Red Hat announced a multi-stage alliance to offer customers a greater choice of operating systems to run on Oracle Cloud Infrastructure (OCI).
When infrastructure-as-code (IaC) burst onto the scene in 2006, it was a game-changer. Not only did it redefine the way software engineers and operations thought about the provisioning and maintenance of infrastructure, but it also allowed teams to treat infrastructure like product code — meaning changes were now easy to track, repeatable, iterative, and recoverable. By combining the same tools as any other software project with IaC, developers were able to rapidly deploy applications. Today, IaC is regularly used by DevOps teams.
However, the increasing complexity of things like data center configurations, security requirements, and rapidly changing guidelines means IaC is poised for an overhaul. New technologies and techniques can help solve many of the challenges IaC presents.
IaC Workflow
Today, most enterprises are moving towards cloud-based infrastructure where deployments are 100% software-driven and underlying resources are standardized. The myriad of today's off-the-shelf components and services allow developers to create complex applications that can work at scale either on-prem or in the cloud. While this provides flexibility and agility in terms of application development, the proliferation of these components and services has created a drastic uptick in fragmentation throughout the infrastructure. In other words, they are deploying IaC.
Infrastructure-as-code is the process of managing and provisioning computer data centers through machine-readable definition files, rather than physical hardware configuration or interactive configuration tools. To create a successful IaC workflow, first, you must create the base infrastructure, then build out the platform/application services, conduct application provisioning or CI/CD, and run application monitoring.
Fundamentally, IaC requires DevOps engineers to have a lot of subject matter expertise, in-depth knowledge of security configurations and compliance standards, and the ability to code well. Simply put, IaC has created a unicorn skillset. Developers are not operators and operators are not developers.
While IaC shines at creating the base infrastructure and building out the platform/application services, it is strongly lacking in provisioning, application monitoring, and CI/CD. In other words, DevOps teams' needs have outgrown what IaC can provide.
IaC Needs to Operate at a Higher Level of Abstraction
To meet today's DevOps teams' needs, IaC needs to operate at a higher level of abstraction. To do that, you need the following:
1. Application-centric automation: Application-centric infrastructure configures and displays the entire application ecosystem — allowing administrators to manage a single system for application delivery instead of managing individual servers. It encompasses the virtualization of the data center and incorporates automated load-balancing, on-demand provisioning, and the ability to scale network resources as needed.
2. A rules-based engine: Application-centric automation by itself isn't enough. We need a rules-based engine that can take app-centric information and automatically run the rules to make sure that the software is compliant with the relevant security standards.
3. Self-service with guardrails for developers: Developers want to focus on building applications — not infrastructure. With code automation, developers can ask for secured resources without having to know tons of lower-level details to meet operations or accidentally violating the needed compliance and security requirements.
As you can see, IaC will need to evolve dramatically to meet the needs of today. Already, new technologies such as no-code/low code are addressing many of the shortcomings of IaC. It's only a matter of time before more companies adopt them.
Industry News
Snow Software announced a new global partner program designed to enable partners to support customers as they face complex market challenges around managing cost and mitigating risk, while delivering value more efficiently and effectively with Snow.
Contrast Security announced the launch of its new partner program, the Security Innovation Alliance (SIA), which is a global ecosystem of system integrators (SIs), cloud, channel and technology alliances.
Red Hat introduced new security and compliance capabilities for the Red Hat OpenShift enterprise Kubernetes platform.
Jetpack.io formally launched with Devbox Cloud, a managed service offering for Devbox.
Jellyfish launched Life Cycle Explorer, a new solution that identifies bottlenecks in the life cycle of engineering work to help teams adapt workflow processes and more effectively deliver value to customers.
Checkmarx announced the immediate availability of Supply Chain Threat Intelligence, which delivers detailed threat intelligence on hundreds of thousands of malicious packages, contributor reputation, malicious behavior and more.
Qualys announced its new GovCloud platform along with the achievement of FedRAMP Ready status at the High impact level, from the Federal Risk and Authorization Management Program (FedRAMP).
F5 announced the general availability of F5 NGINXaaS for Azure, an integrated solution co-developed by F5 and Microsoft that empowers enterprises to deliver secure, high-performance applications in the cloud.
Tenable announced Tenable Ventures, a corporate investment program.
Ubuntu Pro, Canonical’s comprehensive subscription for secure open source and compliance, is now generally available.
Mirantis, freeing developers to create their most valuable code, today announced that it has acquired the Santa Clara, California-based Shipa to add automated application discovery, operations, security, and observability to the Lens Kubernetes Platform.
SmartBear has integrated the powerful contract testing capabilities of PactFlow with SwaggerHub.
Venafi introduced TLS Protect for Kubernetes.