25 DevOps Tools In 2021

2022-01-17 10:26:22
ZenTao ALM
Original 2393
Summary : This article describes some of the top DevOps tools currently available on the market while considering the essential categories of the CI / CD lifecycle. The first half of this article is the configuration management tools, construction, source code, deployment. The second half is mainly tools of vulnerability. management, quality, monitoring, collaboration.

DevOps is changing the state of global software development, and it is effectively improving in some form of the listing speed, marketability, innovation, and product quality of global software companies. 2021 is a significant year for DevOps. Because it spans development, operations of IT, security, and product teams, there are different software development stages. 


This article describes some of the top DevOps tools currently available on the market while considering the essential categories of the CI / CD lifecycle. The first half of this article is the configuration management tools, construction, source code, deployment. The second half is mainly tools of vulnerability. management, quality, monitoring, collaboration.

Configuration management

Puppet

Source: www.emerasoft.com

 

Puppet is an open-source software configuration management and deployment tool that ensures that all servers are configured to the desired state. Puppet is agent-based and is most commonly used for Linux and Windows to control multiple application servers simultaneously. Puppet is primarily used for client/server configurations, where the managed nodes are synchronized with the server configuration. Puppet's code management tool R10K enables automated or manual adaption, updates, reviews, and CI / CD code testing. You can also deploy R10K and Puppet files to deploy the environment automatically. These agent-based deployments are generally more accurate and timely and can generate error logs for review.

Puppet also provides a simple integration with Git for version control. Puppet is declarative and usually suitable for baseline rather than a compilation.

The disadvantages of Puppet:

  • The overall speed is slow.
  • Puppet cannot check the system status outside of the exec resource without writing customized facts.
  • Hiera is Puppet's key-value configuration data search system, which is slow and difficult to troubleshoot.

Ansible

Ansible is an open-source configuration management and orchestration tool known for its brevity and performance. The Ansible runs on the host computer and connects to the node using SSH. Ansible can run on any host computer with Python 2 (version 2.7) or Python 3 (version 3.5 and later) installed, including Red Hat, Debian, CentOS, macOS, and BSD. Ansible makes it easy to manage configurations with YAML. Automating cross-platform tasks with Ansible works as well. You can also use the Ansible pull mode to get repositories and run commands from specific files. Converting Shell scripts and profiles to Ansible Playbooks or Roles is also easy, and a lot of documentation is available.

The disadvantages of Ansible:

  • The speed of system scale and expansion is slow.
  • Lack of support from the Windows system.
  • Inefficient when hundreds of servers require hundreds of large-scale sync.

Chef

Source:  www.atlassian.com


Chef is the primary open-source DevOps tool for configuration management. Chef is also based on the master agent model because the Chef client runs on each client machine (using the knife tool and communicating via SSH). Chef differs from Puppet in its extra layer, called a workstation, containing all configurations. These configurations are first automatically tested on the local machine and then posed to the server.

Chef performs very well when host computer exists dependencies. It captures the status of the system (packages, existing users, directories, etc.), compares them to real-time instances of the agent, and ensures that the objects remain synchronized.

It is well known that Chef uses services such as AWS OpsWorks to maintain automated features for more extensive networks. Chef Inspec also helps to ensure the security and integrity of the network deployment. Chef InSpec is an open-source framework that allows for automated, manual testing and applications audit.

Despite Chef's powerful GUI, it has to understand Ruby to leverage Chef's infrastructure, the real power of code models, especially when involving complex tasks and customization. A lot of customization can be achieved by scripting in Chef (commonly called cookbooks and recipes), but this is not the best option in many cases.

The shortcoming of Chef:

  • The agent instance needs to view the host computer to install the updates.
  • Beginners are hard to understand.
  • Lack of detailed documentation.
  • Lack of demand scalability.

Structure

Jenkins

Source: www.cnblogs.com

Jenkins is an open-source automation service written in Java. It acts as a CI (continuous integration) tool, making it easier for developers to integrate new components into the software for seamless integration. Jenkins uses a plug-in for integration to achieve this goal.

According to new requests, Jenkins merges the new work branch into the primary code, runs the automated test tool, generates new test data, reports failures, and deploys the latest code changes to the QA environment for manual testing.

Jenkins Pipeline is used to achieve the automated expression of continuous integration processes. You can define the files in the pipeline, load them into the SCM, and configure the working variables.

Jenkins has been around for a long time and has become a standard due to its mature ecosystem, plug-in support, documentation, and community. Jenkins has had several updates over the last few years. It has become one of the preferred ones for many companies as it provides a simple UX / syntax for pipelines and Docker integration.

