Using custom lenses for AWS Well-Architected reviews

The Amazon Well-Architected Framework is a set of six pillars that help to build secure, high-performing and efficient infrastructure. The standard AWS Well-Architected Framework set of questions works for most workloads, but others can benefit from being reviewed with a more specific one or a "lens."

Kirjoittaja: Massimo Prencipe

The Amazon Well-Architected Framework is a set of six pillars that help to build secure, high-performing and efficient infrastructure. These six pillars are operational excellence, security, reliability, performance efficiency, cost optimization and sustainability. The AWS Well-Architected Tool helps to evaluate workloads against these architectural best practices. Using the tool is free of charge.

The standard AWS Well-Architected Framework set of questions works for most workloads, but others can benefit from being reviewed with a more specific one or a “lens.” AWS has released many lenses, such as the Container Build and Machine Learning lenses. However, these lenses are only available as white papers.

The easiest and most pleasant way to perform a Well-Architected review is with the Well-Architected Tool. It is easy to use for both technical and non-technical users, provides structure to the review, and generates a detailed report with improvement plans. How can a custom lens be used in the tool, then?

The Well-Architected Tool supports creating custom lenses with your own questions, best practices and improvement plans. Creating a lens requires crafting a JSON file according to the Lens formation specification. The lens can then be imported to the Well-Architected Tool and applied to a workload. The tool also allows creating new lenses as drafts and previewing changes made to them.

Solita has published the Container Build Lens as a custom lens. The lens conforms to the equivalent AWS white paper.  Use this lens to build secure, efficient, high-performing and reliable container workloads!

Platform Engineering: creating customer value and enabling meaningful work

You have probably heard about Platform Engineering, haven’t you? Platform Engineering has gained a lot of visibility this year. But what is it, why does it matter, and why should you know something about it?

Kirjoittaja: Kimmo Kekkonen Product Development Lead

Let me briefly tell you what it is about. Platform Engineering is an emerging approach that ultimately helps businesses to accelerate application delivery and the speed at which applications are developed as defined by Gartner. Platform engineers are needed to make this happen. This approach creates a work environment where platform engineers can create more value and make a bigger impact while the businesses save time and money.

Platform Engineering is a modern way of packaging and delivering services that development teams need to develop and run applications in the cloud. This approach produces more value, saves time and money, and makes work more streamlined for developers. These results are achieved by providing development teams with reusable components, self-service, standardized platform services, and tools.

Improving developer experience while saving time and money 

It has not been said for nothing that Platform Engineering scales DevOps pragmatically. For the first time, there is an affordable business case for adopting DevOps, not only for a few teams but for the whole organization.

When customers have several teams developing applications and working in the cloud, it makes sense to have a centralized team that takes the bigger responsibility for creating models, frameworks, and shared platform-level services for all the different development teams. This way, we can cut overlapping and inefficient work and find automated solutions that support all parties involved in application development and operations.

Adopting a Platform Engineering approach is beneficial for businesses, as it produces more value but also saves time and money. On the other hand, it also makes the work more meaningful for everyone involved. With a Platform Engineering approach, one can improve the developer experience and productivity by building self-service capabilities, automated cloud infrastructure deployments, and automated operations.

This approach helps businesses accelerate application delivery and the speed at which applications produce business value – while keeping cloud compliant, secure, and governed. As a result, business units can enjoy faster deliveries, and IT-units can ensure governance and security without extra hassle.

Scaled automation and bigger impact 

When offering centralized services to multiple teams, one needs to ensure the scalability and quality of the services. That means that continuous development and maintenance need to be planned well.

If we have, for example, ten development teams using the platform services, the value impact is huge compared to individual development teams creating solutions for their own needs. Additionally, the Platform Engineering approach of providing central services as “products” leads to a highly professional and structured release/deploy mechanism that scales. Moreover, it will lead to better quality and higher value with less work.

Let me give you a few brief examples of what platform engineers can do to help development teams. The first is backup as a self-service, and the second is automatic DNS registration.

