For many businesses looking to embrace modern business practices, deliver and scale faster, adopting a Cloud Native mindset and architecture makes sense. In this talk Nicki Watt, from OpenCredo, will explore the realities of making that journey for a number of clients. Far from being a smooth journey to the promised land, during this talk you will also learn about the numerous detours, bumps and challenges encountered along the way. Microservices, Kubernetes, Success, but also Bandages and Crutches; This talk is for you if you want to gain some pragmatic insight into what is entailed with such endeavours.
7. @techiewatt
THE CLOUD NATIVE DREAM (BUSINESS DRIVERS)
!8
Micro
services
CI /
CD
DevOps
Containers
Uses
Cloud
Native
Architecture
…
Tools &
Techniques
8. @techiewatt
▸Faster Time to
Market
▸Allow business to
grow (Scalability)
THE CLOUD NATIVE DREAM (BUSINESS DRIVERS)
!9
Micro
services
CI /
CD
DevOps
Containers
Uses
Business
Objectives
Cloud
Native
ArchitectureTo
Achieve
…
Tools &
Techniques
Cost also a factor …
9. @techiewatt !10
Micro
services
CI /
CD
DevOps
Containers
Uses
Business
Objectives
Cloud
Native
ArchitectureTo
Achieve
THE CLOUD NATIVE DREAM (BUSINESS DRIVERS)
…
Tools &
Techniques
People,
Teams &
ProcessesImpacts
On
▸Faster Time to
Market
▸Allow business to
grow (Scalability)
Cost also a factor …
17. @techiewatt
▸Taking on the world from day 1
▸Compromise - Do minimum get away with
▸Operating under a false sense of security
▸Only happy path testing
▸Inconsistent environments
▸The single instance fallacy
!18
TACKLING TOO MUCH, TOO QUICKLY
Can’t expect to gain a
fully rounded & reliable
cloud native system overnight!
19. @techiewatt
▸Quality is Compromised
▸Pain is delayed - focusing on easy not risky
▸Operate under a false sense of security
▸Only happy path testing (platform testing neglected)
▸Lack of robust CI/CD - Inconsistent environments
▸
!20
TACKLING TOO MUCH, TOO QUICKLY - OBSERVATIONS
20. @techiewatt
▸Quality is Compromised
▸Pain is delayed - focusing on easy not risky
▸Operate under a false sense of security
▸Only happy path testing (platform testing neglected)
▸Lack of robust CI/CD - Inconsistent environments
▸
!21
image credit: http://
www.guinnessworldrec
ords.com/world-
records/most-tennis-
balls-held-in-the-
mouth-dog
TACKLING TOO MUCH, TOO QUICKLY - OBSERVATIONS
21. @techiewatt
▸Quality is Compromised
▸Pain is delayed - focusing on easy not risky
▸Operate under a false sense of security
▸Only happy path testing (platform testing neglected)
▸Lack of robust CI/CD - Inconsistent environments
▸
!22
TACKLING TOO MUCH, TOO QUICKLY - OBSERVATIONS
22. @techiewatt
▸Quality is Compromised
▸Pain is delayed - focusing on easy not risky
▸Operate under a false sense of security
▸Only happy path testing (platform testing neglected)
▸Lack of robust CI/CD - Inconsistent environments
▸
!23
TACKLING TOO MUCH, TOO QUICKLY - OBSERVATIONS
26. @techiewatt
▸Taking on the world from day 1
▸Compromise - Do minimum get away with
▸Operating under a false sense of security
▸Only happy path testing
▸Inconsistent environments
▸The single instance fallacy
!27
Distributed Systems are hard.
