Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
®
DEVOPS, MICROSERVICES AND THE CLOUD
ARCHITECTING AND DELIVERING THE DIGITAL ENTERPRISE
®
Reinforcing Architecture Disciplines Accelerate Digital Transformation
2
Cloud
SecDevOps
Microservices
®3
®4
®5
®6
®7
®
DevOps Unifies Workflows
8
Best Practice Focus• Process execution
simplicity drives faster time to market
• Remove process waste and maximize flow
®
Rally Around DevOps Workstreams
9
Release Automation
Pipeline Automation
Application Environment ProvisioningSolution
Blueprints
Process
Shared Security Services
Continuous Monitoring (Run-time Insights)
Frameworks
Artifacts
plan develop build test provision validate promote release deploy operate monitor
Continuous Operations
®
ImpactsTactical, Strategic, Cultural
®
Prioritize DevOps Value Targets Using Critical to ROI Analysis
11
26
92
58
73
48
85
60
53
76
46
5350
12
42
2633
22
38
27 24
34
21 24 23
0
10
20
30
40
50
60
70
80
90
100
Continuous
Integration
(build and test
automation)
Solution
Blueprints and
Templated
Infrastructure
Patterns
DevOps Self-
Service
Dashboards
and Playbooks
Automated
Environment
Provisioning
Realistic Lower
Environments
Continuous
Delivery and
Release
Automation
Release and
Rollout
Strategies
Automated
Solution
Validation
Platform
Services
Resilient Auto-
scaling and
healing
Run-time
Telemetry
events
Continuous
Feedback
Dashboards
DevOps: Critical to ROI
Influencing Factor Strength ROI Creation Index
®12
Continuous Integration Continuous DeliveryAgile Planning
Automated Solution ValidationInfrastructure as Code Continuous
DeploymentContinuous Incremental
ReleasesProvision Prod-
Like SolutionContinuous
TestContinuous
Build
Pipeline Phases
Vocabulary
Level 4 Level 5 Level 6 Level 7 Level 8-10
ContinuousAutomation
ComponentsSolution Blueprints
Run-time Insights
Release Automation
Automated Operations
Environment Provisioning
Configuration Management
Package and Test Automation
Developer, Security, and Operations Self Service
Inherited Controls Security Test Strategy
Externalized Security Services
Security Audit Automation
Identity and Access Management Run-Time
ControlsVetted Security Libraries ICAM Deploy
ControlsSecurityComponents
Runtime Telemetry Events and Solution Events
Unit TestReviews Resiliency TestIntegration Test A/B TestVulnerability Test Penetration Test Canary TestAutomated Validation and
Process Triggers
DeploymentSecurityRoadmap Requirements Validation Environment Configuration Identity AnalyticsService LevelsTelemetryTracingApp Logs Security EventsSynthetic MonitoringHealth ChecksNegative Test
Continuous Feedback Loop
Dashboards
Distributed Version Source Code Management Policies
Feature Branch
Release Tag Traffic ShapingImmutable
ImagesPromotion Decision Usage TuningPackage
Infrastructure as Code Artifacts
Auto-ScaleSolution Artifacts
Declarative Definitions
Execute Rollout
Strategy
Soft Launch
Blue/Green
Dark launch
StagedRecreate
RollExecute Release Strategy
Production Shadow
Environment Configuration
Phase Activity
plan develop build test provision validate promote release deploy operate monitor
Continuous Monitoring
Continuous Operations
Automated Resiiancy
Continuous Orechestration
Fail-Safe Deployment
Incremental Release Unit
Component Pattern Repository Blueprints or Libraries Dashboard
DevOps Maturity Roadmap
Legend
Auto-Heal
®
0.02.04.06.08.0
10.0Availability
Reliability
Performance
SecurityFlexibility
Maintainability
Time to Market
Assess Your DevOps Maturity Against Value Targets
13
Client Starting Baseline Client Goal
0.02.04.06.08.0
10.0Availability
Reliability
Performance
SecurityFlexibility
Maintainability
Time to Market
Scale Definition Disposition
9 to 10Innovative or ground-breaking application of industry models positively influences the development of new technology applications for the industry
Best in Class
7 to 8
Enterprise, industry, or IT models and best practices drive architecture and design. Scalability, security, extensibility, quality, and performance design principles are documented, implemented, and enforced.
Matches or Exceeds Standards
4 to 6Meets Professional Standard or Standard of Care. Appropriate design standards, methods and tools are consistently used.
Meets Minimum Acceptable Standards
1 to 3 Improperly implemented or neglected but is salvageable with time and effort. Concrete remediation planning has begun. Emerging
0 Absent, broken, unmanageable or improperly architected. Remediation plan is not documented or not funded Absent or Unsound
®
DevOps Target Time to Maturity and Value
Startup• 1-3 Month Alpha MVP• 2-6 Month Production MVP
14
Enterprise• 6 Month Alpha MVP• 12 Month Production
®
DevOps Cultural Shock
• Holistic Team
• New Attitude
• New Language
• New Focus
15
®
Success Plan Recommendations
• Build a Tiger Team• Don’t think a FAD diet will succeed • Avoid DevOps Blockers (i.e. test, security, manual governance)• Focus on unblock cards
• Policy• Provisioning• Automation
16
®
Microservice Level SetPrinciples, Design Patterns, Frameworks
Lighthouse Project - Digital Transformation In PracticeIdentify Domain Boundaries and
Refactoring Opportunities
Develop Domain Model Create Microservice
Migrate Data or Synchronize
Microservice Data with Legacy System
of Record
Consumer API Gap Analysis
Connect New Consumer(s) or Refactor existing
monolith
Migrate Additional Legacy Consumers
Decommission Legacy Capability
Target Monolithic Decomposition Objectives with the Appropriate Pattern and Plan for Blockers
Encapsulate and Erode
Encapsulate and Extend
Internal Refactor API Refresh
Consumer Migration Plan
Downstream Synchronization
Channel Consumer
Parity
Disentangling Cross-Domain
References
Which decomposition pattern will initially drive your microservice Proof of Technology (POT) and Proof of Concept (POC) Lighthouse project?