Backup as a self-service For every production application, there is a need for a backup mechanism. Backup of cloud resources can be provided for a development team as a self-service in a very simple way. The development team will tag cloud resources they need to back up with a backup-level tag. Tags can be e.g. BackupLevel = 0, BackupLevel = 1 or BackupLevel = 2. For example, BackupLevel = 1 class can mean that backup is taken daily, and backup will be stored for two weeks. And that’s it; backup is activated! Once the cloud resource has the tag, it will be automatically backed up based on a predefined backup level class.

Automatic DNS registration – If a developer wants to access, e.g., Managed Database via internal networking in Azure, one needs to have a private DNS name for it. This name can be, for example, mydatabase.privatelink.database.windows.net. Usually, the developer needs to contact IT or the cloud support team to get a working DNS name for the cloud resource. Typically this can take days or even weeks. However, utilizing the Platform Engineering approach, this can be solved as a self-service. Once the developer creates a cloud resource, it will trigger an automation job in the background, automatically creating a DNS record for that particular cloud resource. For the developer, there is no need to understand DNS zones, how to map zones to networks, or even know what DNS records are needed in the first place.

These are just two simple examples of the Platform Engineering approach we have done for our Customers. They are already available to our Customers via Solita Cloudblox managed service offering.

Different levels of experience work well together 

With the Platform Engineering approach, senior platform engineer experts can focus on more value-adding tasks than always solving the basic issues. Less experienced colleagues, on the other hand, have clear models and structures to follow, which makes learning for them smoother. We don’t have to reinvent the wheel repeatedly per development team basis but can focus on creating actual value for the businesses.

Solita always has different experience levels in our teams, creating a good environment for less experienced team members to learn and grow. In the case of Platform Engineering, the key is understanding the framework and models. That requires some understanding of software production. But all this can be learned with some basic understanding of IT and cloud and the motivation to learn more.

Many career changers outside of IT have become successful in Platform Engineering within three to six months of onboarding; after getting three weeks of basic IT and cloud training to set the fundamentals. I’ve seen that motivated people can learn fast, feel the meaningfulness of what they do, and become team members who can create value for customers in a rather short time.

Why work with Platform Engineering at Solita? 

We are privileged to be surrounded by top-level professionals in digital business. At Solita, platform engineers work together with top designers, scrum masters, project managers, and developers, to name a few. We prioritize continuous development, as evidenced by our AWS MSP, Microsoft Azure Expert MSP, and GCP Infrastructure specialization. We have also been recognized with the AWS Migration Competency award, the first in the Nordic countries.

When I talk to people who work with the Platform Engineering approach in our customer accounts, they appreciate our ways of working and the will we at Solita have to be at the top of our game. We want to do things that create value and impact that lasts for our customers while making sense for our talented people. Packaging cloud platforms like AWS, Azure, and GCP into easy-to-understand services and making the services to scale are doing just that!

We are looking for new colleagues to join our Platform Engineering Community! Take a look at our open positions!

Solita Cloud Platforms’ Recipe for Successful Gathering

Community evolves when people gather to meet. Increasing psychological safety, increasing productivity. You really should enable possibilities for internal meet-ups!

Kirjoittaja: Lauri Siljander

Ok, I admit that there is nothing revolutionary going on with our Recipe for Success here. Just well planned and organized stuff anyone can apply to their meetings and/or workplace culture. Adding these elements worked for us, at least:

  • Dozens of Cloud People
  • Meaningful presentations
  • Group discussions in unofficial environment
  • Knowledge sharing; Delicious food and drinks
  • For ultimate perfection: Local hockey team to win quarter semifinals.

It’s a tradition

Solita Cloud Platforms had traditional (second time) annual Summer Grilling and Chilling meetup in Tampere. The majority of our Cloud personnel gathered there to spend an afternoon and evening with each other. Many of us saw each other the first time ever, thanks to our growth with hybrid working culture and the possibility to be recruited outside office locations in Finland. We also had our Estonian team members with us.

