The benefits of DevOps best practices are widely accepted when developing, deploying, and operating software in a data center environment. Companies fluent in modern software development methodologies won’t even consider deploying software without automation, software supply-chain security, continuous deployment, and visibility into the health of their production environment.
Things often look different in edge and IoT projects, where software development (Dev) and operations (Ops) remain siloed. It’s not uncommon to see companies use a piecemeal approach, which results in a lot of manual and error-prone processes, poor visibility into each device’s software composition, and inability to update device fleets quickly, reliably, and securely. Not only does this slow the pace of innovation, but it also makes it difficult to mitigate security incidents. Security vulnerabilities such as Log4J / Log4Shell have shown us that exposures are a matter of “when”, not “if.”
Keep reading to learn how to apply DevOps best practices to your edge and IoT projects so you can accelerate innovation and improve your security posture.
Delivering DevOps best practices to IoT deployments
In theory, adopting DevOps for IoT edge devices should be straightforward. But, how do you do it in practice, when…
- Connectivity to devices is limited
- Devices are behind firewalls without a public IP address
- IT staff is not available at remote sites
- Devices are deployed outside of the data center security perimeter
- There are many different hardware platforms and configurations
- Scalability metrics are turned on their head, with many small nodes, each running few apps
It may sound tricky, but it’s possible. We’ve seen it first-hand: our customers apply DevOps best practices to IoT by following a few simple strategies. Here are six proven keys to streamlining the development, deployment, and operation of IoT fleet devices.
1. Automation from code to device
Automation is a necessity to foster greater speed and accuracy in a reliable manner. Without automation, teams are limited by inefficient and error-prone processes, which often result in sluggish lead time at best and risky security blind spots at worst. Automation, especially when conducted within a unified platform, can save developers weeks’ worth of time all while enhancing security conditions.
The JFrog Platform is an end-to-end, fully automated DevOps platform for managing and distributing trusted software releases from code to production. JFrog Connect is integrated with industry leading JFrog Artifactory, a proven unified management platform for software artifacts, and JFrog Xray, an application security SCA tool that works directly within DevOps workflows. Prebuilt integrations help JFrog Connect stay close to developers, providing an automated, repeatable process for software delivery, management, and security, from code to device.
2. Shift left to secure the software supply chain to IoT and edge devices
Until recent years, security analysis was conducted near the end of the software development lifecycle, often resulting in long development delays or increased risk of releasing vulnerability-laden software. Shifting left means implementing security measures at multiple points throughout the entire software development lifecycle. This “built-in” approach to security best practices makes it faster, easier, and even more affordable to address security and compliance issues.
The JFrog Platform gives you unrivaled control over your binaries, the “farthest left point” in software development. As part of the JFrog Platform, JFrog Xray scans software for vulnerabilities and licensing policy violations thereby making security a part of your DevOps workflow, and fortifying the software supply chain to edge IoT devices. JFrog Advanced Security augments Xray vulnerability detection capabilities to include contextual analysis to better evaluate the threat level of common vulnerabilities and exposures (CVE) and insecure use of libraries. Learn more about JFrog Advanced Security.
3. Track software versions in device fleets
When scaling fleet deployments and updates, it’s essential to have a repeatable process that can quickly and accurately deploy, track, update, and roll back software deployments to specific versions. A lack of visibility into device details like application version can have obvious negative effects on operational efficiency and the ability to update or remediate version-specific issues.
The unique combination of JFrog Artifactory + JFrog Connect offers a proven solution that can scale to thousands and thousands of IoT Edge devices. With Connect, you can view the status of your entire device fleet, including device state, model, OS, location, data, communication, and of course, application version. This level of visibility is key to scaling your edge and IoT projects.
4. Scale up device management with group segmentation
The inherent challenge for IoT is the large number of devices that need to be deployed, updated, and managed efficiently. That’s why it’s so important to make sure your IoT platform of choice has capabilities that will allow you to group your fleet devices based on a number of different parameters, such as location, geography, hardware model, or even software version. That way, when the time comes to test or deploy, you can take a more targeted approach by updating parts of your fleet, rather than casting a wide net to all devices.
JFrog Connect helps you scale fleet management with the ability to filter and segment devices into group and sub-groups, such as hardware, device state, software version, device location, as well as assign your own custom tags. By having a logical grouping of devices, one can quickly target a group of devices at once, and push out an update to all of them with a click of a button.
5. Shift right to monitor all edge & IoT devices
Shift right is the practice of using real deployments to track and assess an application’s performance in the production environment. It’s especially important in edge and IoT, because the production environment is constantly changing. Testing in production allows developers to keep up with fluctuations in things like traffic and workload, or evolving user needs and behavior.
JFrog Connect provides a comprehensive dashboard to view and control all your IoT Edge devices, allowing you to continuously monitor their statuses, such as CPU, memory, disk usage as well as custom data received from a specific runtime process. Automated alerts can be predefined and triggered when parameters are reached to notify administrators to take action before they escalate. Alert can be integrated with other applications, like Slack, using a simple webhook.
6. Troubleshoot and maintain devices remotely
Troubleshooting remote devices can be especially challenging with remote IoT devices since their network environments can vary greatly, IP addresses aren’t typically public, and they are likely operating behind a secure firewall.
JFrog Connect’s architecture includes a software client that resides on device and securely connects to the JFrog Connect server, even when the device’s IP address is not public. Tools to access and control remote devices are readily available using secure remote SSH, VNC, webview and reverse SSH.
History rhymes for DevOps
Mark Twain is reputed to have said, “History doesn’t repeat itself, but it often rhymes.” Recall a decade ago, when mobile apps were new and “there’s an app for that” was a common phrase that referred to apps built by small teams working outside the traditional development process. Today, mobile app development is mainstream and fully baked into modern DevOps processes. Edge and IoT development looks to be another verse.
JFrog Connect is an integral component of the JFrog enterprise DevOps platform. The built-in integration of JFrog Artifactory, JFrog Xray, and JFrog Connect help to provide the automation, security, and reliability of modern DevOps best practices to edge and IoT device management – from the developer to the device.