Digital meets IT

Digital meets IT

A workshop run for Service Managers in the UK Government, trying to bring together the traditional IT organisation and the new world of digital services .

98234c645fe8c935edc0fec0186d28b8?s=128

Gareth Rushgrove

July 22, 2013
Tweet

Transcript

  1. GDS Digital meets IT Technology in Government Gareth Rushgrove

  2. GDS Gareth Rushgrove Gareth Rushgrove Technical Architect Government Digital Service

    @garethr
  3. What (Will I get from this workshop?) GDS Gareth Rushgrove

  4. High level principles Focus on specific areas GDS Gareth Rushgrove

  5. Government isn’t special Risk management in Government Sharing between services

    Service management isn’t new GDS Gareth Rushgrove
  6. Hosting Support Legacy Making changes GDS Gareth Rushgrove

  7. GDS Gareth Rushgrove

  8. GDS Gareth Rushgrove

  9. 2 Assemble a multidisciplinary team who can design, build and

    operate the service, led by a single, suitably skilled and empowered Service Manager GDS Gareth Rushgrove
  10. 5 Consider the tools and systems they will be using

    to build, host, operate and measure their service, and how to procure them GDS Gareth Rushgrove
  11. 14 Make sure you have the capacity and technical flexibility

    to update and improve the service on a very frequent basis GDS Gareth Rushgrove
  12. 15 Make all new source code open and reuseable, and

    publish it under appropriate licences (or have provided a convincing explanation of why this cannot be done for specific subsets of the source code) GDS Gareth Rushgrove
  13. Government isn’t special (Most of the time) GDS Gareth Rushgrove

  14. GDS Gareth Rushgrove Large companies aren’t special

  15. They used to be GDS Gareth Rushgrove

  16. Today more computer power in my phone than the Apollo

    11 mission computer GDS Gareth Rushgrove
  17. GDS Is 1 million a big number? GDS Gareth Rushgrove

  18. No GDS Gareth Rushgrove

  19. Is 1 billion a big number? GDS Gareth Rushgrove

  20. Still no GDS Gareth Rushgrove

  21. 662 Services http://transactionsexplorer.cabinetoffice.gov.uk/ GDS Gareth Rushgrove

  22. 1.28bn transactions per year http://transactionsexplorer.cabinetoffice.gov.uk/ GDS Gareth Rushgrove

  23. 1.2+bn tweets every 3 days GDS Gareth Rushgrove

  24. Off-the-shelf software GDS Gareth Rushgrove

  25. Off-the-shelf software isn’t always off-the- shelf GDS Gareth Rushgrove

  26. Everyone is a software company GDS Gareth Rushgrove

  27. Except where Government is different GDS Gareth Rushgrove

  28. Risk GDS Gareth Rushgrove

  29. Risk is better mitigated by people and processes GDS Gareth

    Rushgrove
  30. Risk Management in Government (and Information Assurance) GDS Gareth Rushgrove

  31. Assurance GDS Gareth Rushgrove

  32. Accreditation GDS Gareth Rushgrove

  33. Confidentiality Integrity Availability GDS Gareth Rushgrove

  34. Protective marking scheme GDS Gareth Rushgrove

  35. Existing: Top secret Secret Restricted Confidential Protect GDS Gareth Rushgrove

  36. New: Top secret Secret Official GDS Gareth Rushgrove

  37. Business Impact Levels GDS Gareth Rushgrove

  38. The problem with IL GDS Gareth Rushgrove

  39. GDS Gareth Rushgrove Information Security

  40. GDS Gareth Rushgrove

  41. Sharing between services (what and how) GDS Gareth Rushgrove

  42. Sharing GDS Gareth Rushgrove

  43. Sharing data GDS Gareth Rushgrove

  44. Sharing code GDS Gareth Rushgrove

  45. Sharing applications GDS Gareth Rushgrove

  46. Sharing platforms GDS Gareth Rushgrove

  47. Sharing expertise GDS Gareth Rushgrove

  48. Sharing within departments GDS Gareth Rushgrove

  49. Sharing across Government GDS Gareth Rushgrove

  50. http://www.flickr.com/photos/psd/9122642253 GDS Gareth Rushgrove

  51. Open standards GDS Gareth Rushgrove

  52. GDS Gareth Rushgrove Standards Hub

  53. Using open source GDS Gareth Rushgrove

  54. GDS Gareth Rushgrove Using open source safely

  55. GPG 38 - Open Source Software exploring the risk GDS

    Gareth Rushgrove
  56. Creating open source GDS Gareth Rushgrove

  57. GDS Gareth Rushgrove

  58. GDS Gareth Rushgrove Open Source Guidelines

  59. Not like-for-like with commercial products GDS Gareth Rushgrove

  60. Not like-for-like with commercial systems GDS Gareth Rushgrove

  61. Service Management isn’t new (ITIL and friends) GDS Gareth Rushgrove

  62. GDS Gareth Rushgrove Share language

  63. ITIL GDS Gareth Rushgrove

  64. Information Technology Infrastructure Library GDS Gareth Rushgrove

  65. 5 volumes 26 processes GDS Gareth Rushgrove

  66. Service Strategy GDS Gareth Rushgrove

  67. GDS Gareth Rushgrove 1. IT service management 2. Service portfolio

    management 3. Financial management for IT services 4. Demand management 5. Business relationship management
  68. Service Design GDS Gareth Rushgrove

