Our DevOps expertise

We love what we do and especially we love automation.Really. Many people think automation is boring, but that is music for us. So building CI/CD processes are one of our company's favorite tasks. We are a well knit team with excellent technical expertise and we are very responsible. With us your infrastructure will be reliable and safe.

Skills

Solid

We have been working with these technologies for a long time and we have used them to implement a large number of projects.

Soft

Technologies with which we have been working with for less time. Only demo projects were realized with their usage.

Not our focus

We are experienced enough in understanding and functioning of these technologies. We can work with them only in cases when the functionality of the entire system is impossible without their use.


Solid
Soft
Not our focus
Cloud Platforms and Virtualization
AWS, Tencent, Vagrant, VirtualBox
Azure, Google cloud, Alicloud
Configuration and Infrastructure Management
Ansible, Terraform, AWS CloudFormation
Puppet, Chef
Orchestration
DC/OS
Kubernetes
Continuous Integration
Jenkins, GitLab, Gradle, Apache Maven
Travis CI
Automation
Selenium
Apache JMeter, QASymphony, TestRail, RSpec
Containerization
Docker
Amazon ECS
Monitoring, Alerting and Logging
AWS CloudWatch, ELK Stack, Prometheus, Zabbix
Security
Vault
AIDE, OSSEC, Samhain, Snort, Sonatype
Collaboration
Jira, ServiceNow, Slack
HipChat, Rocketchat, Pivotal
Artifact Management and Source Control
Git, Bitbucket, Mercurial, Github, Nexus
Artifactory
Operating systems
Ubuntu, Debian, CentOS
Windows all versions
Scripting
Bash, Python

Our devops services

At the first stage, our company analyzes:

  • Development process;
  • Source code;
  • Application Architecture;
  • Customer requirements;
  • Environment where the software is planned to be deployed (own servers, or the use of cloud provider facilities);
  • Software architecture.

Next, a plan for organizing CI / CD processes is composed taking into account all the requirements and the analysis.

The plan, architecture, as well as work with CI / CD processes are always fully documented. So that, in the event of any problems, they can be resolved as soon as possible. Our company provides all the necessary documentation.

The following aspects are taken into account during developing a CI/CD process plan for a startup company:

  • CI/CD process system should be as flexible as possible. So that, changes can be made quickly and easily because new features can be added or removed during the development process;
  • Ability to change software architecture. CI/CD processes should be as versatile as possible and well documented;
  • Programming language used in development;
  • Customer’s wishes;
  • Software architecture;
  • Software deployment environment.

Before starting to upgrade/automate the current processes in the company, the following work are performed:

  • Audit of current CI/CD processes;
  • Development of a diagram for the CI/CD processes;
  • Analysis of the software architecture;
  • Analysis of infrastructure architecture for the deployment software;
  • Planning of updating CI/CD processes.

As a result, options for optimizing CI/CD processes will be proposed to reduce deployment time of the updates.

Implementing CI/CD processes for a system that passes PCI DSS certification requires careful consideration. From that point, the following preparatory procedures is performed:

  • Development of a plan for implementing CI/CD processes;
  • Development of a new system operation diagram with added CI / CD components;
  • Identity of the scope of PCI DSS standards based on the CI/CD processes added;
  • Identity whether any CI/CD processes fall within the scope of the PCI DSS standards and depending on this, CI/CD processes will be further builded;

The final step is evaluation of the developed system using the PCI DSS self-assessment sheet.

To assess the current state of security, the following is examined:

  • Supporting documentation for the software architectural design;
  • Security systems used in company;
  • Documentation for software deployment;
  • Documentation for deployment environment;
  • System and software components that include the entire software complex;
  • Vulnerabilities checks performings depending on the requirements;
  • Authentication mechanism, determine who has access to specified system components (checking access via ssh, checking central authentication system, etc.);
  • Policy reviews for creating and changing passwords, and whether they are followed or not;
  • Software checks used on servers:
    • Software versions;
    • Whether updates of software and antivirus programs are being performed.
  • If any errors or problems will be identified during the audit, appropriate recommendations will be given. Also, overall rate of security systems will be provided.

    To assess the current state of CI/CD processes, the following works are performed:

    • Audit of current CI/CD processes;
    • Review of CI/CD processes architecture;
    • Review of tools used in CI/CD processes;
    • Software versions review.

    Necessary recommendations could be made to improve and optimize CI/CD processes or individual components.

    It is possible to assess the hardware equipment if dedicated servers are used, because all cloud providers have monitoring systems for their hardware and perform necessary replacements.

    It is possible to rate the state of dedicated hardware servers, because various cloud providers independently monitor their hardware and perform necessary replacements. During the rating process of the hardware are analyzed.

    • Equipment release date;
    • Duration of operation of the equipment;
    • Criticality of the system area in which current equipment operates;
    • Availability of a backup systems;
    • Availability of hot spare reserving of main servers and network equipment.

    As a result, a report will be prepared outlining the risks that further use of the equipment may result in.

Our company uses dockerization for the fixed state of the environment and the code itself. Dockerization also helps to obtain high availability of applications because multiple containers can be run on different servers. As an example , a load balancer can be configured to redirect requests from users to available containers with the application.

CI/CD

Solid
Soft
Not our focus
Python
Java
С#
PHP
Ruby
.NET framework
JavaScript
Go
Android
iOS