►
From YouTube: Commit Virtual 2020: Workload Portability AND Remaining Compliant using GitLab and Kubernetes
Description
Speaker: Frank Ford
Public cloud is great. We love public cloud. But sometimes, regulatory, company compliance, and legal restrictions necessitate an on-prem solution.
This session will explore ways to remain compliant with an on-prem solution while you work through your organization’s public cloud challenges. Using GitLab and Kubernetes allows for workload portability that will enable a simple transition once your organization gives the green light.
Get in touch with Sales: http://bit.ly/2IygR7z
A
You'd,
probably
rather
be
in
the
public
cloud,
but
sometimes
regulatory
company
compliance
and
legal
restrictions
necessitate
an
on-prem
solution
in
achieving
workload
portability
and
remaining
compliant
using
git
lab
and
kubernetes
frank
ford
of
genworth
will
explore
ways
to
remain
compliant
with
an
on-prem
solution.
While
you
work
through
your
organization's
public
cloud
challenges,
he'll
show
you
how
to
do
that
using
gitlab
and.
B
B
Personally,
I'm
passionate
about
continuous
integration,
continuous
development,
devsecops
automation
in
general
and
and
cloud
a
little
bit
about
gymworf
jimworth
is
a
financial
services
company.
Currently
we
sell
long-term
care
insurance
and
mortgage
insurance,
but
we
also
administer
life
insurance
and
annuity
blocks
of
business.
Our
corporate
headquarters
is
in
richmond
virginia
and
my
home
office
is
in
lynchburg
virginia
just
a
little
bit
of
a
level
set.
B
I'm
going
to
be
talking
about
public
cloud
and
on-premises
today
and
when
I'm
referring
to
public
cloud,
I'm
talking
about
the
the
big
three
public
cloud
providers,
so
amazon,
google
and
microsoft
and
on-prem
I'm
referring
to
on-premises.
So
these
are
this:
is
your
actual
data
center,
whether
it's
hardware
that
you
own
or
something
that
you've
contracted
out
to
another
company?
It's
it's
actual
on
your
your
on-premises
data
center.
B
Now,
when
we're
talking
about
public
cloud,
there's
a
number
of
advantages
that
public
cloud
brings
to
the
table.
So
you
know
public
cloud
being
on
demand,
everything
being
very
dynamic
and
elastic
you
provision
just
what
you
need
and
everything's
very
quick
to
provision
in
terms
of
pricing.
You
know
it's
the
page.
You
go
pricing
model,
so
you're
only
paying
for
the
resources
that
you're
actually
using,
which
can
present
a
cost
savings
to
your
company.
B
You
don't
have
to
worry
about,
like
maintenance
of
the
hardware,
because
you're
running
on
somebody
else's
computer,
so
the
the
main
limitation
here
is
your
particular
budget.
Your
cost
center.
You
know
how
much
your
wallet
can
actually
handle.
B
There
are
a
number
of
challenges,
though
you
know,
contracts
present
a
fair
number
of
challenges,
so
you
more
or
less
accept
the
general
tnc's
from
the
the
big
public
cloud
providers
and
then
you
can
add
baas
to
those
to
kind
of
help.
You
know,
structure
the
contract
so
that
it,
you
know,
add
a
little
bit
more
protection
for
you.
B
Pricing
around
pay
as
you
go,
can
actually
sometimes
be
a
hindrance
if
your
sourcing
department
likes
to
to
budget
blocks
of
dollars
and
they
want
to
try
and
allocate
those
dollars
to
a
particular
budget
year.
Data
security
and
privacy
you're
you
are
responsible
for
securing
and
making
making
sure
that
your
data
remains
private
inside
the
public
cloud,
also
adhering
to
regulations.
So
things
like
for
for
hipaa
gdpr
things
like
that.
B
You
need
to
make
sure
that
your
workloads
that
you
want
to
run
in
public
cloud
adhere
to
those
particular
regulations,
access
restrictions,
making
sure
that
only
the
right
people
have
access
to
your
public
cloud
infrastructure
and
understand
that
you're
also
potentially
increasing
your
attack
surface,
especially
if
you
have
your
public
cloud
infrastructure
hooked
into
your
corporate
network.
B
So
understanding
those
entry
points
is
is
a
big
thing
and
also
you
know,
understanding
your
organization
structure
and
making
sure
that
your
organization
is
actually
ready
to
proceed
to
public
cloud.
So
you,
you
may
actually
know
that
your
end
goal
is
public
cloud,
but
your
organization
may
be
moving
through
navigating
some
of
these
challenges
and
and
or
you
may
just
kind
of
be
handcuffed
by
regulation
and
and
some
of
that
needs
to
be
sorted
through.
B
B
If
you
under,
if
you
know
your
target
public
cloud,
the
the
big
three
public
cloud
providers
offer
on-prem
solutions
to
help
aid
in
this
effort.
So
amazon
outpost,
google,
anthose,
microsoft,
azure
stack,
however
those
cost
money.
You
may
not
necessarily
have
the
budget
for
one
of
these
or
you
may
actually
need
to
prove
some
value
in
some
of
these
things.
