Modal Title
Cloud Native Ecosystem Containers Edge Computing Microservices Networking Serverless Storage
Digital Anarchy: Abolishing State
Mar 23rd 2023 6:32am, by Tim Banks
A Is for OpenStack Antelope
Mar 22nd 2023 7:41am, by Steven J. Vaughan-Nichols
Grab a Snapshot of Your Container Image with Checkpoint
Mar 11th 2023 6:00am, by Jack Wallen
How to Identify Your Wasteful Processes
Mar 6th 2023 7:00am, by Sean Scott
5 Things to Consider When Building a Kubernetes Platform
Mar 2nd 2023 10:00am, by Ram Iyengar
Check for Container Image Vulnerabilities with Trivy
Mar 18th 2023 6:00am, by Jack Wallen
Grab a Snapshot of Your Container Image with Checkpoint
Mar 11th 2023 6:00am, by Jack Wallen
How to Work with Containers in TrueNAS
Mar 4th 2023 6:00am, by Jack Wallen
From a Fan: On the Ascendance of PostgreSQL
Mar 3rd 2023 7:12am, by Josh Long
Analyst Report: What CTOs Must Know about Kubernetes and Containers 
Feb 28th 2023 6:14am, by Jess Lulka
Rich Harris Talks SvelteKit and What’s Next for Svelte
Mar 20th 2023 3:00am, by Loraine Lawson
The Distance from Data to You in Edge Computing
Mar 19th 2023 6:00am, by Paul Scanlon
7 Hardware Devices for Edge Computing Projects in 2023
Mar 15th 2023 6:42am, by Charles Mahler
The Need for Speed: Why Eleventy Leaves Bundlers Behind
Mar 10th 2023 8:18am, by Loraine Lawson
What the Heck Is the Edge — and Why Should You Care?
Mar 8th 2023 10:00am, by Glauber Costa
What Is Microservices Architecture?
Feb 23rd 2023 4:22am, by Eric Schabell
Java's History Could Point the Way for WebAssembly
Jan 12th 2023 3:00am, by B. Cameron Gain
Limiting the Deployment Blast Radius
Nov 15th 2022 8:14am, by Steven Lohrenz
Do ... or Do Not: Why Yoda Never Used Microservices
Oct 25th 2022 6:00am, by Samar Abbas
The Gateway API Is in the Firing Line of the Service Mesh Wars 
Oct 17th 2022 7:00am, by B. Cameron Gain
JWTs: Connecting the Dots: Why, When and How
Mar 20th 2023 7:10am, by Michal Trojanowski
Palo Alto Networks Adds AI to Automate SASE Admin Operations
Mar 17th 2023 6:00am, by Chris J. Preimesberger
TrueNAS SCALE Network Attached Storage Meets High Demand
Mar 2nd 2023 7:13am, by Jack Wallen
How Secure Is Your API Gateway?
Feb 28th 2023 5:16am, by Andrew Stiefel
Bullet-Proofing Your 5G Security Plan
Feb 24th 2023 7:24am, by Anand Oswal
Serverless WebAssembly for Browser Developers
Mar 22nd 2023 12:26pm, by Matt Butcher
ScyllaDB’s Incremental Changes: Just the Tip of the Iceberg
Mar 20th 2023 9:29am, by George Anadiotis
TriggerMesh: Open Sourcing Event-Driven Applications
Mar 13th 2023 12:14pm, by Jessica Wachtel
Ably Touts Real-Time Starter Kits for Vercel and Netlify
Mar 8th 2023 10:56am, by Loraine Lawson
Going Serverless on AWS Lambda? Recognize Potential Risks 
Mar 6th 2023 5:00am, by Sarabjeet Chugh
The Economics of Database Operations
Mar 23rd 2023 8:25am, by John Page
Digital Anarchy: Abolishing State
Mar 23rd 2023 6:32am, by Tim Banks
ScyllaDB’s Incremental Changes: Just the Tip of the Iceberg
Mar 20th 2023 9:29am, by George Anadiotis
Historical Data and Streaming: Friends, Not Foes
Mar 20th 2023 4:00am, by Michael Drogalis
Bosch IoT and the Importance of Application-Driven Analytics
Mar 9th 2023 8:30am, by Jay Runkel
Frontend Development Software Development Typescript WebAssembly Cloud Services Data Machine Learning Security
Toolkit Allows JavaScript Devs to Program Embedded Devices
Mar 23rd 2023 11:06am, by Loraine Lawson
Stopping AI Hallucinations for Enterprise Is Key for Vectara
Mar 23rd 2023 4:00am, by Richard MacManus
Vercel Brings Logging, Monitoring to Its Observability Suite
Mar 22nd 2023 3:00am, by Jessica Wachtel
