devsecops
Since the inception of the agile manifesto in 2001, many software development methodologies emerged, each trying to improve processes. While the basic agile manifesto still guides workflows, today major efforts are extended mainly towards breaking silos across a wide range of fields. This is achieved by unifying siloed departments into collaborative teams.
自从2001年推出敏捷宣言以来,出现了许多软件开发方法,每种方法都在尝试改进流程。 尽管基本的敏捷宣言仍然可以指导工作流程,但如今,主要的工作仍在扩展,主要目的是打破广泛领域中的孤岛。 这是通过将孤立的部门合并为协作团队来实现的。
At first, development and operations teams were unified into DevOps teams. Today, it is becoming increasingly clear that DevOps is not enough. Security is also a critical aspect that needs to be addressed throughout the process, rather than in the end. Hence, the inception of DevSecOps, which adds security to the development cycle. To ensure database operations and machine learning operations run smoothly, as well, DataOps and MLOps were created.
首先,开发和运营团队被合并为DevOps团队。 如今,越来越明显的是DevOps还远远不够。 安全也是一个关键方面,需要在整个过程中而不是最后解决。 因此,DevSecOps的诞生为开发周期增加了安全性。 为了确保数据库操作和机器学习操作顺利运行,还创建了DataOps和MLOps。
This article examines these four main methodologies — DevOps, DevSecOps, DataOps, and MLOps — providing guiding principles for when and how to use each workflow.
本文研究了这四种主要方法-DevOps,DevSecOps,DataOps和MLOps-为何时以及如何使用每个工作流提供了指导原则。
什么是DevSecOps? (What Is DevSecOps?)
DevSecOps is the combination of DevOps with security teams. It is designed to ensure that responsibility for security is shared across development and operations tasks and to implement the management of “security as code”. Implementing DevSecOps is typically taken on by teams that are already comfortable working with a DevOps strategy.
DevSecOps是DevOps与安全团队的结合。 它旨在确保在开发和运营任务之间共享安全责任,并实施“安全即代码”管理。 DevSecOps的实施通常由已经熟悉DevOps策略的团队来承担。
DevSecOps teams enable security members to bridge the gap between development and deployment operations and security concerns. By breaking down the silos between teams, they can help integrate security practices into existing workflows, reducing friction and ensuring more secure products from the start.
DevSecOps团队使安全成员能够弥合开发和部署操作与安全问题之间的鸿沟。 通过打破团队之间的孤岛,他们可以帮助将安全实践集成到现有工作流程中,从而减少摩擦并确保从一开始就提供更安全的产品。
The ways that DevSecOps specifically differs from DevOps is both in tooling and mindset. These implementations shift testing to the left in development processes and focus on teaching security best practices. The idea is to prevent vulnerabilities from entering projects in the first place.
DevSecOps与DevOps的不同之处在于工具和思维方式。 这些实现将测试转移到开发流程的左侧,并专注于教授安全最佳实践。 这样做的目的是防止漏洞首先进入项目。
For example, DevSecOps teams often incorporate static application security testing (SAST) tools in integrated development environments (IDEs). This means security audits and testing begin before code is even submitted for traditional testing. Similarly, teams' focus may include cloud security posture management (CSPM) or compliance auditing tools into environment deployment steps. This helps catch misconfigurations before environments go live.
例如,DevSecOps团队通常在集成开发环境(IDE)中结合使用静态应用程序安全测试(SAST)工具。 这意味着安全审计和测试在代码甚至提交给传统测试之前就已经开始。 同样,团队的重点可能包括将云安全状态管理(CSPM)或合规性审核工具纳入环境部署步骤。 这有助于在环境上线之前发现配置错误。
DataOps:利用DevSecOps原理进行安全数据分析 (DataOps: Leveraging DevSecOps Principles for Secure Data Analytics)
As DevSecOps evolved from DevOps, other business units have also begun incorporating DevOps principles, branching off from the strategy and evolving. One example is DataOps, which has a base of data analytics.