Things you probably didn’t know

The presentation and knowledge-sharing part of the program included something regular, something new and something across Solita. Focusing in customer projects or whatever you’re dealing with on a daily basis easily creates cozy bubbles around us. Therefore it’s essential to slow down for a moment to see what’s going on elsewhere.

Cloud people are well kept up-to-date on what’s happening in our business unit. A bit about the near history, a bit looking at the Crystal Ball and sharing our situation for everyone working for Cloud Platforms including a lot of comments and questions from the audience. We are in this boat together.

Our offering is developing further all the time, so this was a great moment to share the new highlights for everyone. What kind of new abilities we are building, who are the people involved and how this might affect to anyone in the room – how I could be the part of this journey? The presentation seemed to cave new pathways to our career landscapes.

While Solita is growing and we’re now a community of communities consisting of approximately 1700 people, there’s a lot happening and change is rapid. In Cloud the work is all about lifecycle management of the services, but it’s not limited to us. The business is evolving on Solita level too and we discussed about our transformation from project house to life-cycle management provider.

So you want us to go to pub to discuss? Can be done.

After a few hours sitting and listening and discussing, Cloudians were let loose to have group discussions. We were divided to several groups of about 5 people, and the commands were “find your group – choose a pub – discuss about meaningful work“.

Meaningful work has grown to be a prioritized subject in our employee satisfaction queries and also leadership priorities. People are focused and willing to do their best but expecting that the targets are impactful and work meaningful. Of course one can have effect on themselves 0r the project they’re working with, but also the meaningful work needs to be recognized.

In our smaller groups (yes, in public houses, with refreshments) we discussed around these questions:

  1. What is meaningful work for you?
  2. How we as a project group can do work more meaningful in our project context?
  3. How can I do work more meaningful for me?

At least the group I was in had really lively and (enough) philosophical points of view and we ended up making the world a bit better place through our concrete answers. And the landscape over Tampere was rather awesome too. Most of all this exercise influenced our thinking and yet again helped smashing the cozy bubble around us.

Afterwork with delicious food and drinks

Continuing towards the evening and the local hockey team game against Canada, we headed to our penthouse office with roof terrace to spend an evening afterwork. The best party always happens in the kitchen (or in corridor)!

The main events (excluding the Cloud People) were the food and the drinks, which both were on decent awesomeness level. The afterparty kept going on when the hockey game started – and I’ve heard some rumours that it continued late after the game too…

Although Finland did not beat the old nemesis this time, people had the smiles over their faces the next morning too. This was a successful gathering!

A healthy culture is a key engagement factor at Solita Cloud Community

While Solita keeps growing and expanding its business, it also continues investing in a caring culture where people and their well-being are top priorities. This approach has proven rewarding even when times are turbulent in the external environment.

Kirjoittaja: Saila Karonen Talent Acquisition Owner

 

Caring is one of Solita’s key values, and it’s very visible in the Cloud Community. Caring starts from viewing people holistically. People are seen as human beings with all different sides, and their well-being is a top priority.

The strong culture even protects people from themselves. That happens through open and honest communication, vulnerability, and respect for employees’ boundaries.

“We completely lack superhero culture here, where people who overwork and are available until midnight are celebrated. People are genuinely interested in how I’m doing, and we talk and deal with all kinds of emotions in our team,” says Petrus Lehtimäki, Senior Cloud Consultant in the Cloud Community.

A healthy workload is a transparent goal at the Cloud Community, and employees are not expected to work overtime or answer emails in the evenings. A healthy way of working is advocated in different teams and discussed with customers when needed. That is reflected throughout the company, and the numbers speak for themselves. Peakon survey score for workload at Solita is 8,7, which is way above the industry average (7,7).

Solita hasn’t been affected much by the economic downturn, and the people-first approach seems to bear fruit also during tough times. It comes down to leaders who make long-term decisions and grow the company responsibly.

“It feels like we can make more revenue with less forcing and pushing compared to some other companies. We don’t have to kill ourselves with the workload, but Solita keeps growing, and it’s a highly profitable company,” Lehtimäki continues.