  69. GDS Gareth Rushgrove 1. Design coordination 2. Service catalogue 3.

    Service level management 4. Availability management 5. Capacity management 6. Service continuity management 7. Information security management 8. Supplier management
  70. Service Transition GDS Gareth Rushgrove

  71. GDS Gareth Rushgrove 1. Transition planning and support 2. Change

    management 3. Asset and configuration management 4. Release and deployment management 5. Service validation and testing 6. Change evaluation 7. Knowledge management
  72. Service Operation GDS Gareth Rushgrove

  73. GDS Gareth Rushgrove 1. Event management 2. Incident management 3.

    Request fulfillment 4. Problem management 5. Access management
  74. Continual Service Improvement GDS Gareth Rushgrove

  75. GDS Gareth Rushgrove

  76. GDS Gareth Rushgrove

  77. ITIL and Waterfall GDS Gareth Rushgrove

  78. ITIL and Agile? GDS Gareth Rushgrove

  79. From: Manual, process and documentation heavy GDS Gareth Rushgrove

  80. To: Automated, metrics driven, collaborative GDS Gareth Rushgrove

  81. Exercise: Features vs Stability GDS Gareth Rushgrove

  82. GDS Gareth Rushgrove A Sample Service Interstellar spacecraft license Space

    interstellar-spacecraft-license
  83. Developers 5 reasons to focus on features GDS Gareth Rushgrove

  84. Operations 5 reasons to focus on stability GDS Gareth Rushgrove

  85. Developers vs Operations GDS Gareth Rushgrove

  86. Digital vs IT? GDS Gareth Rushgrove

  87. Antagonistic organisational structures GDS Gareth Rushgrove

  88. Misaligned incentives GDS Gareth Rushgrove

  89. Hosting (many things to many people) GDS Gareth Rushgrove

  90. Infrastructure your service runs on, and tools that support it

    GDS Gareth Rushgrove
  91. Infrastructure as a Service GDS Gareth Rushgrove

  92. Platform as a Service GDS Gareth Rushgrove

  93. G-Cloud procurement framework GDS Gareth Rushgrove

  94. Cloud First policy GDS Gareth Rushgrove

  95. Hosting hides lots of process and technical work GDS Gareth

    Rushgrove
  96. 14 areas GDS Gareth Rushgrove

  97. GDS Gareth Rushgrove Process Shared services Policy Design Components Monitoring

    Logging Config management Deployment Access control Provisioning Security controls Testing Operating systems
  98. 93 themes GDS Gareth Rushgrove

  99. GDS Gareth Rushgrove Source code hosting Capacity planning Network architecture

    Application metrics Security clearances HTTP caching Intrusion detection Internal DNS Operations manual Database backups Log storage File systems User directory ...
  100. 105 sample stories GDS Gareth Rushgrove

  101. Bring your own acceptance criteria GDS Gareth Rushgrove

  102. Usage guidelines GDS Gareth Rushgrove

  103. Support (day to day responsibility) GDS Gareth Rushgrove

  104. Real bugs happen in production GDS Gareth Rushgrove

  105. Help desk GDS Gareth Rushgrove

  106. Operating hours GDS Gareth Rushgrove

  107. Out-of-hours GDS Gareth Rushgrove

  108. Change control GDS Gareth Rushgrove

  109. Unexpected events GDS Gareth Rushgrove

  110. GDS Gareth Rushgrove Security advisories

  111. Expected events GDS Gareth Rushgrove

  112. GDS Gareth Rushgrove

  113. GDS Gareth Rushgrove

  114. Systems administration GDS Gareth Rushgrove

  115. Reporting GDS Gareth Rushgrove

  116. GDS Gareth Rushgrove Sometimes shorted to SIAM

  117. Suitable support models based on criticality GDS Gareth Rushgrove

  118. Avoid ambiguity of responsibility GDS Gareth Rushgrove

  119. End-to-end performance incentives GDS Gareth Rushgrove

  120. Usage based charging GDS Gareth Rushgrove

  121. Legacy (existing IT systems and components) GDS Gareth Rushgrove

  122. Digital public services GDS Gareth Rushgrove Mission IT Desktop, infrastructure,

    connectivity Back office, shared services
  123. Digital public services GDS Gareth Rushgrove Mission IT Desktop, infrastructure,

