1

Confidential

Developer Week Seattle – Cloud Edition

May 30th 2019

DevOps and Cloud in a Modern Digital Organization

2

Confidential

Modern Digital Organizations

• Modern organizations are aggressively adopting

Digital Transformation to sustain and accelerate

their speed of execution and innovation

• It means transforming the way companies build

products, understand customer needs and sell

products as well as how their products are consumed

• It is no longer an option but rather a necessity for

survival and growth in order to:

o Meet customer needs

o Respond to competitive landscape

o Become an agile and responsive organization

3

Confidential

Building Blocks of a Modern Digital

Organization

• Clear Strategy for Cloud Adoption

• Define Role of DevOps and SRE

4

Confidential

Cloud Adoption Strategy

5

Confidential

Cloud Adoption Strategy

• Define Key Drivers

• Define a Cloud Strategy

o Multi Cloud

o Hybrid Cloud

• Enforce Cloud Governance (FinOps and SecOps)

• Define an Approach to Cloud Adoption

• Promote Culture and Organization Structure Change

6

Confidential

Key Drivers

• Drivers should be:

o Agility

o Elasticity

o Scalability

o Cost/TCO (short term but not main driver)

• Goal should be:

o Make organization agile

o Driver for new business streams

o Develop new business strategies/monetization

o Customer responsiveness

7

Confidential

Multi Cloud Strategy

• Clear strategy avoids cloud churn that causes high

costs/lost opportunities

• Multi Cloud strategy drivers:

o Fear of vendor lock in

o Fear of Cloud outages

o Fear of high costs

• Viable reasons:

o Unique platform services

o Customers require product offered on multi clouds

• Recommended approach is to use one primary cloud

after diligence and second one for DR

8

Confidential

Hybrid Cloud Strategy

• Plausible scenario for organizations that have workloads

that cannot be moved to cloud for:

o Compliance

o Regulation

o Compatibility

• Requires:

o Network design/connectivity

o Service Mesh

• Recent offerings by Public Cloud Service Providers:

o GCP Anthos

o Azure Stack

9

Confidential

Multi Cluster Hybrid Architecture

10

Confidential

Cloud Governance (FinOps & SecOps)

• Critical and often overlooked part of Cloud Adoption

• Move from CAPEX to OPEX implies cost and security

management needs to be implemented upfront

• If overlooked, unsecure cloud environments can

potentially lead to data loss and cost overruns risking the

whole strategy

• Adopt a methodical “Cloud Cost Management

Framework”

• Implement DevSecOps by seamlessly integrating

security into Devops processes/pipeline

11

Confidential

Cloud Cost Management Framework • Map organization to Cloud

structure

o Enables budgeting boundaries

o Top down visibility

• Cost ownership

o Enables LOB to own budget

o Provides freedom to innovate

• Visibility

o Granular visibility and actionable

insights

o Continuous financial monitoring

• Enterprise level access control

o Mitigates cloud sprawl

o Standardizes cloud infra building

blocks

• Automation

o Optimization of deployed infra

o Enforcement of governance model

o Continuous monitoring of available vs requested

• Optimization

o Periodic review to validate evolving app architecture

o Leverage managed/PaaS services offered by CSP

o Leverage discounted offerings (preemptive VM,

usage discounts)

12

Confidential

Cloud Adoption Approaches

• Approaches can be:

o Phased Cloud Adoption Approach

o Bing Bang Cloud Adoption Approach

• Phased Cloud Adoption Approach consists of:

o Cloud Migration

o Cloud Optimization

o Application Modernization

• Allows companies to move to cloud in an expedited

fashion and start enjoying the benefits offered by this

transition

13

Confidential

Cloud Adoption Approaches

• Big Bang Cloud Adoption approach can take 12-18 with

benefits being realized at the end

• This can cause organization to face:

• Resource strains

• Buildup of Costs

• Need to continue running and supporting legacy

systems

• Lack of visibility of benefits

14

Confidential

Cloud Adoption Phases

Assessment &

Discovery

(Phase 1.1)

Migration

(Phase 1.3)

Planning

(Phase 1.2)

Operations &

Optimization

(Phase 2.0)

(Cost, Security,

Architecture)

Modernization

(Phase 3.0)

Cloud Migration Phase Cloud Optimization Phase

App Modernization Phase

15

Confidential

Role of DevOps and SRE

16

Confidential

What is DevOps?

