STKI summit CTO presentation 2019

Copyright@STKI_2019 Do not remove source or attribution from any slide or graph
RE-DESIGNING IT AND NEW TECHNOLOGY INITIATIVES
PINI COHEN

Copyright@STKI_2019 Do not remove source or attribution from ant slide or graph
2

IT mission &
CIO mission
• Create business value through technology
• Strategic planning of business growth objectives
• Ensuring the tech systems and procedures lead
to outcomes in line with business goals
3
How would you reduce the gap and achieve your mission?

AND THE ANSWER IS – CLOUD NATIVE

s
Cloud native
operations
Cloud Native
Development
PROJECT
E V E R Y C O O L
S T A R T S H E R E
Technical, process
and data debt
payment
01
02
03
04
06
05What is Cloud
Native IT?
Post virtualization
infrastructure Zero Trust security
Cloud Native
as R&D lab
5
5
5

CLOUD NATIVE TECHNICAL DEBT:
T H E FA S T E R W E M O V E , T H E M O R E D E B T A N D I N T E R E S T W E A C C U M U L AT E
6

Technical debt repair &
avoidance: managerial &
process ways
Increase awareness
Place "technical debt" executive C-
level related (from OCIO or internal
auditor)
Keep backlog of debts + interest
Set “quality first” policy for data entry
Source: Accenture
7

Technical debt repair & avoidance by
selecting proper architecture: decoupling
Decouple GUI from logics
Decouple applications from the legacy
infrastructure.
Decouple the business process systems from
one another.
8

Other ways to
repair &
avoid
technical
debt
• Cloud reduces technical debt
• Infrastructure as Code (IaC) enables to
remediate debt faster
• Use of data governance tools (data
debt)
9

• Place “reduce technical debt” as organization goal
• Place “technical debt executive” (from C’ level or internal
audit)
• Set technical debt notification process
Place “reduce technical debt” as organization goal
Place “technical debt executive” (from OCIO or internal audit)
Set technical debt notification process
• Place “reduce technical debt” as organization
goal
• Place technical debt executive (“C” level
related)
• Vote for “Decouple”!
10

s Cloud native
operations
Cloud Native
Development
PROJECT
E V E R Y C O O L
S T A R T S H E R E
Technical, process
and data debt
payment
01
02
03
04
06
05What is Cloud
Native IT?
Post virtualization
Cloud Native
as R&D lab
11
11
11

Post-virtualization is a set of technologies that
replace the core of IT infrastructure
12

IT compute Load
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
today tomorrow after tomorrow
physical virtualized container serverless
Total load (old
+ new)
Source: STKI
13

IT compute load
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
today tomorrow after tomorrow
physical virtualized container serverless
New application
load
Source: STKI
14

The Cloud Platform will be the core of IT infrastructure
15

The core of “Cloud Platform” is:
Containers & Kubernetes
(prerequisite for this presentation)
Microservices architecture
(prerequisite for this presentation)
Serverless (FaaS) & EDA (event
driven)
Servicemesh
APaaS (“cloud native” in a box)
16

FaaS (Functions as a Service)
& Serverless
17

Event driven programming architecture (EDA)
18

The good, the bad and the evil of
Serverless and EDA:
Scale to zero (the real “pay as you
go”)
Easier & faster to the developer
(no need to compile, build, etc.)
Increase (cloud) vendor lock in
Open-source projects (OpenFaas,
Kubeless ) are emerging
Expensive in high utilization and
performance instability
19

Containers
vs.
Serverless
(FaaS)
20

IT should explore Serverless and EDA
21

Service Mesh
Architecture
22

Servicemesh
architecture:
• The evolution of SOA, ESB and
Rest
• Enables to control how
microservices interact
• Tradeoff is increased latency
• The next major features to
expect from Servicemesh tools
is Zero Trust enablement !!
23

• Integration team is now responsible for setting the tools
of inter–application interfaces
Integration team is now
responsible for setting the tools
24

APaaS “All in one” cloud platform
tools:
The highway to “Cloud Platform”
25

APaaS “all in one”
native cloud tools:
• The evolution and combination of
IDE, DevOps and private cloud tools
• Tradeoff between fast installation
and operations and less control of
technology stack
• Different APaaS flavours:
• For infraops
• For development (CICD)
26

When implementing “All in one”
APaaS platforms the
development is in the center
27
What about traditional infrastructure?

