Cloud independence by architecture

Transcript

1. Cloud Independence by Architecture TLDR: How MOBIKO Avoids Vendor Lock-In

2. Happy that you‘re (still) here!

3. Who‘s that guy? Seeking fresh minds to share the kudos...

   and the occasional “technical oopsies”! MOIKO Card Solutions

4. There was a time…

5. First deployments and an idea…

6. The century of AWS

7. We don‘t know what we‘re doing

8. K8s as a Deployment tool

9. Standard Development flow

10. Beginning of a Start-Up

11. After a while…

12. Solution(?): Longer release cycles

13. Alternatives to status quo?

14. DevOps mit Azure

15. Phoenix project / project unicorn

16. CI / CD

17. Hire somebody who knows…

18. Taking ownership

19. Fancy infra, no benefit?

20. Integrate daily

21. Can we fix this today?

22. Make it easy to go back!

23. Automation, Automation, Automation • Code-review (AI-driven?) • Builds • Feature

    branch environments • Tests • Code scanning • Security scans • Deployments • …

24. Blue green deployments

25. Canary deployments

26. Canary deployments

27. Feature branch environments (Frontend)

28. KEDA

29. KEDA How cool is that?!?

30. Is it a bird? Is it a plane? No, it‘s

    serverless!

31. Azure Function featureset

32. Cloud agnostic Serverless providers

33. Is it a bird? Is it a plane? No, it‘s

    serverless!

34. Current stack • Azure Infra • K8s & Argo Rollouts

    & Github Actions • A lot of automation • Feature branch environments • KEDA -> 1,3 Releases every day

35. Give me some credits $$$

36. Azure founder‘s program

37. Azure founder‘s program

38. Azure founder‘s program

39. Migration Azure -> Azure - Azcopy - PostgreSQL dumps -

    Terraform apply - DNS-Entries (5 minute TTL) - CDN changes - Killing the maintenance page because it was hosted on the frontend server - Done

40. The century of AWS

41. Founder program

42. Founder program

43. Azure -> GCP Migration • Terraform: Rewrite for new infra

    • Azure blob Adapter -> GCS Adapter • ClamAV instead of Azure Defender • Azure to GCP Storage -> azcopy • PGDump • …

44. Self-hosting

45. New Member: Kargo

46. Getting old: Back to Azure

47. Why we went back to Azure • Maintainability • Azure

    Defender as WAF / Antivirus / … • 3-years reservation (that can be taken back before) saves tons of money • EU boundary program • Additional guarantees and SCCs • Latest migration: 4 hours in total, 2 hours downtime

48. Cloud independence by accident • Our tooling: Open Source Software

    • Getting more independent over time: • Verdaccio (Age-gate to lower risks of supply chain attacks) • Gitea & qodo AI as VCS • … • Our needs: migrating back and forth between provider without pain • Our requirement: MOBIKO should be able to run everywhere

49. Cloud independence by accident • Our tooling: Open Source Software

    • Getting more independent over time: • Verdaccio (Age-gate to lower risks of supply chain attacks) • Gitea & qodo AI as VCS • … • Our needs: migrating back and forth between provider without pain • Our requirement: MOBIKO should be able to run everywhere -> We‘re cloud independent by accident

50. Evaluation of new processes / services • Can we host

    it? • If not: How easy is it to replace (Azure Blob Storage -> Google Cloud storage -> S3 Emulator) • Is it smart to rely on an external provider? • How can we secure it? • How does it fit into the backup concept?

51. Buy vs. do Buy • WAF / security services •

    Storage • Databases (including point in time backups) • Keyvaults • CDNs Do • Core product • CI / CD pipelines • Deployment tools • BI Tooling (data should stay inside the Vnet) • Observability (Azure Log costs a few hundred / month, self hosted maybe 20$)

52. Some statistics • Migrations so far: 4 • Highest Deployments

    in a quarter: 2,8 Releases / workday • Theoretical founder credits: 151k Microsoft Azure & 100k Google cloud (+ 20% of first year expenses after the program) • First setup: Around 6 months • Latest migration • 1 Person • 1.5 Months of work

53. So long, and thanks for All the fish!