Modern Operations: Apps & Stacks


November 21, 2018  12:50 PM

What does an IT person do? Answers from around the globe

Meredith Courtemanche Meredith Courtemanche Profile: Meredith Courtemanche

The holiday season is fast approaching, when IT and DevOps professionals around the world answer a perennial question at the family dinner table: What does an IT person do?

While you might only face down this puzzled, “But what does an IT person do?” question at Thanksgiving or a particularly chilly New Year’s party, the ability to describe vital IT tasks to non-IT people proves invaluable when you collaborate on a cross-functional DevOps team, request IT budgets from business leadership, or go for a job interview.

We asked a handful of SearchITOperations contributors to share how they communicate the meaning of IT department, data center, operations and the like to aunts and uncles and teenage cousins. Here are a few attempts to nail down the meaning of IT, from an IT operations manager, virtualization expert, containerization consultant and more.

As consultant Tom Nolle describes from one encounter, a software lead’s breathless excitement about a new tool means nothing to an executive unless that development professional can articulate the business implications for what that tool does. “What I do is translate technology trends into business reality. I’m an impartial intermediary between the engineers and software gurus and the real world,” Nolle said.

“I used to say, ‘I work on computers’ when I did, actually, work on computers,” said Adam Bertram, IT automation consultant, but virtualization complicated all that. “Explaining to my family that I deploy virtual instances known as containers in the hundreds at a time would probably blow their mind.” His advice? Don’t get too technical. “I take the more abstract route and simply say, ‘I help companies create software faster and more reliably.'”

When the title IT operations manager generates puzzled expressions — which it normally does, according to Adam Fowler — explain that you “look after IT from end to end in a company,” he said. Non-IT friends and family generally expect that IT means you get to play with gadgets and the latest stuff — which it does! But they also think it’s a skill set mostly based around turning things off and on again. “I usually mention that there’s a trick to knowing which button to press and the timing of it,” Fowler said.

Better yet, why explain what an IT infrastructure person does when you can first avoid the question. “Nobody outside our industry knows or cares about the details of what we do, so glib answers like, ‘I make the Internet work’ or, ‘I do computer plumbing’ are pretty common,” said Alastair Cooke, a virtualization expert and consultant. IT professionals know well that the more people who know you work in IT, the more likely they’ll ask you to solve their IT problems. But of course, an ability to fix data center IT infrastructure doesn’t translate to home printer errors or a missing photo off a smartphone!

If you must answer “What does an IT person do?” for the third or fourth time that day, go ahead and have fun with the response. “What I and many others do is what you see in the movies, pressing a few keys and all of sudden lights come on, screens display critical information and the IT person saves the day,” joked Brian Kirsch, IT architect and instructor at Milwaukee Area Technical College. The reality of endless meetings, hours on hold or an inbox so full it could cause a person to cry is nowhere near as fun — it’s all in how you perceive the job.

“We are the heroes that keep the modern world running; not those on call at 3 am troubleshooting issues,” Kirsch said.

Then again, if you want to know what an IT person does, why would you ask them? As Brian Kirsch quips, IT people have a standard answer to every question: We’ll just tell you to reboot it.

November 20, 2018  3:09 PM

Gifts for geeks in 2018: analog edition

Beth Pariseau Beth Pariseau Profile: Beth Pariseau

CREDIT: RyanJLane/Getty Images

Not all great geek gift ideas have batteries or wires.

Even the most dedicated technologist needs to take his or her eyes off a screen every so often. This year our geek advisors’ suggestions to help the geek in your life unplug and unwind include selections off the beaten gadgetry path, from nerdy kitchen tools to a bacon subscription service.

“We already spend money on toys, gadgets, etc. for ourselves based on our interests, so it’s hard to buy something useful in those categories,” said one enterprise IT pro we consulted for geek gift ideas this year. “The more interesting things that tend to come up would be an outing related to something that we’re interested in: a concert, a winery tour, a spa day, lessons with a trainer or coach for a hobby or sport.”

For geeks that like to stick closer to home, this geek also recommends a recent gift he received from a friend: a subscription service for a shipment of bacon every month for a year. (He didn’t specify which service it was, but a Google search reveals several choices such as the Bacon of the Month Club, Goldbelly, and more.)

Other analog gifts that help balance out the tech in your geek’s life include fountain pens, nice paper notebooks – our geek friend suggests a Musubi — InstaPots, and cookbooks.

