DLT Solutions LLC, a wholly owned subsidiary of Tech Data, has defined a Secure Software Factory (SSF) framework that provides U.S. public sector agencies with a framework for implementing a set of best DevOps practices based on Kubernetes.
Company CTO David Blankenhorn says the SSF framework spans tools and platforms from Checkmarx, CloudBees, Dynatrace, GitHub, GitLab, Eggplant, MindPoint Group, Parasoft, Red Hat, Sonatype, StackRox, Sysdig, XebiaLabs and ZenHub.
The goal, he says, is to make it easier for government agencies and educational institutions, which tend to be risk-averse, to embrace DevOps principles using a modern IT architecture that relies on containers to build applications.
In addition, as an arm of Tech Data, a global distributor of IT products and services, DLT will be working with a handful of IT services providers to help them expand their existing DevOps practices, Blankenhorn says. Longer-term, DLT plans to also create a framework for training IT service providers on how to build a DevOps practice from the ground up. Tech Data acquired DLT Solutions last year.
The SSF framework is optimized for building modern microservices-based applications using containers that will be deployed on Kubernetes clusters. Elements of the framework address everything from planning and integrating code enhancements to best DevSecOps practices. Of course, Kubernetes may not yet be widely deployed in production environments by government agencies; however, usage of Kubernetes within application development teams that are building applications for those government agencies is becoming more widespread. In many cases, the introduction of containers and Kubernetes is finally forcing a conversation about the broader adoption of best DevOps practices within government agencies.
Blankenhorn says that, from a cultural perspective, many government agencies are challenged by the transition to DevOps. Most government agencies tend to be risk-averse so any framework that accelerates the time to deploy applications is going to require time for government agencies to absorb, he notes. The SSF framework is intended to provide a detailed map of the steps and processes government agencies and education institutions need to implement to make the transition to DevOps, at a time when most government agencies continue to rely on waterfall processes to build applications, he adds.
An index published by Puppet recently found that in terms of DevOps maturity, government agencies not surprisingly ranked fairly low. Nevertheless, there are pockets within the U.S. governments, such as the Air Force, where adoption of best DevOps processes is already well-established. However, with the rise of microservices-based applications most organizations that have already embraced DevOps are finding a need to further fine-tune those processes.
It’s not clear whether government agencies will ever be as agile as business entities. There is, however, a lot more focusing on modernizing processes and making government data more widely accessible using, for example, mobile applications. The rate of change to those applications that can be absorbed by government staffers will naturally vary. Eventually, however, as individuals become more exposed to digital business applications, they will come to expect government agencies to be able to deliver a similar application experience.