Modal Title
Cloud Native Ecosystem Containers IoT Edge Computing Microservices Networking Serverless Storage
OpenTelemetry Properly Explained and Demoed
Nov 15th 2022 11:13am, by B. Cameron Gain
The Latest Milestones on WebAssembly's Road to Maturity
Nov 10th 2022 2:26pm, by Heather Joslyn
.NET 7 Simplifies Route from Code to Cloud for Developers
Nov 9th 2022 8:36am, by Darryl K. Taft
Takeaways from the ESG GitOps and Shift Left Security Survey
Nov 9th 2022 6:45am, by Faith Kilonzi
Do You Need a Managed Database?
Nov 2nd 2022 9:14am, by Joe Fay
Case Study: How SeatGeek Adopted HashiCorp’s Nomad
Nov 16th 2022 1:07pm, by Heather Joslyn
Connect to Remote Docker Machines with Docker Context
Nov 12th 2022 6:00am, by Jack Wallen
.NET 7 Simplifies Route from Code to Cloud for Developers
Nov 9th 2022 8:36am, by Darryl K. Taft
The Next Evolution of Virtualization Infrastructure
Nov 1st 2022 6:29am, by Joe Fernandes
Install Dozzle, a Simple Log File Viewer for Docker
Oct 29th 2022 6:00am, by Jack Wallen
How Prescient Devices Uses Time Series Data for IoT Automation
Nov 16th 2022 9:01am, by Susannah Brodnitz
Making It Easier to Build Apps with Time Series Data
Nov 7th 2022 6:00am, by Kevin Casey
Big Three in Cloud Prompts ARM to Rethink Software
Nov 7th 2022 4:00am, by Agam Shah
US Chokes off AI Software Access to China
Oct 24th 2022 6:00am, by Agam Shah
What Is Supply Chain Security and How Does It Work?
Oct 18th 2022 12:53pm, by John Ross
Limiting the Deployment Blast Radius
Nov 15th 2022 8:14am, by Steven Lohrenz
Do ... or Do Not: Why Yoda Never Used Microservices
Oct 25th 2022 6:00am, by Samar Abbas
The Gateway API Is in the Firing Line of the Service Mesh Wars 
Oct 17th 2022 7:00am, by B. Cameron Gain
AmeriSave Moved Its Microservices to the Cloud with Traefik's Dynamic Reverse Proxy
Sep 8th 2022 2:02pm, by Ann R. Thryft
Event Streaming and Event Sourcing: The Key Differences
Sep 1st 2022 6:43am, by David Dieruf
The Next Wave of Network Orchestration: MDSO
Oct 27th 2022 10:00am, by Morgan Stern
Sidecars are Changing the Kubernetes Load-Testing Landscape
Oct 24th 2022 10:00am, by Kasper Siig
Confluent: Have We Entered the Age of Streaming?
Oct 12th 2022 7:56am, by Tony Baer
How Idit Levine’s Athletic Past Fueled Solo.io‘s Startup
Sep 16th 2022 11:41am, by Colleen Coll
AmeriSave Moved Its Microservices to the Cloud with Traefik's Dynamic Reverse Proxy
Sep 8th 2022 2:02pm, by Ann R. Thryft
Survey Finds Majority of Jamstack Community Testing Edge
Nov 14th 2022 8:10am, by Loraine Lawson
The Latest Milestones on WebAssembly's Road to Maturity
Nov 10th 2022 2:26pm, by Heather Joslyn
Jamstack Panel: How the Edge Will Change Development
Nov 10th 2022 7:47am, by Loraine Lawson
Kelsey Hightower on Software Minimalism and JS Frameworks
Nov 4th 2022 6:00am, by Loraine Lawson
Have Some CAKE: The New (Stateful) Serverless Stack
Oct 12th 2022 7:03am, by Keith McClellan
The Internet Is Not Reliable, but Planning for It Can Save You
Nov 10th 2022 8:41am, by Matthew D. Groves
An Introduction to Apache Parquet
Nov 9th 2022 9:46am, by Charles Mahler
Data on Kubernetes: How We Got Here, What’s Next
Nov 8th 2022 4:00am, by Susan Hall
5 Key Questions for App-Driven Analytics
Nov 7th 2022 7:37am, by Mat Keep
MERGE SQL Command to Accelerate Postgres Adoption
Nov 4th 2022 8:28am, by Tom Kincaid
