UNCLASSIFIED
31
UNCLASSIFIED
Deploy Tools and Activities
The tools used in the Deploy phase are environment and deployment stage dependent. The two
dominant deployment options include virtual machines and software containers.
Virtual Machine Deployment
Legacy applications can be deployed as virtual machines using a standards-based format such
as Open Virtualization Format (OVF), which can be imported by the market-leading hypervisors.
The virtualization manager manages the virtual compute, storage, and network resources. In
some hosting environments, such as a general-purpose cloud, the virtualization manager also
provides some security capabilities, such as micro-segmentation, which creates security zones
to isolate VMs from one another and secure them individually. Several capabilities of the
virtualization manager are keys to the success of mission application runtime operation and
security, such as health checking, virtual resource monitoring, and scaling. The application
production environment infrastructure has to leverage these capabilities in its architecture and
configuration.
The use of “clones” from a master image library enables VMs to be created quickly. A clone is
made from a snapshot of the master image. The use of clones also enables the concept of
immutable infrastructure by pushing updated, clean images to the VM each time it is started.
Only the master image needs to be patched or updated with the latest developed code; each
running image is restarted to pick up these changes.
Container Deployment
A container manager provides capabilities that check for new versions of containers, deploys
the containers to the production environment, and performs post-deployment checkout. The
container manager consists of an OCI-compliant container runtime and a CNCF Certified
Kubernetes, which is an orchestration tool for managing microservices or containerized
applications across a cluster of nodes. The nodes could be bare metal servers or VMs. The
container manager may be owned by a mission program or provided by the cloud hosting
environment. It simplifies container management tasks, such as instantiation, configuration,
scaling, monitoring, and rolling updates. The CNCF Certified Kubernetes interacts with the
underlying virtualization manager in the cloud environment to ensure each node’s health and
performance, and scale it as needed. This scaling includes container scaling within the CNCF
Certified Kubernetes cluster, but when running in a cloud, it also includes the ability to auto-
scale a number of nodes in a cluster by adding or deleting VMs.
Deploy phase tools and their related activities are listed in Table 13: Deploy Phase Tools and
Table 14: Deploy Phase Activities, respectively.