Cloud native technology stacks are comprised of several layers, each of which requires in-depth knowledge to optimize.

We’re cloud and tool agnostic but opinionated and know that we serve our customers best with a mix of open source and proprietary tools. For our customers that require commercial solutions, we have partnered with different industry leaders to create a full-stack technology solution that can be replicated across different platforms and adapted to unique requirements. If their goal is to empower their teams to build, operate, or use DevOps platforms themselves with these tools, we offer online workshops with labs. Our next workshop will cover DevOps Monitoring and will take place April 15-16. Here is our best-of-breed toolbox for consuming cloud.

A Full-Stack Technology Toolbox

Code and Collaboration

DevOps practitioners all need collaborative and reliable places to put their code, which makes a source repository the base of any technology stack. GitHub offers a development platform for hosting and reviewing code, managing projects, and building software from open source to business. It is the most commonly used system for version control and is the base of our toolbox. We use GitHub and GitLab to create and store automation recipes across a variety of cloud native platforms.

Cloud Platform

Cloud native platforms can take many forms. Your unique business and technical requirements as well as long-term roadmap should influence your choice – whether you are pursuing a private, hybrid, regional, or hyperscale cloud offering. We have partnered with AWS, GCP, and Azure, and have experience helping customers build and optimize their cloud platforms on both single- and multi-cloud solutions. With the CAD devaluing against the USD today, CloudOps can help customers leverage cloud.ca as a cost-effective, regional alternative to hyperscale cloud offerings. We have remained cloud agnostic since our founding in 2005 and can help customers find their ideal cloud solution, wherever that might be. We also have expertise helping customers build their own clouds and are knowledgeable with both OpenStack, Apache CloudStack and Packet.

Containerization

Containerization is fundamental to any application modernization, but there are many tools for managing containers to choose from. Open source solutions require expertise but can offer full control over your deployments. Managed services, like GKE, EKS, or AKS, are easier to adopt but less flexible. Distributions are a sort of middle ground between open source tools and managed services. OpenShift and Rancher are both included in CloudOps’ toolbox of cloud native solutions as both can be easily integrated into pre-existing infrastructures and deployed over a multitude of cloud platforms. Interested? Read our blog posts on OpenShift and Rancher to learn about how their differences can suit different use cases.

CI/CD

Once containerized, applications become more lightweight and are able to flow through dynamic CI/CD pipelines. DevOps is a combination of tools and processes that accelerate the delivery of software. It removes traditional silos between development and operations, creating pipelines of continuous integration and delivery (CI/CD) that release features in faster and smaller cycles. A key component of DevOps tooling, CI/CD pipelines require the right tools. We use CloudBees’ end-to-end continuous software delivery system as the CI/CD component of our DevOps toolbox. This system facilitates the building and scaling of automated pipelines with Jenkins, a community-powered open source automation server.

DevOps Monitoring

Monitoring systems allow technical teams to detect and remedy vulnerabilities before they become problems. Developers and platform operators need to collaborate with each other to ensure effective monitoring for staging, testing, and development environments. Open source monitoring tools can make the process of monitoring DevOps lifecycles more efficient on multiple cloud platforms. We use Instana for application performance monitoring and Elastic for search and analytics. Together, they give us full visibility into the health of our code being pushed through CI/CD pipelines.

Container Security

It’s easy to forget security when building technology stacks, but security is only becoming ever more important with all the data breaches happening today. Containers require different approaches for security. DevSecOps, the philosophy of integrating security into DevOps processes, requires shifting responsibility left from operations to development.To secure containers throughout the software delivery lifecycle, we recommend you adopt container-specific image vulnerability management tools and processes. Microscanner is a free image vulnerability scanner by Aqua that can help you better understand the traffic in distributed networks and enforce security policies. We also emphasize encrypting data in flight and at rest, and use HashiCorp Vault to securely store, access, and deploy sensitive information to applications and infrastructure. It allows us to transport dynamic secrets in multi-cloud environments. Read our blog post on securing containers at scale for a few more tips.

These are a few of the commercial partners we work with to deliver cloud solutions. We also work with customers that have investments in other solutions. It’s important to use the right tool for the right job, so you can build a toolbox of solutions that suit your unique business case.

The first step to navigating the cloud native landscape is equipping yourself with the right tools. Our DevOps workshops will give your technical teams a variety of skills needed to survive, even thrive, amidst its complexities. Check out our workshop calendar to view the dates of our upcoming public workshops. Our next online workshop will be on DevOps Monitoring – with so many changes happening, you need a monitoring system that will keep you ahead of the curve.

New call-to-action