Frontend Development Software Development Cloud Services Data Machine Learning Security
Microsoft Aims to Bring DevOps Discipline to Web3
Nov 17th 2022 7:46am, by Richard MacManus
Low-Code vs. No-Code
Nov 16th 2022 8:02am, by Jessica Wachtel
Service Simplifies Natural Language Processing for Developers
Nov 16th 2022 4:00am, by Loraine Lawson
Devs Are Excited by ActivityPub, Open Protocol for Mastodon
Nov 15th 2022 10:19am, by Richard MacManus
Survey Finds Majority of Jamstack Community Testing Edge
Nov 14th 2022 8:10am, by Loraine Lawson
Composing a Platform by Patching Crossplane Resources
Nov 17th 2022 2:02pm, by Matthias Lubken
Low-Code vs. No-Code
Nov 16th 2022 8:02am, by Jessica Wachtel
Real-Time Recommendations with Graph and Event Streaming
Nov 15th 2022 6:15am, by Aaron Ploetz
Adoption of Rust: Who's Using It and How
Nov 14th 2022 1:14pm, by Lawrence Davison
Survey Finds Majority of Jamstack Community Testing Edge
Nov 14th 2022 8:10am, by Loraine Lawson
Cryptojacking: Free Money for Attackers, Huge Cloud Bill for You
Nov 16th 2022 10:00am, by Nick Lang and Anna Belak
Why Cloud Data Egress Is Expensive
Nov 15th 2022 1:21pm, by Benjamin Jenkins
The Internet Is Not Reliable, but Planning for It Can Save You
Nov 10th 2022 8:41am, by Matthew D. Groves
Zero Trust Security and the HashiCorp Cloud Platform
Nov 9th 2022 11:42am, by Joab Jackson
Top 4 Misconceptions about Cloud Migration
Nov 8th 2022 10:00am, by Rich Hoyer
APIs Are Where Fun Happens
Nov 17th 2022 9:08am, by Anant Jhingran
How Prescient Devices Uses Time Series Data for IoT Automation
Nov 16th 2022 9:01am, by Susannah Brodnitz
Why Cloud Data Egress Is Expensive
Nov 15th 2022 1:21pm, by Benjamin Jenkins
OpenTelemetry Properly Explained and Demoed
Nov 15th 2022 11:13am, by B. Cameron Gain
Real-Time Recommendations with Graph and Event Streaming
Nov 15th 2022 6:15am, by Aaron Ploetz
Service Simplifies Natural Language Processing for Developers
Nov 16th 2022 4:00am, by Loraine Lawson
3 Ways AI Makes Business More Predictable
Nov 15th 2022 10:00am, by Kevin Miller
Explore or Exploit? Trivago's ML for New Recommendations
Nov 9th 2022 3:00am, by Jessica Wachtel
MC2: Secure Collaborative Analytics for Machine Learning
Oct 28th 2022 10:00am, by Jay Harel
Kubiya: Can Conversational AI Clarify DevOps?
Oct 25th 2022 10:55am, by Jennifer Riggins
Cryptojacking: Free Money for Attackers, Huge Cloud Bill for You
Nov 16th 2022 10:00am, by Nick Lang and Anna Belak
10 Ways to Manage API Security Risks
Nov 16th 2022 7:31am, by Faith Kilonzi
Red Hat Helps Make Kubernetes Security More Accessible
Nov 15th 2022 7:25am, by B. Cameron Gain
Say Goodbye to Browsers and Passwords
Nov 14th 2022 7:15am, by Michal Trojanowski
Ditch Secrets for Identity-Native Infrastructure Access
Nov 11th 2022 12:53pm, by Sakshyam Shah
Operations CI/CD Culture DevOps Kubernetes Observability Service Mesh DevOps Tools
SRE Fundamentals: Differences Between SLI vs. SLO vs. SLA
Nov 17th 2022 10:32am, by Paige Cruz
Case Study: How SeatGeek Adopted HashiCorp’s Nomad
Nov 16th 2022 1:07pm, by Heather Joslyn
Limiting the Deployment Blast Radius
Nov 15th 2022 8:14am, by Steven Lohrenz
It's No Longer about How You Write Code but How You Operate It
Nov 14th 2022 11:19am, by Gabriel Manor-Liechtman
What a Broken Wheel Taught Google Site Reliability Engineers
Nov 13th 2022 6:00am, by David Cassel
