developer week seattle cloud edition · modern digital organizations • modern organizations are...
TRANSCRIPT
1
Confidential
Developer Week Seattle – Cloud Edition
May 30th 2019
DevOps and Cloud in a Modern Digital Organization
2
Confidential
Modern Digital Organizations
• Modern organizations are aggressively adopting
Digital Transformation to sustain and accelerate
their speed of execution and innovation
• It means transforming the way companies build
products, understand customer needs and sell
products as well as how their products are consumed
• It is no longer an option but rather a necessity for
survival and growth in order to:
o Meet customer needs
o Respond to competitive landscape
o Become an agile and responsive organization
3
Confidential
Building Blocks of a Modern Digital
Organization
• Clear Strategy for Cloud Adoption
• Define Role of DevOps and SRE
4
Confidential
Cloud Adoption Strategy
5
Confidential
Cloud Adoption Strategy
• Define Key Drivers
• Define a Cloud Strategy
o Multi Cloud
o Hybrid Cloud
• Enforce Cloud Governance (FinOps and SecOps)
• Define an Approach to Cloud Adoption
• Promote Culture and Organization Structure Change
6
Confidential
Key Drivers
• Drivers should be:
o Agility
o Elasticity
o Scalability
o Cost/TCO (short term but not main driver)
• Goal should be:
o Make organization agile
o Driver for new business streams
o Develop new business strategies/monetization
o Customer responsiveness
7
Confidential
Multi Cloud Strategy
• Clear strategy avoids cloud churn that causes high
costs/lost opportunities
• Multi Cloud strategy drivers:
o Fear of vendor lock in
o Fear of Cloud outages
o Fear of high costs
• Viable reasons:
o Unique platform services
o Customers require product offered on multi clouds
• Recommended approach is to use one primary cloud
after diligence and second one for DR
8
Confidential
Hybrid Cloud Strategy
• Plausible scenario for organizations that have workloads
that cannot be moved to cloud for:
o Compliance
o Regulation
o Compatibility
• Requires:
o Network design/connectivity
o Service Mesh
• Recent offerings by Public Cloud Service Providers:
o GCP Anthos
o Azure Stack
9
Confidential
Multi Cluster Hybrid Architecture
10
Confidential
Cloud Governance (FinOps & SecOps)
• Critical and often overlooked part of Cloud Adoption
• Move from CAPEX to OPEX implies cost and security
management needs to be implemented upfront
• If overlooked, unsecure cloud environments can
potentially lead to data loss and cost overruns risking the
whole strategy
• Adopt a methodical “Cloud Cost Management
Framework”
• Implement DevSecOps by seamlessly integrating
security into Devops processes/pipeline
11
Confidential
Cloud Cost Management Framework • Map organization to Cloud
structure
o Enables budgeting boundaries
o Top down visibility
• Cost ownership
o Enables LOB to own budget
o Provides freedom to innovate
• Visibility
o Granular visibility and actionable
insights
o Continuous financial monitoring
• Enterprise level access control
o Mitigates cloud sprawl
o Standardizes cloud infra building
blocks
• Automation
o Optimization of deployed infra
o Enforcement of governance model
o Continuous monitoring of available vs requested
• Optimization
o Periodic review to validate evolving app architecture
o Leverage managed/PaaS services offered by CSP
o Leverage discounted offerings (preemptive VM,
usage discounts)
12
Confidential
Cloud Adoption Approaches
• Approaches can be:
o Phased Cloud Adoption Approach
o Bing Bang Cloud Adoption Approach
• Phased Cloud Adoption Approach consists of:
o Cloud Migration
o Cloud Optimization
o Application Modernization
• Allows companies to move to cloud in an expedited
fashion and start enjoying the benefits offered by this
transition
13
Confidential
Cloud Adoption Approaches
• Big Bang Cloud Adoption approach can take 12-18 with
benefits being realized at the end
• This can cause organization to face:
• Resource strains
• Buildup of Costs
• Need to continue running and supporting legacy
systems
• Lack of visibility of benefits
14
Confidential
Cloud Adoption Phases
Assessment &
Discovery
(Phase 1.1)
Migration
(Phase 1.3)
Planning
(Phase 1.2)
Operations &
Optimization
(Phase 2.0)
(Cost, Security,
Architecture)
Modernization
(Phase 3.0)
Cloud Migration Phase Cloud Optimization Phase
App Modernization Phase
15
Confidential
Role of DevOps and SRE
16
Confidential
What is DevOps?
