Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Goto Chicago 2019 - Journeys To Cloud Native Ar...

Goto Chicago 2019 - Journeys To Cloud Native Architecture: Sun, Sea And Emergencies

Talk given at Goto Chicago 2019. https://gotochgo.com/2019/sessions/715

Nicki Watt

April 30, 2019
Tweet

More Decks by Nicki Watt

Other Decks in Technology

Transcript

  1. @techiewatt ABOUT ME / OPENCREDO • CTO at OpenCredo •

    Hands on software development consultancy • Cloud Native; Data Engineering & ML
  2. AGENDA OVERVIEW • OVERVIEW - THE DREAM • ISSUES &

    CHALLENGES • CONCLUSION @techiewatt
  3. @techiewatt THE CLOUD NATIVE DREAM (BUSINESS DRIVERS) Micro
 services CI

    / 
 CD DevOps Containers Uses Cloud Native
 Architecture … Tools & Techniques
  4. @techiewatt ▸Faster Time to 
 Market ▸Allow business to grow

    (Scalability) THE CLOUD NATIVE DREAM (BUSINESS DRIVERS) Micro
 services CI / 
 CD DevOps Containers Uses Business
 Objectives Cloud Native
 Architecture To
 Achieve … Tools & Techniques
  5. @techiewatt Micro
 services CI / 
 CD DevOps Containers Uses

    Business
 Objectives Cloud Native
 Architecture To
 Achieve THE CLOUD NATIVE DREAM (BUSINESS DRIVERS) … Tools & Techniques People, Teams & Processes Impacts 
 On ▸Faster Time to 
 Market ▸Allow business to grow (Scalability)
  6. @techiewatt “Going Cloud-Native” is an approach to build and run

    applications capable of exploiting and taking advantage of modern, scalable cloud like delivery techniques and tools in order to meet business objectives!
  7. @techiewatt ▸Taking on the world from day 1 ▸Compromise -

    Do minimum get away with ▸Operating under a false sense of security ▸Only happy path testing ▸Inconsistent environments ▸The single instance fallacy TACKLING TOO MUCH, TOO QUICKLY Can’t expect to gain a 
 fully rounded & reliable 
 cloud native system overnight!
  8. @techiewatt • Many Moving Parts • App Architecture • Ops

    • Infrastructure TACKLING TOO MUCH, TOO QUICKLY
  9. @techiewatt • Quality is Compromised • Pain is delayed -

    focusing on easy not risky • Operate under a false sense of security • Only happy path testing (platform testing neglected) • Lack of robust CI/CD - Inconsistent environments • TACKLING TOO MUCH, TOO QUICKLY - OBSERVATIONS
  10. @techiewatt • Quality is Compromised • Pain is delayed -

    focusing on easy not risky • Operate under a false sense of security • Only happy path testing (platform testing neglected) • Lack of robust CI/CD - Inconsistent environments • image credit: http:// www.guinnessworldrec ords.com/world- records/most-tennis- balls-held-in-the- mouth-dog TACKLING TOO MUCH, TOO QUICKLY - OBSERVATIONS
  11. @techiewatt • Quality is Compromised • Pain is delayed -

    focusing on easy not risky • Operate under a false sense of security • Only happy path testing 
 (platform testing neglected) • Lack of robust CI/CD - Inconsistent environments • TACKLING TOO MUCH, TOO QUICKLY - OBSERVATIONS
  12. @techiewatt • Quality is Compromised • Pain is delayed -

    focusing on easy not risky • Operate under a false sense of security • Only happy path testing 
 (platform testing neglected) • Lack of robust CI/CD - Inconsistent environments • TACKLING TOO MUCH, TOO QUICKLY - OBSERVATIONS
  13. @techiewatt ▸Taking on the world from day 1 ▸Compromise -

    Do minimum get away with ▸Operating under a false sense of security ▸Only happy path testing ▸Inconsistent environments ▸The single instance fallacy Distributed Systems are hard. 
 The devil is in the detail
 And the detail matters RELYING ON A SURFACE LEVEL UNDERSTANDING
  14. @techiewatt • Skills & Real World Experience • Kubernetes in

    24 hours != Expert • Outsource commodity, in-house business value • Missing out on optimising for the Bigger Picture • Artificial Boundaries • Artificial Centralisation RELYING ON A SURFACE LEVEL UNDERSTANDING
  15. @techiewatt • Skills & Real World Experience • Kubernetes in

    24 hours != Expert • Outsource commodity, in-house business value • Missing out on optimising for the Bigger Picture • Artificial Boundaries • Artificial Centralisation RELYING ON A SURFACE LEVEL UNDERSTANDING
  16. @techiewatt • Skills & Real World Experience • Kubernetes in

    24 hours != Expert • Outsource commodity, in-house business value • Missing out on optimising for the Bigger Picture • Artificial Boundaries • Artificial Centralisation RELYING ON A SURFACE LEVEL UNDERSTANDING
  17. @techiewatt • Other War Stories … • DRY Dependency Hell

    • The Singularity Fallacy • Shallow Data (ref John Allspaw) RELYING ON A SURFACE LEVEL UNDERSTANDING
  18. @techiewatt Gain basic skills & expertise 
 
