Summer School Adopting Dev Ops and Automating Governance
1. Adopting DevOps and Automating Governance
Chris Haddad
Vice President Technology Evangelism
Senaka Fernando
Technical Lead
Follow me @cobiacomm
Read more about PaaS at http://blog.cobia.net/cobiacomm
Try StratosLive https://stratoslive.wso2.com/
2. Adopting DevOps and Automating Governance
• Cloud goals and outcomes
• Defining DevOps, Governance, and Service
Level Management
• Platform as a Service tooling and automation
• Quick Start Use Cases
3. Cloud Goals
Provide access to
Integrate with other
Rapidly deliver all devices,
Web and Cloud
new capabilities customers, and
Applications
partners
Cost effectively
Reduce time to Re-use existing scale environment
market investments to meet business
demand
Avoid operating Increase
Reduce data
expenses, operational
center footprint
preserve capital efficiency
4. Measuring PaaS Outcomes
• Foundation
• Time and effort to create new application environment
• Time to redeploy application
• Time to promote application into a new lifecycle phase
• Optimize
• Dynamically right-size infrastructure scale
• Re-use existing platform services and business services from
resource pool instead of re-building solution stack
• Transformation
• Time and effort required integrating business process, event
processor – creating a complex app.
• Time and effort required to apply policy across tenant(s)
• Cost to operate application per user or transaction
5. Application Development Challenges
• Long time and significant effort required to
create application project environment(s)
• Complex integration required to extend core
application capabilities and bridge consumers
• Difficult to enforce governance best practices
and policies
• Time consuming, manual process to obtain
project status, dependencies, and change
impact
6. Platform as a Service Capabilities
Automated
Dev Ops Tooling
Governance
Consumption Service Level
based Funding Management
9. DevOps Tooling
• Self service project and policy configuration
– Via project configuration portals
– Security, service levels, frameworks, usage, topology
• Automated platform provisioning
– Via service tier templates
– Framework and policy enforcement points (PEPs)
• Process automation
– Continuous build, test, and deployment
– Code promotion and synchronization across
environments and servers
• Dependency analysis and impact analysis
10. Defining Governance
• Ensuring people do the right thing
• Make doing the right thing the easy path
– via automation
• Spans precepts, policies, people, and process
Governance applies to many domains
– Design and development
– Operational processes and run-time environment
– Organizational resources
• Effective governance requires a big picture view
of portfolio and dependencies
12. Cloud Governance
• Govern all aspects of Cloud services
– Service descriptions
– Service consumption
– Service usage
– Service discovery
– Service lifecycle
– Service policies
• Dependency Management & Impact Analysis
13. Cloud Governance Challenges
• New data types and metadata
• Interface with new Cloud management
infrastructure
• Resurgent focus on bridging silos and creating
a hybrid solution requires extensibility
• Emerging specifications and practices requires
customization and experimentation
14. Cloud Governance extends general purpose Registry &
Repository
• Store Cloud Governance Artifacts:
– Contracts, Models, Workflows, Service Definitions,
Documentation
– SLAs, Monetization Rates, Usage Limits
– Cloud Service Dependencies and Machine Instance Configurations
– Scale and Resource Pool Policies
15. Automated Governance
Requires
• Service catalogue and service tiers
• Demand and capacity management
• Lifecycle management and workflow
• Continuous provisioning and deployment
• Cloud management integration
16. Automated Operational Governance
• Establish policies and controls
– Policy Information Point (PIP)
– Policy Decision Point (PDP)
– Policy Enforcement Point (PEP)
• Integrate with Business Activity Monitor to provide
analytics, monitoring and business intelligence
including custom KPIs
– Service performance metrics
– Usage, billing, and monetization metrics
– Track Cloud service expense against business value
17. Service Level Management
• Resource monitoring
• Resource management
• Performance Management
• Traffic Orchestration
Governance defines policies and processes
used to establish service level management
