Bitnami Stacksmith. What is Stacksmith?

Transcription

1 Stacksmith Modernize your DevOps pipeline. Automate application packaging for today's cloud and container platforms, and continuously maintain them so they remain up-to-date and secure. What is Stacksmith? Stacksmith is a single, standardized packaging and maintenance tool that generates deploy-ready, cloud-native assets in multiple formats for multiple cloud vendor platforms. Stacksmith provides two primary functions: Automated packaging Stacksmith s automated packaging takes your assets application code, configuration policies, and scripts - incorporates the platform dependencies, maps the cloud platform service integrations you specify (ie. Database), optimizes the results for your chosen platform(s), and delivers everything you will need to successfully deploy. Ongoing maintenance Stacksmith also simplifies the ongoing maintenance of your assets by continuously monitoring private repositories (for code, script or config policy updates) and trusted sites (for system package updates and Common Vulnerabilities and Exposures (CVEs)), and providing manual (click update ) and automated (supports continuous updating) methods for you to re-package your applications, ensuring they stay up-to-date and secure.

2 In addition, Stacksmith: Enforces required IT security and configuration policies at packaging time, ensuring Dev, Sec, and Ops corporate standards / best practices are built into the deployable assets. Simplifies compliance verification and auditing. Stacksmith logs the entire packaging process and generates a manifest of included packages that simplifies compliance discovery, licensing verification, and version control. Delivers versioned and immutable packages, making them easy to track, deploy, update and rollback to if needed. Can be run from the Stacksmith Graphical User Interface (GUI), or you can integrate Stacksmith by using our fully documented Application Programming Interfaces (APIs) and Command Line Interfaces (CLIs). Easily integrates with the automation, configuration management, continuous integration, continuous deployment, orchestrators or other tools you may already be using. Does not lock you into a single vendor or format. Stacksmith supports multiple platforms including AWS, Azure, and Kubernetes, and multiple output formats including VMs and containers. With Stacksmith, you can use a single standardized process to package for multiple platforms. Figure 1 an overview of the Stacksmith application packaging and updating cycle.

3 How Does Stacksmith Work? You provide your application code and scripts, select a few parameters, and hit create. Stacksmith pulls together the required system dependencies, documents and packages them with the application, and delivers everything you need to deploy your application to your chosen cloud platform - a VM or container image and the deployment template. Deploy and utilize native cloud vendor services that are now available to you. Stacksmith then delivers ongoing value by continuously monitoring both the inputs and dependencies, alerting you when updates become available, and providing simple manual or automated ways to re-package your applications. This makes it easy for you to keep applications up-to-date and secure. Templates encode the platform-specific best practices and provide reference architectures. Support for multiple platforms and formats means you can explore new technologies at your own pace and don't have to worry about vendor lock-in. Stacksmith can be used to package and maintain new or existing applications. It has an intuitive UI for stand-alone use, but also has robust APIs and CLIs and can easily be integrated with the development tools and processes, such as Continuous Integration, Continuous Deployment, and orchestrators, you may already be using. Figure 2 Integrating Stacksmith with existing development and deployment tools and processes.

4 Stacksmith Benefits Stacksmith lets you modernize your DevOps pipeline for the cloud. It frees up valuable IT resources by automating the manual tasks associated with application packaging and application updating, and optimizes your applications to run on the latest cloud and container platforms. Support for multiple platforms gives you tremendous flexibility and access to powerful cloud services that are not accessible to your applications today. Stacksmith s templates and automation deliver a single, standardized packaging process that can be used to create immutable assets in multiple formats for deployment to multiple target platform. Stacksmith s ongoing maintenance delivers monitoring, notifications, and a simple updating process that relieves the Ops burden and minimizes corporate risk / vulnerabilities. Stacksmith lets you enforce configuration policies at packaging time, ensuring the implementation of security requirements, operations policies, and corporate standards and best practices. Benefits for the business overall: Establishes trust between development, security and IT operations. Simplifies auditing, compliance, and policy enforcement. Improves security. Lets you use cloud native resources and best-fit cloud services without lock in. Simplifies migration of applications from the datacenter to the cloud, from one cloud to another cloud, and from the cloud to containers. Can be used with existing applications, new applications, and even applications already lifted-and-shifted to the cloud. Use Stacksmith for your Linux applications Stacksmith provides reference architecture templates for: Java Tomcat NodeJS.NET Core Stacksmith supports: Microsoft Azure Virtual Machine Image Azure Resource Manager (ARM) Template AWS Amazon Machine Image (AMI) CloudFormation Template (CFT) Kubernetes Container Helm Chart

