Final Project
Project evaluation criteria
Your projects would be evaluated according to the below list, in order of priority:
- Showcasing a live, working demo of your work.
- Applying DevOps practices - containerized applications, app deployed to k8s, CI/CD pipeline, IaC, usage of cloud resources.
- Demonstrating deep understanding of your system.
- Successful integration of a new tool, idea, or extension within the DevOps workflow (see ideas below). Be creative!
- Project complexity. E.g. security measures, scalability, zero-downtime, cost-efficient architecture.
Extension Ideas
DevSecOps
Embed DevSecOps tool to the CI/CD pipeline:
- safety to scan vulnerabilities in Python packages.
- Bandit to find security issues in your Python code.
- Pre-commit to enforce some policy before committing a new code.
- Black as a linting tool.
- Chef InSpec to apply security and compliance policies.
Jenkins
- Implement load testing in the PR testing pipeline.
- Create a Jenkins shared library.
- Send email notifications to users
AWS
- Protect your service using WAF or Shield.
- Any other shiny service that interesting you…
K8S
- Deploy some interesting Helm Chart in the cluster (Jenkins, etc…).
- Write your app YAMLs as Helm Chart.
- Run some CronJob in the cluster.
- Use ArgoCD to deploy your app.
- Implement some interesting ArgoWF.
- Experimenting with Calico to implement network security in the cluster.
- Experimenting with Istio to implement a service mesh.
- Expose your app through a secured HTTPS.
- Implement Pod identity in EKS instead using the EC2 IAM role.
- Provision the app infrastructure as a code.
- Built a dedicated “IaaC” pipeline in Jenkins
Ansible
Monitoring
- Deploy Prometheus in K8S.
- Enable backup/restore to from ElasticSearch to S3.
- Build some Kibana dashboard
- Improve the logs stream from the k8s cluster to Elasticsearch
- Create some alerts in Grafana (e.g. high CPU rate, container restarts many times etc…)