 Make commodity

    problems 
 somebody else’s Learn by 
 Optimising for the bigger picture RELYING ON A SURFACE LEVEL UNDERSTANDING
  19. @techiewatt • Often traditional tools just don’t cut it •

    Mileage varies … • Slow you down • Take you the long way round • Downright hurt you in long run INEFFECTIVE TOOLS & PROCESSES
  20. @techiewatt • Mileage varies … • Slow you down •

    Take you the long way round • Downright hurt you in long run • More Forward Looking INEFFECTIVE TOOLS & PROCESSES
  21. @techiewatt • Slow you down • Unnecessarily Heavy tooling 


    (Some Enterprise Databases, 
 Base Container Images) INEFFECTIVE TOOLS & PROCESSES
  22. @techiewatt INEFFECTIVE TOOLS & PROCESSES • Take you the long

    way around • DIY or “Build Your Own” category
  23. @techiewatt INEFFECTIVE TOOLS & PROCESSES • Downright hurt you •

    No API • Non Automatable • Horizontally challenged
  24. @techiewatt ▸Taking on the world from day 1 ▸Compromise -

    Do minimum get away with ▸Operating under a false sense of security ▸Only happy path testing ▸Inconsistent environments ▸The single instance fallacy Considered Thought & Pragmatism …
 (CNCF Recommendations - good start) Rule of Thumb: 
 Automation, API & Horizontally scale friendly INEFFECTIVE TOOLS & PROCESSES - SO WHAT SHOULD YOU USE?
  25. @techiewatt IGNORING SECURITY CONCERNS • Enterprise Security has not kept

    up • No excuse to ignore it though! • Devs/Ops are the new Gatekeepers • Help a CISO, help yourself • Provide tools/reports to help understand new world • Shift Security Left, make it a 1st class citizen
  26. @techiewatt IGNORING SECURITY CONCERNS • Enterprise Security has not kept

    up • No excuse to ignore it though! • Devs/Ops are the new Gatekeepers • Help a CISO, help yourself • Provide tools/reports to help understand new world • Shift Security Left, make it a 1st class citizen DevOps CI CD
  27. @techiewatt • Shift Security Left • No excuse to ignore

    it though! • Devs/Ops are the new Gatekeepers • Help a CISO, help yourself • Provide tools/reports to help understand new world • Shift Security Left, make it a 1st class citizen IGNORING SECURITY CONCERNS DevSecOps <— Shifting Security to the left <— Shift Security Left
  28. @techiewatt ▸Get Security Insight Out ▸No excuse to ignore it

    though! ▸Devs/Ops are the new Gatekeepers ▸Help a CISO, help yourself ▸Provide tools/reports to help understand new world ▸Shift Security Left, make it a 1st class citizen IGNORING SECURITY CONCERNS DevSecOps <— Shifting Security to the left Get Security Insight Out —> Deploy Security Runtime Security
  29. @techiewatt • Get Security Insight Out • Help a CISO,

    help yourself • Provide tools/reports to help understand 
 new world • Help a CISO, help yourself • Provide tools/reports to help understand new world • Shift Security Left, make it a 1st class citizen IGNORING SECURITY CONCERNS
  30. @techiewatt ▸Taking on the world from day 1 ▸Compromise -

    Do minimum get away with ▸Operating under a false sense of security ▸Only happy path testing ▸Inconsistent environments ▸The single instance fallacy <— Shift Security Left Get Security Insights Out —> Engage don’t enrage! IGNORING SECURITY CONCERNS
  31. @techiewatt NOT ANTICIPATING FAILURE • Test app & platform level

    sad paths • Observability • Chaos Engineering • Optimise for Recovery & Learning!
  32. @techiewatt NOT ANTICIPATING FAILURE • Test app & platform level

    sad paths • Observability • Chaos Engineering • Optimise for Recovery & Learning!
  33. @techiewatt NOT ANTICIPATING FAILURE • Test app & platform level

    sad paths • Observability • First address unnecessary Chaos …
 then do … Chaos Engineering • Optimise for Recovery & Learning!
  34. @techiewatt NOT ANTICIPATING FAILURE • Test app & platform level

    sad paths • Observability • First address unnecessary Chaos …
 then do … Chaos Engineering • Optimise for Recovery!
  35. @techiewatt Micro
 services CI / 
 CD DevOps Containers Uses

    Business
 Objectives Cloud Native
 Architecture To
 Achieve … Tools & Techniques People, Teams & Processes Impacts 
 On !67 • Needs A Different • Approach • Tooling • Skills THE CLOUD NATIVE JOURNEY
  36. @techiewatt • Needs To Cohesively Address: • App Architecture •

    Ops • Infrastructure THE CLOUD NATIVE JOURNEY
  37. @techiewatt PRINCIPLES FOR SUCCESS • Don’t take on too much

    too quickly • Acquire enough expertise to journey safely • Choose your Tools wisely • Engage don’t enrage Security • Anticipate, Plan and Actively Test for Failure
  38. @techiewatt Thanks! @techiewatt Get in touch if you’re looking for

    a partner to help on your Cloud Native Journey!