The devil is in the detail
And the detail matters
RELYING ON A SURFACE LEVEL UNDERSTANDING
27. @techiewatt
▸Skills & Real World Experience
▸Kubernetes in 24 hours != Expert
▸Outsource commodity, in-house business value
▸Missing out on optimising for the Bigger Picture
▸Artificial Boundaries
▸Artificial Centralisation
!28
RELYING ON A SURFACE LEVEL UNDERSTANDING
28. @techiewatt
▸Skills & Real World Experience
▸Kubernetes in 24 hours != Expert
▸Outsource commodity, in-house business value
▸Missing out on optimising for the Bigger Picture
▸Artificial Boundaries
▸Artificial Centralisation
!29
RELYING ON A SURFACE LEVEL UNDERSTANDING
29. @techiewatt !31
▸Skills & Real World Experience
▸Kubernetes in 24 hours != Expert
▸Outsource commodity, in-house business value
▸Missing out on optimising for the Bigger Picture
▸Artificial Boundaries
▸Artificial Centralisation
RELYING ON A SURFACE LEVEL UNDERSTANDING
30. @techiewatt !32
▸Other War Stories …
▸DRY Dependency Hell
▸The Singularity Fallacy
▸Shallow Data (ref John Allspaw)
RELYING ON A SURFACE LEVEL UNDERSTANDING
31. @techiewatt !33
Gain basic skills & expertise
Make commodity problems
somebody else’s
Learn by
Optimising for the bigger picture
RELYING ON A SURFACE LEVEL UNDERSTANDING
35. @techiewatt
▸Often traditional tools just don’t cut it
▸Mileage varies …
▸Slow you down
▸Take you the long way round
▸Downright hurt you in long run
!37
INEFFECTIVE TOOLS & PROCESSES
36. @techiewatt !38
▸Mileage varies …
▸Slow you down
▸Take you the long way round
▸Downright hurt you in long run
▸More Forward Looking
INEFFECTIVE TOOLS & PROCESSES
37. @techiewatt !39
▸Slow you down
▸Unnecessarily Heavy tooling
(Some Enterprise Databases,
Base Container Images)
INEFFECTIVE TOOLS & PROCESSES
42. @techiewatt
▸Taking on the world from day 1
▸Compromise - Do minimum get away with
▸Operating under a false sense of security
▸Only happy path testing
▸Inconsistent environments
▸The single instance fallacy
!44
Considered Thought & Pragmatism …
(CNCF Recommendations - good start)
Rule of Thumb:
Automation, API & Horizontally scale
friendly
INEFFECTIVE TOOLS & PROCESSES - SO WHAT SHOULD YOU USE?
45. @techiewatt !47
IGNORING SECURITY CONCERNS
▸Enterprise Security has not kept up
▸No excuse to ignore it though!
▸Devs/Ops are the new Gatekeepers
▸Help a CISO, help yourself
▸Provide tools/reports to help understand new world
▸Shift Security Left, make it a 1st class citizen
46. @techiewatt !48
IGNORING SECURITY CONCERNS
▸Enterprise Security has not kept up
▸No excuse to ignore it though!
▸Devs/Ops are the new Gatekeepers
▸Help a CISO, help yourself
▸Provide tools/reports to help understand new world
▸Shift Security Left, make it a 1st class citizen
DevOps
CI CD
47. @techiewatt
▸Shift Security Left
▸No excuse to ignore it though!
▸Devs/Ops are the new Gatekeepers
▸Help a CISO, help yourself
▸Provide tools/reports to help understand new world
▸Shift Security Left, make it a 1st class citizen
!49
IGNORING SECURITY CONCERNS
DevSecOps
<— Shifting Security to the left<— Shift Security Left
48. @techiewatt
▸Get Security Insight Out
▸No excuse to ignore it though!
▸Devs/Ops are the new Gatekeepers
▸Help a CISO, help yourself
▸Provide tools/reports to help understand new world
▸Shift Security Left, make it a 1st class citizen
!50
IGNORING SECURITY CONCERNS
DevSecOps
<— Shifting Security to the leftGet Security Insight Out —>
Deploy
Security
Runtime
Security
49. @techiewatt
▸Get Security Insight Out
▸Help a CISO, help yourself
▸Provide tools/reports to help understand
new world
▸Help a CISO, help yourself
▸Provide tools/reports to help understand new world
▸Shift Security Left, make it a 1st class citizen
!51
IGNORING SECURITY CONCERNS
51. @techiewatt
▸Taking on the world from day 1
▸Compromise - Do minimum get away with
▸Operating under a false sense of security
▸Only happy path testing
▸Inconsistent environments
▸The single instance fallacy
!53
<— Shift Security Left
Get Security Insights Out —>
Engage don’t enrage!
IGNORING SECURITY CONCERNS
59. @techiewatt !61
▸Needs A Different
▸Approach
▸Tooling
▸Skills
THE CLOUD NATIVE JOURNEY
Micro
services
CI /
CD
DevOps
Containers
Uses
Business
Objectives
Cloud
Native
ArchitectureTo
Achieve
…
Tools &
Techniques
People,
Teams &
ProcessesImpacts
On
!61
61. @techiewatt !63
PRINCIPLES FOR SUCCESS
▸ Don’t take on too much too quickly
▸ Acquire enough expertise to journey safely
▸ Choose your Tools wisely
▸ Engage don’t enrage Security
▸ Anticipate, Plan and Actively Test for Failure