In our On Premise hosting environment we still run a lot of applications on traditional stacks without using containers. In order to run them in a secured way we created a mature patch automation. Thanks to ansible, rundeck, icinga and a bunch of other opensource tools we are able to update and reboot most of our systems without our customers noticing. We do that throughout the day on a regular base using rundeck, or even on short notice if another “heartbleed” occurs.
2. ABOUT US
2
Andreas Lehr
@shakalandy
Rico Spiesberger
@crsp
“Hosting and Domain Services” department
- lidl.de
- lidl-reisen.de/.at/.ch/...
- lidl-shop.nl/.be/.cz/.pl/...
- mobile app backend (30 countries)
3. ABOUT SCHWARZ IT
➔ Central IT of the Schwarz Group (Lidl, Kaufland, PreZero,
GreenCycle,...)
➔ ~ 3000 employees
➔ HQ in Weinsberg/Heilbronn - Location in Berlin
➔ We have Jobs - https://jobs.schwarz
3
9. HOW WE’VE DONE IT
c 9
Ansible and Rundeck
• 1 week cycle for DEV/TEST/QA
• 4 week cycle for PROD
• Emergency stuff can be patched
without prior information
• Target: no manual process, but fully
automated