Business process, Data
Application = code
Cloud platform: Containers , Serverless
Basic infrastructure
What is basic infrastructure?
How is it built and maintained?
28

What is basic
infrastructure:
• Bare metal
• HCI
• Networks
• Virtual Machines
• Object storage
• Public / hybrid cloud
• Cloud on prem
• Openstack
29

How is it
built? Build with IaC “Infrastructure as
Code”:
• Puppet
• Chef
• Ansible
• Terraforms
30

IaC maturity model
IaC benefits to the end user:
• Reduce cycle times
• Reduce human errors
• Reduce cost
• Provides visibility
Source :ThoughtWorkshttps://www.slideshare.net/garystafford/infrastructure-as-code-maturity-model
31

Infrastructure should embrace IaC
and set IaC metrics
32

s Cloud native
operations
Cloud Native
Development
PROJECT
E V E R Y C O O L
S T A R T S H E R E
Technical, process
and data debt
payment
01
02
03
04
06
05What is Cloud
Native IT?
Post virtualization
Cloud Native
as R&D lab
33
33
33

What is Low Code?
• Create application software through
graphical user interfaces and
configuration instead of traditional
computer programming
• The new “4GL”
• Low Code vs. No Code platforms
34

>10x
improvement
Typical Low Code presentation by vendor
35

Potential Low Code
benefits
• Reduce IT backlog and
boost organization usage
of technology
• Enables legacy developers
be part of latest
technology applications
• Reduces risk since apps
are developed faster with
less effort
• Smoother operations and
visibility of production
applications
36

• IT should investigate Low Code platforms
for its benefits and limitations
• Departmental & limited time use
applications are natural fit for Low Code
exploration
37

DevOps
01 02
03
04
05
Deploy &
implement
Define requirements
based on customer
metrics
Design system & test
outcomes with
customer metricsAgile development
& test with
outcome metrics
JOB TO BE
DONE
DESIGN
PRODUCT
PROTOTYPE
& TEST
DEVELOP THE
PRODUCT
FRUITION
Outcome-Driven
Development®Product
strategy
Problem
definition
Product
prototype
Deploy
ment
Maintain
Implementation
& Training
TIM Methodology®Define market/
product strategy
based on unmet needs
Agile development
alone
(without management
support and LoB full
involvement) can’t
bring the real
change that the
organization needs this will be explained during
the session on
“organizational & IT
initiatives”
38

What architects do?
Draw lines that separate things
Draw lines that connect things
Describe the whole landscape
Strong IT architecture team is
needed for TIM® implementation
IT needs to act faster – must see the whole landscape
Visibility of dependencies is a crucial
Backwards compatibility and API documentation is crucial
However, architecture team must be agile and not hold back
the organization
39

• Enhance (build) your ArchitectCTO team
• Define Architecture vs. CTO roles
• Define SLA for ArchitectureCTO team
40

What stops
cloud native
development?
• Process is not done right (skip DT, skip
LEANprototype, aim for features instead of
goals, etc.)
• InfraOpsSec stops the cloud platform
• Business is not part of the dev process
• Outdated budgeting yearly plan and
evolution from “projects” to
“products”(explained during “organizational
& IT initiatives”)
• Midrange managers jeopardize the move
41

Agile teams
work
independently
during sprint
cycle
Source of graphics: SAP STKI modifications
The
“Team”
42

Managers in TIM (Agile): completely change their role
(discussed later in “organizational and IT employee
initiative”
43

• Please take a deep breath and adapt
• Adopt TIM® and remove barriers
• Everybody in development should expect
big change in processes and responsibility
especially mid-managers.
44

s Cloud native
operations
Cloud Native
Development
PROJECT
E V E R Y C O O L
S T A R T S H E R E
Technical, process
and data debt
payment
01
02
03
04
06
05What is Cloud
Native IT?
Post virtualization
Cloud Native
as R&D lab
45
45
45

DevOps speeds up software
development and
operational deployments
46

DevOps benefits are:
business agility and a
responsive technology
function
• Faster delivery of features
• More stable operating
environments
• Improved communication
and collaboration
• More time to innovate
(rather than fix/maintain)
47

“DevOps & Sons”
DevSecOps
CloudOps
GitOps
AIOps
DataOps
MLOps
NoOps
48

The final cut: NoOps
NoOps is the next logical progression of DevOps
The complete process is automated via “cloud platform” tools
Development team do not need to communicate with system administrators anymore
49

