Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Leveraging Cloud Transformation to Build a DevOps Culture | AWS Public Sector Summit 2016

1,434 views

Published on

Many leaders have heard the terms "DevOps" or "DevSecOps", but may not be sure how to get there from a traditional development and operations culture. In this session we'll explore approaches to move from a siloed environment, possibly using waterfall processes and monolithic architectures to a collaborative agile environment with modern software architectures.

Published in: Technology
  • Secrets to making $$$ with paid surveys...  https://tinyurl.com/realmoneystreams2019
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Secrets to making $$$ with paid surveys... ★★★ http://ishbv.com/surveys6/pdf
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Leveraging Cloud Transformation to Build a DevOps Culture | AWS Public Sector Summit 2016

  1. 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Emil Lerch, Sr Consultant, AWS Professional Services J.R. Storment, Chief Customer Officer, Cloudability June 20, 2016 Leveraging Cloud Transformation to Build a DevOps Culture
  2. 2. The term “DevOps” typically refers to the emerging professional movement that advocates a collaborative working relationship between development and IT operations, resulting in the fast flow of planned work (i.e., high deploy rates), while simultaneously increasing the reliability, stability, resilience, and security of the production environment. —Gene Kim, author of The Phoenix Project What is DevOps
  3. 3. Through Security as Code, we have and will learn that there is simply a better way for security practitioners, like us, to operate and contribute value with less friction. We know we must adapt our ways quickly and foster innovation to ensure data security and privacy issues are not left behind because we were too slow to change. —DevSecOps Manifesto DevSecOps
  4. 4. Why does DevOps matter? • High-performing IT organizations deploy 30x more frequently with 200x shorter lead times; they have 60x fewer failures and recover 168x faster. • Lean management and continuous delivery practices create the conditions for delivering value faster, sustainably. • High performance is achievable whether your apps are greenfield, brownfield, or legacy. (source: puppet labs 2015 State of Devops Report) https://puppetlabs.com/sites/default/files/2015-state-of-devops-report.pdf
  5. 5. How do we transition to DevSecOps culture? People/Process Technical Reorganization: cross-discipline team Continuous integration Reorganization by vTeams Continuous delivery Documented release process Continuous deployment Documented testing processes Automated testing Cross-discipline training Automated monitoring and log analysis Cross-discipline social events Configuration management Rotation programs
  6. 6. Conway’s Law: Any organization that designs a system (defined broadly) will produce a design whose structure is a copy of the organization's communication structure. Melvyn Conway, 1967 http://www.melconway.com/Home/Conways_Law.html Inverse Conway Maneuver: In what could be termed an “inverse Conway maneuver,” you may want to begin by breaking down silos that constrain the team’s ability to collaborate effectively. Jonny Leroy/Matt Simons, 2010 http://jonnyleroy.com/2011/02/03/dealing-with-creaky-legacy-platforms/
  7. 7. Two-pizza teams Full ownership Full accountability Aligned incentives
  8. 8. DevSecOps maturity model Commit Accept Capacity Exploratory Production Commit Accept Capacity Exploratory Production Commit Accept Capacity Exploratory Production Commit Accept Capacity Exploratory Production Commit Accept Capacity Exploratory Production DevSecOps maturity Deployment pipelines Level5Level3Level4Level2Level1 Revision Control System Convergence (Configuration Management) System Infrastructure Provisioning System Artifact Management System Build & Continuous Integration System Feedback System