Create a Local Git Repository on Linux with the Help of SSH
Nov 5th 2022 6:00am, by Jack Wallen
Record, Connect and Search DevOps Changes with Kosli
Nov 4th 2022 10:00am, by Mike Long
Case Study: How BOK Financial Managed Its Cloud Migration
Nov 2nd 2022 11:55am, by Heather Joslyn
PurpleUrchin: GitHub Actions Hijacked for Crypto Mining
Oct 26th 2022 9:12am, by Steven J. Vaughan-Nichols
What Good Security Looks Like in a Cloudy World
Oct 7th 2022 7:26am, by David Melamed and Chris Koehnecke
It's No Longer about How You Write Code but How You Operate It
Nov 14th 2022 11:19am, by Gabriel Manor-Liechtman
eBay: Betting on Open Source Is Great for Your Business
Nov 14th 2022 10:00am, by Justin Abrahms
The Graph of Life in a Post-Relational World
Nov 11th 2022 7:00am, by Scott M. Fulton III
How and Why to Respond to Incidents the Right Way
Nov 10th 2022 8:00am, by Greg Leffler
Fear and Layoffs: How to Cope with Tech’s Uncertain Times
Nov 9th 2022 11:20am, by Jennifer Riggins
Warning: Config Drift Causes a Painful Death for Developers
Nov 17th 2022 12:02pm, by Susa Tunker
SRE Fundamentals: Differences Between SLI vs. SLO vs. SLA
Nov 17th 2022 10:32am, by Paige Cruz
Microsoft Aims to Bring DevOps Discipline to Web3
Nov 17th 2022 7:46am, by Richard MacManus
Limiting the Deployment Blast Radius
Nov 15th 2022 8:14am, by Steven Lohrenz
Choozle Scaled up with Mirantis' Kubernetes IDE Lens Autopilot
Nov 15th 2022 3:00am, by Ann R. Thryft
Case Study: How SeatGeek Adopted HashiCorp’s Nomad
Nov 16th 2022 1:07pm, by Heather Joslyn
OpenTelemetry Properly Explained and Demoed
Nov 15th 2022 11:13am, by B. Cameron Gain
Red Hat Helps Make Kubernetes Security More Accessible
Nov 15th 2022 7:25am, by B. Cameron Gain
Choozle Scaled up with Mirantis' Kubernetes IDE Lens Autopilot
Nov 15th 2022 3:00am, by Ann R. Thryft
The Quest for High-Quality Kubernetes Deployments
Nov 11th 2022 9:18am, by Sergio Ocon-Cardenas
OpenTelemetry Properly Explained and Demoed
Nov 15th 2022 11:13am, by B. Cameron Gain
Continuous Integration Observability Explained
Nov 14th 2022 12:38pm, by Ismail Egilmez
Snowflake Delivers Bevy of Developer Goodies
Nov 7th 2022 9:15am, by Andrew Brust
Record, Connect and Search DevOps Changes with Kosli
Nov 4th 2022 10:00am, by Mike Long
Deep Work: A Better Way to Measure Developer Velocity 
Nov 3rd 2022 10:00am, by Nimrod Vered
Service Mesh Demand for Kubernetes Shifts to Security
Oct 27th 2022 11:04am, by B. Cameron Gain
AmeriSave Moved Its Microservices to the Cloud with Traefik's Dynamic Reverse Proxy
Sep 8th 2022 2:02pm, by Ann R. Thryft
Can You Now Safely Remove the Service Mesh Sidecar?
Sep 8th 2022 9:19am, by B. Cameron Gain
eBPF or Not, Sidecars are the Future of the Service Mesh
Aug 12th 2022 10:00am, by William Morgan
My Istiod Pod Can't Communicate with the Kubernetes API Server!
Aug 10th 2022 10:00am, by Lin Sun
Composing a Platform by Patching Crossplane Resources
Nov 17th 2022 2:02pm, by Matthias Lubken
Warning: Config Drift Causes a Painful Death for Developers
Nov 17th 2022 12:02pm, by Susa Tunker
Case Study: How SeatGeek Adopted HashiCorp’s Nomad
Nov 16th 2022 1:07pm, by Heather Joslyn
Deploy Stateful Workloads on Kubernetes with Ondat and FluxCD
Nov 9th 2022 8:51am, by Lewis Edington
Record, Connect and Search DevOps Changes with Kosli
Nov 4th 2022 10:00am, by Mike Long