Gauge Architecture, Technology, Process, and Team Strengths within key Microservice Strategy Areas
Reshape Architecture
Domain Driven Design and
API ContractsMicroservice
PatternsTechnical Reference
Architecture
Identity Context and
Least Privilege
Refresh Technology
Microservice Framework
Container Packaging and Orchestration
Runtime Insights
(monitor, trace, alert, manage)
Eventing and Caching
Reframe Collaboration
Contract First Development
API Intake Process, API Gap Analysis
and API Portal
DevOps and Site Reliability Engineering
Inline Decisions based on Big Data analytics
and ML
Reinvent Opportunity
API Economy and Channels
API Composition (Experience,
Process, Domain,
Connector)
Product Engineering
Real-time notification and
capability domains
Prioritize POT Roadmap Items within each Microservice Initiative Workstream
Domain Driven Design
Business Domain Model
Data flows and Work
flows
Consumer Interaction Patterns
API Contracts
Microservice Framework
Wire Protocol and
Serialization Framework
Core Listener, Client, and
Trace Frameworks
Configuration and Secrets
Health Endpoint,
Metrics, and Logging
Eventingand
Caching Framework
Cloud hosting and
DevOpsContainer Platform
Networking and API gateway
CI/CD Pipeline
Runtime Insights
Security and Identity
Access and Authorization
Tokens
Trust Relationships
and Gateways
Identity Provider
Integration
Container Scanning and
Least Privilege
API Adoption API Portal API Gap
AnalysisAPI
Coaching
®
Point me to Your Business Domain Model
Product Catalogue Recommendations Shopping
Cart
Supply ChainManagement
CustomerManagement Payment
OrderIdentity ManagementFulfillment Identity Management
®
Domain Decomposition Example: Identity
UserSelf-Service
UserManagement
UserSingle Sign-
On
UserPermissions
ProtocolsSingle Sign-OnSingle Sign-Out
Create usersInvite users
Force password resetActivate / Inactivate users
User self-registerEmail confirmationForgot password
Change username / emailChange password
Enable MFA
Manage user permissions
User Profile
Manage user profile
UserPermissions
User Profile
Manage tenant permissionsManage application policies
Accounts, MembershipCRM Integration
Users
Config
Users UsersPolicies
UserPermissions
TenantPermissions
User Profile
Accounts
Customers
Identity Sub-Domain Policy Sub-Domain Accounts Sub-Domain
®
Unwinding the system of record problem
Config API Users API
UsersConfig
User Management
Web
ConfigWeb
User Self-Service
Web
IdentityServerWeb
Config Runtime
API
Config Management
API
User Runtime
API
User Management
API
User Self-Service
API
Users Users UserSelf-Svc
UserRuntime
®
API Host Configuration
Enforce Domain Design with API Contract First Design and Code Gen
Code Generation
{…}{…}{…}
API Client Libraries
API Controllers
Domain Models / Events
https://openapi-generator.tech/
®
Contract PR - Sanity Check Aggregates
User
User Logins
UserStatus
User Claims
User Aggregate
Permissions Aggregate
Profile AggregatePermission
Profile
ContactInfo
userid
userid
®
Cloud ServicesPaaS First
®
Cloud Hosted Infrastructure Foundation
• Cloud is a DevOps forcing function• Dynamic provisioning and scaling• Monitoring integration with operations management (continuous
orchestration – topology, traffic)• Cloud PaaS accelerates microservices
• API Gateways and Service Mesh• Service Clusters (i.e. Kubernetes)• Eventing• Identity and Security• Runtime Insights
28
®
Achieve Consistency ViaEvent Source Pattern
Resource AAPI
ReadStore A
Projector A
Event Stream
ReadStore B
Projector B
Event Sourcing
System of Record
Resource ARead API
®
Logs should be meaningful (and Structured)
Not informativeBut, something to act on
Informative
Wut?
®
Service Dashboards
Runtime Infrastructure
DevOps Processes
Telemetry
Operations Management
Alerts
Alert Analysis
Structured Logs
Feed
s
Events
NFR KPI / SLA
Issue/Ticket Generation
Business KPI / SLA
Site Reliability Engineering Console
Trend Definition
Root Cause AnalysisDependency MappingStatus Reporting
Anomaly Detection
Management Automation
Monitors
Probes
Trend Analysis
Runtime Insight Data
Structured Logs
Runtime Utilization
Runtime Performance
Runtime Topology API Events
Topology
Impact Analysis Root Cause Analysis (RCA)
Insight Engine
Runtime Insight At Scale
Actions
®
Fast, Continuous Feedback Loop
Recap: Target Improvements Within Every Workflow Phase
Create Plan for Feature
Release & Deploy
Validate
Demote Feature
Build Test
Provision
Monitor PromoteiSign
Approval
Develop
Operate
Legend:
Failure Feedback
Decision
Process Go Feedback
Release with Confidence
Automated Testing
Streamline and Automate processes
Rapid Delivery CycleIn Days - Weeks
Continuous Monitoring (Run-
time Insights)
Continuous, Automated Inspection of Each Stage
Reduce and Ultimately Eliminate the Accreditation GapApplication
Environment Provisioning
Continuous Operations
Pipeline Automation
Solution Blueprints
Dashboard Shows Readiness at a Glance
32
Release Automation