  9. 9. Strategies for migration from level 1–level 5 • Greenfield: Start full pipeline on pilot projects • Roll processes/tools to all new projects once verified • Brownfield: Gradually apply DevSecOps principles • Large organizations usually implement a combination • Pilot project/center of excellence • ”Back port” lessons onto existing code base
  10. 10. Sample strategy: existing applications 1. Setup CI/CD server 2. Development automates builds 3. Development/Operations automate deployments 4. QA automates tests 5. Operations automate infrastructure build/teardown
  11. 11. PROJECT MANAGEMENT SERVER 1. PICK TASKS 2. SUBMIT CODE 3. BUILD DEVELOPER 4. DEPLOY TO TEST 5. DOCUMENT DEPLOYMENT OPERATIONS 7. DEPLOY TO PROD TEST SERVER PRODUCTION SERVER QA 6. TEST 8. TEST SOURCE CODE REPOSITORY
  12. 12. SOURCE CODE REPOSITORY PROJECT MANAGEMENT SERVER1. PICK TASKS 2. SUBMIT CODE 4. BUILD DEVELOPER 5. DEPLOY TO TEST 6. DOCUMENT DEPLOYMENT OPERATIONS 8. DEPLOY TO PROD CONTINUOUS INTEGRATION SERVER 3. CHANGE NOTIFICATION TEST SERVER PRODUCTION SERVER QA 7. TEST 9. TEST
  13. 13. SOURCE CODE REPOSITORY PROJECT MANAGEMENT SERVER1. PICK TASKS 2. SUBMIT CODE 4. BUILD DEVELOPER 5. DEPLOY TO TEST TEST SERVER OPERATIONS PRODUCTION SERVER 7. DEPLOY TO PROD QA 6. TEST 8. TEST CONTINUOUS INTEGRATION SERVER 3. CHANGE NOTIFICATION
  14. 14. SOURCE CODE REPOSITORY PROJECT MANAGEMENT SERVER1. PICK TASKS 2. SUBMIT CODE 4. BUILD DEVELOPER 5. DEPLOY APPLICATION SERVER QA 6. TEST CONTINUOUS INTEGRATION SERVER 3. CHANGE NOTIFICATION
  15. 15. SOURCE CODE REPOSITORY PROJECT MANAGEMENT SERVER1. PICK TASKS 2. SUBMIT CODE 4. BUILD/TEST DEVELOPER 5. DEPLOY APPLICATION SERVER CONTINUOUS INTEGRATION SERVER 3. CHANGE NOTIFICATION
  16. 16. SOURCE CODE REPOSITORY PROJECT MANAGEMENT SERVER1. PICK TASKS 2. SUBMIT CODE 4. BUILD/ CREATE ENVIRONMENT/ TEST/TEARDOWN DEVELOPER 5. DEPLOY APPLICATION SERVER CONTINUOUS INTEGRATION SERVER 3. CHANGE NOTIFICATION
  17. 17. Cloud software development lifecycle AWS Elastic Beanstalk AWS OpsWorks Amazon CloudWatch AWS CloudFormation AWS CodeDeploy AWS CodeCommit AWS CodePipeline Code Build Test Deploy Provision Monitor
  18. 18. AWS and DevSecOps Opportunity AWS Services Marketplace offerings and Competency Partners AWS CloudFormation AWS CodeDeploy AWS OpsWorks AWS Elastic Beanstalk • IT shops fully embracing DevSecOps, can be orders of magnitude more productive than those that don’t. • AWS offers an array of powerful services to enable DevSecOps. • Using AWS CloudFormation to repeatedly and quickly deploy dev/test environments, and then shut them down immediately when tests complete, is helping customers:  Save money and time  Increase quality  Increase agility AWS CodeCommit AWS CodePipeline
  19. 19. DevSecOps, self service, and cost management Automation empowers individuals; however: Individuals spending OPM can spend too much AWS services can help:  AWS Identity and Access Management (IAM) restrictions  Cost Explorer  Detailed billing reports  Budgets  Cost and usage reports  Billing alerts AWS Partners can provide more analytics and assist in cost control
  20. 20. Bridging the gap from DevOps to finance J.R. Storment, Chief Customer Officer at Cloudability jr@cloudability.com
  21. 21. What DevSecOps brings to the table Breaking down silos Collaboration between cross-disciplinary teams Move faster in refreshing your infrastructure Constant adjustment to change Automated monitoring and alerting Effect—cost goes up and with a more complex financial audit trail