If the way to your geek’s heart is through their stomach, check out other food subscription services such as Universal Yums for international snacks, or nerdy kitchen tools such as a keyboard-shaped waffle iron. One of our geek advisors recommends a fancy ice cube tray to support fine whiskey drinking.. Most geeks are also coffee connoisseurs who might appreciate a funny coffee mug, floppy disk coaster set or a new type of geeky coffee to try.

For the non-culinary geek that likes to build things other than computers and software, consider the Thor’s hammer toolbox, a multi-function tool, or an LED worklight.

“It’s amazing how bright these things are compared to flashlights, and far more practical if you are working in a darkened area for any amount of time,” said one of our geek consultants of the LED worklight. “This one also charges USB devices.”

On a less practical and more whimsical note, another one of our geek experts recommends the LEGO Architecture series.

“I just built the Las Vegas one, and I love how they did the Encore and the Bellagio,” he said. “For added fun, grab a discontinued one like the Villa Savoye.”

Finally, geeks with a sense of humor may appreciate a Millenium Falcon ugly sweater, a sticky note printer, an Elon’s Musk air freshener – “Dangles elegantly from the mirror of that Tesla car you don’t own,” reads the product description – or, and this is a real thing, a useless box.

Gadget gifts 2018: the AV club takes over

For geeks who never unplug, you may mitigate the damage done by countless hours of late-night coding with blue light blocking glasses.

Many geeks share their knowledge digitally with the rest of the geek community through webcasts, vlogs, podcasts and presentations. For such outgoing geeks, audiovisual equipment is the most sought-after category of gadgetry this year.

“For some of us, using our phones to not just chat but to vlog and live stream is becoming a way of life, but the thing that many of us are missing is the need for good lighting when making videos,” said an analyst geek we know.

Newer smartphone cameras better compensate for low light, but videos may look grainy when they’re posted, the analyst said.

“A good diffuse light, with different lighting levels and color temperatures can make a dramatic different in video quality,” he suggested, and recommends the gooseneck variety, which doubles as a cell phone holder, and is available in many versions and price points. Anti-gravity iPhone and Android smartphone cases may also replace a tripod in tight spaces.

Geeks that present webinars swear by HD webcams such as the LogiTech c920 and sound recorders such as the Yeti USB microphone, and for live presentations, the Logitech Spotlight presentation remote. Podcasters who need on-the-go sound studios recommend equipment such as the Zoom H5 Recorder, although it may exceed some gift buyers’ budgets. There are also portable whiteboard products that aid in presentations, such as the Wipebook Scan and Scribit, a Kickstarter project that turns any wall into an interactive screen.

Finally, novice geek photographers can create professional-looking photographs for their presentation slides using AI with the Arsenal smart camera assistant.

“This device compares the scene with thousands of professional pictures and through AI suggests the optimal camera settings,” said a geek who’s a fan. “Some will say it’s cheating, but I can live with that — we don’t all have the time to fail over and over learning the hard way!”

Perennial geek gift favorites

Some suggestions from our geek advisors this year overlap with themes in past geek gift guides, such as electronics for geeks who travel and home automation equipment. Additions to both these categories that have caught geeks’ eyes this year include foldable travel keyboards, ultra-small portable WiFi routers, and keyring device charger kits. Digital nomads can keep tabs of all their devices with Tile tracking kits.

Home automation enthusiasts who already have the essentials covered might be wowed by newer items such as smart padlocks, an Alexa-controlled Sonos soundbar, and even a kit that turns any car into a self-driving vehicle.


April 25, 2018  4:23 PM

Chasing Grace Project spotlights women in tech

Beth Pariseau Beth Pariseau Profile: Beth Pariseau
"diversity in tech", "women in IT"

Poet Lauren Zuniga is featured in Episode 1 of the Chasing Grace Project, a documentary series about women in tech.
Photo by Beth Pariseau, TechTarget

Diversity Luncheons have popped up with increasing frequency, but in the thirteen years I’ve been a tech reporter I’ve avoided them like the plague. The phrase “separate but equal” always rang in my head when I’d consider them, and I wanted no part of it.

The truth is, many of us women in the tech industry just put up defenses and avoid thinking about these issues at all. I’ve done my best to downplay my gender and prove to the men I approach for interviews that I know my stuff — I’ve simply tried to dissociate from gender altogether.

