building a service delivery infrastructure

Report

Post on 10-Feb-2022

1 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Building a Service Delivery Infrastructure

1

Paula Paul

@paulapaultweets

ThoughtworksTechnology Principal

Rosemary Wang

@joatmon08

ThoughtworksInfrastructure Consultant

2

What is it?

3

4

services & applications

business capability

delivered in

services & applications

business capability

delivered in

infrastructure

delivered on

delivered by

business value

5

Literal “Delivery” Infrastructure

6

Given a record identifier associated with a customer,

When I call an API endpoint

Then I should get the customer’s name.

7

Deliver Me, “Hello Customer!”

CONSTRAINTS

8

Given a record identifier associated with a customer,

When I call an API endpoint

Then I should get the customer’s name.

Deliver Me, “Hello Customer!”

As a developer...

9

I WANT TO BE PRODUCTIVE.

10

Narratives

As a… I want to… So that…

More / less detail

Consider acceptance criteria

11

As a developer

I want to use CPU and memory resources

So that I can deliver some business capability.

Core Compute

12

As a developer

I want to securely and automatically manage my secrets

So that I can mitigate the exposure to sensitive strings such as passwords and keys.

Secrets Management

13

As a developer

I want to have access control for my service endpoints

So that I can enforce authorized access and mitigate security risks.

Identity & Authorization

14

Infrastructure Boundaries

CORE COMPUTE BUILD PIPELINES NETWORK

CONTAINER ORCHESTRATION

IDENTITY AND ACCESS

SECRETS MANAGEMENT

OBSERVABILITY

VULNERABILITY MANAGEMENT

(SECURITY)

CONTAINER AND IMAGE REGISTRY

SAAS ANDEXTERNAL SYSTEMS

INTEGRATION

DATA AND PERSISTENCE

15

Infrastructure as Software

Agile Infrastructure

Domain-Driven DesignTest-Driven DevelopmentThin SlicingYAGNIPairingAcceptance Criteria

16

As an infrastructure engineer...

17

I WANT TO RECLAIM NIGHTS & WEEKENDS.

18

NEITHER!

Achieve a ubiquitous language.

Learn infrastructure-as-code.

Remember - you want to deliver “Hello, Customer!”.

“Expert Developer” or “Hero Operator”?

19

As a [ developer | infrastructure engineer ]

I want to deliver my [service | infrastructure ] in an automated way

So that it is secure, legally compliant, and ready for my user.

Deployment Pipelines

20

Infrastructure Deployment Pipeline

Unit Build Secure Monitor Perform PromoteTestConfiguration

CheckAutomation Integration Test

Conformance Tests

(can run async)

Production Ready!

terraform plan

terraform apply

pytest inspec-gcpawspec

scout2g-scout pytest locust

pumba

21

https://docs.pytest.org/en/latest/
https://github.com/inspec/inspec-gcp
https://github.com/k1LoW/awspec
https://github.com/nccgroup/Scout2
https://github.com/nccgroup/G-Scout
https://docs.pytest.org/en/latest/
https://locust.io/
https://github.com/alexei-led/pumba

As an [ developer | infrastructure engineer ]

I want to control how other services reach each other

So that I can minimize my threat surface.

Networking

https://www.youtube.com/watch?v=j7HYpSCCEY0 22

unit

smoke

integration

e2e

exploratory

component

validates config/syntax

signals that we can test further

tests multiple components not in our control

tests component is configured

tests EVERYTHINGco

st

23

Network Policy Example

24

As an architect...

25

I WANT TO CHAMPION PRODUCTIVITY &

ARCHITECTURE “-ILITIES”.

26

Objective Metrics

architecturalfitness functions

security0 high vulnerabilities

resiliency< 1% deployment error rate

auditability< 90 days since last audit

27http://evolutionaryarchitecture.com/

https://www.thoughtworks.com/insights/blog/fitness-function-driven-development 28

services & applications

business capability

delivered in

infrastructure

delivered on

delivered by

business value

29

As a CxO...

30

The Balancing Act

Build vs.Buy

Vendor Lock-in

Fixed vs.On-Demand

Capacity

Cost

Compliance

Vendor Management

Global vs. Regional

Evolvability

Autonomy

Complexity

31

2019 IT Budgets

The 2019 State of IT, spiceworks

32

https://www.spiceworks.com/marketing/state-of-it/report/

Metrics

33

Evolvability Mean Time to Resolution

Time to Market

services & applications

business capability

delivered in

infrastructure

delivered on

delivered by

business value

34

Where do we start?

35

Team Structure?

Capabilities Development?

Executive Buy-In?

Known Journey?

As an organization...

36

▢ remember your customer!

▢ experiment

▢ read examples

▢ join / build a community

As an individual...

37

Paula Paul

@paulapaultweets

Thank you!Rosemary Wang

@joatmon08

38

Rate today ’s session!

Session page on oreillysacon.com/ny O’Reilly Events App

39

top related

infrastructure planning and delivery · page: 4...
Documents
planning and delivery of major infrastructure projects in...
Documents
infrastructure service delivery enablers
Documents
delivery infrastructure planning - pse
Documents
manitoba infrastructure: service delivery review › mit ›...
Documents
framework for infrastructure delivery and procurement...
Documents
infrastructure delivery management system (idms)
Documents
resiliencetargeted delivery smart infrastructure
Documents
kwazulu-natal infrastructure delivery management system...
Documents
building desktop delivery infrastructure with xendesktop-jon...
Documents
infrastructure delivery plan - barnsley
Documents
hydrogen delivery infrastructure option analysis
Documents
an efficient content delivery infrastructure...
Documents
building blocks for sustainable services · building blocks...
Documents
infrastructure delivery plan
Documents
service delivery center infrastructure
Documents
infrastructure continuous delivery using cloudformation
Technology
infrastructure delivery management toolkit management...
Documents
future-proofing infrastructure assets · pdf...
Documents
presentation on application delivery infrastructure
Technology