CI/CD

With continuous delivery, every change made to the system can be released, and any version can be released at any time. Continuous integration is the natural extension of continuous delivery. Continual delivery provides quick feedback on what users care about and aims to make releases boring.

The continuous integration and continuous delivery (CI/CD) method are transforming DevOps. Even if each step of the software development lifecycle can be carried out manually, CI/CD automates the stages in software development and deployment.

Continuous Integration (CI)

Continuous integration is the process of merging code (updates or existing features) with an existing codebase (software tool or product, for example). CI is a development practice where developers merge code in a central repository several times daily.

In CI, each line of code added to the codebase triggers a sequence in a CI/CD pipeline, generating feedback for developers. This process allows improvements to be made quickly and easily.

Continuous Delivery (CD)

CD is an attempt to speed up and automate deployments. An operator can push out multiple deployments in a week across numerous services and know the exact condition of the applications and infrastructure in the course of the deployments.

“Continuous delivery is the natural extension of continuous integration, an approach in which teams ensure that every change to the system is releasable, and release any version with the push of a button. Continuous delivery aims to make releases boring so that we can deliver frequently and get quick feedback on what users care about.” — Thought Works

How Platform Engineering Helps Manage Innovation Responsibly

The Focus of a CI/CD Pipeline

To run a CI/CD pipeline successfully, organizations should outline goals that guide developers’ approaches and processes. While each pipeline is unique, it should reflect some overarching goals.

Here are some results that should be the focus of the pipeline:

Quick Fixes and Improvements in Subsequent Updates

CI/CD automation automatically allows code changes to reflect in end users’ software. CI/CD pipelines should prioritize quick fixes and improvements to existing code to improve software quality and user experience.

Push Button Deployments

Continuous delivery requires a “state” machine, which is not provided by CI tools. CD tools, such as Spinnaker, can take an environment from one state to the next until it makes it to production. The machine will move the environment, such as Docker containers, through to production in an automated fashion. It will even be able to do rollbacks, canary deployments, and scaling instances.

This process allows for the agile, push-button, automated deployments that an ideal CD mindset drives towards. Such pipelines are at the core of CD capabilities because they orchestrate a repeatable deployment over stages.

Fast and Frequent Software Releases

One of the higher-level achievements in a DevOps transformation is continuous delivery. Focusing on software releases in a CI/CD pipeline is a cultural shift for companies because it involves organizational change, too. DevOps transformation means building cross-functional teams with common goals, aligning the organization around the architecture, and creating a culture of continuous improvement.

