© 2014 Cloud Technology Partners, Inc. / Confidential
1
February, 2015
Accelerating Government Agility with Cloud Computing
© 2014 Cloud Technology Partners, Inc. / Confidential
5
Cloud and DevOps can Significantly Improve How we Deliver Government Services
Agility Cost Efficiency Quality
•Increased velocity of
innovation
•Supports Faster time to
market from ideation to
launch
•High elasticity of core
infrastructure and
applications
•Faster and easier migration
of core infrastructure and
applications between data
centers and computing
environments
•Faster and easier integration
of new acquisitions
Increased overall IT efficiency
−Reduced unit cost for core
infrastructure
−Increased development
productivity
Key improvement levers
−Standardization of core
infrastructure and application
platform services
−High automation
−Simplified procedures and
self service
−Increased asset utilization
through resource sharing
−High degree of application
component re-use
•Higher core infrastructure
and application resiliency and
availability
•Improved maintainability of
infrastructure and
applications
•High consistency among
applications
•Increased levels of Security
as bar is raised to support
Publicly hosted applications
© 2014 Cloud Technology Partners, Inc. / Confidential
6
Maturity Characteristics
Cloud Washed - Force fit to run in cloud environment
- Resources not optimize – no horizontal scaling
- Minimal modification done to be cloud compliant (fix issues only if it will not run in cloud environment)
Cloud Adopted - Resources not optimize – no automatic elasticity – instance manually started
- Some modification done to be cloud compliant (adhere to blocker cloud principles)
Cloud Optimized - Resources being optimized – horizontal scaling possible
- Elastic on instance level – cloud management layer determines when to start/stop additional instances
- Major modification done to be cloud compliant
Cloud Native - Fully cloud aware – can communicate with the cloud management layer to start-up or shutdown instances of itself
- Designed for failure and self healing
- Elastic and resource efficient
Cloud Application Maturity
© 2014 Cloud Technology Partners, Inc. / Confidential
7
Application Architecture for the Cloud is Very Different
Traditional Architectures
• Scale Up• Monolithic• Stateful• Infra Dependent• Fixed Capacity• LAN Located
dependencies• Latency intolerant• Tightly coupled• Consolidated /
clustered DB• Rich / chatty client• Commercial licenses• Infra Supported
Availability• Semi-automated
build/deploy• Manual fault
recovery• Active/Passive/DR• Perimeter Security• Allocated costs
The “Old World”
Cloud AlignedArchitectures
• Scale Out• Distributed• Stateless• Infra Agnostic• Elastic capacity• WAN, Location
transparency• Latency tolerant• Loosely coupled • Sharded /
replicated / distributed DB
• Mobile/thin client• PaaS / Open Source • App Supported
Availability• Continuous
Integration/Delivery• Self healing, fault
tolerant• Active/Active• Defense in depth• Pay as you go
The “New World”
The Targets
Ref
acto
r
Au
tom
ate
© 2014 Cloud Technology Partners, Inc. / Confidential
9
Shift thinking away from product-centric to service-centric
What Needs to Change?
Old Way New Way
Software is built and shipped Services are running and managed
Development of features are done Services are never done until they are turned off
Product owner focus only on features Product owner owns operational results along with product feature set
Each silo owns their own area All groups focus on end user satisfaction
Dev must go through Ops to get work done Ops enables Dev to get work done
Ops monitors Apps Ops provides Dev with tools to operate Apps
Reactive monitoring/Ops Proactive monitoring/Ops
Customer isolated from one another Multi-tenancy and shared resources
Application services sharing common platform and infrastructure
Distributed services on isolated instances, hardware independence
Dev, Ops, and Security teams must work together throughout the SDLC and have a shared responsibility for the services
© 2014 Cloud Technology Partners, Inc. / Confidential
10
Modern cloud architectures are hard to manage and scale
using traditional approaches
The Mission Critical Application Dilemma
Cloud Provider
Customers
Employees
Application
Source: Compuware
XML/SOAPhttp SQL TCIP/IP
© 2014 Cloud Technology Partners, Inc. / Confidential
11
Where is Government IT?