People are encouraged to have a life also outside of work 

A healthy culture is also reflected in how different life situations are considered in the Cloud Community. Petrus wanted to stay home with his youngest daughter for six months, and it was clear from the first discussion that the company supported this decision fully.

A true intention is to make work match employees’ other interests and life in general. Part-time work is another example.

“I was able to work part-time without any justification. In 2022 I wanted to work remotely from Spain for a month. It worked out, and I was also allowed to lower my part-time work from 80 % to 60 % during that month”, says Eveliina Miikkulainen, a Project Manager at Solita Cloud Community.

Solita also scores high in flexibility (9.0) according to Peakon survey results. People generally have a lot of flexibility in planning their work and schedules. Practicalities are discussed with the project team; as long as work gets done, there is plenty of autonomy in organizing one’s work. Also, vacations and days off can be booked without bureaucracy, and in most cases people can take time off when they want to.

“Here you are asked what you want to work with, and your wishes are considered as much as possible. We also have fantastic occupational health services.” (Solita Cloud Platform Employer Brand Survey)

The level of autonomy is high at Solita, and it’s exercised at all levels in the Company. Autonomic decision-making makes the company feel small, even though it’s over 1600 people in six different countries. The Cloud Community consists of almost 100 Cloud Professionals but also feels like a small team.

A community without a pecking order

“At Solita Cloud Platforms, we have a fun and open culture where you can truly be yourself. On top of this, things get done, and the customer is happy.” (Solita Cloud Platform Employer Brand Survey)

The culture also embraces authenticity, and people are encouraged to show up as they are. Diversity and inclusion are big topics within the company, and there is a real sense of equality. That means that there is no pecking order; everyone’s voice is heard and appreciated.

“Ideas are evaluated based on their quality, not based on who is sharing them,” adds Miikkulainen.

Shared responsibility and accountability are also aspects that contribute to a healthy culture. People are passionate and want to do their best work, grow, and help their colleagues. Help and support are always available, no matter what the problem is.

Want to hear more about our culture?
Contact our Talent Acquisition Owner Saila Karonen, saila.karonen@solita.fi (Finland)

Talent Acquisition Specialist Kajsa Törnroos (kajsa.tornroos@solita.se) (Sweden)

Or Apply here (FIN)  or here (SWE)!

 

 

Solita achieves Google Cloud specialization: Infrastructure – Services

Solita has achieved Google Cloud specialization, demonstrating our competency in building infrastructure and migrating workloads to the Google Cloud Platform.

Kirjoittaja: Antti Peltonen

Solita and Google share a longstanding partnership, with multiple significant real-time, data-intensive services running in production. Solita boasts a growing number of certified professionals and possesses unique skills in developing complete services on the Google Cloud Platform, not just in developing and operating the cloud infrastructure.

As a Google Cloud Platform Partner, our partnership aims to accelerate the pace at which our clients can capitalize on digital opportunities.

Our expertise is evident in our CloudBlox offering, but Solita’s know-how extends beyond our cloud infrastructure services to encompass software development, data analytics, and integration services as well. This specialization, therefore, reflects Solita’s comprehensive capabilities as a whole, demonstrating our ability to provide a wide range of solutions for our clients.

We are excited about the prospect of further tightening and deepening our partnership with Google Cloud in the future. Our continued collaboration will undoubtedly bring more innovation, growth, and success for both parties while offering enhanced value to our clients.

Disobey 2023

A retrospective of major cybersecurity events. A glance in the AI and Cloud crystal ball. Looking inside for industry introspection.

Kirjoittaja: Massimo Prencipe
Kirjoittaja: Teemu Laakso

We were eager to attend Disobey after a long hiatus. The pre-published program seemed to offer a nice mix of high and low level presentations.

Mental health and cybersecurity – a match made in hell?

Friday’s keynote by Antti Kurittu focused on the most relevant Finnish cybersecurity incident of the last few years: Vastaamo. However, since the leak has already been examined in the media, it didn’t surface so much in other presentations.

