Phases E-K — Observabilite & Policies¶
Phase E — Observabilite complete¶
| Composant | Role |
|---|---|
| Loki | Logs agreges de toutes les VMs |
| Tempo | Traces distribuees (OpenTelemetry) |
| Beyla | Instrumentation eBPF zero-code |
| OTel Collector | Agregation metriques + logs + traces |
Beyla utilise eBPF pour instrumenter les applications sans modifier leur code. Detecte automatiquement HTTP, gRPC, SQL et genere des spans OpenTelemetry.
Phase F — DORA Metrics & Drift Detection¶
Les 4 metriques cles de l'ingenierie logicielle, calculees automatiquement :
| Metrique | Source | Calcul |
|---|---|---|
| Deployment Frequency | Jenkins | Deploys reussis / semaine |
| Lead Time for Changes | Gitea → Jenkins | Temps commit → production |
| Change Failure Rate | Jenkins | % deploys avec rollback |
| MTTR | IRIS | Temps incident ouvert → ferme |
Drift Detection : Jenkins cron horaire execute terraform plan -detailed-exitcode. Si drift detecte → incident IRIS automatique.
Phase G — Dependency Track¶
Analyse de la supply chain logicielle :
Deploy Jenkins → Syft genere SBOM CycloneDX
→ Upload Minio → Dependency Track API
→ Dashboard CVE Grafana
→ Si CVE CRITICAL → incident IRIS + notification
Phases H-K¶
| Phase | Nom | Objectif |
|---|---|---|
| H | Policy as Code | Sentinel dans pipeline Terraform (agents obligatoires, isolation VLANs) |
| I | Secret Rotation | Vault rotation auto (DB passwords, API keys, certificats) |
| J | Self-Service Portal | FastAPI + Backstage — deployer une VM en 5 min via formulaire |
| K | Tests Resilience | Failover Vault < 10s, failover Consul, rollback Terraform |