Orchestrate
Automate
Virtualize
Combine
Standardize
Time
Val
ue
to t
he
Bu
sin
ess
• Lower cost• Consistent use of technology• Enhanced performance• Reduced complexity • Use of VM’s
• Normalize assets• Increase efficiency• Improve management• Improve governance (non-automated)
• Lower cost• Delayed provisioning • Improved resource management and
utilization• Moving to centralized control• Initial use of services
• Lower cost• Self provisioning• Automated governance • Adaptable security• Improved user experience• Service oriented
• Dynamically aligned to the business
• Self adapting• Automated
governance and security
• Enhanced business agility
Preparing for Cloud
Cloud User
Cloud Innovator
You areHere
© 2014 Cloud Technology Partners, Inc. / Confidential
12
Value Modeling Ranking
ImproveScalability
ImproveProductivity
ImproveAgility
DecreaseCost
• Improve ability to integrate and leverage acquisitions• Improve the ability to increase or reduce costs directly to the needs of the LOB• Improve time-to-market for new service offerings • Improve the ability to defer long term capital expenses • Implement factory model to support transformation and ongoing ADMT
• Decrease application backlogs for LOBs and clients• Increase quality and up-time through centralized operations and management• Improve client service through better performance against client SLAs• Increase speed-to-delivery using service reuse • Increase speed-to-delivery through auto and self provisioning• increase speed-to-delivery through automated test• Increase speed-to-delivery through automated deployment• Attract better talent
• Reduce the time required to place infrastructure into development, test, QA and production• Reduce the time required to place applications into development, test, QA, and production • Place business volatility into manageable domains • Reduce latency in shifting to new market opportunities• Improve innovation by removing barriers to entry
• Reduce CapEx• Reduce OpEx• Reduce the cost of risk• Improve cost allocation and accountability• Eliminate costs through reuse, resource centralization, and de-provisioning
• Remove cost of unavailable capacity• Capture new markets with improved time-to-market • Improve innovation with low-cost entry• Improve client satisfaction • Improve client perception and brand-image• Increase client value metrics with improved performance against client SLAs
IncreaseRevenue
Weight
78
83
92
56
76
78/100
93/100
92/100
72/100
89/100
Value Specific Outcome
© 2014 Cloud Technology Partners, Inc. / Confidential
13
Government Cloud Value Realization
2016
Plan2017 - 2020
Enable2020 2025
Exploit Business
Strategy
Products
Use of Data
Infrastructure
© 2014 Cloud Technology Partners, Inc. / Confidential
14
Characteristics of a “World Class” Cloud Solution
Consumers Want
Elasticity & Scalability
Control
Productivity
Agility
Cost
• Flexible resource configurations• Dynamic scale-up / scale-down of resources • Seamless support of multiple clouds• Flexible resource quotas
• Role based access controls• Comprehensive monitoring and logging• Image Lifecycle Management• Integration into Incident, Change, Patching Management
• Common Self – Service Provisioning Portal into all cloud end points• Robust Service Catalog meets all of customer cloud needs • End to End Automation• Supported APIs allowing the applications and data sources to communicate with one
another
• Self – Service Resource Provisioning• Rapid Elasticity• Capacity on Demand insures resources are always available• Rapid disaster recovery – Active / Active application support• Seamless support for different endpoints
• Metering and Chargeback• Pay as you go• Consumption based • Reliable asset tracking and usage reporting
Providers Deliver
© 2014 Cloud Technology Partners, Inc. / Confidential
15
New Way – Transparency, Agility, Disciplined
New Breed of SaaS Architectures Require a New Operating Model
• 7x24 Uptime
• Joint ownership – Shared Accountability
• Collaborative
• Proactive mode – Fire Prevention
• Automation of builds, changes,
provisioning, testing, operations
• Small, frequent releases
• Fast to market
• Waste removed from processes
• Bugs not allowed in build
© 2014 Cloud Technology Partners, Inc. / Confidential
16
Our CTP Cloud Solution Reference Architecture
© 2014 Cloud Technology Partners, Inc. / Confidential
18
Define a Number of Measurable Targets for the Cloud
Exemplary metrics
Current
(non-Cloud)
2015 Target
(Cloud)
