DevOps Solutions: Containerized DevOps for Content Management Systems

Problem:

A large, independent U.S. government agency faced the challenge of transitioning several public and private applications, including flagship sites, from legacy on-premise servers to a modern cloud-based content management platform. The primary hurdle was the inconsistency and incompatibility of underlying tools, services, and technologies in the legacy applications. The agency needed a standardized and automated approach to allow dispersed development teams to work on these applications within the new AWS-based platform.

Solution:

CTAC collaborated closely with the agency’s stakeholders, addressing technical, business, and security concerns. The solution centered around building a FedRAMP/NIST 800-53 compliant AWS platform. Key components of the solution included:

  • Containerization with Docker: CTAC adopted Docker containerization technology to provide a standardized development lifecycle. Docker containers encapsulated everything needed to run an application, ensuring consistency and compatibility across applications.
  • Automated DevOps Pipeline: CTAC designed an automated and unified DevOps pipeline using Jenkins. This pipeline, leveraging Docker in local environments and Packer for Amazon Machine Images (AMIs) in production runtimes, facilitated automated, repeatable, and predictable deploys for the agency’s various applications.
  • Base Image Hardening: CTAC established an official base image based on Ubuntu, which was hardened according to CIS Docker Benchmarks. All deployable services were required to derive from this base image, ensuring security compliance.
  • Continuous Integration with Jenkins: Jenkins was used to pull code for each customer application, build components and system versions, and deploy them into appropriately secured Virtual Private Clouds (VPCs). SSH private keys granted access to the relevant repositories, enabling seamless integration.
  • AMIs with Packer: Packer, an open-source tool, was employed to create non-Docker EC2 Amazon Machine Images. These AMIs were configured using Puppet and other provisioners, ensuring consistency and reliability across multiple platforms.

Conclusion:

CTAC successfully designed and implemented a modern DevOps-focused platform on AWS, facilitating the migration of flagship sites from legacy on-premise servers. This transition facilitated a containerized development lifecycle, accommodating multiple development teams. The automated Continuous Integration/Continuous Deployment (CI/CD) pipeline ensured efficient and secure deployments, while the containerized runtime environment complied with government security standards. CTAC’s solution not only modernized the agency’s infrastructure but also provided a robust foundation for future development and scalability.