Three Ways CI/CD Adoption Can Benefit Your DevOps Team

The Structure of an Effective CI/CD Workflow

The process for achieving CI/CD goals has been broken down into six stages. The goal is to ensure that new and runnable code is fit for use before it’s sent out to end users.

Most unique and effective pipelines mirror the following structure:

Each new pipeline run is triggered by a change in the source code repository. An update or variation to the existing code — such as automated workflows or results from a previous pipeline run — begins the CI/CD process.

In this stage, runnable instances of code that could potentially be deployed to end-users are created. This is done through a combination of source code and its dependencies. Code not passing this stage indicates a problem with the project’s configuration and should receive immediate attention.

Automated tests are run on the code to determine its accuracy. These tests, created by software developers, are required to meet certain standards. Multiple tests at this stage would detect bugs or other problems developers do not foresee. The test could take minutes or several hours, depending on its complexity. Code that does not successfully pass this test stage instantly notifies the development team that adjustments must be made. After the code is tested and considered runnable, it’s delivered to the repository.

Deploy. Once the code passes all predefined tests, the runnable code in the repository is deployed into different environments, such as a staging environment for the internal team and a production environment for end-users.

Validation and Compliance. Organizational needs determine what takes place in validation and compliance. For example, image security scanning tools ensure image quality and match them against known vulnerabilities.

The Approach to Cloud Native CI/CD Tools Is Changing

An increasing focus on continuous delivery (CD) has brought new tools and practices that allow teams to produce frequent, fast, and boring automated releases. Cloud-native CI/CD requires a deeper understanding of DevOps practices and how they affect the way organizations deploy and manage workloads using containers, microservices, and serverless functions.

A new approach to continuous integration and continuous delivery (CI/CD) is emerging for cloud-native architectures. With cloud-native architectures, complexity is shifting away from the building and assembly of the code to orchestrating releases. Build tools such as Travis CI and Jenkins are starting to commoditize and become much simpler.

As more organizations get comfortable with building custom code using containers and other immutable constructs, they spend fewer cycles on building that code and shift into solving the problems of orchestrated releases.

Impact of Kubernetes CI/CD

Kubernetes, the open source container orchestrator, makes CD easier to execute with tools, modularity, and immutable infrastructure. Kubernetes simplifies the deployment and monitoring of microservices. It helps define a container deployment and manage instances but leaves it up to the user to automate those deployments into environments.

Here are some proven practices for improving Kubernetes CI/CD:

Implementing Blue-Green Deployment Strategy. Similar to preparing for emergencies, this strategy involves a pattern that creates an additional set of production instances to existing instances for quick switching in case of failure or downtime. The blue represents the staging environment, while the green represents the production environment.

Leveraging Git-Based Workflows. CI/CD pipelines should be activated through GitOps. This ensures that changes and source code in the pipeline are stored in a unified source repository for easy correction and deployment.

Testing and Scanning New Container Images. Testing and scanning container images every time a new image is created can handle vulnerabilities such as configuration issues introduced with new builds. It also ensures that commands are working properly.

Challenges with the CI/CD Framework

As much as the CI/CD process is evolving, it is not without challenges. Some difficulties faced include:

Version Control. The CI/CD model requires the creation of versions from the source code repository to ensure continuity. Managing these variations can be difficult because of the number of changes made.

Faulty Tests. As new code is written, developers are expected to write multiple tests to determine the accuracy and behavior of products. If the right tests aren’t administered, developers may receive faulty feedback loops, which could affect the end product entirely.

Security Breaches. Concerns have been raised about the security of the CI/CD process in the development, integration, and deployment phases. Software developers are urged to develop security measures alongside the code writing process and not at the end of the cycle.

CI/CD practices are constantly getting refined. Learn more about CI/CD trends, new approaches, and the opinions of industry experts through The New Stack articles in this category.