Scope Percentage of logical servers allocated to Cloud (Iaas and PaaS) 0% 50%
Percentage of storage (in Terabyte) allocated to Cloud environment 0% 50%
Agility Provisioning time for standard infrastructure service (IaaS) ~5 days 1 hour
Provisioning time for standard platform service (PaaS) ~ 5 days 1 day
Cost
efficiency
Average CPU utilization ~25-30% ~50%
Average storage utilization TBD 70%
Percentage of servers that are self-provisioned 0% 40%
Percentage of idle servers TBD 5%
Application component re-use (PaaS) TBD TBD
Quality Application availability ~98-100% 99.9%
IaaS and PaaS Right first Time provisioning (Standard environments) 75% 99%
• Specific, measurable, actionable, relevant, time-based (SMART)
• Measurable for both Cloud and non-Cloud environments to enable comparisons and document Cloud benefits
• Cover both Infrastructure-as-a-Service as well as Platform-as-a-Service
• Enable us to set targets for the Cloud program
Criteria for Metrics
© 2014 Cloud Technology Partners, Inc. / Confidential
19
0
500,000
1,000,000
1,500,000
2,000,000
2,500,000
3,000,000
3,500,000
4,000,000
4,500,000
Jan-11 Jul-11 Jan-12 Jul-12 Jan-13 Jul-13 Jan-14 Jul-14 Jan-15 Jul-15
ROI
COST
Moderately Complex Data Processing Application Migration
Business Case ROIB
usi
nes
s B
enef
it /
Co
st (
USD
)
Time
Implementation
Planning
* Assume current benefit = $3M and cost to migration = $3.6.M on top of current operating cost over 18 months
Production
Jan-13 Jul-13 Jan-14 Jul-14 Jan-15 Jul-15 Jan-16 Jul-16 Jan-17 Jul-17
© 2014 Cloud Technology Partners, Inc. / Confidential
20
Project Roadmap
Roadmap – Gantt View
Strategy Item 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
Strategy
Business Case including Value-Investment Model
CoE Design and Implementation
Skills Inventory, Hiring, Training, and Enablement
Program Management and Dashboard Reporting
Business
Service Provider Capability Assessment
Service Provider Business Model and Enablement
Service Pilot, Go-Live, and Delivery
Analytics Enablement and Support
Applications
Breadth Analysis
Depth Analysis
Private Cloud Migration (Pilot, then Factory)
Migration (Pilot, then Factory)
Migration (Pilot, then Factory)
Native Cloud Development (Pilot, then Factory)
Cloud SDLC Modernization (Automation Factory)
Client-facing Business Service Design and Development
Application Support (Design and Coding Guidelines, Governance, Enablement)
Months from Today
Roadmap – Gantt View
© 2014 Cloud Technology Partners, Inc. / Confidential
22
What is DevOps?
• A culture shift that encourages great communication and collaboration to build better quality software more quickly with more reliability.
• A crucial component of continuous delivery – bringing agile to infrastructure
• A change from reviews, approvals and handoffs, to collaboration, automation and feedback loops
Full Scope of Transformation
• Changing fundamental workflows
• Standardizing services
• Automating everything
• Process optimization: eliminating reviews, approvals and steps if using standards
• New organizational responsibilities – e.g. product owners, service logistics
• Continuous feedback and improvement
Achieving Agility Through DevOps
Lead Time
Source: http://dev2ops.org/2010/02/what-is-devops/
© 2014 Cloud Technology Partners, Inc. / Confidential
23
Continuous Delivery with CI, DevOps and the Cloud
DevOps
Automated Provisioning
AutomatedTesting
Automated Build & Deploy
SCM/VersionBuild Scripts
Dependency MapComponent Deploy
System Deploy
Test ScriptsTest Deploy
Load / Soak ScriptsData Provisioning
Baseline/BenchmarkTesting Reports
Image ManagementPatch Management
Auto Env DeployStart/Stop ScriptsRolling UpgradesSecurity Config
Integrated Deploy and Test
DevOps should really be called DevTestOps
• Collaboration and shared tools on the Dev, QA and Infra automation teams
• Capture every request – no ad-hoc work or changes
• Agile Kanban project management for automation and DevOps requests
• Log metrics on both manual and automated processes
• Test automation and test data provisioning for infrastructure as well as applications
• Acceptance tests for each deployment: infrastructure, application, test suite
• Continuous feedback between the teams to spot gaps, issues and inefficiencies
Automation: It’s All Code
• Save it• Version it• Measure it• Evolve it
Continuous Feedback
DevOps Best Practices
© 2014 Cloud Technology Partners, Inc. / Confidential
24
Crawl
Walk
RunFly
DevOps at Scale
Inve
stm
en
t
