Create a portable DevOps solution that automates the creation and roll out of the platform’s cloud native infrastructure for the AWS Commercial, AWS GovCloud, AWS C2S regions, on-premise VMWare clouds (with Azure capability in the works).
Automate the full lifecycle deployment of the Xacta platform to any Kubernetes clusters within the target cloud environments.
Create a solution that automates the creation of risk management platform artifacts and services as container workloads and deploys to the target Kubernetes clusters.
Reduce the deployment cycles and enable the rapid release of software features and security enhancements.
Oteemo started the engagement with a thorough discovery of the application’s current deployment model and its dependent services. A detailed analysis was performed to gain an understanding of the system architecture, build and deployment process, and the steps involved in creating a deployment artifact. Manual steps and deployment inconsistencies were identiﬁed. Opportunities to change the existing architecture were discussed and documented. Based on the ﬁndings, goals and objectives of Telos’ stakeholders, Oteemo created a strategy and roadmap to implement the cloud native DevOps automation solution. Oteemo and Telos created a dual delivery model and the team’s approach took into consideration all aspects of People, Process, and Technology to ensure successful transformation.
A Deployment Automation Framework was designed to handle the following:
- Installing cloud native resources and services in the target cloud environment
- Conﬁguring these services appropriately to ensure deployment readiness and
- Deploying the Xacta.io application services into the target cloud native environment.
The solution leveraged various tools across the CNCF and cloud ecosystem. Some tools to highlight are: Kubernetes, Docker, Jenkins, Nexus, GitLab, Packer, Ansible, AWX, Terraform, and CloudFormation. AWS managed services used for the deployment include RDS, ECR, ElastiCache, and Elasticsearch. Other services used are Zookeeper, Kafka.
The output of the automated workﬂow provides endpoints for the customer to access and manage: the database (AWS RDS), the monitoring platform (AWS Elasticsearch), and the customer application to be used for managing cybersecurity, governance, risk, and compliance solutions.
The process that starts with no services running in the cloud to having a fully featured web application running on top of a Kubernetes platform in the AWS Commercial and AWS Govcloud environments takes less than 30 minutes.
Due to the nature of air-gapped environments, KOPS was no longer a viable solution for deploying Kubernetes. After assessing the constraints of air-gapped environments and doing necessary research and development, the Oteemo team worked on multiple proof of concepts to analyze and understand the pros and cons of various tools and approaches to provisioning the Kubernetes platform in multiple air-gapped environments. Finally, the team picked Rancher’s RKE Kubernetes platform due to its portability across the various cloud and on-prem environments; its air-gapped solution, security, ease of use, documentation and support among other criteria.
A Nexus repository was created for maintaining Docker images and packages required for the deployment solution. Terraform was introduced for provisioning the infrastructure in each of the cloud environments. Terraform was chosen due to its cross-platform nature with the thought of portability between AWS and other cloud providers because infrastructure automation is a feature that was lost when KOPS was replaced. Oteemo then redesigned the Deployment Automation Framework and developed a solution around Rancher’s RKE Kubernetes provisioning model delivering a single artifact that provides a fully automated deployment of the customer’s application stack across AWS Commercial, AWS GovCloud, C2S/SC2S environments as well as VMware On-premise air-gapped environments.
During this process, our teams also applied security measures for CIS and STIG compliance at both the OS and Docker image levels.
“When we embarked on a journey to modernize our core product, Xacta, to align with Cloud Native and DevSecOps principles and practices, we engaged Oteemo to assist with the design and implementation of the underlying Cloud Native platform to seamlessly deploy the modernized product. We needed a portable solution and standardized model to deploy our product on-premises as well as into any of the major cloud providers (AWS, AWS GovCloud, AWS C2S, Microsoft Azure, etc.)
Oteemo worked with our team from requirements capture and analysis to platform design, migration strategy and roll out of the cloud native platform. They integrated seamlessly with our teams and soon became our trusted partners. Their expertise in DevSecOps, Kubernetes, automation (Ansible, Terraform, etc.), cloud and solutions, coupled with Agile principles, has enabled us to quickly and efﬁciently achieve our product modernization goals. We are very pleased to have Oteemo as a strategic partner in our digital transformation and modernization journey.”
Jeff Schneider | Vice President, Corporate Software Development, Telos
Fully automated portable deployment solution across AWS Commercial, AWS GovCloud, C2S/SC2S and On-premise air-gapped environments running VMware.
Infrastructure-as-code and conﬁguration-as-code practices that allow rapid engineering and enhancements for the future.
CI/CD pipeline that always results in a consistent, secure and compliant deployment artifact.
Monitoring and Analytics solution for monitoring application performance and Kubernetes platform metrics.
Standardized DevOps tooling for a modernized infrastructure and application delivery model.
Agile DevOps Methodologies provide quicker reporting and feedback loops allowing for redirection of design and features when needed.
From zero to fully functioning deployment across target environments: 45-60 minutes.