The Chasing Grace Project, a documentary film series about women in tech that made its debut at the luncheon, was a big part — maybe the most important part — of the reason I showed up this time, during a midday break at the Cloud Foundry Summit. I’d followed the project for months. It’s woman-run, which isn’t always the case with such projects. Its production values seem high, and a finished piece of artistic work appeals more to me than a lunch hour of free-form woolgathering about diversity.

Episode 1 of Chasing Grace confronts the pay gap between men and women in tech, a topic that highlights a data problem in the industry. Part of the reason some still argue about whether a wage gap really exists is that even in an age of advanced analytics and machine learning, the industry lacks good data on jobs and average salaries.

Moreover, even at companies that examine internal data to close the pay gap, the problem is not straightforward, said an audience member, an executive at a well-known IT consulting firm.

“People are at the right pay level, but maybe not at the right level of seniority within the organization,” she said. “You can address the pay gap, but that doesn’t address a lack of opportunities.”

That’s where deeper-seated issues come in, issues that begin in early childhood as boys and girls are socialized differently, audience members suggested. The problems also present their own vicious cycle — pay disparities and the thornier opportunity discrepancy leave fewer visible female leaders and mentors in positions to attract and guide young women in tech, and fewer young women are drawn to tech careers as a result.

None of the issues discussed at this Diversity Luncheon were solved there, of course. Women in tech still have their work cut out for them. But the event closed on an optimistic note.

“We know how to close these gaps — there are three or four different ways to do it, it’s just a matter of people being willing to take the initiative,” said Chasing Grace director Jennifer Cloer. “It’s happening, but it takes a long time, and we need to be patient. But persistent.”


December 14, 2017  12:54 PM

Technology gifts 2017: Geeks want wireless headphones

Beth Pariseau Beth Pariseau Profile: Beth Pariseau
Uncategorized

Apple’s AirPods wireless headphones are all the rage among technology gifts in 2017.

Novel approaches to mobile audio get attention from geeks as they choose their most-wanted technology gifts in 2017.

Our geek advisory panel said the most coveted gift this year is close to unanimous — Apple’s AirPods wireless headphones. AirPods, introduced at the end of 2016, pair easily with Apple devices, such as the iPhone, and offer good sound quality.

“Going wireless on my headsets has been life changing,” said one of our geek friends. “No more tangled cords, super easy to use and just way cooler!”

For the unique geek in your life, consider giving them the ColorWare treatment so they’ll stand out from the crowd. It’s already too late for this option to arrive in time for the holidays, but for the stylish geek it’ll be worth the wait.

“AirPods themselves are amazing, but you tend to look like every other [expletive] wearing AirPods,” said one geek in the know. “Using ColorWare to turn them nonwhite and to make the case a different color seems like a great gift to me.”

Geeks also mention wireless headphones from Beats by Dre, specifically the BeatsX model, and Bose, specifically the QC35 sound cancelling model.

“They’re great for taking calls, listening to music, and are an absolute must anytime you’re on a plane,” said one geek advisor of the QC35s.

Geeks also admire Google’s Pixel Buds, which offer a nifty translation feature between different languages, but advise geek gifters to hold off for further product development for now. The Pixel Buds require users on both sides of a translated conversation to have the Google Pixel phone, and the translation hasn’t yet reached conversational speed, according to early reviews.

“I desperately want the promise of what they were advertising, but it sounds like it’s another release or two away,” said an AirPods fan.

Other staple technology gifts for 2017 include new supplies for home automation systems, such as Amazon Echo Dots and even USB outlets. Get to know your geek’s brand preferences! Or, let them make their own cool gadgets with the popular Glowforge 3D printer geeks rave about.

For those without the cash on hand for expensive headphones, some home gadgetry can be had for entry-level prices, geeks said.

“There are lots of entry level smart devices that are handy like a grill thermometer, indoor thermostat, etc — they’re fun to play with, if nothing else,” one said.

Do-gooder geeks will also be tickled with donations to their favorite causes, such as Net Neutrality.

Technology gifts in 2017 for the weary traveler

Technology conferences no longer have an off-season, and technology gifts for geeks on the go are also in demand this year.

“With the ‘digital nomad’ revolution under way, and more people looking to work remotely or while traveling, there are a few devices that I’ve found to be invaluable,” said one geek road warrior.