A later presentation by Juho Jauhiainen definitely stood out from the rest. It focused on an individual’s journey in cyber security: how the competitiveness of the industry impacted their mental health and what really matters in the end. This was undoubtedly an eye-opener for many that suffer from the same pressure. It should be noted that while the talk was done from the cybersecurity perspective it also applies to the other areas of IT as well. A huge thanks to Juho and we need more sessions like this!

Another great presentation worth mentioning was held on Friday evening. The presentation was a case study on whether it is possible to pick the Abloy’s “EASY” mechanical lock model, which was released in 2021. While the topic is in itself interesting, what made the presentation awesome was that the presenter Petri Maksimainen (also known as Idanhurja) delivered it in his own personal and positive way. The presentation also slightly touched on cyber security penetration testing and how testers can keep their own morale up by adding encouraging message prompts into their scripts!

Year of the Linu^H^H^H Skynet

Producing high-quality deepfakes is not yet trivial, it requires various resources like (voice) actors, good production values, time, etc. At the moment individuals do not need to worry about being the target of deepfakes, as credible productions require a large amount of available video and audio material of the subject. Nevertheless, the impact of a successful deepfake can be very damaging. Mika Juuti examined deepfakes with scientific precision in their presentation “Deepfakes through the lens of an adversary model”, a definite recommendation!

ChatGPT has been in the news for being an enabling tool for hackers. It was also featured in Disobey, where there was a large amount of hype associated with it. One statement is that it enables cybercrime by working as a malware generator. However, most of the examples spat out by ChatGPT are clearly broken or non-functional, requiring programming and/or hacking experience. Currently, ChatGPT has already been severely limited in its ability to produce exploits or malware.

Adversarial AI was largely only speculated upon with “Attacking AIs fighting defending AIs” so sadly no concrete examples of adversarial AIs weren’t seen. Maybe not surprisingly, there was no mention of methods to protect against AI attacks either.

We are not trying to downplay AI as it will be the most transformative tool of our time. Rather we want to point out that AI is not (yet) the bringer of the cybersecurity apocalypse, but its definitely a thing to keep your eye on.

Get your sh*t together

The term “Shadow API” popped up in a presentation. However, we saw it only as another term for improper asset management. Despite what term one uses, asset management remains an important process, which nowadays should include listing of exposed interfaces, no matter whether those are related to production, testing or some other environment.

In the modern times security is everyone’s business and it should be put into practice in every project, preferably earlier than later. For this purpose, threat modeling is the right process. Threat modeling ensures that project assets are recorded, the architecture is up to date, threats as well as threat actors are charted and responsibilities are assigned for implementing contingency measures.

Cloud stuff

Cloud Security was discussed in multiple presentations. One key takeaway was that attackers are now well-equipped to both find and exploit vulnerabilities in the cloud. Note that this is not proof of inherent insecurity of the cloud but rather of its incorrect usage.

The second takeaway was that your CI/CD environment should be guarded like your life depends on it. Compromising it gives the attacker keys to your kingdom. Attackers know this and are focusing their efforts especially on CI/CD. As always, protective controls are mandatory, but in addition to them detection controls should be implemented to ensure that unusual activity within environments is noticed, which allows fast response and mitigation. Another mitigation practice is to separate environments from each other as well as utilize principles of least privilege and zero trust to minimize the so-called “blast radius” from a possible breach.

See Nick Jones’ presentation Stormy skies: Modern cloud attacks and their countermeasures and Dangers of service as a principal – AWS by Matthew Keogh and Tom Taylor-MacLean.

Hope you found Disobey as entertaining and informative as us, see you there next year!

re:Invent22

Exploring inspiring possibilities drives innovation

Solita has grown a lot during the recent years and that means a lot of new Solitans. We have placed effort on diversity but it is not difficult to point out one common characteristic that we all share. It is curiosity. Dynamic business environment requires curious people and we definitely have that kind of culture here.