JavaScript Library Lets Devs Add AI Capabilities to Web
Mar 20th 2023 10:32am, by Loraine Lawson
Rich Harris Talks SvelteKit and What’s Next for Svelte
Mar 20th 2023 3:00am, by Loraine Lawson
Toolkit Allows JavaScript Devs to Program Embedded Devices
Mar 23rd 2023 11:06am, by Loraine Lawson
5 Myths about Puppet
Mar 23rd 2023 10:18am, by Jain Waldrip
The Economics of Database Operations
Mar 23rd 2023 8:25am, by John Page
Digital Anarchy: Abolishing State
Mar 23rd 2023 6:32am, by Tim Banks
Serverless WebAssembly for Browser Developers
Mar 22nd 2023 12:26pm, by Matt Butcher
JavaScript or WebAssembly: Which Is More Energy Efficient and Faster?
Jan 30th 2023 9:51am, by Loraine Lawson
What TypeScript Brings to Node.js
Dec 26th 2022 3:00am, by Paul Ferrill
Improve your TypeScript Skills with Type Challenges
Nov 11th 2022 3:00am, by Danni White
TypeScript on Mars: How HubSpot Brought TypeScript to Its Product Engineers
Aug 19th 2022 10:00am, by George Kemp and Duncan Walter
PayPal Enhances JavaScript SDK with TypeScript Type Definitions
Aug 17th 2022 12:38pm, by Jessica Wachtel
VMware and Other Wasm Players Want WebAssembly 
Mar 23rd 2023 8:52am, by B. Cameron Gain
Serverless WebAssembly for Browser Developers
Mar 22nd 2023 12:26pm, by Matt Butcher
MIT-Created Compiler Speeds up Python Code
Mar 14th 2023 11:38am, by Loraine Lawson
Can WebAssembly Solve Serverless's Problems?
Mar 3rd 2023 5:13am, by B. Cameron Gain
Figma Targets Developers While it Waits for Adobe Deal News
Feb 27th 2023 9:42am, by Richard MacManus
Unlock the Next Wave of Machine Learning with the Hybrid Cloud
Mar 22nd 2023 10:00am, by Kjell Carlsson
Getting the Most from Kubernetes Autoscaling
Mar 21st 2023 7:06am, by Brian Likosar
ScyllaDB Challenges DynamoDB on Latency and Pricing
Mar 20th 2023 9:00am, by Jessica Wachtel
Multiple Vendors Make Data and Analytics Ubiquitous
Mar 20th 2023 5:00am, by Andrew Brust
Let’s Talk about Cloud Threat Hunting 
Mar 16th 2023 7:33am, by Guilherme (Gui) Alvarenga
The Economics of Database Operations
Mar 23rd 2023 8:25am, by John Page
Stopping AI Hallucinations for Enterprise Is Key for Vectara
Mar 23rd 2023 4:00am, by Richard MacManus
Get More out of Machine Learning with Data Preprocessing
Mar 21st 2023 5:00am, by Alexander T. Williams
JavaScript Library Lets Devs Add AI Capabilities to Web
Mar 20th 2023 10:32am, by Loraine Lawson
ScyllaDB’s Incremental Changes: Just the Tip of the Iceberg
Mar 20th 2023 9:29am, by George Anadiotis
Nvidia Hones in on Apple-Like Approach to AI with CUDA
Mar 23rd 2023 7:34am, by Agam Shah
Stopping AI Hallucinations for Enterprise Is Key for Vectara
Mar 23rd 2023 4:00am, by Richard MacManus
Unlock the Next Wave of Machine Learning with the Hybrid Cloud
Mar 22nd 2023 10:00am, by Kjell Carlsson
Get More out of Machine Learning with Data Preprocessing
Mar 21st 2023 5:00am, by Alexander T. Williams
Multiple Vendors Make Data and Analytics Ubiquitous
Mar 20th 2023 5:00am, by Andrew Brust
How 2 Founders Sold Their Startup to Aqua Security in a Year
Mar 22nd 2023 1:42pm, by Heather Joslyn
Cloud Malware: Types of Attacks and How to Defend Against Them
Mar 22nd 2023 10:13am, by Faith Kilonzi
Build Software Supply Chain Trust with a DevSecOps Platform
Mar 21st 2023 8:23am, by Diego Lapiduz
JWTs: Connecting the Dots: Why, When and How
Mar 20th 2023 7:10am, by Michal Trojanowski
Check for Container Image Vulnerabilities with Trivy
Mar 18th 2023 6:00am, by Jack Wallen
Platform Engineering Operations CI/CD Tech Life DevOps Kubernetes Observability Service Mesh
Build Software Supply Chain Trust with a DevSecOps Platform
Mar 21st 2023 8:23am, by Diego Lapiduz
Simplify CI/CD with a General-Purpose Software Catalog
