Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Unlocking the Cloud Operating Model: People, Process, Tools

750 visualizaciones

Publicado el

To unlock the fastest path to value from the cloud, enterprises must consider how to industrialize the application delivery process across each layer of the cloud environment, namely

- Provisioning
- Security
- Networking
- Deployment

Publicado en: Software

Unlocking the Cloud Operating Model: People, Process, Tools

  1. 1. Unlocking the Cloud Operating Model
  2. 2. Company Overview Founded in 2012 by Mitchell Hashimoto and Armon Dadgar Enabling the Cloud Operating Model Provision, Secure, Connect, and Run any infrastructure for any application
  3. 3. The Transition to Multi-Cloud
  4. 4. The Transition to Cloud and Multi-Cloud Traditional Datacenter “Static” Modern Datacenter “Dynamic” Dedicated Infrastructure Private Cloud AWS Azure GCP ...+ + +
  5. 5. The Transition to Cloud and Multi-Cloud Traditional Datacenter “Static” Modern Datacenter “Dynamic” Dedicated Infrastructure Private Cloud AWS Azure GCP ...+ + + “Tickets-based” “Self service”
  6. 6. The Transition to Cloud and Multi-Cloud Traditional Datacenter “Static” Modern Datacenter “Dynamic” Dedicated Infrastructure Private Cloud AWS Azure GCP ...+ + + SYSTEMS OF RECORD SYSTEMS OF ENGAGEMENT “Tickets-based” “Self service”
  7. 7. Implications of the Cloud Operating Model STATIC DYNAMIC Dedicated servers Homogenous Capacity on-demand Heterogenous Provision
  8. 8. Implications of the Cloud Operating Model STATIC DYNAMIC Dedicated servers Homogenous Capacity on-demand Heterogenous High trust IP-based Low trust Identity-based Provision Secure
  9. 9. Implications of the Cloud Operating Model STATIC DYNAMIC Dedicated servers Homogenous Capacity on-demand Heterogenous High trust IP-based Low trust Identity-based Host-based Static IP Service-based Dynamic IP Provision Secure Connect
  10. 10. Implications of the Cloud Operating Model STATIC DYNAMIC Dedicated servers Homogenous Capacity on-demand Heterogenous High trust IP-based Low trust Identity-based Host-based Static IP Service-based Dynamic IP Dedicated Infrastructure Scheduled across the fleet Provision Secure Connect Run
  11. 11. The Cloud Landscape STATIC DYNAMIC vSphere vSphere EKS/ECS Lambda AKS/ACS Azure Functions GKE Cloud Functions Hardware Various Hardware Proprietary Istio IP: Hardware Identity: AD/LDAP vCenter Terraform CloudFormation Resource Manager Cloud Deployment Manager Dedicated Private Cloud AWS Azure GCP Identity: AWS IAM Identity: Azure AD Identity: GCP IAM Proprietary CloudMap AppMesh Provision Operations Secure Security Connect Networking Run Development
  12. 12. A Common Operating Model with the HashiCorp Suite Provision Operations Secure Security Connect Networking Run Development Private Cloud AWS Azure GCP
  13. 13. Private Cloud Cloud Provisioning with Terraform A common Cloud Operating Model AWS Azure GCP Provision Operations Secure Security Connect Networking Run Development
  14. 14. Cloud Provisioning with Terraform A common Cloud Operating Model Core + Provider Model ● Expose the unique services of each infrastructure platform, but provide a consistent workflow
  15. 15. Cloud Provisioning with Terraform A common Cloud Operating Model Core + Provider Model ● Expose the unique services of each infrastructure platform, but provide a consistent workflow ● 200+ Providers exist for any infrastructure or application element i. Enabled by the open source model of 1200+ contributors
  16. 16. Cloud Provisioning with Terraform A common Cloud Operating Model A single Terraform template contains the entire infrastructure topology ● Platform services AND the configuration of any dependancies i. eg. 4 AWS services plus k8s
  17. 17. Cloud Provisioning with Terraform A common Cloud Operating Model Self Service Provisioning Templates can be made available to any development team for self-provisioning Multi-Cloud Provisioning & Compliance Operations teams can enforce security & policy at provisioning time with Terraform Enterprise
  18. 18. Cloud Provisioning with Terraform A common Cloud Operating Model Before Developer or CI / CD System TF CLI TF Template
  19. 19. Cloud Provisioning with Terraform A common Cloud Operating Model Codified policies enforce security, compliance, and operational best practices across all cloud provisioning Before Developer or CI / CD System TF CLI TF Template After Developer or CI / CD System TF CLI TF Template TFE ■ Policy ■ Governance
