InfoQ recently sat down with Joan Wrabetz, CTO at Quali, and discussed the role ‘cloud sandboxes’ can take within the modern software development lifecycle (SDLC). Quali's Cloud Sandbox technology enables a user to create, manage and publish replicas of infrastructure and application configurations for on-demand usage by the technical and business teams. The primary use cases for cloud sandboxes include development and quality assurance testing, proof-of-concepts, training/labs, and sales demonstrations.
Quali’s CloudShell tool allows infrastructure and applications to be modelled within a cloud sandbox in order to replicate complex production environments. Users can combine both physical and virtual infrastructure and network connectivity, applications, data, and test tooling within a sandbox. Orchestration workflows can be created using native Python libraries or a visual drag-and-drop authoring tool. Sandboxes can be saved, restored, configured, and monitored via CloudShell, and ‘blueprints’ can be created to allow the creation of self-service catalogues for use by developer and QA engineers. CloudShell also integrates with continuous delivery tooling like Jenkins, for which an open source ‘Sandbox-Jenkins-Plugin’ has recently been released.
According to Wrabetz, sandbox technology can help drive “DevOps transformations” by automating the creation of production-like environments for testing. Previously siloed teams within an organisation can be encouraged to collaborate on the management of sandboxes in order to promote shared accountability and ensure that each team's core areas of responsibility are met via configuration, tooling or auditing.
Without this ability to define and share environments, it is all too easy to create 'bubbles' or walled-off areas of the business, where infrastructure configuration drifts from live deployments and data is not representative of production.
With the rise in popularity of using Linux containers, such as Docker or rkt, to package and deploy applications, InfoQ asked how cloud sandboxes differ from this technology. Wrabetz responded by stating that CloudShell allows the provision of infrastructure outside the scope of container technology, such as VMware vCenter; Cisco networking products like Catalyst, Fabric Interconnect, and Nx-OS devices; and AWS services like EC2, VPC and networking. Docker is also supported by CloudShell, and Wrabetz noted that there is some conceptual similarity between container and sandbox technologies:
Quali’s CloudShell does for environments what Docker does for applications, in that it enables the portability and sharing of infrastructure configurations in addition to application configuration.
Wrabetz continued by stating that it is difficult to automate the movement of applications from development to production without a common infrastructure that is available throughout the SDLC. Container technologies are making this possible with greenfield ‘cloud native’ applications, but many organisations have legacy systems or complex production environment configuration that cannot be simulated within the boundaries of a Linux container.
The ability to pool both physical and virtual infrastructure to be deployed in an on-demand fashion within a sandbox can be used to facilitate continuous testing. Wrabetz commented that the drive to “shift left” quality assurance, from both the perspectives of defining tests before building features and also making testing environments and data as production-like as is feasible, means that having an automated method to create and share complex environments can be an enabler for the business teams as well as technology teams.
Wrabetz stated that many of Quali’s customer’s are keen to utilise cloud sandboxes for non-functional testing, in addition to functional quality assurance.
A sandbox blueprint can be defined, audited, and shared throughout an entire organisation. This is great for meeting regulatory compliance, and also ensures that both performance and security testing can take place within realistic and recreatable environments.
Additional information on Quali’s Cloud Sandbox software and CloudShell tooling can be found on the Quali website, and questions can be asked to the community via the developer forums.