Mar 14th 2023 6:24am, by Zohar Einy
Enabling DevOps Control for Those Who Need It Most — Developers
Mar 13th 2023 6:46am, by Venkat Thiruvengadam
Setting Kubernetes Standards with Platform Engineering
Mar 10th 2023 7:39am, by Zohar Einy
Which Features Does Your Platform Engineering Portal Need?
Mar 7th 2023 4:00am, by B. Cameron Gain
5 Myths about Puppet
Mar 23rd 2023 10:18am, by Jain Waldrip
LinkedIn Unifies Stream and Batch Processing with Apache Beam
Mar 23rd 2023 8:00am, by Jessica Wachtel
Observability — Freeing Your Load Tests from the Black Box
Mar 22nd 2023 8:26am, by Ken Hamric
Reducing the Cognitive Load Associated with Observability
Mar 22nd 2023 6:44am, by Alex Gervais
Is Your Incident Response Better Than an Energy Company’s?
Mar 21st 2023 9:04am, by Paige Cruz
How 2 Founders Sold Their Startup to Aqua Security in a Year
Mar 22nd 2023 1:42pm, by Heather Joslyn
Simplify CI/CD with a General-Purpose Software Catalog
Mar 14th 2023 6:24am, by Zohar Einy
IBM Donates SBOM Code to OWASP
Mar 7th 2023 7:51am, by Steven J. Vaughan-Nichols
Slim.AI: Automating Vulnerability Remediation for a Shift-Left World
Feb 21st 2023 10:00am, by John Amaral
DevPod: Uber's MonoRepo-Based Remote Development Platform
Jan 26th 2023 3:00am, by Jessica Wachtel
How 2 Founders Sold Their Startup to Aqua Security in a Year
Mar 22nd 2023 1:42pm, by Heather Joslyn
Stephen Thaler Claims He's Built a Sentient AI
Mar 16th 2023 8:10am, by David Cassel
How Tech Leaders Are Managing Anxieties after SVB Failure
Mar 15th 2023 10:59am, by Heather Joslyn and Colleen Coll
Chatops: Where Automation, Collaboration and DevOps Culture Meet
Mar 15th 2023 8:19am, by Blair Rampling
What We Can Learn from Twitter's Outages
Mar 13th 2023 9:00am, by Jennifer Riggins
Historical Data and Streaming: Friends, Not Foes
Mar 20th 2023 4:00am, by Michael Drogalis
Defining DORA-Like Metrics for Security Engineering
Mar 17th 2023 9:00am, by Daniel Koch
Chatops: Where Automation, Collaboration and DevOps Culture Meet
Mar 15th 2023 8:19am, by Blair Rampling
Build Machine Learning Apps in Your Notebook with Tecton
Mar 15th 2023 6:00am, by Richard MacManus
Is Cluster API Really the Future of Kubernetes Deployment?
Mar 14th 2023 10:00am, by Steve Francis
A Is for OpenStack Antelope
Mar 22nd 2023 7:41am, by Steven J. Vaughan-Nichols
Getting the Most from Kubernetes Autoscaling
Mar 21st 2023 7:06am, by Brian Likosar
Is Cluster API Really the Future of Kubernetes Deployment?
Mar 14th 2023 10:00am, by Steve Francis
Can WebAssembly Solve Serverless's Problems?
Mar 3rd 2023 5:13am, by B. Cameron Gain
5 Things to Consider When Building a Kubernetes Platform
Mar 2nd 2023 10:00am, by Ram Iyengar
Reducing the Cognitive Load Associated with Observability
Mar 22nd 2023 6:44am, by Alex Gervais
Vercel Brings Logging, Monitoring to Its Observability Suite
Mar 22nd 2023 3:00am, by Jessica Wachtel
Is Your Incident Response Better Than an Energy Company’s?
Mar 21st 2023 9:04am, by Paige Cruz
Why Audit Logs Are Important
Mar 16th 2023 8:34am, by James Walker
5 Steps to Effective Cloud Detection and Response 
Mar 15th 2023 10:30am, by Faith Kilonzi
Ambient Mesh: Sidestepping the Sidecar
Mar 1st 2023 8:44am, by Jeff Goldman
Service Mesh Demand for Kubernetes Shifts to Security
Oct 27th 2022 11:04am, by B. Cameron Gain
AmeriSave Moved Its Microservices to the Cloud with Traefik's Dynamic Reverse Proxy
Sep 8th 2022 2:02pm, by Ann R. Thryft
Can You Now Safely Remove the Service Mesh Sidecar?
Sep 8th 2022 9:19am, by B. Cameron Gain
eBPF or Not, Sidecars are the Future of the Service Mesh
Aug 12th 2022 10:00am, by William Morgan
CI/CD