For example, a portable router with battery pack is the perfect gift, and he recommends the HooToo TripMate. Other options include the FileHub and GL-AR750.

If your geek doesn’t already own a smartwatch, one can come in handy for geek travelers. Among the latest and greatest is the Apple Watch Series 3 with cellular support.

Geeks are hesitant to say they “like” USB-c dongles for Macbooks, as they are pricey and always require a charger on hand, but they’re a must-have for geek travelers to connect with and transfer data between devices. And don’t forget USB-c battery packs and fast charging cables.

“All the new phones and new Macs run off USB-c,” said one of our geek advisors. “They are a necessary evil.”

Geeks on the go also recommend novel approaches to note-taking and audio recording in conference sessions, such as a Gnarbox digital recorder or a Rocketbook Wave notebook.

“You can write in it, easily capture everything you’ve written with your smart phone camera really quickly, and then erase all the text by putting in the microwave,” said one expert Rocketbook user.

As geeks settle in at night, they may also like a gooseneck iPad mount for hands-free Netflix-watching or e-Book reading in bed, too.

And for any geek who might like some professional development in their stocking, offer them a book on how to manage unplanned work. For fans of The Phoenix Project, try Debois’ follow up, The DevOps Handbook. Or, if your geek works with PowerShell scripts, this advanced scripting book from Dana French might be right up their alley.

Beth Pariseau is senior news writer for TechTarget’s Data Center and Virtualization Media Group. Write to her at bpariseau@techtarget.com or follow @PariseauTT on Twitter.


October 19, 2017  1:49 PM

How do you run enterprise DevOps?

Meredith Courtemanche Meredith Courtemanche Profile: Meredith Courtemanche

DevOps has escaped the rarefied realm of unicorns and startups, as workhorse enterprises take up application delivery and support methodology. Every experience is unique, and yet everyone can learn from the successes and messes encountered during DevOps adoption at other companies.

How does enterprise DevOps work, and how have pros — including you — struggled? Join other DevOps engineers, IT managers and developers with SearchITOperations in an interactive Challenge Your Peers session at Delivery of Things World on October 26 in San Diego.

We’ll brainstorm how to support the business through better application architectures, platforms and technologies in the IT department. What should you invest in, and how do you prove the benefit of potentially substantial changes? We encourage different viewpoints, derived from your own experience and research. Come share your knowledge, debate constructively and learn from others going through the same reimagining into enterprise DevOps shops.

Check out the Delivery of Things World agenda for the complete list of Challenge Your Peers sessions as well as other opportunities to learn about DevOps cultural change and continuous integration and delivery.

Can’t make it to San Diego? Share your questions, frustrations, bright ideas and experiences here in the comments, or reach out at mcourtemanche@techtarget.com.

DevOps session

Attendees discussed DevOps challenges with geographic distribution, tool sprawl and more.


June 30, 2017  1:45 PM

Security, stateful app features mark enterprise-friendly Kubernetes release

Beth Pariseau Beth Pariseau Profile: Beth Pariseau

Kubernetes 1.7 is here just in time for the Fourth of July weekend, adding some fireworks of its own with new security features and broader support for stateful apps that are sure to appeal to the coveted enterprise market.

On the security front, a network policy API promoted from beta to stable allows users to set rules to restrict communication between individual Kubernetes pods,  and isolate network traffic for individual apps as well as individual users in a multi-tenant architecture. In previous releases, each app could be given its own Kubernetes namespace, but now specific services within those apps can be controlled within the namespace.

New node authorizer and admissions control plugins allow more fine-grained control of communication between the kubelet (the main software agent that runs Kubernetes on each host in a cluster) and secrets, pods and other objects on the node level. Kubernetes secrets management also makes gains on Docker Secrets with an alpha feature that encrypts secrets in the etcd data store.

Many enterprises are after Kubernetes stateful application support in production, and this Kubernetes release refines StatefulSets to include support for new update methods such as rolling updates. Kubernetes persistent volumes also take a step forward in Kubernetes 1.7 with alpha support for local storage volumes, which are popular for many big data and HPC use cases.

Databases are still a new area of development for Kubernetes and there is plenty still on the roadmap for StatefulSets. Rolling upgrades, for example, are supported now but rollback with StatefulSets is still being developed.