    connectivity Back office, shared services
  124. Digital public services GDS Gareth Rushgrove Mission IT Desktop, infrastructure,

    connectivity Back office, shared services
  125. Technology GDS Gareth Rushgrove

  126. Suppliers GDS Gareth Rushgrove

  127. Contracts GDS Gareth Rushgrove

  128. Wrapping systems with open interfaces GDS Gareth Rushgrove

  129. Engaging on a technical level with existing suppliers GDS Gareth

    Rushgrove
  130. Support from the Office of the Government CTO GDS Gareth

    Rushgrove
  131. Making changes (Going fast, reducing risk) GDS Gareth Rushgrove

  132. GDS Gareth Rushgrove On launching GOV.UK

  133. GDS Gareth Rushgrove

  134. GDS Gareth Rushgrove Average about 6 releases a day over

    6 months
  135. GDS Gareth Rushgrove We changed less software on the day

    of launch than probably any day before or since
  136. GDS Gareth Rushgrove Regular releases reduce risk

  137. GDS Gareth Rushgrove One click deploy

  138. GDS Gareth Rushgrove Single place to deploy

  139. GDS Gareth Rushgrove Change one thing at once

  140. GDS Gareth Rushgrove http://www.flickr.com/photos/fatty/9158066939 We use a physical token

  141. GDS Gareth Rushgrove Developers want Visibility of deploys

  142. GDS Gareth Rushgrove Organisation want auditability of deploys

  143. GDS Gareth Rushgrove App showing deploys

  144. GDS Gareth Rushgrove Not just applications

  145. GDS Gareth Rushgrove Configuration management

  146. GDS Gareth Rushgrove

  147. GDS Gareth Rushgrove package { 'apache2': ensure => latest, }

    service { 'apache2': ensure => running, provider => upstart, require => Package['apache2'] } Infrastructure as code
  148. GDS Gareth Rushgrove Infrastructure not just configuration

  149. GDS Gareth Rushgrove Infrastructure as a Service

  150. GDS Gareth Rushgrove Network, Compute and Storage via an API

  151. require 'rubygems' require 'nat' nat do snat :interface => "Client

    Data", :original => { :ip => "10.0.0.0/xx" }, :translated => { :ip => "xx.xx.xx.xx" }, :desc => "Outbound internet traffic" dnat :interface => "Client Data", :original => { :ip => "xx.xx.xx.xx", :port => 22 }, :translated => { :ip => "10.0.0.xx", :port => 22 }, :desc => "jumpbox-1 SSH" dnat :interface => "Client Data", :original => { :ip => "xx.xx.xx.xx", :port => 80 },, :translated => { :ip => "10.0.0.xx", :port => 80 }, :desc => "jenkins, logging, monitoring HTTP" GDS Gareth Rushgrove Network as code
  152. require 'rubygems' require 'firewall' firewall do # internal rules rule

    "ssh access to jumpbox1" do source :ip => "Any" destination :ip => "xx.xx.xx.xx", :port => 22 end rule "http to backend applications" do source :ip => "Any" destination :ip => "xx.xx.xx.xx", :port => 80 end rule "https to backend applications" do GDS Gareth Rushgrove Firewalls as code
  153. GDS Gareth Rushgrove Embrace process discussions

  154. GDS Gareth Rushgrove Change control

  155. GDS Gareth Rushgrove Optimise only as far as needed

  156. Exercise: What to monitor? GDS Gareth Rushgrove

  157. GDS Gareth Rushgrove Example GOV.UK

  158. 30,000+ metrics collected, many every second GDS Gareth Rushgrove

  159. ~2000 checks, most every few minutes GDS Gareth Rushgrove

  160. GDS Gareth Rushgrove http://www.flickr.com/photos/psd/8756580339 Lots of information on dashboards

  161. GDS Gareth Rushgrove What would you monitor? Interstellar spacecraft license

    Space interstellar-spacecraft-license
  162. Next steps (Further reading) GDS Gareth Rushgrove

  163. GDS Gareth Rushgrove CTO Guidance

  164. GDS Gareth Rushgrove Choosing Technology

  165. GDS Gareth Rushgrove

  166. GDS Gareth Rushgrove

  167. GDS Gareth Rushgrove

  168. GDS Gareth Rushgrove

  169. GDS Gareth Rushgrove

  170. Questions? (And thanks for listening) GDS Gareth Rushgrove

  171. GDS Gareth Rushgrove Gareth Rushgrove Technical Architect Government Digital Service

    @garethr