How DNS powers DevOps in DOD “software factories”

DOD now has DevOps-led software teams to solve warfighter problems. Here’s how DNS will play a key role in powering their innovations.


April 9, 2020

The sleekest jet.  The biggest aircraft carrier.  The most badass tank.  DOD agencies used to engage in a not-so-subtle competition to develop the coolest hardware on the planet.

In recent years, however, the measure of “cool” has shifted dramatically.  Instead of highlighting new weapons systems and platforms, DOD agencies are starting to put their resources into software. Defense leaders throughout the DOD have recognized the importance of software to winning the fight against near-peer adversaries on a modern battlefield.

Here’s how it works.  You get together a bunch of your best in-house and contract developers.  You let them all dress in jeans and t-shirts.  You give the office a “cool nerd” name, preferably one associated with Star Wars (Kessel Run, Bespin) or Star Trek (Kobayashi Maru).  You organize your workflow around a DevOps methodology.  Then you start solving problems for the warfighter.  Fast.

These DOD software factories may be the new measure of “cool”, but that doesn’t necessarily mean that they’ve reached their full potential yet.  They’re certainly moving fast and breaking things as designed.  Yet as DevOps becomes the new norm, they’re also discovering that some of the boring, old-school parts of the network can’t keep pace with the level of innovation they’re trying to maintain.

Squaring DevOps and NetOps

Here at BlueCat, we’ve seen plenty of DevOps and cloud teams hit this wall when it comes to IP address management.  For all the fast-paced methodologies they’ve developed, sometimes these teams get tripped up by the basics of back-end network architectures.

For example, DevOps and cloud teams need to spin up and draw down compute in the cloud at will.  To do this, they need to rapidly provision (and de-provision) IP addresses.  That means either asking the network team to assign an IP address (which means waiting for a service ticket) or generating one themselves (potentially creating an IP conflict which could bring down the network).

DNS can get messy when software development teams are operating in hybrid environments.  Ideally, you’re going to want a single source of truth which can assign and manage IP addresses across on-prem and multiple cloud instances.  If left to their own devices, most DevOps teams will just build IP address silos for each environment.  This creates havoc for the network teams that support them – they’ll need duelling spreadsheets to avoid an IP conflict and/or a complex tangle of conditional forwarding rules to make sure queries get where they’re supposed to go.

DOD agencies also face specific requirements around failover and network resilience which filter down to the DNS level.  The need to house and access data in redundant or compliant environments can trip up DevOps teams who just want to build cool stuff and move on.  When they have to stop and consider the connections between different environments, DevOps teams aren’t doing what they’re supposed to be doing – driving innovation.

DNS should just work

All of this boils down to the same problem:  DevOps teams shouldn’t really have to think about DNS at all.  IP address space should just be there for the taking, without any worry for how the network team manages it.  It should be available in any environment, and should automatically failover if any of those environments become inaccessible.  The whole back-end should just work.

The network teams which support these DOD software factories know, of course, that making all of this “just work” is far more complicated than it may seem.  That’s why they’re turning to BlueCat for solutions.

IP address provisioning

BlueCat solves the IP address provisioning challenge through automation.  Our platform enables self-service for IP address provisioning.  Think of it as a vending machine for IP addresses.  DevOps teams get as many IP addresses as they want, instantaneously.  Network teams get to control which IP addresses get assigned, and they receive back the IP addresses that are decommissioned, too.

Of course, this is just one way that our customers have used BlueCat’s automation platform. Our open API allows for customized workflows that are purpose-built for specific business outcomes. The bottom line: If you want to automate DNS, DHCP, or IPAM services to fit your particular needs, we can do that.

Managing hybrid environments

BlueCat also makes it far easier to manage DNS across hybrid environments.  When siloed DNS architectures are merged into a single source of truth, IP address conflicts become a thing of the past.  And with our intelligent forwarding capabilities, network admins can dramatically decrease the number of conditional forwarding rules they have to manage.

Failover is easy too – BlueCat offers multiple options for high availability which keep networks up and running even when primary assets go down.  Since our Adaptive DNS system can be deployed anywhere and everywhere, network admins have the flexibility to build resilience into their systems.

So if you’re a DOD employee who happens to be in blue jeans underneath a Star Wars logo, ask yourself:  is your DNS supporting the DevOps mission, or hindering it?  If it’s the latter, take a look at the BlueCat DDI platform and consider a change.

Published in:

An avatar of the author

BlueCat provides core services and solutions that help our customers and their teams deliver change-ready networks. With BlueCat, organizations can build reliable, secure, and agile mission-critical networks that can support transformation initiatives such as cloud adoption and automation. BlueCat’s growing portfolio includes services and solutions for automated and unified DDI management, network security, multicloud management, and network observability and health.

Related content

Detect anomalies and CVE risks with Infrastructure Assurance 8.4 

The Infrastructure Assurance 8.4 release features an anomaly detection engine for outliers and a CVE analysis engine to uncover device vulnerabilities.

Read more

Get fast, resilient, and flexible DDI management with Integrity 9.6

With Integrity 9.6, network admins can get support for new DNS record types, architect and configure multi-primary DNS, and automate IP assignments.

Read more

Deepen your security insight with Infrastructure Assurance 8.3

BlueCat Infrastructure Assurance 8.3, with an enhanced analytics dashboard, including interactive widgets and top 10 alerts, is now available.

Read more

Security, automation, cloud integration keys to DDI solution success

Only 40% of enterprises believe they are fully successful with their DDI solution. Learn how to find greater success with new research from EMA and BlueCat.

Read more

Our commitment to Micetro customers and product investment

From CEO Stephen Devito, a word on BlueCat’s ongoing commitment to supporting Micetro customers and Micetro’s evolution as a network management tool.

Read more

Seven reasons to rethink firewall monitoring and boost automation 

With BlueCat Infrastructure Assurance, you can better protect your network with automated alerts and suggested remedies for hidden issues in your firewalls.

Read more