Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Patterns for succeeding with Azure in the Enterprise

Hibri Marzook
September 24, 2019

Patterns for succeeding with Azure in the Enterprise

Patterns for a successful and sustainable Azure adoption in the Enterprise.

Hibri Marzook

September 24, 2019
Tweet

More Decks by Hibri Marzook

Other Decks in Technology

Transcript

  1. 2 Helps teams deliver ideas and technology. Likes the challenge

    of using Public Cloud and Continuous Delivery to help teams deliver at a sustainable pace. @hibri www.hibri.net
  2. How do we know what’s going on our Azure estate?

    1 Which team takes care of Azure? 2 How do we have control over Azure usage? 3 How do we make it easy for our engineers to use Azure? 4 We are in a regulated industry. Can we trust it? 5 How do I install Azure? 6 3
  3. The NIST Definition of Public Cloud Computing 800-145 01 On-demand

    self-service 02 Broad network access 03 Resource pooling 04 Rapid elasticity 05 Measured/ Metered service 4
  4. 6

  5. https://www.flickr.com/photos/liverpoolhls/ “A Walking Skeleton is a tiny implementation of the

    system that performs a small end-to-end function. It need not use the final architecture, but it should link together the main architectural components. The architecture and the functionality can then evolve in parallel” Alistair Cockburn 7
  6. 8

  7. 9

  8. 10

  9. 12 • Deal with risk incrementally rather than in one

    go • Flag up heavyweight design reviews and manual approvals early
  10. 13

  11. 15

  12. 16

  13. 18

  14. An evolutionary architecture supports guided, incremental change across multiple dimensions

    Ford N, Parsons R, and Kua P (2017) - Building Evolutionary Architectures, O’Reilly Press 19
  15. An architectural fitness function provides an objective integrity assessment of

    some architectural characteristic(s) Ford N, Parsons R, and Kua P (2017) - Building Evolutionary Architectures, O’Reilly Press 20
  16. • Allows teams to use Azure resources as long as

    they don’t break the policy • Don’t need to rely only on build time controls • Allows iteration towards a compliant solution, without intervention from a central authority 22
  17. • Use Log Analytics to query across all resources •

    Identify services that are non-performant • Query resource attributes to find bad patterns 23
  18. 25

  19. Conway’s Law “Organisations which design systems are constrained to produce

    designs which are copies of the communication structures of these organisations” Melvin Conway 26
  20. 27 • Self organising teams focussing on customer problems, aligned

    with the company goals and vision • Enable teams to have autonomy and responsibility • Help teams reduce their blast radius • Don’t copy the org chart to Azure
  21. 28

  22. 29

  23. 30

  24. • Architectural layers should allow teams who own each layer

    to iterate independently • Layers at the bottom provide a service to layers above 31
  25. 32

  26. • Demonstrate security best practices early to win trust •

    Use RBAC • Access with least privilege • Don’t use God accounts to make things just work 33
  27. • Use service principals and managed identities from day one

    • Add users to Groups • Assign Azure AD Groups to roles • Avoid God accounts for automation 34
  28. 35

  29. 36

  30. Empathise with product teams and users Build with a product

    that has real users, and has real business value 37
  31. 39

  32. Developers will find a workaround to help them deliver Make

    it easier for devs to do the right thing, safely 41
  33. • Don’t lock developers out of the Azure portal •

    Provide sandboxes for devs to play around with • Read only access to production environments • Access to metrics and alerts • Allow teams to make their own dashboards 42
  34. • Turn on diagnostics early • Show devs the debugging

    options in Azure, if not you’ll have to resolve every issue 43
  35. 44

  36. 45

  37. 46

  38. 47

  39. 48

  40. 49

  41. 50

  42. 51

  43. 52

  44. 53

  45. 54

  46. 55

  47. 56

  48. 1. Show what’s been built, not diagrams. It’s easier to

    address concerns with a working system 2. Weekly/fortnightly technology and architectural sessions 57
  49. 1. Do regular demos, show and tells to other teams/departments

    2. Do take time to document 3. Do Azure Certs together 58
  50. 59

  51. 60

  52. 61

  53. 62

  54. 63

  55. 64

  56. 65 1. Build the Walking Skeleton first 2. Adopt a

    PaaS first approach 3. Adopt Evolutionary Architecture practices 4. Be aware of Conway’s Law 5. Build in trust 6. Build together 7. Make the developer experience awesome 8. Adopt CI/CD 9. Build in Operability 10. Build an internal Azure community of practice
  57. 66