In a constantly-changing industry, standing still is not an option. Advancing automation to help organizations further their IT modernization and goals was on full display at ChefConf this week. In this week’s DevOps News, we take a look at Chef Automate 2.0, updates to Habitat, and the new Chef Workstation, all introduced this week at ChefConf.
In a press release, Chef shared the results of a survey in which 72% of respondents from across DevOps, applications and infrastructure said that “time from code to production” and “time from commit to deploy” are the most critical measures of application deployment success. Yet, 60% reported taking days, weeks or months to complete application builds with 56% saying they needed the same amount of time to deploy apps into production. Chef’s new product announcements are designed to directly impact these measures, making DevOps more productive and effective. We agree that this is an important issue to tackle as time to market is one our customers’ most pressing business issues.
AWS Configuration Management
Rebuilt from the ground up, Chef Automate 2, “now provides a single control plane for infrastructure and compliance automation to enable a closed-loop ‘detect, correct, automate’ process to make infrastructure effortless.” We welcome the addition of compliance automation to Chef Automate infrastructure automation to better ensure continuous compliance. Specifically, we are looking forward to Chef Automate’s new:
- Compliance scanning and reporting for AWS configurations,
- Increased ease in managing custom profiles,
- Tools and visualizations that will help operators analyze infrastructure and compliance automation data from a single dashboard,
- Upgraded architecture that will support tens of thousands of nodes from a single installation, and
- Platform API for fine-grained data access control. The new API also makes integrations with tools like Splunk possible.
Chef also released Chef Workstation this past week. In a blog the company describes it as, “everything you need to get started with Chef with a simple one-click installation.” In a nutshell, it enables operators to complete ad-hoc DevOps tasks using Chef capabilities, without agents. Operators can now execute Chef recipes or cookbooks remotely, and Workstation bundles all the tooling previously included in the ChefDK to improve cohesion between tools and create a more seamless experience for infrastructure automation tasks.
AWS Security Partners
We were also happy to see new enhancements to Inspec, Chef’s compliance and security solution. Inspec now includes the ability to verify AWS policies, with more than 10 new AWS resources bringing it to CIS Level 1 benchmark completeness.
AWS Migration Competency Partners
Chef notes that its customers primarily use Habitat for two main scenarios: “lift, shift, and modernize legacy applications into the cloud or containers, and accelerating adoption of containers for new applications as they move into wider deployment of technologies like Kubernetes.”
While Habitat now features an on-prem builder, we are most interested in updated Kubernetes Operator for Habitat for container management, Helm chart exporter, Open Service Broker integration and integration with Splunk for operational analytics.
While application modernization is not a one-size-fits-all exercise, Flux7 has created a series of short papers designed to walk readers through creating a custom approach to their own cloud migration strategy. Sign up for the full series here.
The AWS consulting team here at Flux7 were excited to see this week that Amazon Inspector can now run security assessments on Amazon EC2 instances without adding tags. To set up a security assessment before, our DevOps team would need to add a tag to the instances they wanted to assess, and then enter the tag into an assessment target. Now, it’s simply a matter of choosing the option to include all instances while creating the assessment target. With this update, Amazon Inspector becomes easy to implement and much easier to automatically assess applications for vulnerabilities or deviations from best practices.
Our AWS proserve team was also happy to see that AWS CodeBuild now supports builds for the Microsoft Windows Server platform, including a prepackaged build environment for .NET Core 2.0 on Windows. Providing prepackaged build environments for many supported frameworks to make it easier to get started, you can now select a prepackaged .NET Core for Windows build environment to have CodeBuild build your code. (If your app uses the .NET Framework, you can include the Microsoft proprietary Framework Class Libraries in a custom Docker image.)
DevOps Adoption Series
In case you missed it, the AWS consulting team is in the midst of a DevOps blog series on DevOps adoption, starting with a discussion of what motivates organizations to begin an IT modernization project. Last week we featured DevOps Adoption: Why Every DevOps Pilot Needs a Landing Zone. Subscribe to our DevOps blog to make sure you get the whole series.