Kubernetes 1.7 broadens container runtime support, extensibility

While Kubernetes 1.7 technical features are sure to make waves, another intriguing aspect of the announcement has to do with the potential implications for the industry as the container runtime becomes standardized – and commoditized. Enterprises could see greater stability in container runtime support as Kubernetes begins its integration with Docker containerd in this release, for example. Docker open-sourced containerd, its core container runtime, and donated it to the Cloud Native Computing Foundation earlier this year.

“There were definitely some concerns with the stability and modularity of the platform [before containerd],” said Sam Ghods, co-founder and solutions architect for online document sharing and collaboration firm Box. “The container runtime should be very swappable.”

In future Kubernetes releases, it will be. For now, Kubernetes 1.7 lays the groundwork for better support of alternative container runtimes with enhancements to the Container Runtime Interface, a container runtime plugin API. With version 1.7, developers can more closely monitor various container runtimes through the interface, and use newly published validation tests for container runtime integration with the interface as well. .

In subsequent releases, there will be full production-ready support for runtimes that include CRI-O and rkt in addition to Docker containerd.

Docker Inc. has been an active participant in developing Kubernetes 1.7, according to Google project overseers, and if anything, containerd has drawn Docker the company and the Kubernetes community closer together, they say. However, some industry watchers might wonder about the future direction of Docker’s business now that vendors can standardize around core containerd features without Docker’s value-add offerings, and as the prospect of CRI-O integration resurfaces with this release.

New extensibility features in this Kubernetes release, such as API aggregation, will benefit container orchestration offerings based on Kubernetes, such as Red Hat OpenShift. This new feature enables power users to tinker with third-party tools for management as part of the Kubernetes cluster.

Commercial results of this extensibility update will include the Red Hat / AWS service catalog previewed at this year’s Red Hat Summit. Advanced Kubernetes users such as Box look forward to getting their hands on these features as well.

“We can now reuse the API server and Kubernetes etcd to build in third-party resources instead of doing our own hacking to create a data store and API server for every microservice,” Ghods said. “It cuts down on the time and complexity of developing services.”

Ghods added that he hopes the new extensibility features will give rise to a Kubernetes CI/CD tool similar to Netflix Spinnaker. There aren’t any concrete plans for such a tool right now, but Kubernetes has now built the foundational technology to allow it. Ghods said.

Beth Pariseau is senior news writer for TechTarget’s Data Center and Virtualization Media Group. Write to her at bpariseau@techtarget.com or follow @PariseauTT on Twitter.


June 29, 2017  10:28 AM

Healthcare, big data and IoT: Scared to death?

Carlos Casanova Carlos Casanova Profile: Carlos Casanova
Big Data, Healthcare IT, Internet of Things

Big data isn’t new to anyone or any industry, and its impact is challenging everyone. The internet of things didn’t exist when the term information explosion was first used in the 1940s.  It was used to try to quantify the growth of data generation and consumption. It wasn’t however until October 1997 when an IEEE publication by two NASA research scientists introduced the term big data. Their article begins with “Visualization provides an interesting challenge for computer systems: data sets are generally quite large, taxing the capacities of main memory, local disk, and even remote disk. We call this the problem of big data.”

The volumes of data being generated are outpacing the abilities of our traditional systems. The past decade has seen a massive growth in data generation and that was before the internet of things (IoT) entered the equation. Just like in our everyday lives, everything we use and touch seems to already be or will soon become a networked device. Healthcare big data is no different, with thousands of monitors, diagnostics machines and other vital medical pieces of medical equipment. The implications are potentially deadly in healthcare if this if not handled properly.

This means that organizations involved in healthcare, maybe more so than other sectors, must look at several different areas with regard to the implications of IoT devices and big data processing. Just imagine if a pacemaker gets hacked! We must be more vigilant about security, compliance and processing and volumes of healthcare big data.

Security and healthcare data

Are all the newly networked medical devices secure? Will big data and IoT be a new entry point for hackers to get into hospital networks? Are there inherent vulnerabilities in their design? How can we ensure that IoT devices aren’t being intentionally designed/manufactured with weaknesses by third parties who seek to do harm?

Regulatory compliance for devices

Traditional computing platforms, servers, laptops, desktops and so on are fairly well documented in regard to their regulatory compliance procedures and audits. Are the millions of medical devices that could suddenly come online also being scrutinized sufficiently? From a medical operation perspective I suspect they are, but how about from a networked IT device perspective?