The disadvantages of the Jenkins include:

  • To use Jenkins, one needs to learn Groovy, which is notorious for its inconsistency. Groovy scripts in Jenkins are not easy to write and edit, especially when numerous updates are made.
  • In many cases, builds need to be manually configured into UI, complex code profiles, and loose access controls.
  • The Jenkins is tough to use without the JenkinsFile, the JenkinsFile is a text file that contains the definition of the Jenkins Pipeline, and the source code controls it.

TeamCity

TeamCity is an advanced CI tool (with limited free versions) known for its easy-to-operate interface, smooth configuration, and innovative features. It runs in the Java environment and Apache Tomcat servers but can also be installed on the Windows and Linux servers.

Whether to choose a TeamCity depends mainly on your own needs. It will be appropriate if you have a sufficient budget. Your primary tasks include setting a set number of agents to quickly build a parallel chain with repository snapshots and artifact dependencies.

TeamCity also has very reliable documentation. TeamCity's "Snapshot Dependencies" feature lets you maintain the same source version throughout the pipeline without the underlying code.

However, TeamCity will fix the snowflake agents automatically, for which you must use the configuration tool or container technology. The TeamCity template-based configuration makes life easier.

TeamCity also supports automatic proxy extensions in AWS, GCE, and Azure. It also supports VMware and Kubernetes via the plugins and integrates locally with GitHub.

The disadvantages of TeamCity:

  • The price is expensive.
  • Debug logs and error logs are difficult to parse and understand.

Bamboo

Bamboo is a continuously integrated and continuous deployment server developed by Atlassian. One of the main advantages of Bamboo is its ability to automate construction, testing, and release integration with other Atlassian products (such as JIRA, BitBucket, Stash, Hipchat, and Confluence) in a single work-flow to create a solid software development and delivery ecosystem.

Bamboo also has a GUI, which is reliable and easy to use.

Easy integration with BitBucket, Confluence, and Jira,which is a big advantage for Bamboo. It can also launch cron-like triggers that come in handy if the employee is not in the office but has audit analysis, automated testing, and automated programs to run.

The disadvantages of Bamboo:

  • Bamboo has little code analysis power.
  • Bamboo could not build configuration.
  • No global tool configuration (the tool must be manually installed on the agent).
  • The lack of credential plugins and support for Bamboo means that every Bamboo-related project must introduce password change functionality.

Source code management

GitHub

GitHub is one of the most popular source code management tools for millions worldwide. GitHub's strengths include easy-to-operate UI, intelligent features such as accidentally deleted repository recovery, preventing finished product removal, integrated diversification, and security. GitHub has little interruption or downtime, which makes it very reliable.

GitHub has a large community, perfect for open-source projects. Since Microsoft has GitHub, the Azure DevOps and Microsoft tools can be tightly integrated. It gives you better control of the CI / CD process. However, it only provides free private repositories for three collaborators per repository.

GitLab

GitLab is based on Git and provides CI services, deployment, and pipeline capabilities for software development. Due to their robust CI services, most companies prefer to use them for source code management. If you want to integrate CI / CD on your server, it is viable because you can host it on the server. It is free and open-source and offers unlimited free private repositories. It also allows you to install private instances and provides a container registration service.

Arrangement

Spinnaker

Spinnaker is an open-source CD software platform, available with Kubernetes, Google Cloud Platform, AWS, Microsoft Azure, and Oracle Cloud. It is primarily a deployment and delivery platform for acquiring artifacts and deploying them into production.

The Spinnaker's dashboard and interface are straightforward to use. Developers can quickly push their code to the publishing branch, and the tool automatically builds, tests, validates, and pushes code to the production environment. With Spinnaker, you can use Seamless Kubernetes, Github, and Google to quickly deliver and deploy software changes. Spinnaker can build EC2 AMI s, configure ASG, and set the load equalizer locally.

The shortcoming of Spinnaker:

  • Lack of effective scalability.
  • The documents are scarce.
  • Automating tasks are difficult.

Octopus Deploy

Octopus Deploy is a CD tool for automating your deployment. It can automatically deploy applications and services on an agent machine or the tentacles. Octopus Deploy works for ASP.NET Web applications, Java applications, NodeJS applications and runs custom scripts to multiple environments, including AWS and Azure. Mainly, it is used with AzureDevOps and is favored by companies using the Microsoft ecosystem.

Octopus Deploy can integrate the CI infrastructure of a pipeline. You can initiate an API call to Octopus to create a new version and push binaries through the CI pipeline.

The disadvantages of the Octopus are as follows:

  • The price is expensive.
  • Could not export the variables between the projects.