• OCIO should co-manage DevOps (along with
Dev and Infra/Ops)
• Work visibility is step #1
• Testing automation is step #2
50

Things developers are doing with
DevOps & Cloud Platforms:
Set and update security policy
Add/reduce compute power
Add/reduce storage capacity
Set and update backup policy
Set and update monitoring policy
Set and update clusterrestart
configuration
Define and activate deployment tactics
51

The balance
between dev. and
ops. is changing
52

“Total Commitment”
• I want my team to serve
the business - be able to
do everything they need
to do:
• write, ship and
support their code
• deploy a build
• monitor production
find and fix
production problems
• I want my team to take
ownership
• I want everyone else to get
the hell out of the way
Based on: https://stackify.com/what-is-devops/
“You build it - You run it”
53

Development
(the team) is
part of every
incident
54

Development
(the team) is
looking at their
monitoring /
business
console
55

Teams (“developers”) should take
more end to end (production)
responsibility
56

What will happen to
infrastructure &
operations?
Things developers are doing with
DevOps & cloud native platforms:
Set and update security policy
Add/reduce compute power
Add/reduce storage capacity
Set and update backup policy
Set and update monitoring policy
Set and update clusterrestart configuration
Define and activate deployment tactics
57

What will happen to
infrastructure &
operations?
Infrastructure will have
to adopt and to become
the “new kid”:
To be the “DevOps” and
take responsibility for
CICD
To be the “cloud
platform”
For the same workload,
Infrastructureops head
count will be reduced :
90% reduction if 100%
public cloud
30% for cloud native on
prem
Not today
58

• Please take a deep breath and adapt
• Become “DevOps” and take responsibility for
CI/CD
• Become the “Cloud Platform” owner
59

s Cloud native
operations
Cloud Native
Development
PROJECT
E V E R Y C O O L
S T A R T S H E R E
Technical, process
and data debt
payment
01
02
03
04
06
05What is Cloud
Native IT?
Post virtualization
Cloud Native
as R&D lab
60
60
60

Yesterday :the organization had perimeters
Inside= safe
Outside=not safe
61

Today :the organization has no perimeters
“Never trust – Always verify”*
Forrester-The Zero Trust eXtended (ZTX) Ecosystem
62

First zero trust implication: decentralize everything
Inside= safe
Outside=not safe
IBM Datapower
F5
Checkpoint
63

Every protection is edge protection
64

What should we verify?
• The device
• The user
• The network
• What is transferred (data, docs,
web)
• Role-based access control
(process, port, protocol) – provide
the minimal access
65

Network nano segmentation (IP-protocol-port-process) vs. SDP
software defined perimeter
66
“Feb 12, 2019 - Symantec said on Tuesday that it's acquiring Luminate Security…”

67
SDP architecture example: Cyxtera
2
Controller checks context,
passes Live Entitlement to client
3
Using SPA, client uploads Live
Entitlement, which gateway uses to
discover applications matching the
user’s context
5
Continuously monitors for any
context changes, adapts Segment of
One accordingly
1 Using Single-Packet Authorization,
client makes access request to
controller
4 Dynamic Segment of One network is
built for this session
CONTROLLER
GATEWAY
CLIENT
APPLICATION
IDENTITY PROVIDER
APPLICATION
APPLICATION
67

Zero Trust SDP via Servicemesh: set the role based access level in
servicemesh?
68

• Implement cyber security solutions that are
based on edge protection
• Explore Zero Trust SDP solutions while
understanding the current north-south,
east-west solutions gap
69

s Cloud native
operations
Cloud Native
Development
PROJECT
E V E R Y C O O L
S T A R T S H E R E
Technical, process
and data debt
payment
01
02
03
04
06
05
What is Cloud
Native IT?Post virtualization
Cloud Native
as R&D lab
70
70
70

Technology is the core of
differentiation in each
organization
All organizations are
“Technology Companies”
All organizations should
invest in technology R&D!!
71

Enterprise Organizations should allocate
at least 0.5% from IT investment budget to R&D
72