Data aggregation & processing

Aggregating and processing data are challenging already with devices that IT is familiar with. How will they handle a whole new set of device types that they have never encountered? What are the patterns and behaviors of these types of devices and how does it compare to traditional technology items? Can these new healthcare devices’ data be processed in the same way and are there unique scenarios that might otherwise be missed?

Data Volumes

This aspect alone could jeopardize the previous three in the realm of healthcare big data. Regardless of whether it’s human or technological, weaknesses will get exposed if the system is overworked. Can we handle the terabytes of data being generated fast enough, or will a detectable breach result? Can we handle the growth in volume resulting from onboarding tens of thousands of new devices? Will the new volumes skew known patterns and trends we rely on?

There are lots of questions with few answers as you can see. This is what those seeking to do harm are counting on. Our industry must find ways to address these challenges at the speed necessary to mitigate the current risks. The NASA scientists in 1997 called it big data, let’s make sure we address these issues and not let it become a big danger to our society.

Contemporary operating room

Credit: Alex Tihonov/Adobe Stock


May 10, 2017  3:34 PM

Breaking down Kubernetes use stats among OpenStack deployments

Beth Pariseau Beth Pariseau Profile: Beth Pariseau
Kubernetes, OpenStack

Kubernetes on OpenStack deployments — how popular is it really?

OpenStack Foundation leaders cited the organization’s annual user survey as evidence that a combination of OpenStack and Kubernetes — specifically, using an automatically provisioned OpenStack infrastructure to deliver server, networking and storage resources to Kubernetes clusters — is a popular use of the technology.

The group asked what platform as a service (PaaS) tools and what container tools run in today’s OpenStack environments. Jonathan Bryce, executive director of the OpenStack Foundation, said 45% of people responding to the question had answered with Kubernetes.

That question sought to find out what users are doing today, not what they’re interested in or what’s out there in the future, Bryce said. “People are combining these tools in ways that, if you go back a couple years, we certainly weren’t seeing,” he said.

Meanwhile, the biannual OpenStack User Survey released recently painted a more nuanced picture of that question and its responses. In the April 2017 survey, 192 respondents answered the question, “Which container and PaaS tools are used to manage applications on this OpenStack deployment?” Of those 192 respondents, 47% answered with Kubernetes, and 28% of them indicated they run Kubernetes in production.

The 45% number cited by Bryce corresponded to a further breakdown of survey responses from October 2016 and April 2017 that combined and then deduplicated responses to both surveys, for a cohort of 282 respondents. Of those respondents, 45% had answered with Kubernetes, and 29% were in production.

The slide referenced by Bryce did not contain information about the number of survey respondents, and could easily be interpreted to suggest that 45% of all those surveyed use Kubernetes. But of 1,400 completed surveys in April 2017, only those who registered a deployment (583) were given the containers question, according to the OpenStack Foundation. Out of 583 deployments, 192 answered the question about containers.

The bottom line? One third of OpenStack deployments use containers, based on survey answers collected since 2015. And within this group, 45% use Kubernetes, based on the last two survey periods (April 2017 and October 2016).

Beth Pariseau is senior news writer for TechTarget’s Data Center and Virtualization Media Group. Write to her at bpariseau@techtarget.com or follow @PariseauTT on Twitter.


May 5, 2017  2:33 PM

Red Hat Summit 2017: Big banks weave DevOps and security

Beth Pariseau Beth Pariseau Profile: Beth Pariseau

BOSTON — Security rules are inescapable for IT service providers within a financial enterprise, and several such companies filled in their peers on how they’ve approached DevOps and security in presentations here at Red Hat Summit 2017.

In several cases, it involved shifting security and data governance responsibilities to developers, a scary prospect for some IT pros, but for some companies like Deutsche Bank, it has worked so far.

“We code to the highest common denominator among regulations,” said William Dettelback, VP of engineering for the German financial services company. Right now, that’s the Monetary Authority of Singapore’s security regulations. “For us, the most stringent regulation is our baseline.”

Barclays has a “bring your own image” system for developers on test and development infrastructures, and those developers are accountable for the security of their images.