随着DevSecOps从DevOps演变而来,其他业务部门也已开始采用DevOps原则,从策略中分支出来并不断发展。 一个示例是DataOps,它具有数据分析基础。
DataOps takes the practices and values of DevOps and extends it to data analytics workflows and goals. It applies the focus on collaboration and shared responsibility and shifts it to the engineers and admins that collect, store, analyze, secure, and deliver data.
DataOps采用了DevOps的实践和价值,并将其扩展到数据分析工作流和目标。 它将重点放在协作和共同责任上,并将其转移给收集,存储,分析,保护和交付数据的工程师和管理员。
DataOps is designed to streamline existing big data processes, increasing workload value and security simultaneously. It does this by integrating security into the encoding, retention, and delivery of data while keeping in mind the dependencies between analytics and storage workflows. This helps ensure more reliable access and can improve time-to-value.
DataOps旨在简化现有的大数据流程,同时增加工作负载价值和安全性。 它通过将安全性集成到数据的编码,保留和交付中,同时牢记分析和存储工作流程之间的依赖关系来做到这一点。 这有助于确保更可靠的访问并可以缩短实现价值的时间 。
DataOps基础架构 (DataOps Infrastructure)
Implementing DataOps requires more than a change in mindset or workflow; it also requires infrastructure modifications. For example, new architecture patterns that focus on agile feedback loops and automation.
实施DataOps不仅需要改变心态或工作流程; 它还需要对基础架构进行修改。 例如,关注敏捷反馈回路和自动化的新架构模式。
DataOps also often requires teams to implement next-generation technologies designed for analytics and storage. For example, teams typically need to adopt redundant, cluster-based storage to ensure that data processing pipelines are highly available and scalable. Environments may also need to be configured and deployed to ensure isolation and compliance with data privacy regulations. This is true for both production and test or dev environments.
DataOps通常还要求团队实施专为分析和存储而设计的下一代技术。 例如,团队通常需要采用基于集群的冗余存储,以确保数据处理管道具有高可用性和可伸缩性。 还可能需要配置和部署环境,以确保隔离和遵守数据隐私法规。 对于生产和测试或开发环境都是如此。
Another change that DataOps teams may need to address is the diversity of workload that is supported. For pipelines to offer agility, solutions need to be integrated into a single infrastructure, not distributed by task or team. This means incorporating big data analytics tools, like Spark and Hadoop, log aggregators, like Sumo Logic and Splunk, and oversight tools, like Prometheus and Jira.
DataOps团队可能需要解决的另一个变化是所支持的工作负载的多样性。 为了使管道能够提供敏捷性,解决方案需要集成到单个基础架构中,而不是由任务或团队分发。 这意味着要整合大数据分析工具(例如Spark和Hadoop) ,日志聚合器(例如Sumo Logic和Splunk)以及监督工具(例如Prometheus和Jira)。
DevOps和MLOps (DevOps vs MLOps)
MLOps is another offshoot of DevOps. In it, DevOps principles and workflows are applied to machine learning operations, such as model training and deployment. It implements pipelines and automation to enable the smooth flow of training operations and the integration of finished models into software products.
MLOps是DevOps的另一个分支。 在其中,DevOps原理和工作流被应用于机器学习操作,例如模型训练和部署。 它实现了流水线和自动化,以确保培训操作的顺利进行以及将完成的模型集成到软件产品中。
In many ways, MLOps also overlaps with DataOps since it also requires the handling, maintenance, and security of datasets. However, there are some aspects of machine learning workloads that require different focus or implementation. Some of these differences include:
在许多方面,MLOps也与DataOps重叠,因为它还需要数据集的处理,维护和安全性。 但是,机器学习工作负载的某些方面需要不同的关注或实施。 其中一些差异包括:
Team skills — in MLOps, teams need to incorporate ML researchers and data scientists who are often not experienced software engineers. These members focus on experimentation, model development, and data analysis and may not have the skills needed to perform application development, operations, or security tasks.
团队技能 -在MLOps中,团队需要聘请通常不是经验丰富的软件工程师的ML研究人员和数据科学家。 这些成员专注于实验,模型开发和数据分析,可能不具备执行应用程序开发,操作或安全任务所需的技能。
Development — unlike traditional development which is more linear, ML is often highly experimental. Teams need to be able to manipulate parameters and features and retrain models frequently. This requires more complex feedback loops. Additionally, teams need to be able to track operations for reproducibility without impeding workflow reusability.
