Embed Size (px)
Citation preview
Starting cloud native
@coteJuly 2015
2
Hello! • @cote – Director of Technical Marketing, Pivotal
• Former industry analyst at RedMonk & 451 Research
• Corporate strategy & M&A at Dell
• Software developer
• DevOps & Agile column at The Register
• Cote.io: podcasts, analysis, more
Agenda
3
1. Picking applications Grow from low-risk to big, user-facing & deploy
2. Process changes Become a learning organization
3. Organizational changes Small, balanced teams
4. GRC – security, controls Reducing variability & attack surface
5. Team skills agile, pairing to train & spread
6. Cloud native coding 12 Factor, microservices
7. Pivotal Cloud Foundry focus on customer value
“Pilot low-risk apps, and ramp-up”
4
Picking apps, according to Home Depot
• User/customer facing – something real• Run through the whole process• Low visibility – you’ll be learning in production• Create “Islands of Freedom”• In place of apps, perhaps just microservices
Sources: Home Depot meetup, Oct 2015; Humana at CF Summit 2015; EU payday loan company; Pivotal Labs on large auto company.
“What have you learned?”
5
Process change, according to large retailer CEO
• Small batch process• From “phase gates” to deploying to production• From Christmas tree status meetings to “what have
you learned?”• From roles-by-function to business outcomes
Sources: customer interviews, Pivotal Labs & Transformation practice.
Use small batch thinking, at all levels
• Deploy to production each time, avoid waterscrumfall
• Relies on:- Product approach- Small batch oriented
pipeline and process- Cloud native automation
Inception
Hypothesize
Validate w/real use(r)s
Did it work?
Sources: “Good Software is a Series of Little Failures,” Coté, April 2016; The Lean Startup, Eric Ries, 2011. The Lean Enterprise, Barry O'Reilly, Jez Humble, and Joanne Molesky; Lean Manufacturing PDCA loop. See also overview of this approach at the IRS from Dec 2015.6
Every step in each loop
Source: Pivotal Labs, March 2016. See also “Agile Transformation in the Age of the 3rd Platform,” Al Hilwa , IDC, March 2016.
Exploration Discovery
7
A small batches approach is more successful
"When we were doing big design upfront, downstream changes had to go through a rigid change control process. We wound up being busy with our own process rather than delivering value, and either we didn’t deliver or we delivered late.”
Large European retail bank
“We did an analysis of hundreds of projects over a multiyear period. The ones that delivered in less than a quarter succeeded about 80% of the time, while the ones that lasted more than a year failed at about the same rate. We’re simply not very good at large efforts.”
Large financial institution
Source: "Application Modernization, Service By Microservice," Kurt Bittner and Randy Heffner, Forrester, Dec 2015; "Best Practices For Agile-Plus- Architecture," Randy Heffner, Forrester February, 2015. More case studies in Brian Gracely’s "Evolving Organizational Dynamics for Cloud Native Applications," Wikibon, Nov, 2015. 8
Shift to user-centric design
9
How much do I owe the IRS?
Source: "Minimum Viable Taxes: Lessons learned building an MVP inside the IRS,” slides , Andrea Schneider & Lauren Gilchrist, 2015.
Before After
10
When software isn’t the cure (but it helps)
Source: story from interviews, picture from Wikipedia.11
Processes of high-performing organizations, 1
12 Source: 2016 DevOps Study, and various Nicole Forsgren joints.
Processes of high-performing organizations, 2
13 Source: 2016 DevOps Study, and various Nicole Forsgren joints.
“You’re talking a team of about 12 people.”
14
Organization change, according to UK GDS
• Success starts & ends with “management”• Focusing on change management• Small, independent teams• Mavericks cut trails for city-folk• Moving operations resources up the stack
Management creates the game
• Leading change management
• Setting, communicating, tracking goals
• Dramatic organization change, gradually
• E.g.: from autocrat to self-directed teams
Sources: Leading the Transformation, 2015; “Management’s Job is orchestrating the ‘why,’” 2015; The Concise Executive Guide to Agile, 2010.15
To change, you must actually changeOr, how t-shirts jump-start digital transformation
“I can’t tell you what having a leader stand-up in front of an organization with a hoodie and t-shirt does to cultural change. It all the sudden makes it OK for everyone within that organization to participate in change.”
-Matt Curry, Allstate16
Two pizza teams with end-to-end involvement
“The best way to do this stuff is to get a multi-disciplinary team of people in house – designer, user researcher, developer, content person – you’re talking a team of about twelve people”
Source: “Why Britain banned mobile apps; Interview with Ben Terrett, former design chief at the GDS,” GovInsider, June 2016. See also “From Aristotle to Ringelmann,” June 2016. Picture from Pivotal SafeMeds scrapbook; “Roles and Responsibilities for DevOps and Agile Teams,” Coté, May 2016.17
Bootstrap with “cowboys,” run with city folk
Sources: "Introducing cloud at Express Scripts, with Brian Gregory," Lords of Computing #12, April 2016; Widow Maker photo, garbage truck.