“We’ve changed our rules to say, we’ll report on it, we’ll give you every tool, including our own base images you can build from,” said Simon Cashmore, lead engineer and solutions architect for the UK-based bank, “But we’ll tell you, and keep telling you, you’re accountable when audits come.”

That doesn’t mean ops is off the hook when it comes to DevOps and security. Behind the scenes, Deustche Bank ops uses Red Hat CloudForms, which ships with OpenShift, to scan container images for security vulnerabilities published in Red Hat’s Common Vulnerabilities and Exposures (CVE) dabase, and send the results to OpenShift. New vulnerabilities trigger OpenShift to build new container images. This has helped the bank react to new security threats quickly without manual patching — apps built using container images pick up new security features as updated images are added to the Docker registry by OpenShift.

At Barclays, the new rules don’t apply yet to pushing container images in production — that’s still handled manually after image introspection by the ops team.

Automated disaster recovery is also part of new DevOps processes at both companies. Barclays’ ops team enforces app resilience by periodically “draining” containers from the infrastructure — devs ship apps without the required resilience at their own peril. Deutsche Bank, meanwhile, has established active-active disaster recovery rather than use an active-passive mode, and is working toward full automation of this process.

“We want failover done once, correctly,” said Dettelback. “If someone has to log in to deploy or fix something, we’ve failed.”

Beth Pariseau is senior news writer for TechTarget’s Data Center and Virtualization Media Group. Write to her at bpariseau@techtarget.com or follow @PariseauTT on Twitter.


May 5, 2017  2:25 PM

Red Hat Summit 2017 Reporter’s Notebook: OpenShift by Red Hat takes center stage

Beth Pariseau Beth Pariseau Profile: Beth Pariseau

BOSTON — It was called Red Hat Summit, but it could just as easily have been OpenShift Summit.

Red Hat’s platform as a service product was the hottest topic at the show here this week. Enterprise IT pros at the show were either already running it in production, or trying to get there.

Forty-eight percent of Red Hat’s customers say management, automation and orchestration are top of mind concerns for 2017, said Paul Cormier, president of products and technologies for Red Hat, citing a recent company-run survey in his keynote presentation that kicked off the conference. Some 70% of customers said cloud was the top 2017 IT spending priority, and 59% of Red Hat’s customers are planning or have implemented a multicloud environment.

Red Hat then made a splash with new multicloud features for OpenShift – specifically, an expansion to an existing partnership with Amazon Web Services that will see AWS services managed by an on-premises tool* for the first time and some contributions to Kubernetes development by AWS engineers. It still won’t involve Kubernetes integration with the EC2 Container Service, however, which is what many IT pros still want.

As developers clamor for more speed in application delivery, IT operations professionals at large enterprises with hybrid infrastructures are now tasked to deploy the massive, intricate OpenShift platform. Once that’s accomplished, they also must offer developers on-demand services in private data centers and public clouds with equal flexibility and speed.

“It’s a big change – we’re no longer building infrastructure to support a specific application’s requirements,” said an infrastructure architect with a financial services company that has recently bought into OpenShift, speaking on condition of anonymity over breakfast Wednesday. “Now we have to build infrastructure with the flexibility to support any application, anywhere.”

OpenShift roadmap to focus on services provisioning

A packed OpenShift Roadmap session Tuesday afternoon highlighted another mindset shift for IT pros: thinking in services, rather than servers.

OpenShift will integrate the Open Service Broker API to make on-premises enterprise IT departments more like cloud service providers that offer a catalog of services to developers. Like hybrid cloud, this is not a new idea – but with services composed of containers, it’s finally a practical goal.

The roadmap for 2017 also includes a tech preview of improvements to a multi-tenant plugin for project isolation to protect traffic within a project pod down to the port level, rather than simply enforcing network policies project-by-project. A tech preview of cluster federation will come in the second half of the year with OpenShift 3.6.

Beyond version 3.6, OpenShift will support low-latency apps with persistent storage volumes built on Red Hat’s version of Ceph open-source software-defined storage, as well as interfaces for Amazon’s Elastic File System and S3. This support is expected to include tenant-controlled snapshots for data backup. More logs and metrics, such as Jenkins logs, will be exposed through the OpenShift user interface.

Beth Pariseau is senior news writer for TechTarget’s Data Center and Virtualization Media Group. Write to her at bpariseau@techtarget.com or follow @PariseauTT on Twitter.

*Statement changed following initial publication


Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: