DevOps

One of the inherent tensions in a university computing environment is the need to balance the virtues of standardization and automation with the reality of many special cases. The extreme diversity of applications and use cases across the university means that IT teams deal with inherently heterogenous environments, and at the same time are expected to provide scalability and security.

Many online resources assume a much more homogenous, single-minded environment. And as a result, they’re less useful than we’d like; they sound good in theory, but it’s hard to move them into production because of the realities and special cases that you face each day. It’s easy to get jealous of the IT teams at product-based companies.

West Arete has been developing custom DevOps solutions for higher education since day one. We understand the tool set, licensing advantages, purchasing limitations, and the nature of the university computing environment.

Strategic planning

The appropriate high-level plan often has more impact on the success of DevOps initiatives than the hurdles of technical implementation. It’s often difficult to decide how to size phases of implementation appropriately so that they can get done in a reasonable amount of time and also stay free of too many dependencies.

Consider using the West Arete team for an outside perspective on your high-level plan. A fresh set of experienced eyes can help to point out potential hurdles or opportunities to reduce risk.

Configuration management

Using code to fully automate the setup of your operating system and application dependencies has been a staple of modern ops for many years. Chef, Ansible, and the various other popular tools provide the promise of consistent setup and maintenance of servers.

In practice, many teams struggle with small inconsistencies between their environments. Or with how (or whether) to get the few last bits of manual setup into their configuration management setup. These hurdles often prevent teams from recognizing the full set of advantages that configuration management promises.

Our team’s experience can help you to achieve the consistency and scalability that you’ve targeted.

Containerization

For most teams, it’s not a question of whether they’ll wind up adopting containerization of their apps; it’s more a question of when and how.

We can help your team to make the decision of where to invest further in infrastructure automation for legacy apps, and where to begin containerization.

We can also assist with breaking the process into a finite series of incremental steps, so that you can begin to recognize the advantages of containerization early, while still being on track for an appropriate longer-term roadmap.

Infrastructure as code

We were an early adopter of the HashiCorp stack for our infrastructure needs.

Terraform is the ultimate tool for infrastructure as code. Even for small installations, we’ve seen dramatic benefits in the consistency and clarity that the discipline of Infrastructure as Code can bring. One downside of such a new and promising tool is that there are few frameworks or established best practices. We can bring several modularization, code organization, and testing patterns to the table, to help you manage the extreme flexibility that the tool allows.

Packer provides the “glue” between Terraform, your operating system configuration management, and your scaled deployments of new virtual machines. We use Packer to seamlessly prepare custom machine images that can be deployed any time.

Many developers have been using Vagrant since its early days. In the modern DevOps stack it provides an ideal environment for fast and safe development/test iterations on your configuration management.

Secrets management

HashiCorp’s Vault represents a radical step forward compared to traditional secrets management in scaled environments. It provides centralized storage with high availability, fine-grained access, built-in secret rotation and expiration, and several methods of access at both the application level and the operating system level.

If you’re still installing secrets manually, or storing them (encrypted, hopefully) within your configuration management system, Vault can provide a long-awaited way to gain a much higher level of separation and automation.

One of the extremely practical attributes of Vault is how well it lends itself to incremental implementation in legacy environments. There are several different methods for accessing secrets, so we can help you to get to a baseline level of adoption with your legacy apps, and then gradually evolve to more secure access methods as your priorities and pace of development allows.

West Arete has been using Vault since its early development releases.

Types of engagement

For distinct DevOps initiatives that have few dependencies, these can be delegated to West Arete as a standalone projects. We will make full use of the best available tools to craft an elegant solution that is clearly and thoroughly documented, and as flexible as possible for future evolution by your team.

Often teams will want to not only acquire new code; they’ll also want to gain knowledge and skills from our team. By incorporating mentoring into a DevOps project, you can accomplish both at once. This allows your team to walk away with a new level of infrastructure and competence that they completely own, since they helped to build it with us.

If your team is maxed out, consider delegating the long term management, monitoring, maintenance, support, and enhancement of infrastructure to West Arete via a DevOps service contract. For a flat monthly fee, we will handle an entire slice of your infrastructure, regardless of whether it’s hosted on site or at a 3rd party cloud provider. This completely relieves your team of the day-to-day concerns for that area.

Let’s Connect

The first step is often a zero-pressure phone call to answer questions and explore whether we both feel that there could be a fit.