READ MORE
More recent stories
PODCASTS & VIDEOS
Thumbnail image for Case Study: How SeatGeek Adopted HashiCorp’s Nomad
Case Study: How SeatGeek Adopted HashiCorp’s Nomad
Thumbnail image for OpenTelemetry Properly Explained and Demoed
OpenTelemetry Properly Explained and Demoed
Thumbnail image for The Latest Milestones on WebAssembly’s Road to Maturity
The Latest Milestones on WebAssembly's Road to Maturity
Thumbnail image for Zero Trust Security and the HashiCorp Cloud Platform
Zero Trust Security and the HashiCorp Cloud Platform
Thumbnail image for How Do We Protect the Software Supply Chain?
How Do We Protect the Software Supply Chain?
Thumbnail image for Ukraine Has a Bright Future
Ukraine Has a Bright Future
Thumbnail image for Redis Is Not Just a Cache
Redis Is Not Just a Cache
Thumbnail image for Case Study: How BOK Financial Managed Its Cloud Migration
Case Study: How BOK Financial Managed Its Cloud Migration
Thumbnail image for Devs and Ops: Can This Marriage Be Saved?
Devs and Ops: Can This Marriage Be Saved?
Thumbnail image for Latest Enhancements to HashiCorp Terraform and Terraform Cloud
Latest Enhancements to HashiCorp Terraform and Terraform Cloud
Thumbnail image for How ScyllaDB Helped an AdTech Company Focus on Core Business
How ScyllaDB Helped an AdTech Company Focus on Core Business
Thumbnail image for Terraform’s Best Practices and Pitfalls
Terraform's Best Practices and Pitfalls
Thumbnail image for How Can Open Source Help Fight Climate Change?
How Can Open Source Help Fight Climate Change?
Thumbnail image for KubeCon+CloudNativeCon 2022 Rolls into Detroit
KubeCon+CloudNativeCon 2022 Rolls into Detroit
Thumbnail image for Armon Dadgar on HashiCorp’s Practitioner Approach
Armon Dadgar on HashiCorp's Practitioner Approach
Thumbnail image for Making Europe’s ‘Romantic’ Open Source World More Practical
Making Europe’s ‘Romantic’ Open Source World More Practical
Thumbnail image for After GitHub, Brian Douglas Builds a ‘Saucy’ Startup
After GitHub, Brian Douglas Builds a ‘Saucy’ Startup
Thumbnail image for The AWS Open Source Strategy
The AWS Open Source Strategy
Thumbnail image for Paul Vixie: Story of an Internet Hero
Paul Vixie: Story of an Internet Hero
Thumbnail image for Deno’s Ryan Dahl Is an Asynchronous Guy
Deno's Ryan Dahl Is an Asynchronous Guy
Thumbnail image for How Can Open Source Sustain Itself without Creating Burnout?
How Can Open Source Sustain Itself without Creating Burnout?
Thumbnail image for Charity Majors: Taking an Outsider’s Approach to a Startup
Charity Majors: Taking an Outsider's Approach to a Startup
Thumbnail image for How Idit Levine’s Athletic Past Fueled Solo.io‘s Startup
How Idit Levine’s Athletic Past Fueled Solo.io‘s Startup
Thumbnail image for From DB2 to Real-Time with Aerospike Founder Srini Srinivasan
From DB2 to Real-Time with Aerospike Founder Srini Srinivasan
Thumbnail image for The Stone Ages of Open Source Security
The Stone Ages of Open Source Security
Thumbnail image for Tina Huang: Curating for SRE Through Lessons Learned at Google News
Tina Huang: Curating for SRE Through Lessons Learned at Google News
Thumbnail image for A Technical Founder’s Story: Jake Warner on Cycle.io
A Technical Founder's Story: Jake Warner on Cycle.io
Thumbnail image for Rethinking Web Application Firewalls
Rethinking Web Application Firewalls
Thumbnail image for Passage: A Passwordless Service with Biometrics
Passage: A Passwordless Service with Biometrics