Kirjoittaja: Tero Peltola Cloud Advisor & certified AWS expert
Kirjoittaja: Joonas Järveläinen Senior Cloud Service Specialist

Solitans have a long history of attending events and conferences. That is something which has never been questioned. Attending events and meeting new people, discussions, interactions or just exploring the new environment are the seeds that quite often enable us to reach novel ideas. During the recent couple of years the number of on-site events had been negligible. Currently after the main Covid era a lot of events and summits with real-life interactions have been restored. People are getting together like before. One of those huge events is the annual AWS re:Invent at Las Vegas, NV.

Among many other developers and cloud enthusiastics, we also participated in AWS re:Invent last November. AWS re:Invent was full of sessions, workshops, and chalk talks from all aspects of cloud. If you are interested in the content of the re:Invent, please check Heikki’s blogs (here, here, here and here). Solitans are rather autonomous individuals. That explains why we attended without structured planning mainly on different sessions. Just based on the interest of our own. For example Tero’s curiosity was towards migrations and creation of business value enabled by cloud and Joonas focused on governance and networking.

Key takeaways by Tero and Joonas

Tero’s interest towards migration was fulfilled with handful workshops. Those addressed widely AWS’s migration services, such as AWS Application Migration Service and AWS Migration Hub. Sessions strengthened the understanding about AWS migration services as a whole. In particularly, those seem to include lots of interesting features that make migration smooth and nice. At least within the workshops’ sandboxes ☺. In addition to the migration related themes, Tero attended sessions on Leadership-track. There he heard inspiring user cases where various kinds of benefits have realized based on cloud transformation.

Joonas participated mainly in chalk talks and workshops that provided deeper insights to existing services such as AWS Backup and AWS Control Tower. At re:Invent AWS usually launches new services and features to existing ones. This was also the case this time. The event provided a first glance to some new releases and perhaps the most interesting was VPC Lattice. Also useful features were introduced in sessions, some that might have been released earlier. For governance level some newer AWS Control Tower features have potential. The amount of information gathered in a week was quite overwhelming.

Looking forward to 2023

The variety of interests among Solitans and the possibilities to explore novel ideas are not going to decrease. The current year 2023 is full of interesting events. Naturally the AWS re:Invent will be among the conferences where you can find Solitans. In addition to re:Invent, most likely Solitans can be spotted at almost every main event that address cloud, novel technologies and value creation. We are a rather big group with a variety of interests. Come to say hey to us. We are pretty nice people to hang around with ☺. Solita is a growing company. The growth is based on a combination of people with various backgrounds and passions. It is expected that our curious culture will draw positive attention and more people will join us during the year.

At the moment we have over 1600 colleagues and we are spread over 6 different countries. We Solitans are different but at the same time, we are sharing at least one common aspect. Curiosity. Learning new and evolving by attending, summits, and conferences is very typical for us. These participations are considered as elements that drive us to find the innovative and best solutions for complex situations. We are curious to find solutions that have an impact that lasts.

Check out our open positions.

Visiting Gartner IT IOCS conference (part 3/3)

Latest insights from Gartner IT Infrastructure, Operations & Cloud Strategies conference.

Kirjoittaja: Kimmo Kekkonen Product Development Lead

Greetings again dear reader! I hope you have enjoyed my last few posts visiting Gartner IT IOCS conference part 1 and part 2. This is the third and final part of the blog series. As mentioned in the part 2, sessions I planned to visit during the second day were as follows:

  • Part 2
    • The Future of Cloud: Prepare for 2027
    • Kick Your Infrastructure-as-Code Journey Into High Gear
  • Part 3 (THIS ARTICLE)
    • Cloud Platform Operations: How to Deliver Services Like a Cloud MSP
    • From Cutting Costs to Measuring the Value of Cloud Deployments

Again, in this article, I will summarize some key takeaways per session from my point of view.