Argo CD

Argo CD is a declarative GitOps continuous deployment tool used primarily for deploying applications in Kubernetes clusters. Argo CD forces synchronous Kubernetes listings that record your application in the Git repository. Argo CD can automatically apply the updated lists to submit changes to the cluster. The ArgoCD server can track the deployment branch of the main project. Argo CD can also automatically detect when the build branches are merged into the deployment branch. Argo CD prevents downtime by first deploying a new version of the manifest.

The disadvantages of Argo CD:

  • Argo CD does not support CI, which means that if you want a complete CI / CD pipeline, you should use other tools like Jenkins, Travis, Circle CI, or Gitlab CI.

The numerous available tools may be daunting, but the choice itself is good. Lack of standardization and automation may produce extremely high learning curves during induction or handover. The selection principle is not to waste time and financial resources without investing in similar, overlapping tools.In the previous section, we discussed the configuration management tools, construction, source code, and deployment. We're going to introduce mainly tools of vulnerability management, quality, monitoring, collaboration.

Network Threats and Vulnerability Management

TwistLock

TwistLock provides threats and vulnerabilities for container-based applications. The service is known for its integration with the Kubernetes and Docker containers. TwistLock is now owned by Palo Alto Networks and performs security checks by applying security protection and automatic container scanning.

TwistLock has robust documentation that is easy to deploy and optimize resource consumption. It is also known for its CI / CD pipeline integration, substantial compliance with container security protocols, and image scanning.

TwistLock is also known for its detailed security analysis. The service also uses AI capabilities to know the environment, although some companies have found the cron works that it automatically triggers is very confusing.

They also offer SaaS-based security scanning (Prisma cloud) and local solutions.

Sysdig

Sysdig is a monitoring tool for cloud infrastructure, services, and applications. The Sysdig is usually used to arrange for container safety confirmation, monitoring, and monitoring the PaaS infrastructure.

Sysdig can also monitor OpenShift clusters, as it provides granularity data to analyze metrics.

The Sysdig stands out for its powerful integration of container monitoring and orchestration layers.

Sysdig is also helpful to gain insight into process network traffic. Sysdig Opensource allows level privileges to be called on the kernel system to get details about the host computer. The capture information process can also be automatically deployed as a Docker container via a DaemonSet or a direct proxy process.

Anchore

Anchore is a complete container security workflow solution that is seamlessly integrated with various development tools and platforms. Anchore provides customized container checking and compliance solutions for various applications that enable teams to meet industry security standards. The security team can audit and verify compliance across the organization.

Features include:

  • Webhook including cloud-hosted or local Kubernetes environments and CI / CD platforms.
  • Policy-based security and compliance.
  • Check up: Vulnerability scan, Secrets and passwords, Operating system package, Third-party database inspection, etc.

Quality / test

JMeter

Source: t.cn

JMeter is a load test tool for testing Web applications. Even if JMeter is used for load/performance testing, it can still start API calls, status codes, and responses. JMeter also supports a lot of plugins.

You can also use the concurrent thread pool size of JMeter to start multiple connections for each thread during testing.

JMeter is an independent platform and can run smoothly in different environments.

Test results can be viewed in in various ways, including graphics, graphs, tree views, XML, and JSON.

JUnit

JUnit is a unit testing framework mainly used for Java applications. The JUnit framework belongs to the xUnit family of the Java framework.

JUnit uses annotations to determine what method should be used in the test. Its test runner feature also enjoys a reputation in the developer community for its custom features. You can also test the expected results using the assertion in JUnit.

In JUnit, you can use different combinations between multiple parameters. Creating, managing a rich suite of unit test cases for the entire application becomes very easy with the help of JUnit. The JUnit can also automatically test all the functions and units of the application before module or system-level testing.

Selenium


Source: uivita.com

Selenium is an end-to-end test software testing platform best known for its user-friendly user interface that allows testers to simulate Web system behavior, send API requests, and analyze system behavior.

Selenium allows the writing of complex and advanced test scripts using RUBY or HTML to address multiple levels of complexity.

Selenium offers Web a complete IDE for application developers for editing, recording, and debugging tests. You can set custom starts and breakpoints for multiple test cases.

Some other significant major features of the Selenium include:

  • Integration with multiple development platforms, such as Jenkins, Maven, TestNG, QMetry, and SauceLabs
  • Parallel testing was performed using the Selenium Grid
  • Compatible with all famous languages, including Java, Ruby, C #, PHP, JavaScript, Perl, and R.

ZTF

Source: www.zentao.pm


Currently, the automated testing framework on the market is mainly divided into a unit test framework and an automated testing framework in some fields. These frameworks are often bound to various languages. They need to manage the test scripts of these automated testing frameworks in a unified way, so the ZTF automated testing framework is developed. ZTF focuses on the management capabilities of automated testing and defines automated test scripts, Management, drive, return of execution results, creation of Bug, and integration of other automated testing frameworks.