• DevOps is a concept comprised of software

development, operations, services and processes

• It consists of connecting people, tools and processes

which can be summarized as CALMS:

• Culture: Mindset to break down silos, and value

collaboration

• Automation: Leverage methodologies like CI/CD

and reduce toil

• Lean: Focus on process details, purpose and people

• Measurement: Data driven decisions

• Sharing: Final part of feedback loop and

collaboration

17

Confidential

DevOps and SRE Roles

• Clearly define the role and charter of the DevOps and

SRE teams

• Select a DevOps model that works best for the company

o Core DevOps Team

o Distributed DevOps Team

o Hybrid DevOps Team

18

Confidential

Agile Organizations without

DevOps

19

Confidential

Agile Organizations without

DevOps

20

Confidential

DevOps Team Charter

○ Cover cloud-based and/or bare metal deployments

○ Development infrastructure layer for the product

○ Maintaining and extending functionality, redundancy features, Root-Cause analysis for the

issues

○ Building Infrastructure Manager – set of Ansible scripts and instructions for deploying solution

to desired environment (Public Cloud, Private Cloud)

○ Security – monitoring and analyzing potential security gaps of the complex environment for the

solution including network and 3rd parties; proactive patching, leading the built-in security

development approach, providing security tools

21

Confidential

DevOps Toolchain

Feature Branch

Laptop

Develop Branch

Master Branch

Commit

Build Static Code

Analysis Unit Test

Code Coverage

quality gates

Component Test

Integration (SIT) Test

Successful Commit and

Merge

Build, Integration and Validation Pipeline

Pull Request

Nightly Auto

Merge to Master

1 2 3 4 5 6 7

Branches Environment

DevQE

SIT

On Every

Commit 1 2 3 4 7

On Every

PR 1 2 3 4 7 5

Deploy on

Nightly 1 2 3 4 7 5 6

Deploy on

Dev

5 Commit gates

PR gates

6

22

Confidential

DevOps Maturity Model

Organization &

Culture

Foundation • External priorities

• Frequent commits

• Per-document process

Beginner • Per team backlog

• Pain shared across

• No boundaries in dev &

test

• Basic Agile

Intermediate • Extended collaboration

• Extended ownership

• Metrics-driven

• No silo in dev & ops

• Common processes for all

changes

Advanced • Dedicated tools team

• Ownership to prod

• deploy != release

• Kaizen

Expert • Cross functional teams

• Always roll forward (no

rollbacks)

Software Design &

Architecture • Platform and technology

consolidated

• Modularization of system

• APIM

• Libs management

• DB change management

• Trunk based development

or branch by abstraction

• Config as a code

• Feature toggling

• Components out of modules

• Component based arch

• Exposing business metrics

• All layers of system

(infrastructure,

configuration, apps) as

versioned code

CICD & Ops

• Versioning

• Scripted builds

• Dedicated basic CI

• Manual deploy

• Some scripting around

deployment

• Polling builds

• Artifacts repo

• Manual tag/versioning

• Some standardization

around deployment

• Commit hooks

• Auto tag/versioning

• Same code on all envs

• Pipeline deploys to prod

• Config management

• Envs standardization

• 0 downtime deploy

• Dynamic build farms

• Auto DB deploy/rollback

• Zero touch auto deploy

to prod

• Quality gates and

procedures around zero

touch deploy

Testing &

Validation • Auto unit tests

• Separate test environment • Auto integration tests

• Isolated auto component

tests

• Some auto acceptance

tests

• Full auto acceptance tests

• Auto performance tests

• Auto security tests

• Auto verification of

expected business value

Metrics &

Reporting • Baseline process metrics

• Manual reporting

• Measure the process

• Static code analysis

• Scheduled quality reports

• Common logging/info model

• Transaction traceability

• Dashboards as service

• Report trends analysis

• Infrastructure forecasting

• Dynamic dashboards

• Cross silo analysis

23

Confidential

SRE Team Charter

• Manage SaaS completely including deployment, upgrades, operations and support

• Manage the Product Software Cluster deployments

• Develop and improve tooling to maximize system uptime

and self-recovery, while minimizing manual effort

• Be “the first customer” for new Product features and functionality

• Drive SaaS with regular updates and releases

• Deploy new production environments

• Manage continuous delivery and disaster recovery process

• Customer and POC support

24

Support with SRE

• Customer can know of a problem before its customer is aware.

• Immediately know the system and it’s configuration, any alarms, and can have real time group

chat on Slack between relevant parties.

• Proactive engagement dramatically decreases total time to resolution

• Up to a 50% decrease in total time to resolution as compared to traditional support model

Telemetry

Near Realtime communication

Tele

metry

Sales Force

25

Confidential

Thank You

Faisal Mushtaq

VP Technology & Head of Global Cloud/DevOps

Practices

Faisal.mushtaq@globallogic.com

+1-408-718-6823