IT Operations functions as a service support group extension to development and testing groups to ensure the systems, services, and infrastructure work reliably and securely. These functions are integrated with agile development lifecycle to automate the whole setup with varies tools, practices and process such as Version tools for everything from development to production artifacts, Continuous integration and Deployment, Automated Acceptance testing, Peer Review of production changes and Pro-active monitoring of production environment

Build

  • Automation of builds for projects such as Java, Android, IOS, CPP, DotNet, C++ using Maven, Gradle, and XCode builds, .Netcompiler, ant, and native builds tools.

  • Local Maven & NPM repository for caching the libraries and store the project artifacts for varies environment deployments.

  • Nightly builds for Sonar

  • Continuous Builds for every Pull requests, Multi branches

  • Enable the Alert Notifications

  • Security and Quality Check

  • Checks on Git Workflow

  • Integrate with Configuration Management Tools

  • Release Approvals

  • Regular reports and support

  • Update Versioning mechanism to record with-in the artifacts

  • Use of Vagrants and Dockerization to isolate builds and easy deployment wherever possible

  • Process and Procedures

Deploy

  • Automation scripts of Jenkins and Docker registry for deployments

  • Deploy the application to Application server using Ansible

  • Integration of Nexus repository, Ansible with Jenkins

  • Controlled access to relevant application code for development

Infrastructure

Infrastructure setup automation (IAC-CICD) to maximum possibility, repeatable and reusable scripts using cloud agnostic suite of tools to bring end to end business applications to move the product from Development to Production

Datacenter

  • Create the 3-tier infrastructure required for the application

  • Docker and Kubernetes environments for the microservices

  • NAC between the Prod and Alternate sites

  • Real-time replication between Prod and Alternate site Databases

  • Master slave configuration for Databases in Production site

  • Enable WAF/Load balancer between the application servers and

  • High Availability for the application by maintaining minimum 2 application servers

  • Auto scaling pods in kubernetes based on the CPU utilization during peak hours

  • Backup of logs in Tape storage in Datacenter

  • Logs Parsing using ELK setup

  • Monitor the infrastructure using Zabbix, Cadvisor, Prometheus, Grafana

  • Nexus repository to store Docker images and artifacts

AWS

  • Creation of separate VPC for Application and Maintenance

  • Provide private subnet for application

  • Enable NAT gateway for private subnets

  • Creation of Route table with internet gateway and NAT gateways

  • Creation of Application or Network load balancer based on the requirement

  • Enable RDS for Database

  • Providing EC2 instance or Fargate Docker or ECK based on requirement

  • Creation of infrastructure on the fly using cloud formation scripts

  • Auto deployment of application using Codepipelines, Codebuild, Code deploy

  • High Availability for the application by maintaining minimum 2 application servers

  • Auto scaling pods in kubernetes based on the CPU utilization during peak hours

  • VPC peering between application VPC and Maintenance VPC

  • Monitor the servers using CloudWatch

  • Logs Parsing using Elastisearch, firehose, Kibana setup

  • Lambda script to create the patterns in Logs

  • Monitor the application using x-ray

  • Enable MFA for the AWS console and servers

  • Creation of ECR for storing the Docker images

  • Codestar connection between AWS and Bitbucket

  • S3 bucket to store the logs

  • Sending alerts to the stakeholders using SNS

AWS configuration

  • Automate the complete infrastructure and CICD activities to maximum possibility such it IAC-CICD automation scripts are repeatable and reusable

  • Setting up the infrastructure with Cloud formation and CLI scripts

  • Codestar connection to integrate Bitbucket with AWS

  • Cloud Build with buildspec files for building the application and Cloud Deploy with appspec files to deploy the application to Application servers

  • Start-up script files to automate the configurations for the application and to start the application process

  • Lambda server less function scripts to parse the logs to Kibana dashboard to view the application logs spread across multiple High availability servers

  • Validation of infrastructure to organisation security compliance framework with Python scripts included as part of CI_CD Pipeline

  • Dockerfile or Task definition script to create Dockers in AWS and Scripts required to setup the application in Kubernetes

Security

  • Enable IP tables in Application servers and DB servers

  • Giving separate IP ranges for Application and DB servers

  • Enable WAF at load balancer

  • Multi Factor Authentication to Application servers

  • TLS certification for the application

  • Role based access to Databases

  • Health checks are enabled at load balancer

  • Enable required ports and IPs in load balancer

  • AWS configuration changes are logged in CloudTrail

  • Using IAM provide Role based access to AWS console

  • Multifactor authentication to AWS console

  • Creation of application and DB servers in private subnet in AWS

  • Create bucket policies to S3 bucket to restrict access to S3 buckets

  • Creation of separate VPCs for application and Maintenance

  • Certification of infrastructure

  • Setup the infrastructure and Do infrastructure validation with native-python script to check the compliance as per organisation framework

  • Do access with external auditors to assess Infrastructure for Compliance and co-ordinate with internal team for resolution and provide evidences on the closure for the audit report for compliance

HSM setup

  • Setup single and multi-partition slot on HSM Hardware

  • Creation of Group Partitions on HSM Hardware

  • Setup and configuration of Clavium HSM, Soft HSM and Thales

  • Scripting

  • Creation of start-up scripts for starting the application

  • Docker file to create Dockers for the application

  • Creation of shell script to automate the CICD process

  • Extracting the reports from various Monitoring tools like Elastic search, CloudWatch, Application logs, Application performance monitoring, network and system audit log

CI-CD Automation

  • Jenkins groovy script to integrate the repository, build tools, Nexus repository and Applications servers

  • Ansible playbooks to deploy application to Application servers

  • Automation scripts to make Continuous deployment to Dev, QA, Perf, environments

  • Automation scripts to make Continuous integration to Prod environments, and deployment to Prod env with required approvals from all the stake holders

Pipeline for each module of the micro services

For detailed information visit Read more..

For more information please contact us at info@girmiti.com

 

 

 

Contact Us