The ZTF addresses the following problems:

  • Management of the use-case information.
  • Execution of the test script.
  • Alignment of the test results.
  • Submission of the Defective Bug.

ZTF has the characteristics of a simple, cross-platform, cross-language, cross framework, engineering, cross scene, can well drive eight-unit test framework, five automatic test framework to test, and put the final result back to Zentao, unified report, through the gap between project management and continuous integration tools, through continuous integration, continuous testing, continuous deployment of different stages of the DevOps life cycle.

SonarQube

SonarQube is an open-source tool for code quality, continuous checks, security, and error analysis. It works for Java, Python, XML, PHP, and many out-of-box languages. The tool can dynamically add rules through XPath expressions, and you can also customize the tool to enforce certain situations where exceptions should be ignored.

SonarQube is primarily used for static analysis. It has perfect integration with GitLab. SonarQube's dashboard and advanced tracking allow you to have plenty of control over code quality and inspection.

The disadvantages of SonarQube:

  • The cooperation with JavaScript did not go very well.
  • Sometimes it's slow.
  • Limited support for third-party tools and plug-ins.

Record and monitor

Grafana

Grafana is an open-source analytic and monitoring solution built based on the Apache 2.0 license, well known for its outstanding UI, graphics, charts, real-time analytic, and triggers. Grafana can extract data from multiple sources, including Graphite, InfluxDB, OpenTSDB, and Prometheus.

Grafana is primarily used to monitor Docker containers, network devices, bandwidth, data streams, virtual servers, Azure infrastructure, databases, and Web applications. Grifana is also known for its plug-ins and seamless integration with Telegraf and Zabbix. Grafana can visualize the granularity data, including metrics such as the exact timing of the interruption, events before the disruption, user logs, data center temperature, and performance prediction.

New Relic

New Relic is a full-stack monitoring tool for tracking cloud-based applications and software. New Relic provides rich dashboards, distributed tracking support, detailed logs, top-down visibility, and monitoring. New Relic has intense monitoring of the back-end to slow the system.

This tool is handy for companies that need to analyze multiple stack profiles in detail.

New Relic is expensive, but the company has recently developed consumption-based pricing models.

The disadvantages of New Relic:

  • Customer support is weak.
  • It is expensive even after consumption-based pricing models.
  • The debugging is complicated.

Nagios

Nagios is open-source software that can monitor systems, networks, and infrastructure. It proactively monitors the health of the service and maintains the log storage files. It also displays the shutdown cause, duration, and events that may trigger a shutdown.

The Nagios also offers several configuration options and alert features. You can suppress alerts on the host computer, enforce maintenance mode on the host computer, customize notification settings for alerts, etc.

The Nagios supports hundreds of plugins. You can also create your customization and develop your plugin support.

However, since the Nagios is relatively old, operating with the latest infrastructure is challenging. It lacks a database-driven configuration and forces you to use the profile.

ITSM and the Collaboration

ZenTao

Source: www.zentao.pm

Zentao is an open-source R & D project management software designed based on Agile and CMMI management concepts that fully cover project management's core process. Integrate product management, project management, quality management, document management, organization management, and transaction management to support the product's end-to-end complete life-cycle management.

Zentao management ideas pay attention to practical results, complete functions, simple and efficient operation, powerful search function, rich and diverse statistical reports, reasonable software structure, and flexible expansion.

Zentao also enables the integration of Jenkins with Gitlab to better support the DevOps CI and CD cycles.

Slack

Slack is a collaborative and communication tool and has been very popular recently. Slack is known for its authentic conversations, search capabilities, and user-friendly interface.

With its powerful user interface, exciting features, and agility, Slack is rapidly replacing email in the software industry.

You can also use programming to make custom chat-bots, infrastructure routines, and triggers for Slack.

Microsoft Teams

Microsoft Teams is a communication and collaboration tool. It is helpful for companies that work in the Windows ecosystem. In addition to instant messaging services as it integrates with the Azure DevOps platform. You can also connect your team with Azure Repos and Azure Pipelines.

Teams provide different channels in which teams can collaborate. This will create a project-specific communication repository that you can search for at any time.

Other features include:

  • Document recycling
  • Phone call/video conference
  • Chat-bot integration
  • Office365 ensemble
The numerous available tools may be daunting, but the choice itself is good. Lack of standardization and automation may produce extremely high learning curves during induction or handover. The selection principle is not to waste time and financial resources without investing in similar, overlapping tools.
Write a Comment
Comment will be posted after it is reviewed.