5 Benefits for developers: Automates application packaging and delivers the application images, PaaS service integrations, and deployment template optimized for the target cloud. Reduces the complexity of cloud deployment - easily adopt new cloud services. Supports the entire dev / test / prod lifecycle. Lets you focus on app development, yet still conform to policies set by security and operations. Benefits for IT operations: Provides a single, standardized process that supports multiple cloud & container platforms. Ensures enterprise standards & policies get applied. Streamlines maintenance - address updates & security vulnerabilities rapidly. Promotes immutability, a best practice for managing images and containers. Benefits for IT security: Creates a trusted and locked-down packaging pipeline from input sources to output destinations. Ensures essential security tooling is present and properly configured. Prompts and enforces asset regeneration as security policies evolve. Benefits for DevOps: Lets you focus on integration of cloud services and enablement of application teams. Permits enforcement of policies at packaging time, regardless of the tooling in use by the Dev, Sec or Ops teams. Helps systematically guide the organization toward best practices. Eliminates user-error in the asset generation and maintenance process. M /2018

6 What is Stacksmith Used For? While there are many ways Stacksmith can provide value to your organization, below are the four primary use cases we have identified: Continuous Image and Application Security Stacksmith maintains your existing immutable images and applications, shortening your maintenance cycles, improving your security posture, and reducing the time it takes to respond to critical events like a CVE. Cloud Transformation Stacksmith lets you modernize applications from your data center or those recently lifted-andshifted - for the cloud and containers. Gain cloud platform benefits such as access to best-fit services - without the need to re-write your applications as cloud native. Application Delivery and Maintenance Framework Placing the application package a single, versionable, immutable asset at the center of the handoff between development and operations helps ensure that DevSecOps best practices and corporate policies get implemented, helps clarify roles, provides visibility on what is running and how, and simplifies application updating. Enterprise Service Catalogs Ensure your teams are using the latest, up-to-date applications and solutions for the cloud platform you prefer. Let teams self-serve from a selection of apps and environments tailored to the needs of your organization. Keeping your catalog assets fresh and available reduces the risk that outdated, vulnerable applications get disseminated.

7 Stacksmith Packaging To address the needs of various sized organizations, Stacksmith is available in the following tiers: Stacksmith Public - for individuals with open source projects and those using open source software. Free of charge. Stacksmith Team for groups to get applications packaged and in production, or get from VMs to containers, in a programmatic and cost-effective way. Starting at $800 per month. Stacksmith Enterprise - for large organizations that require single-tenant delivery and directory integration. Contact us for pricing. Summary Stacksmith is the simplest way to package applications and assets for today's cloud and container platforms, and automate the ongoing maintenance of these applications so they remain up-to-date and secure. Stacksmith lets you place the application package a single, immutable image at the center of the DevOps process. It simplifies updating, encourages accountability, and enables policy enforcement all through an automated, systematic approach that delivers deploy-ready assets for multiple cloud and container platforms. Discover how Stacksmith can help you modernize your DevOps pipeline. For more information, visit To sign up for a free Stacksmith Public account, visit To speak with a Stacksmith sales representative, contact us at enterprise@bitnami.com M /2018