Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Exponential growth with IaC superpowers

Exponential growth with IaC superpowers

Leaving the cloud infrastructure management to the development teams decreases the time-to-market but has important implications in terms of management and control.
This is the story of how, through a Terraform-based platform, that orchestrates the environments' management, we have achieved amazing business results by maintaining effective infrastructure governance and happy developers.
In this talk, we will present the framework we have developed and a success story.

Talk presented with Tommaso Previero at Agile Venture Vimercate 2019.

Carlo Corti

June 08, 2019
Tweet

More Decks by Carlo Corti

Other Decks in Programming

Transcript

  1. Agenda • Intro to lastminute.com • A problem we faced

    • Our solution • Demo • Q&A 2
  2. lastminute.com We sell Travel Services to more than 10 million

    customers per year across 35 countries in 15 languages Every month, we touch 45 million users across all of our websites and mobile apps 4
  3. Platform behind our people • 100+ microservices • ~20 product

    eng. teams • Java, Kotlin, C#, PHP, Python, Go, Js • Kubernetes on-premise • VMs on-premise • Multiple clouds: AWS, Azure, GCP 6
  4. Multi-cloud governance is hard Platform team need to keep costs

    under control; access should also be restricted to specific roles, while letting team have the freedom and speed to experiment on their own and evolve the product. 8 But every vendor has its own implementation to achieve this... Inevitably, conflicts arise
  5. Sample use case A new project with high business impact

    but also high volatility We needed to… • Iterate very fast and often • Feedback from our application Metrics and logs were not enough 9
  6. Not fast enough for business Going cloud was an idea

    but value was not delivered fast enough Slowness was related to... • No tooling to work with cloud • Poor cloud services knowledge • Missing team ownership 10
  7. Not fast enough for developers “Platform is a bottleneck!” Because

    humans don’t scale... • Provisioning is locked down • Support for changes once live • Stakeholders requests 11
  8. A new approach Let the teams manage infrastructure themselves! With

    just a few constraints: • 100% auditable • Common language • Single scope • Supervised by Platform 13
  9. Implementation IaC to the rescue Terraform + Golang + GitLab

    + Git • Software to manage software • Fast, consistent and repeatable • Scales on multiple projects • Minimizes cognitive load 14
  10. A safe playground for teams Infrastructure has started to be

    a part of a developer’s work Through experiments, failures and successes we... • Became faster • Reduced Big Upfront Design • Choose Quality, Time and Cost 16
  11. There was still a wall Cloud is an enabler to

    break this barrier but is it enough? Barriers between dev and ops... • tools do not solve alone • need best practices 17
  12. Improving collaboration 18 We can scale on multiple projects with

    zero additional overhead for Platform. A new, more effective way of communicating is born, project ownership is shared. Cloud management best-practices are propagated through code: • Permission management • Resources usage optimizations
  13. 19

  14. Devs make it better Dev teams take care of enhancing

    their environments Infrastructure is part of the daily dev work Team ownership drives quality at 360° Less process more actions 20
  15. Devs make it faster 21 Jun Jul Aug Sep Oct

    IaC Feature v1 IaC Feature v2 Feature Feature Feature
  16. Future improvements • CI pipelines to test changes • Adopt

    for all clouds, all projects • Simpler onboarding for new hires • Make it self-service • More customisations • Non product stakeholders access 24
  17. Use case AS a Service Manager (Auditing responsibilities) I WANT

    TO know how the user changed the production configuration SO I can understand if there is a correlation between an incident and a configuration change 26
  18. Make it happen • Create new project in Google Cloud

    called lmn-avv-2019-example • Template gcp-base (our std project with access to GCP APIs) • Carlo’s team will be the owner • Kotlin application to load auditing data on BigQuery 27