Staging

Usually, customers have more than one stage for testing changes before publishing them into production. Typical names for these stages are Production, Integration and Development, but the naming and the number of stages may differ from company to company.

Depending on the purpose of each stage, the desired settings might vary. The information provided on this page delivers some hints about what should be considered, which influences the desired settings.

Define the stages

It is crucial to define the purpose of each stage. The settings for each stage may differ depending on the specific objectives that need to be accomplished.

Common stages are:

Stage

Purpose

Remarks

Production

  • Secure and stable deployment

Productive deployment of the applications.

Integration

  • Find issues (functional, performance, security, configuration, ...) before going live.

Most similar setup of Production with the same settings.

Development

  • Easy integration

Environment to test new application versions and develop new configurations.

Please define the stages, their purpose and the process to move newer versions from one stage to another.

Besides the normal process of rolling out newer versions, there should also be a process to deploy fixes rapidly. Either due to a security risk, performance, or stability issue in Production.

Stage-specific settings

There are always differences between stages, like the following:

Differences

Examples

Description

Stage Environment

  • FQDNs
  • Ports
  • Paths
  • Lesser components

These differences are necessary to run multiple stages in parallel or because the stages are not completely identical to safe money.

Versions

  • Application version
  • Version specific settings

New versions of a rollout cycle from Development to Integration into the Production stage. Therefore, not only do the versions differ between the stages but also configuration files or other related files.

Purpose

  • Secure
  • Easy integration (insecure, more logs, ...)

While in Production, security settings should be enabled for the most secure setup. Having them in log-only mode during the Development stage might be allowed and desired for easy integration.

The reasons outlined directly influence templating and enforcement of policies. Therefore be aware of the mentioned reasons and adjust the templating mechanism or the policies deployed according to your needs.