• Pilot application • 1-2 cloud endpoints• Agile Dev - Kanban for DevOps• Automate and metrics capture• Process optimization • Automation tools and patterns• Coordinate current Ops teams
• Second tranche of projects with seed staff
• Patterns, tools and metrics refinement
• Standard service catalog
• ProdOps integration
• Self-Service catalog• Expanding cloud
endpoints• Automation library
management• Product owners• Absorb targeted Ops
teams• DevOps CoE training
and coaching• Initial continuous
delivery project
• Absorb remaining Ops teams
• DevOps for all new projects• Common platform services• Infrastructure automation
refactoring process• Operational automation• Integrated DevTestOps
automaton for continuous delivery for targeted apps
• Continuous improvement
Client is here
Where to begin:• Start with deep changes but within a
confined blast area• Separate the team and allow them to be
creative• Process optimization with selective
automation• Capture metrics and
reevaluate frequently
© 2014 Cloud Technology Partners, Inc. / Confidential
25
Maturity Level People Process Technology
Level 1 Ad-Hoc
• Silo based • Blame, finger pointing• Dependent on experts• Lack of accountability
• Manual processes• Tribal knowledge is the norm• Unpredictable, reactive
• Manual builds and deployments
• Manual testing• Environment inconsistencies
Level 2Repeatable
• Managed communications• Limited knowledge sharing
• Processes established within silos
• No standards• Can repeat what is known,
but can’t react to unknowns
• Automated builds• Automated tests written as
part of story development• Painful but repeatable
releases
Level 3 Defined
• Collaboration exists• Shared decision making• Shared Accountability
• Processes are automatedacross SDLC
• Standards across organization
• Automated build & test cycle for every commit
• Push button deployments• Automated user &
acceptance testing
Level 4Measured
• Collaboration backed on shared metrics with a focus on removing bottlenecks
• Proactive monitoring• Metrics collected and
analyzed against business goals
• Visibility & predictability
• Build metrics visible and acted on
• Orchestrated deployments with auto rollbacks
• Non functional requirements defined and measured
Level 5 Optimized
• A culture of continuous improvement permeates through the organization
• Self service automation• Risk & cost optimization• High degree of
experimentation
• Zero downtime deployments• Immutable infrastructure• Actively enforce resiliency by
forcing failures
DevOps Maturity Model
© 2014 Cloud Technology Partners, Inc. / Confidential
26
Maturity Level People Process Technology
Level 1 Ad-Hoc
• Silo based • Blame, finger pointing• Dependent on experts• Lack of accountability
• Manual processes• Tribal knowledge is the norm• Unpredictable, reactive
• Manual builds and deployments
• Manual testing• Environment inconsistencies
Level 2Repeatable
• Managed communications• Limited knowledge sharing
• Processes established within silos
• No standards• Can repeat what is known,
but can’t react to unknowns
• Automated builds• Automated tests written as
part of story development• Painful but repeatable
releases
Level 3 Defined
• Collaboration exists• Shared decision making• Shared Accountability
• Processes are automatedacross SDLC
• Standards across organization
• Automated build & test cycle for every commit
• Push button deployments• Automated user &
acceptance testing
Level 4Measured
• Collaboration backed on shared metrics with a focus on removing bottlenecks
• Proactive monitoring• Metrics collected and
analyzed against business goals
• Visibility & predictability
• Build metrics visible and acted on
• Orchestrated deployments with auto rollbacks
• Non functional requirements defined and measured
Level 5 Optimized
• A culture of continuous improvement permeates through the organization
• Self service automation• Risk & cost optimization• High degree of
experimentation
• Zero downtime deployments• Immutable infrastructure• Actively enforce resiliency by
forcing failures
DevOps Maturity Model
Chaos Reigns
Continuous Integration
Continuous Delivery
Continuous Deployment
Continuous Operations
© 2014 Cloud Technology Partners, Inc. / Confidential
27
• Version Control
• Build and Deploy
• Functional and Non-functional
Testing
• Provisioning and Change Mgmt
DevOps – Controls and Automation Tools - Considerations
© 2014 Cloud Technology Partners, Inc. / Confidential
28
Thanks!
Questions?
David Linthicum