Slide 1

Slide 1 text

Hibri Marzook • Software Practice Lead Stuart Shelton • Senior Consultant A Tale of 3 Cloud Platforms in Government

Slide 2

Slide 2 text

2 Hibri Marzook Software Practice Lead Likes the challenge of using Public Cloud and Continuous Delivery to help teams deliver at a sustainable pace. Likes to use systems thinking to navigate the challenges of complexity @hibri www.hibri.net

Slide 3

Slide 3 text

3 Stuart Shelton Public Sector Team Lead Has been involved with a variety of public-sector clients over the past 8 years, and has both DevOps and Team Leadership experience of working on large-scale Cloud-enablement projects. Helping to build a great Engineering Culture through adoption of Agile best-practices, and accelerating Public Cloud Adoption with a DevSecOps approach. @srcshelton

Slide 4

Slide 4 text

Why is DevOps and Public Cloud in Gov hard?

Slide 5

Slide 5 text

Discontinuous Change https://flickr.com/photos/loopzilla/14028102901

Slide 6

Slide 6 text

Build Transition Own? Run? Support? Disjointed Delivery Someone’s problem Someone else’s problem Not our problem

Slide 7

Slide 7 text

Multi-party landscape Each 3rd party is governed by its own goals and contracts, and not aligned to the same goal

Slide 8

Slide 8 text

Distrust of Cloud Provider ● Public Cloud shared responsibility model was not understood ● Assessing Public Cloud like a on-prem data center would be assessed ● Need for approved approach from the Public Cloud provider

Slide 9

Slide 9 text

The 5 Essential Capabilities of Cloud Computing The NIST Definition of Public Cloud Computing 800-145 01 On-demand self-service 02 Broad network access 03 Resource pooling 04 Rapid elasticity 05 Measured/ Metered service 9

Slide 10

Slide 10 text

The Restricted Platform

Slide 11

Slide 11 text

Challenges ● IaaS in the Cloud ● Trusted only a few services from the Cloud Provider ● “DevOps” team was a blocker ● No viable path to production ● No elasticity ● Raise a ticket to allocate resources https://www.flickr.com/photos/stars6/4381853092

Slide 12

Slide 12 text

Provide a path for software delivery from Day 1

Slide 13

Slide 13 text

No content

Slide 14

Slide 14 text

Pipeline as a Product ● A versioned library of pipeline steps ● Opinionated Pipeline ● Abstract the platform behind pipelines ● Jenkins Pipeline as Code ● Evolve pipeline with Governance needs ● Cater to 95% of workloads ● Convention based

Slide 15

Slide 15 text

Opinionated Terraform Modules 1. Building blocks allow application teams to compose their application stack 2. Terraform modules abstract capability a. Web Application Module b. Backend module c. Relational Database module d. Caching Module 3. Infrastructure details are not exposed

Slide 16

Slide 16 text

No content

Slide 17

Slide 17 text

Internal Open Source ● Collaboration on Github.com ● Anyone can send a pull request ● All code for pipeline and TF modules are visible ● Breaks down the barriers between vendors ● Code belongs to the organisation

Slide 18

Slide 18 text

The Developer-autonomy (“everything and anything goes”) platform

Slide 19

Slide 19 text

Challenges ● Initial Cloud rollout started by a small team, only to fit their needs... ● … with no consideration for wider scale-out ● Need to enable pioneer teams in the organisation to learn how to work in the Cloud ● Need to cater for varied workloads

Slide 20

Slide 20 text

A Shared Responsibility Model

Slide 21

Slide 21 text

Give Autonomy

Slide 22

Slide 22 text

Give Autonomy within boundaries

Slide 23

Slide 23 text

Internal Open Source ● Platform code is visible to everyone ● Product code is segregated on a need to know basis ● Anyone can send a PR, to create an account or add/remove guard rails

Slide 24

Slide 24 text

No content

Slide 25

Slide 25 text

The Enterprise Platform

Slide 26

Slide 26 text

Challenges ● Platform run and owned by a 3rd party (managed service provider) ● Platform not validated with an application team ● Platform risk on the managed service provider

Slide 27

Slide 27 text

Dev Team Ops Team (Managed Service) App App App App Handover Tension

Slide 28

Slide 28 text

(Skelton and Pais, 2019, p. 105) Wall of confusion

Slide 29

Slide 29 text

What we learned

Slide 30

Slide 30 text

Define clear interaction boundaries and evolve within them

Slide 31

Slide 31 text

Understand risk and delegate it

Slide 32

Slide 32 text

Internal Open Source enables multiple parties to work transparently

Slide 33

Slide 33 text

Thank You 33

Slide 34

Slide 34 text

Q&A 34

Slide 35

Slide 35 text

Atlanta [email protected] Thank You contino.io continohq contino London [email protected] New York [email protected] Melbourne [email protected] Sydney [email protected] 35 Brisbane [email protected]