UNCLASSIFIED - NO CUI

Skip to content
Snippets Groups Projects

Roadmap Ideas

Last edited by Tom Runyon

Roadmap

This wiki page looks to outline long term items that should/could be tackled by Big Bang

Pipelines as Product

The biggest blocker to setting up a software factory is the time it takes to install and configure pipelines within Gitlab to function correctly.

SPIFFE-SPIRE

SLSA Framework

This could be grouped under Pipelines as Product, but this talks more about ensuring the right tools are available to provide pipelines that could meet SLSA Level 2/3 compliance

VAT Alternative

The VAT is an internal P1 tool used to perform vulnerability justification and acceptance. This works well for the P1 team on Ironbank, but end users of BigBang do not have a comparable tool that can be used in their environment.

See Here for more detailed information.

Serverless

Serverless framework deploy on a Big Bang stack provides multiple benefits long term:

  • Resource utilization - by spinning down pods to 0 when not being used, resource usage by applications can be reduced long term.

  • Standardizing mission applications - Current workflow for adding Mission Apps to a cluster is to create manifests for each application that comply with the policies defined by Kyverno and Gatekeeper. By using a framework like Knative, the sysadmins can define the standard template for spinning up pods that would translate the CRD:

apiVersion: serving.knative.dev/v1
kind: Service
metadata:
  name: helloworld-go
  namespace: default
spec:
  template:
    spec:
      containers:
        - image: ghcr.io/stefanprodan/podinfo:6.1.0
          ports:
          - containerPort: 9898
          env:
           - name: PODINFO_UI_COLOR
             value: "#34577c"

into multiple objects that have the correctly configured Deployments, Services, VirtualServices, etc.

Marketplace Deployment

Provide easier way to configure and deploy Big Bang for users without Kubernetes SMEs. Marketplace similar to https://otomi.io/ for Big Bang.

Self Service Multi-tenancy

Use tools like https://github.com/loft-sh/loft and https://github.com/loft-sh/vcluster to create the ability for P1 to quickly create and host Big Bang virtual clusters for customers. Also useful for development in dogfood and pipelines that currently use docker-in-docker.

It is unclear if docker-in-docker can continued to be used in Kubernetes 1.24 when docker shim is removed. So, we may be forced to look at something like vcluster.

Infrastructure Abstraction

Utilize crossplane to make infrastructure creation for Big Bang integrated into the product

Comments

    Please register or sign in to add a comment.

    UNCLASSIFIED - NO CUI