18. PaaS Evaluation
Integrate PaaS into your DevOps and
Governance environment
• On-premise software development life-cycle
tooling
• On-premise service governance tooling
• Policy and asset repositories
19. Governance Planning
• Formal Planning
• Cloud Governance Program Office
• Defining a set of policies, guidelines
• Identifying roles
• Building processes
• Ad-hoc/Informal Planning
• Identifying user behavior
• Categorizing users into roles
• Isolating existing processes
• Establishing policies, guidelines
20. WSO2 AppFactory
A Cloud-based, agile, DevOps approach to
application design, development, and delivery
– On-demand self service and Cloud provisioning
– Continuous build, continuous integration,
continuous test, and continuous delivery
– Governed, iterative lifecycle management across
hybrid clouds and composite applications
21. WSO2
AppFactory
Partner and Mobile applications
API Management
Lightweight High Performance
Integration
Existing IT infrastructure
Scalable Private Cloud infrastructure
CIO/Management Workflow managed
Dashboard build and deploy Governance
Stratos Multi-tenant elastic and Identity
integration and ESB runtime
WSO2 AppFactory
22. WSO2 AppFactory
• For developers
• Simplifies project setup and provisioning
• Fits into their existing IDE (i.e. Eclipse, IDEA, Rational)
• Works with leading development tooling (i.e. SVN, Git, Junit, Selenium,
Maven, Jenkins, Bamboo, and JIRA
• For development managers
• Manage project lifecycle with well defined checkpoints and phases
• Ensures projects follow governance model and best practices
• Provides consistent frameworks and architecture
• For the CIO and Executive IT management
• Development dashboards deliver at a glance view of projects’ status, lifecycle,
activity, and health
24. DevOps requires Social Collaboration
• Empower the social enterprise
• Human interaction with governance via tasks
• Comments, ratings and tags on any type of
resource or artifact
25. Configuration Governance
• Governs any kind of server/system configuration
• Manages Versions and Revisions with checkpointing & rollback
• Manages the full promotion lifecycle spanning across development,
testing, staging and production environments
• Deeply integrates with all WSO2 Carbon middleware products
• Integration to any 3rd party product via command-line clients
26. Developer Friendly, Easy to Deploy
• Deployable standalone or as federated set of
servers
• Integrated with SVN, Maven, Ant and other
standard tools for development & deployment
• Integrated to WSO2 Developer Studio, Eclipse-
based IDE for all WSO2 products
27. AppFactory Extensibility
• Define any type of Cloud governance asset, development
tool, and software development process
• Customize any aspect including UIs, handlers, workflow, and
filters
• Integrated with 3rd-party products and external systems
28. Quick Start Use Cases
• DevOps Tooling and On-demand self-service
• Automated Governance
29. Quick Start Use Cases
DevOps Automation and Automated Governance
• Automating Deployment
– Deploying assets to Cloud
• Automating Lifecycle promotion
– Promoting cloud applications across development,
test and production clouds
• Automating policy decisions and enforcement
30. Quick Start Use Cases
DevOps Tooling and On-demand self-service
• Use Cases
– Rapidly provision application environment
– Rapidly provision application tenant
– Allocate, provision, monitor, manage, and administer
resources across multiple tenants, nodes, and
locations
– Develop complex, composite integrated applications
• Key metrics
– Time to create new application environment
– Time to redeploy application
31. Quick Start Use Cases
Automated Governance
• Use Cases
– Create users and configure rights
– Deploy on preferred topology that meets deterministic
performance requirements (e.g., replication, utilization,
latency, bandwidth, and coherency)
– Create service throttling and security governance (XACML)
policies
• Key Metrics
– Time and effort required integrating business process,
event processor – creating a complex app.
– Time and effort required to apply policy across tenant(s)
32. Resources
• Try StratosLive right now:
– https://stratoslive.wso2.com/
• Read about Stratos:
– http://wso2.com/cloud/stratos/
– Source Download available
• Read about WSO2 AppFactory
– http://wso2.com/solutions/app-factory
• White Paper
– Selecting Platform as a Service
• Contact us:
– bizdev@wso2.com