Summary #1: What are the “Cloud Native”
benefits (CEO level)?
Better business productivity – react fast to business needs (faster development with
TIM® & Low Code, using limitless cloud resources, deploy faster with DevOps)
Reduce cost (open source based, public cloud potential savings, more automation – less manual
work, programming is more efficient)
Reduce technical debt (automation in changes patches, public cloud constantly updates,
microservices enable granular debt payment)
Improved availability, increased security (immutable code & infrastructure is self healing, less
human errors because automation, automatic scale up – applications will not overload, DevOps
enables faster roll-back, zero trust cyber security)
Enable faster business partnerships and regulations compliance (Open API standards
and API management tools, zero trust enables faster co-operation)
73

• Place “reduce technical debt” as organization goal
• Place “technical debt executive” (from OCIO or internal
audit)
• Set technical debt notification process
• Enhance (build) your ArchitectCTO team
• Define SLA for ArchitectureCTO team
• Embrace Microservices architecture
• Backwards compatibility and API documentation is
crucial
• OCIO should manage DevOps (with Dev and
Operationsinfra)
• DevOps: work visibility is step #1
• DevOps: Testing automation is step #2
• IT should explore Serverless and EDA
• Integration team is now responsible for setting the tools
• When implementing “All in one” APaaS platforms the
development is in the center
• InfraOps should be responsible for DevOps processes
enablement and cloud native tools (APaaS)
• Implement cyber security solutions that are based on
edge protection
• Explore Zero Trust SDP solutions while understanding
the current north-south, east-west solutions gap
• Enterprise Organizations should allocate at least 0.5%
from IT budget to r&d
74

Cloud
Native
75
Pini Cohen
STKI CTO
pini@stki.info

APPENDIX: WHAT SHOULD CTO EXPLORE?
T E C H N O L O G I E S A R E D I V I D E D T O “ B U S I N E S S R E L A T E D ” A N D “ I T R E L A T E D ”
76

What should
CTO explore?
• Open API standards
opens up the
organization for easier
business partner
enrolment
Name = “Moshe Cohen-Levi”
FullName = “Moshe Cohen-Levi”
77

What should the CTO explore?
Mobile payment technologies
78

What should the CTO
explore?
VRAR
79

What should the CTO
explore?
Quantum computing
80

What should the CTO
explore (internal IT
proposes): ?
Quantum computing
"Anyone that wants to make sure that their data
is protected for longer than 10 years should
move to alternate forms of encryption now" said
Arvind Krishna, director of IBM Research.
81

What should the CTO explore? 5G based solutions
82

What should the CTO explore (internal IT
proposes):
DRaaS as a public cloud starter
83

What should the CTO explore
(internal IT proposes) ?
Cloud on prem solutions
• Have the cake and eat it, too
84

Public on prem
differentiation &
Trade-offs
• Pay as you go or pay up front.
What type of commitment?
• Work disconnected?
• HW by vendor or by partner?
• Variety of services available?
• Cost for network egress?
85

What should the CTO explore (internal IT proposes) ?
Platform offering
Same-Day home delivery
Subscribing
Notification service Account opening
Load request
Ask to transfer money
Credit allocation Clearing/SettlementCash management Trade finance
Trust and securities
Inventory management
Payments
document managementidentity BI
WCM
MonitoringData store
Vendor A
Customer Engagement
Transaction/Core services
Data Services Infrastructure services
Vendor B
Payment calculation
AI/ML
86

Platforms solutions
benefits:
• Software/SaaS platform comes with all business
needs (engagement processes + transaction
processes ++)
• Processes are integrated and enable single
source of truth (unified data) without process
conflicts
• Define custom business processes
(configuration, code, 3rd party = “market”)
• The platform's constant update reduces the
technical debt
• Business might need to change processes (high
management attention)
87

STKI: Business platforms will
dominate the market
88

Technical debt repair & avoidance: technical
• Static code analysis tools give metrics for technical debt (code
complexity, etc.)
• It enables to identify hot spots (debt+commits) and provide
warning lights
89

Functional
Programming
• Rather than changing
data they take in,
functions in functional
programming take in data
as input and produce new
values as output. Always.
Source: https://medium.freecodecamp.org/learning-the-fundamentals-of-functional-programming-425c9fd901c6
90

STKI summit CTO presentation 2019

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a STKI summit CTO presentation 2019

Similar a STKI summit CTO presentation 2019 (20)

Más de Pini Cohen

Más de Pini Cohen (20)

Último

Último (20)

STKI summit CTO presentation 2019