• DevOps is a concept comprised of software
development, operations, services and processes
• It consists of connecting people, tools and processes
which can be summarized as CALMS:
• Culture: Mindset to break down silos, and value
collaboration
• Automation: Leverage methodologies like CI/CD
and reduce toil
• Lean: Focus on process details, purpose and people
• Measurement: Data driven decisions
• Sharing: Final part of feedback loop and
collaboration
17
Confidential
DevOps and SRE Roles
• Clearly define the role and charter of the DevOps and
SRE teams
• Select a DevOps model that works best for the company
o Core DevOps Team
o Distributed DevOps Team
o Hybrid DevOps Team
18
Confidential
Agile Organizations without
DevOps
19
Confidential
Agile Organizations without
DevOps
20
Confidential
DevOps Team Charter
○ Cover cloud-based and/or bare metal deployments
○ Development infrastructure layer for the product
○ Maintaining and extending functionality, redundancy features, Root-Cause analysis for the
issues
○ Building Infrastructure Manager – set of Ansible scripts and instructions for deploying solution
to desired environment (Public Cloud, Private Cloud)
○ Security – monitoring and analyzing potential security gaps of the complex environment for the
solution including network and 3rd parties; proactive patching, leading the built-in security
development approach, providing security tools
21
Confidential
DevOps Toolchain
Feature Branch
Laptop
Develop Branch
Master Branch
Commit
Build Static Code
Analysis Unit Test
Code Coverage
quality gates
Component Test
Integration (SIT) Test
Successful Commit and
Merge
Build, Integration and Validation Pipeline
Pull Request
Nightly Auto
Merge to Master
1 2 3 4 5 6 7
Branches Environment
DevQE
SIT
On Every
Commit 1 2 3 4 7
On Every
PR 1 2 3 4 7 5
Deploy on
Nightly 1 2 3 4 7 5 6
Deploy on
Dev
5 Commit gates
PR gates
6
22
Confidential
DevOps Maturity Model
Organization &
Culture
Foundation • External priorities
• Frequent commits
• Per-document process
Beginner • Per team backlog
• Pain shared across
• No boundaries in dev &
test
• Basic Agile
Intermediate • Extended collaboration
• Extended ownership
• Metrics-driven
• No silo in dev & ops
• Common processes for all
changes
Advanced • Dedicated tools team
• Ownership to prod
• deploy != release
• Kaizen
Expert • Cross functional teams
• Always roll forward (no
rollbacks)
Software Design &
Architecture • Platform and technology
consolidated
• Modularization of system
• APIM
• Libs management
• DB change management
• Trunk based development
or branch by abstraction
• Config as a code
• Feature toggling
• Components out of modules
• Component based arch
• Exposing business metrics
• All layers of system
(infrastructure,
configuration, apps) as
versioned code
CICD & Ops
• Versioning
• Scripted builds
• Dedicated basic CI
• Manual deploy
• Some scripting around
deployment
• Polling builds
• Artifacts repo
• Manual tag/versioning
• Some standardization
around deployment
• Commit hooks
• Auto tag/versioning
• Same code on all envs
• Pipeline deploys to prod
• Config management
• Envs standardization
• 0 downtime deploy
• Dynamic build farms
• Auto DB deploy/rollback
• Zero touch auto deploy
to prod
• Quality gates and
procedures around zero
touch deploy
Testing &
Validation • Auto unit tests
• Separate test environment • Auto integration tests
• Isolated auto component
tests
• Some auto acceptance
tests
• Full auto acceptance tests
• Auto performance tests
• Auto security tests
• Auto verification of
expected business value
Metrics &
Reporting • Baseline process metrics
• Manual reporting
• Measure the process
• Static code analysis
• Scheduled quality reports
• Common logging/info model
• Transaction traceability
• Dashboards as service
• Report trends analysis
• Infrastructure forecasting
• Dynamic dashboards
• Cross silo analysis
23
Confidential
SRE Team Charter
• Manage SaaS completely including deployment, upgrades, operations and support
• Manage the Product Software Cluster deployments
• Develop and improve tooling to maximize system uptime
and self-recovery, while minimizing manual effort
• Be “the first customer” for new Product features and functionality
• Drive SaaS with regular updates and releases
• Deploy new production environments
• Manage continuous delivery and disaster recovery process
• Customer and POC support
24
Support with SRE
• Customer can know of a problem before its customer is aware.
• Immediately know the system and it’s configuration, any alarms, and can have real time group
chat on Slack between relevant parties.
• Proactive engagement dramatically decreases total time to resolution
• Up to a 50% decrease in total time to resolution as compared to traditional support model
Telemetry
Near Realtime communication
Tele
metry
Sales Force
25
Confidential
Thank You
Faisal Mushtaq
VP Technology & Head of Global Cloud/DevOps
Practices
+1-408-718-6823