  22. 22. AWS CodeCommit AWS CodeDeploy AWS CodePipeline AWS CloudFormation AWS OpsWorks AWS Service Catalog AWS Device Farm AWS Mobile Hub Amazon SNS Amazon SQS Amazon CloudWatch Amazon S3 Amazon ECR Amazon ECS AWS Elastic Beanstalk AWS Lambda Amazon EC2 Amazon Redshift Amazon Elasticsearch Service IAM AWS KMS AWS CloudHSM AWS Certificate Manager Explosion of SKUs and metadata increasing reporting complexity
  23. 23. DevOps has decentralized deployment of resources to more engineers and involved finance in the planning decisions
  24. 24. CI/CD shortening feedback loops and creating opportunities to refresh infrastructure and improve efficiency
  25. 25. Cross-discipline teams (dev+ops+finance) now jointly responsible for bill… Engineers Finance Operations Capacity Execs
  26. 26. Finance a part of the process now DevOps Finance measurebuy align learn delivery pipeline feedback loop Cloud efficiency lifecycle
  27. 27. What is DevSecOps? developers customers releasetestbuild plan monitor delivery pipeline feedback loop Software development lifecycle
  28. 28. The term “FinOps” typically refers to the emerging professional movement that advocates a collaborative working relationship between DevOps and Finance, resulting in an iterative data-driven management of infrastructure spending (i.e., lowering the unit economics of cloud), while simultaneously increasing the cost efficiency and ultimately profitability of the cloud environment. What is FinOps? —J.R. Storment, chief customer officer at Cloudability
  29. 29. FinOps czar (n) A person or team focused on looking at the AWS billing data each month to identify opportunities to save money (e.g., with Reserved Instance coverage) FinOps/RI czar Why appoint one? Proper purchasing of RIs can save 30–60% on your AWS bill Assuming a $1 M/yr spend, there’s a potential savings of $300 K+ year. Usually is a technically minded person in finance, procurement, or vendor management
  30. 30. How do you build a FinOps culture? Put data in the hands of the people Enact policies and evangelize best practices Cross-train teams on shared knowledge and reporting tools
  31. 31. Visibility Allocation Efficiency Savings Unit cost I. Cost visibility
  32. 32. Tips for cost visibility Get each stakeholder the spending fundamentals daily Let each team see other teams’ spending habits Create broadly available dashboards
  33. 33. Visibility Allocation Efficiency Savings Unit cost II. Allocation
  34. 34. • Tags are highly flexible, but 100% coverage is difficult due to compliance • Linked accounts offer clean chargeback but limit reporting options Consolidation of accounts to achieve volume discounts driving centralized management of finance optimization
  35. 35. Pro tips: allocating costs Get consensus on the taxonomy (but let Finance drive) Define 2–3 mandatory tags like “project” or “environment” Consider a “tag or terminate” rule to enforce compliance
  36. 36. Visibility Allocation Efficiency Savings Unit cost III. Efficiency
  37. 37. Don’t run the cloud like a data center: 65% of the hours in a month are nights and weekends
  38. 38. Tips for encouraging efficient behavior 1. Automate weekly waste reporting for each team 2. Gamify cleanup by creating a visible leaderboard 3. Do a monthly, company-wide waste review
  39. 39. Visibility Allocation Efficiency Savings Unit cost IV. Savings
  40. 40. Rapid infrastructure changes driving need for iterative price optimization
  41. 41. Visibility Allocation Efficiency Savings Unit cost V. Unit cost
  42. 42. Focus on reducing unit cost, even at total cost grows 0 30 60 90 120 150 Unit cost Total cost
  43. 43. Thank you! Emil Lerch, Senior Cloud Architect at Amazon Web Services, emilerch@amazon.com J.R. Storment, Chief Customer Officer at Cloudability jr@cloudability.com

×