开发 -不同于线性的传统开发,机器学习通常是高度实验性的。 团队需要能够操纵参数和特征并经常重新训练模型。 这需要更复杂的反馈回路。 此外,团队需要能够跟踪操作的可重复性,而不会妨碍工作流的可重用性。
Testing — testing in MLOps requires additional methods on top of what is normally done in DevOps or DevSecOps. For example, MLOps requires tests for data validation, model validation, and testing of model quality.
测试 -在MLOps中进行测试需要在DevOps或DevSecOps中通常完成的操作之外还需要其他方法。 例如,MLOps需要测试以进行数据验证,模型验证和模型质量测试。
Deployment — depending on the type of ML model you are deploying, you may need to set up pipelines for ongoing data handling and training. This requires multi-step pipelines, which can handle the retraining steps as well as the verification and redeployment processes. Without MLOps this is done manually but with it, steps should be automated.
部署 -根据您要部署的ML模型的类型,可能需要设置管道以进行持续的数据处理和培训。 这需要多步骤的流水线,可以处理再培训步骤以及验证和重新部署过程。 没有MLOps,这是手动完成的,但是有了它,步骤应该是自动化的。
Production — models in production can face challenges that aren’t faced by standard application deployments, such as issues related to evolving data profiles. This can cause models to decay and reliability to decrease. MLOps implementations need to incorporate continuous monitoring and auditing to confirm that models are both available and accurate. If accuracy decreases, models need to be called back and corrected.
生产 - 生产中的模型可能会遇到标准应用程序部署所未面临的挑战,例如与不断发展的数据配置文件相关的问题。 这可能导致模型衰减,可靠性降低。 MLOps实施需要合并持续的监视和审核,以确认模型既可用又准确。 如果精度降低,则需要回调模型并进行校正。
Another important area that MLOps deviates from DevOps is in how continuous integration/continuous development (CI/CD) pipelines are constructed. In MLOps, CI components need to extend to testing and validating data schemas, data, and models. CD components need to support the deployment of the training pipeline as well as the final model prediction service or application. Additionally, there is another component, continuous testing (CT) that needs to be accounted for to enable automatic model retraining and refinement.
MLOps偏离DevOps的另一个重要领域是如何构建持续集成/持续开发(CI / CD)管道。 在MLOps中,CI组件需要扩展到测试和验证数据模式,数据和模型。 CD组件需要支持培训管道的部署以及最终模型预测服务或应用程序。 此外,还有另一个组件,即连续测试(CT),需要考虑在内,以实现自动模型的重新训练和完善。
结论 (Conclusion)
DevSecOps unifies development, security, and operations roles into one unified team. The workflow is often automated and the feedback loop should be continuous. This ensures team members spend their time on critical tasks and continuously improve and secure the code.
DevSecOps将开发,安全和操作角色统一到一个统一的团队中。 工作流程通常是自动化的,反馈循环应该是连续的。 这样可以确保团队成员将时间花在关键任务上,并不断改进和保护代码。
DataOps workflows leverage DevOps principles, such as collaboration and automation, for data administration workflows. This workflow can help eliminate silos originating at the data level. MLOps workflows also leverage DevOps principles, but here the application is in machine learning operations.
DataOps工作流程将DevOps原理(例如协作和自动化)用于数据管理工作流程。 此工作流程可以帮助消除源自数据级别的孤岛。 MLOps工作流程还利用了DevOps原理,但是这里的应用程序是在机器学习操作中进行的。
Choosing a workflow is a critical component, and it requires cooperation between all involved parties. Before implementing a workflow, you should make sure all team members possess the necessary skills, the workflow is suitable for your project, and you have all necessary tools for testing, deployment, and production.
选择工作流是至关重要的组成部分,它需要所有参与方之间的合作。 在实施工作流之前,您应确保所有团队成员都具备必要的技能,该工作流适合您的项目,并且具有用于测试,部署和生产的所有必要工具。
翻译自: https://towardsdatascience.com/devsecops-vs-dataops-vs-mlops-93b49f0282b8
devsecops
1871
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