Likes shiny objects, gets bored easily.
Likes knowing what to do, thrives with stability.
18
Staff more on customer value, less on infrastructure
19
INFRASTRUCTURESITE RELIABILITY
PLATFORM
Innovation: Plan, design, develop and test business capabilities as deployable artifactsProduction Apps: config, deployment, QA, monitoring, scaling App Platform: upgrade platform, capacity planning, service mgmt., scale platformInfra Platform: Rack and stack, networking, data storage, etc.
ROLESCross-Functional
(Prod. Owner, Dev, QA)Application Operators
Platform OperatorsEngineering
(Storage, Security, Network, etc.)
AREAS OF FOCUS
BUSINESS CAPABILITY
Source: based on slide from Pivotal Cloud Foundry Solution team, discussions with GSA’s Diego Lapiduz; Pivotal customer.
Large financial institution on Pivotal Cloud Foundry: 145 apps with 2 ops people
GRC – auditors, security, controls, etc.
20
• Small batches create new opportunities for controls• Burning out the zombies, processes & servers• Removing variability with the platform• Enforcing policy with the platform
Small Batches Reduce Risk & Increase Controls
21
Five risks that small batches reduce
1. Bug swarms – less software leads to faster fixing.
2. Useless software – don’t wait 6+ months to find out, find out every 24 hours.
3. Stymied Innovation – daily opportunities to learn and innovate.
4. Budget overruns – check in daily on ROI, projections. Shut it down early and re-try if needed.
5. Schedule elongation – if you ship every day, guaranteed, how can you ever be late?
Source: "Dear Developers, Small Batch Releases Are Your Friend," Coté, Feb 2016, also in The Register.
"There have obviously been culture shocks. What is more interesting though is that the teams that tend to have the worst culture shock are not those typical teams that you might think of, audit or compliance. In fact, if you’re able to successfully communicate to them what you’re doing, DevOps and all of the associated practices seem like common sense. [Auditors] say, 'Why weren’t we doing this before?’”
"DevOps Enterprise Adoption at E*TRADE,”InfoQ/DOES, Jan 2016.
“We don’t want to pave over [old controls]…automating ineffecincies”
22
Dealing with GRC, according to a US Federal government agency
• Include auditors & security staff from the start, embed on the team even
• Give auditors access to the platform to “go see”• Re-visit processes and controls that no longer apply
– E.g.: patching “servers” and the OS
Sources: IRS project with Pivotal Labs; US EPA; Pivotal customers.
The cloud native approach has an abundant controls
Source: “Deployments We Can Believe In,” Diego Lapiduz, 18F, June 2015; see also “Barriers to DevOps in Government,” Coté, Oct 2015; “OpenControl Overview,” Joshua McKenty, March 2016. “Running Cloud Foundry in a Compliance and Security Focused Environment,” Diego Lapiduz and Bret A. Mogilefsky, 18F, May 2016.
18F/cloud.govATO reduction from
9-14 months to 2-3 days
23
Team skills
24
• Benchmark your agile skills• Balanced teams• Use rotating pairs to seed change
After 17 years, “Agile” is not as wide-spread as we think it is – make sure you’re actually doing it
Source: “Town Hall: Agile in the Enterprise,” Mike West, Nathan Wilson, Thomas Murphy, Dec 2015, Gartner AADI US conference.25
Pairing to spread skills & cloud native culture
26
Cloud native coding
27
• 12 factor apps define principals of code & code management
• Microservices defines the architecture• The rest is pretty much business as usual
The Application Framework promises
Codebase Dependencies Config Backing Services
Build, Release,
RunProcesses Port
BindingConcurrenc
y
DisposabilityDev/Prod
Parity Logs Admin Processes
Source: “The Twelve-Factor App.”
• A set of best practices for developing and deploying cloud-native software.
• Practices translate into platform features and workflow requirements.
28
A microservices approach gives you organizational agility, at the expense of architectural complexity
Benefits• Decoupling service
releases, teams• Faster innovation cycles• Composite applications
vs. monolithic apps
Problems• The one about the
murder mystery• Incompatible APIs• You still need other
people to do work
It’s worth solving the problems if you want the benefits…and it’s possible!
29
A cloud platform provides speed, resilience, & standardization
30
“PaaS, for us, eliminates entire classes of problems that we just don’t have to think about anymore.”
-Lindsay Holmwood, Head of Development, Australian Government Digital Transformation Office
Sources: "Technical Dive into Cloud Native Application Platforms," Brian Gracely, Wikibon, Sep 2015; "The cloud-native future," Casey West, O'Reilly Radar, Aug 2015; “Get Started on Pivotal's Cloud Foundry Stack,” Coté/The New Stack, Jan 2016; Cloud Foundry overview book.
Thanks!@cote | [email protected]
“We are uncovering better ways of developing software by doing it and
helping others do it.”- The Agile Manifesto, 2001
