DoD Enterprise DevSecOps Reference Design

Unclassified UNCLASSIFIED

DoD Enterprise DevSecOps Reference Design:

CNCF Kubernetes

March 2021 Version 2.0

DISTRIBUTION STATEMENT A. Approved for public release. Distribution is unlimited.

UNCUnLcAlaSssSifIieFdIED

1

Document Set Reference

UNCLASSIFIED

UNCLASSIFIED

2

Document Approvals

UNCLASSIFIED

Approved by:

CHAILLAN.NICOL Digitally signed by CHAILLAN.NICOLAS.MAXIME.

AS.MAXIME.1535 1535056524 0__5_6_5__2_4______________D-0_a4_t'e0_:02_' 0_2_1._0_5._04__10_:_28_:3_7____

Nicolas Chaillan Chief Software Officer, Department of Defense, United States Air Force, SAF/AQ

UNCLASSIFIED

3

UNCLASSIFIED

Trademark Information

Names, products, and services referenced within this document may be the trade names, trademarks, or service marks of their respective owners. References to commercial vendors and their products or services are provided strictly as a convenience to our readers, and do not constitute or imply endorsement by the Department of any non-Federal entity, event, product, service, or enterprise.

UNCLASSIFIED

4

UNCLASSIFIED

Contents

1 Introduction .......................................................................................................................... 7 1.1 Background................................................................................................................... 7 1.2 Purpose .......................................................................................................................... 7 1.3 DevSecOps Compatibility ......................................................................................... 8 1.4 Scope .............................................................................................................................. 8 1.5 Document Overview ................................................................................................... 9 1.6 What's New in Version 2............................................................................................ 9

2 Assumptions and Principles ......................................................................................... 10 3 Software Factory Interconnects ................................................................................... 10

3.1 Cloud Native Access Points ................................................................................... 11 3.2 CNCF Certified Kubernetes .................................................................................... 11 3.3 Locally Centralized Artifact Repository .............................................................. 12 3.4 Sidecar Container Security Stack (SCSS) .......................................................... 13 3.5 Service Mesh .............................................................................................................. 16 4 Software Factory K8s Reference Design ................................................................... 17 4.1 Containerized Software Factory ............................................................................ 18 4.2 Hosting Environment ............................................................................................... 20 4.3 Container Orchestration .......................................................................................... 20 5 Additional Tools and Activities..................................................................................... 22 5.1 Additional Deployment Types................................................................................ 29

5.1.1 Blue/Green Deployments .................................................................................... 29 5.1.2 Canary Deployments ........................................................................................... 29 5.1.3 Rolling Deployments ............................................................................................ 29 5.1.4 Continuous Deployments .................................................................................... 30 5.2 Continuous Monitoring in K8s............................................................................... 30 5.2.1 CSP Managed Services for Continuous Monitoring ....................................... 31

UNCLASSIFIED

5

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.