CI/CD for Networking: Adopting DevOps Principles for a More Robust Network

Dec 6th, 2018 3:00am by
Featued image for: CI/CD for Networking: Adopting DevOps Principles for a More Robust Network

Glenn Sullivan
Glenn Sullivan co-founded SnapRoute in 2015, where he is responsible for product direction by advocating for the end-user. Prior to founding SnapRoute, Sullivan was responsible for building out hyperscale data center environments at Apple. In addition to core network operational functions, Sullivan led efforts to automate the lifecycle management of various platforms in a multivendor environment. Before Apple, Sullivan was a specialist support engineer on the LAN Switching team in Cisco TAC. While there, his specialty was in turning around customer sentiment by focusing on escalated issues and transforming the customer experience into a positive one. Sullivan has a BS in Network and Systems Administration from RIT (Rochester Institute of Technology).

Since early 2017 the term CI/CD has been steadily gaining popularity to describe the philosophy of software development which dictates the use of test-driven infrastructure to constantly improve the code base with continual integration of enhancements — based on feedback from both users and the system alike. This process of Continuous Integration and Continuous Deployment (or if you prefer, Delivery) has become the de facto standard for software development and has also been co-opted by a growing number of organizations as a way to implement “infrastructure as code” — using software development principles to manage their systems and compute environments.

This adoption of CI/CD by DevOps-minded organizations has led to more flexible, secure and agile infrastructure with new features and functionality being constantly deployed and improved upon. With these architectures in place, the compute and storage pieces of the environment have benefited from the rapid deployment and constant improvement that CI/CD mandates. The missing piece that still remains unaddressed is the network. Built upon legacy, monolithic architectures — the Network Operating System (NOS), as it exists today, is not able to take advantage of CI/CD philosophies. What is needed is a new NOS architecture that is built upon core cloud-native principles of microservices and containerization to enable CI/CD methods for networking.

Learning from DevOps

On the compute side of the house, operators have understood the importance of on-demand adaptability and evolution for quite some time. CI/CD has become a popular term with the rise of tools like Jenkins, Travis CI, and services such as Codefresh. These tools and services are driven by a common goal — give developers a way to quickly deploy safe and well-tested improvements to applications.  For those on the outside looking in (i.e. network operators), it may not be immediately clear what the driving force is for these toolchains — keeping the infrastructure current and fresh.

Application infrastructure is not seen as something that is treated in a “one and done” fashion. As with any infrastructure (technical and non-technical alike) — it’s important to develop a process for continuously building upon and improving it. Take, for instance, a well-traveled interstate highway — if the road is simply paved and not maintained, it will quickly fall into disrepair, with unreadable markings, overpass failures and dangerous potholes. When it comes time to repair these backlogged issues, it becomes costly, complicated and potentially dangerous. The same is true with application infrastructure — without a process in place to continuously and safely deploy improvements, these environments quickly devolve into a hodgepodge of deployed software versions, tools and security patches. This leads to a fragile infrastructure that requires complicated maintenance windows that often result in application downtime, on purpose or by mistake.

