By Juncal Alonso

During the GA meeting in Valencia, there was a discussion group on the following topics: Panel on DevSecOps applicability, challenges and future directions

During the session, some experts participated (Ismael Torres (Prodevelop), Juan Carlos Molina (Integranova), Abel Gomez (UOC), Matic (XLAB)) and some topics were analysed:.

Below are the questions and answers that were asked during the session.

1. What needs and expectations you have for safety, and whether this seems useful to you, and whether they find this as a value in KER?

As a representative of a medium-sized company and does not have many specialists, and the application is done by their customers, and now that they have Piacere they see an opportunity that they can deploy to the cloud.  Prodevelop is changing from on-premise to the cloud, and they have been doing it manually, and they are getting more and more cloud-oriented lately – they are starting to use terraform, amazon Kubernetes and docker. Now they have to take more responsibility, and they are migrating to the cloud and want to have a vendor-free migration, and don’t want to have to do a migration when changing the cloud provider.  And because the whole technology is developing rapidly, they don’t keep up and need intelligent support from the project.

2. Do you see the field in this transformation process has less involvement of people?, they can take interest in other problems and technical things can go faster thanks to piacere

It is thought that previously the DevOps team had to take weeks to do the migration to the cloud, now it is faster to do it.

Other expert say that has a small company and specializes in software development tools, some code generators they do, platform agnostic, for a specific representation of another platform, the business sells two things, technology and software factory, they gather requirements, and they have a wide spectrum of clients some have just code for deploy and deploy on their infrastructure, but they are also increasingly moving to the cloud  but they have customers who already have AWSor azure and pay to use that , they don’t have a devops team, they do everything.

3. What challenges do you have?

Differences between different cloud providers, migration to different cloud providers other problems they have: as one solution has done, they have problems with scaling geographic replications.

4. Other questions: Is it agnostic – as far as DOML is concerned?

Do you know where you are going to deploy, which version of the machine you are going to use in which configuration and price from which cloud provider, what are the resources as to how it will work,

It is say that optimizers should do this, because there is the idea that you are testing for which cloud provider DOML is sufficient.

Another expert say that would be helpful to know which components have too much load, and which have too much performance.

They have different provisioning status and for different cloud providers different and when you change the development stages the load changes – and they don’t know if the Piacere tool makes any recommendations on how to maintain these bundles at each level.

DOML could test it and do and do different usage variants and evaluate how it will load, the problem is how the user can explain how much power they want.

It is everything manually and they would like to do more tooling, in commercial clouds, the problem is to run development, and it is interesting for them in the canary environment, to see which operational phase should be better prepared.

They have problems with the cost of cloud providers because they use a lot but a lot in development.

They want a generic language that tells them how to deploy applications.