So
kubernetes
can
actually
help
with
that.
There's
a
there's
a
couple
and
then
there's
a
few
more
but
but
listed
here.
B
Rancher
rke
allows
you
to
very
quickly
spin
up
a
kubernetes
cluster
in
a
using
just
docker
containers
and
cube
adm
allows
you
to
bootstrap
your
own
kubernetes
cluster.
If
you
feel
like
taking
on
that
challenge,
this
is
an
example
of
a
of
a
of
an
rke
cluster,
yaml
and
kind
of
the
process
for
getting
that
spun
up.
Like
I
said
it
runs,
you
can
either
run
it
on
a
traditional
vm
or
bare
metal
that
just
has
docker
containers
that
just
has
docker
installed
it
spins
up
in
docker
containers.
B
So
now
we
get
to
the
fun
part
of
workload
portability.
So
we've
talked
about
okay,
we're
we're
building
some
workloads
on-prem
and
we
know
we're
eventually
going
to
need
to
migrate
them
to
public
cloud
as
you're
starting
to
spin
some
of
these
workloads
up.
You
need
to
think
about
workload
portability.
B
So
you
know
you're,
going
through
your
you're
building
new
workloads,
you're,
going
through
your
monolith
to
microservices
transition
or
you're
migrating
existing
applications
to
application
containers
and
you
plan
to
orchestrate
them
using
kubernetes
workload.
Portability
needs
to
be
at
that
forefront
of
what
you're
thinking
about
as
you're
as
you're
kind
of
designing
and
working
through
these
efforts,
gitlab
can
assist
with
some
of
this
gitlab
has
the
ability
to
target
on-prem
and
cloud
resources
and
gitlab
also
has
some
features
such
as
crossplane.
B
That
can
help
with
your
multi-cloud
deployment
and
also
portability
issues
as
well.
Just
some
caveats
here
and
I'm
going
to
read
this
verbatim,
because
it's
very
important
is
just
because
your
application
is
containerized
and
orchestrated
with
kubernetes
does
not
guarantee
that
the
workload
is
portable.
So
some
things
you
need
to
think
about
are
you
know:
please
continue
to
take
workload
portability
into
your
design
as
you're,
designing
new
workloads,
but
also
think
about
external
external
dependencies.
B
Does
your
application
need
an
external
load
balancer?
Does
your
application
need
persistence?
Does
your
application
need
connectivity
to
your
corporate
network?
Also
think
about?
Is
your
application,
stateless
or
staple
all
of
these
things
kind
of
help
guide
you
when
it
comes
to
to
being
able
to
build
portable
workloads?
B
So
now
that
we've
talked
about
workload
portability,
we
need
to
talk
about
compliance
being
able
to
to
automate
automate
automate
automate.
Automation
is
the
the
the
best
and
and
most
key
aspect
to
remaining
compliant
with
your
your
your
ci
cd
processes,
so
building
a
ci
cd
process,
preferably
in
gitlab.
B
The
same
way
every
time
adopting
infrastructure
is
code
stored
in
version
control,
provides
you
with
a
a
kind
of
a
golden
copy,
running
configuration
that
can
be
reviewed
and
audited
at
any
point
in
time,
and
you
can
also
leverage
open
source
tools
to
apply
policy
to
your
your
your
environment,
so
taking
advantage
of
open
policy
agent
to
apply
policy
at
various
levels
of
your
environment,
so
conf
test
allows
integration
of
open
policy
agent
policies
into
the
cicd
pipeline.
B
Gatekeeper
is
a
kubernetes
admission
controller
which
can
apply
policy
at
the
kubernetes
cluster
level
and
then
also
open
policy.
Agent
has
plug-ins
for
numerous
things,
such
as
being
able
to
apply
policy
to
your
infrastructure's
code,
as
well
as
things
like
at
the
at
the
network
level
monitoring
your
cluster,
so
you
know
leveraging
prometheus
grafana
for
visualization
of
metrics
and
and
and
things
like
that,
and
also
when
you
do
get
to
public
cloud
having
a
cloud
security,
posture
management
solution.
B
There's
a
number
of
them
out
there
kind
of
helps,
keep
you
compliant
kind
of
as
you
as
you
migrate
to
to
public
cloud.
So
conclusions,
public
cloud
is
great.
Sometimes
it
doesn't
necessarily
make
sense
for
everybody
right
off
the
bat,
whether
that's
due
to
external
regulation.
B
Some
you
know
company
policy
or
you
know
you
actually
need
to
show
and
free
value
of
some
of
these
things
to
to
some
folks.
You
know
using
some
open
source
tools.
You
can
very
easily
spin
up
a
kubernetes
cluster
on
prem
and,
of
course,
utilizing
gitlab
and
additional
open
source
tooling.
You
can
easily
implement
secure
and
compliant
cicd
pipelines,
on-prem
and
those
can
then
be
migrated
to
any
kubernetes
cluster
that
you
wish
to
migrate
to.
B
So
thank
you
and
I
have
my
my
email
and
twitter
there.
I
will
warn
you
that
my
twitter
is
mainly
auto
racing
and
virginia
tech
football.
So
thanks.