  20. 20. Private Cloud Cloud Security with Vault A common Cloud Operating Model AWS Azure GCP Provision Operations Secure Security Connect Networking Run Development
  21. 21. Traditional Access Model A common Cloud Operating Model
  22. 22. Identity-based Security with Vault A common Cloud Operating Model
  23. 23. Identity-based Security with Vault A common Cloud Operating Model Identity of requester authenticated against any identity model prior to granting access
  24. 24. Identity-based Security with Vault A common Cloud Operating Model Identity of requester authenticated against any identity model prior to granting access Policies defined by the Security team and enforced at runtime.
  25. 25. Vault Use Cases A common Cloud Operating Model 1. Centralized Secrets Management 2. Encryption as a Service a. Encrypt all application traffic without app modification
  26. 26. Private Cloud Cloud Networking with Consul A common Cloud Operating Model AWS Azure GCP Provision Operations Secure Security Connect Networking Run Development
  27. 27. Traditional Networking A common Cloud Operating Model A. Provision load-balancers to create static IP B. Artifact deployed C. Firewall rule updated to allow traffic Average time to traffic ~ 6 weeks Load balancer sprawl ($$!) but also as single point of failure for each service
  28. 28. Networking with Consul A common Cloud Operating Model ● Service Registry enables Routing ○ From IP-Address to Name ○ Services register and discover each other. Consul server maintains the map of service location
  29. 29. Networking with Consul A common Cloud Operating Model ● Service Registry enables Routing ○ From IP-Address to Name ○ Services register and discover each other. Consul server maintains the map of service location ○ Consul enables routing directly to services
  30. 30. Networking with Consul A common Cloud Operating Model ● Service Registry enables Routing ● Service Segmentation for Security ○ Consul Connect enables service-to-service communication ○ Foundation of zero-trust model ■ “Service Mesh”
  31. 31. Networking with Consul A common Cloud Operating Model ● Service Registry enables Routing ● Service Segmentation for Security ○ Consul Connect enables service-to-service communication ○ Foundation of zero-trust model ■ “Service Mesh” A common service registry across heterogeneous environments is the basis for multi-cloud service networking
  32. 32. Private Cloud Cloud Deployment with Nomad A common Cloud Operating Model AWS Azure GCP Provision Operations Secure Security Connect Networking Run Development
  33. 33. Cloud Deployment with Nomad A common Cloud Operating Model ● Container Orchestration allows for deploying, managing and scaling of containerized apps ● Legacy Application ○ Orchestrates and automates legacy applications to improve resilience and efficiency ● Batch Workloads ○ GPU support to enable ML, AI, data science, and other intensive workloads in HPC clusters
  34. 34. Nomad Use Cases A common Cloud Operating Model Flexible Container & Workload Organization Deploy and manage any containerized, legacy, or batch application. Multi-Cloud Workload Management Safely manage workloads across regions and cloud providers Efficient Resource Utilization Increase resource utilization, reduce fleet sizes, and cut costs.
  35. 35. A Common Cloud Operating Model to Accelerate Application Delivery App ?
  36. 36. A Common Cloud Operating Model to Accelerate Application Delivery App Operations
  37. 37. A Common Cloud Operating Model to Accelerate Application Delivery App Operations Security
  38. 38. A Common Cloud Operating Model to Accelerate Application Delivery App Operations Security Networking
  39. 39. A Common Cloud Operating Model to Accelerate Application Delivery App Operations Security Networking Development App
  40. 40. A Common Cloud Operating Model to Accelerate Application Delivery App Operations Security Networking Development App GOVERNANCE POLICY
  41. 41. Open Source vs. Enterprise OPEN SOURCE OPEN SOURCE OPEN SOURCE Individuals Teams Pro Organizations Premium COLLABORATION COLLABORATION POLICY GOVERNANCE ORGANIZATIONAL COMPLEXITY
  42. 42. www.hashicorp.com hello@hashicorp.com Thank you

×