It Takes a Village

Embracing the necessary cultural changes an organization must make is just as critical as vaulting the technical hurdles necessary to build a CI/CD pipeline. The biggest opponent that needs to be defeated, across the board, is the fear to change and subsequently the inertia this creates. This stagnation surrounding infrastructure change is understandable, most teams are rewarded by uptime and stability — not agility. Incentivizing teams in this way leads to a culture of “no” — as anything new is seen as something new to break (and might affect the precious uptime metric).

This culture covers the spectrum of restraint that is expressed by teams when managing a network — from the understandable hesitation by a single engineer to push a simple change to production to the crushing paralysis that is experienced by an entire team with the mystical aurora that surrounds the semi-annual maintenance windows or change freezes. Conquering the fear for change is the first step in developing a successful CI/CD structure — no matter which part of the infrastructure it is being applied to. With CI/CD, things will (and must) change on a constant and regular basis — without any hesitation from concern that the halcyon status of the production environment will be disrupted. Things break, figure it out quickly, fix it and then move on. When teams embrace the cultural aspects of CI/CD — post mortems are transformed from a witch hunt for who caused the outage to a set of action plans to improve the process and ensure that the root cause of the outage never occurs again. These action plans are then integrated directly into the CI/CD pipeline ensuring this case is tested and verified for all future deployments.

The Opportunity for the Network

Looking at how DevOps has applied the technical and cultural aspects of CI/CD yields some practical applications for operators managing the network. Yes, network engineers are limited by the capabilities of appliance-like Network Operating Systems available today. In a DevOps focused Cloud Native Network OS — with all protocols and management functions built as microservices with immutable containers — network operators can natively leverage the capabilities of CI/CD.  With the NOS built of containerized microservices, operators can deploy only the features they need, reducing complexity and security attack vectors, upgrade components during production with no fear of disrupting other services, and use cloud native tools such as Kubernetes to natively manage these network services. Until a NOS embracing these architectural advantages is available, there are some steps that operators can take to improve the network and benefit from some of the core concepts of CI/CD for Networking:

  • Establish and document clear roles and responsibilities for each team — having a well-defined scope of ownership for each piece of infrastructure is key to building automation and CI/CD pipelines.
  • Identify the network changes that are manual, repetitive and don’t require peer review to push into production (think VLAN changes, bringing up/down host interfaces, etc.) and allow the ops team to make those changes during the day, without a formal change request. These are the changes that will be automated away as you progress down your CI/CD journey.
  • Change the typical time of maintenance windows from the middle of the night — to the middle of the day. Changes shouldn’t happen when key staff needs to be paged in to respond to an issue — they should happen during normal business hours when everyone is at their sharpest and is collocated to facilitate collaboration and quick troubleshooting.
  • Your network infrastructure isn’t sacred and it shouldn’t be treated as such — changes and failures are going to happen. We need policy and procedures in place to ensure they occur as often as is necessary to drive the business needs. Force change to happen by rebooting key devices weeks before your busiest time of year.  Stop embracing a device’s uptime as the ultimate measure of stability.
  • Stay current with security patches and upgrades to resolve vulnerabilities. If you are on a once-a-year upgrade cycle (or longer) — get it down to every three months or less. Compute teams don’t sweat upgrades, because they do it often, as well as test and validate them prior to rolling them out — to build a culture of change. Maintenance is like a muscle — the more you use it, the stronger it gets.
  • Start small with rolling constant configuration changes and build upon the easy wins. If your compliance requires quarterly local password changes — perform these changes, monthly and on a continuous basis — instead of letting them stagnate, fall behind, and build up more security tech debt. Establishing a cadence of constant rolling changes is crucial to establishing a good CI/CD pipeline.

Feature image via Pixabay.

Group Created with Sketch.
SHARE THIS STORY
RELATED STORIES
Top 5 Considerations for Better Security in Your CI/CD Pipeline IBM Donates SBOM Code to OWASP A Look at Kubernetes Deployment EngFlow Harnesses Google Bazel for Faster Monorepo Builds How Yarn Workspaces Accelerated LinkedIn Code Delivery
RELATED STORIES
An Inside Look at What GitLab’s Web IDE Offers Developers Slim.AI: Automating Vulnerability Remediation for a Shift-Left World DevPod: Uber's MonoRepo-Based Remote Development Platform Building a To-Do App using GitHub Actions, Playwright, Next.js Simplify CI/CD with a General-Purpose Software Catalog
THE NEW STACK UPDATE A newsletter digest of the week’s most important stories & analyses.