Cloud Platform Operations: How to Deliver Services Like a Cloud MSP

Next session I was attending touched the topic of Cloud Platform operations in an organization as an in-house function. The role model was taken from how Cloud Managed Service Providers (MSP) are running the operations. Yes, thats like we 🙂

Cloud MSP Advantages

The main point was why is it beneficial to operate like an MSP and how to transform in-house cloud platform operations to MSP like cloud platform operations? Three key benefits were presented that make an MSP approach to Cloud platform operations attractive. They were as follows:

  • Automation
  • Customer-centric Mindset
  • Product Management

First, automation helps to scale and therefore improves speed, quality and lowers unit costs. This can be achieved with Infrastructure-as-Code (IaC), orchestration and software engineering practises (code, test automation, CI/CD, etc.).

Second, customer-centric mindset promotes service attitude. The better service attitude, the better experience users/customers have. Also customer-centricity helps to prioritize where you need to put focus: what is important and what is not for the users or customers.

Third, product management improves professionalism. It makes service offering visible, structured and understandable. Moreover, it makes the management and delivery of the services more professional.

Adopt Cloud MSP approach

Finally, the guestion how to adopt an MSP like Cloud platform operations? To summarize, the steps to adopt the approach were as follows:

  1. Appoint product leadership
  2. Create a vision
  3. Recruit staff
  4. Launch MVP (minimum viable product)
  5. Iteratively improve
  6. Measure success

There were not any examples how organizations have succeeded in adopting an MSP like Cloud platform operations. It would have been interesting to hear success stories and also to know what size of companies and from which industries have succeeded.

Meanwhile, you can always check success stories of Cloud platform operations delivered by an actual MSP like Solita 😉 if you are interested, here are a few:

Then a short tea/coffee break and preparing for the final session.

From Cutting Costs to Measuring the Value of Cloud Deployments

Last but not least, a very insightful topic about cloud costs. Yesterday there was a session wheter Cloud is cheaper than on-prem. However, this session was about how to measure applications’ cloud spending from a value point of view instead of a cost point of view.

Cost-Centric Approach

Cost centric approach is the most popular approach. It is easy to do but it is not the best one from the business point of view. It can be even harmful if followed strictly. Few limitations that were raised were as follows:

  1. It focuses on optimizing the cloud resources usage
  2. It has fixed spend expectations (works by the way in on-premises!)
  3. success metrics are not optimal for digital service experience

First, if the focus is in optimizing the cloud resource usage, it may have bad effects to the performance of the applications. The best utilization by the means of resource usage may not be business wise the most optimal.

Second, if the focus is in fixed spend expectation, it may ruin the user experience. For example, think an online shop during the Black Friday. If the online shop is able to autoscale to serve all those users who want to buy from your online shop, it will mean that the costs will scale up. Then the team will get an alert “estimated budget level for this month will be exceeded, please optimize costs”. Instead, you should be happy that you have more customers than expected and scaling up is more than welcome.

Third, success metrics or KPI’s may lead you wrong. Once you only focus on the costs, you may ruin you application’s performance, availability (up-time) or even productivity.

Value Based Approach

While cost-centric approach is easy to perform, value based requires more efforts. Value based approach requires the understanding of the Unit Cost. The Unit Cost is calculated as follows:

Once you know the Cloud Costs and the Business Value Metric you can calculate the Unit Cost. The Cloud Cost is rather easy to collect, since that you can collect from the invoice. Business Value Metric, in contrast, requires the understanding of the business context. Some examples include e.g. 1) e-commerce: number of items sold, 2) airline: number of billable air miles per seat or 3) government: number of citizen served and so on.

Once you know the values and you are able to calculate the Unit Cost. In the session the following graph was introduced to illustrate Unit Cost over time.

As you can see, the total cost may vary quite a lot (Daily Cloud Spend). This is not triggering an alert however, since the Business Value Metric is also greater during that time. This means the increased Cloud Cost is acceptable because it also generates more business value!

Morover, very interesting idea was that while the unit cost is under the threshold (Max Expected Unit Cost), the team can focus on new feature development. Whereas, while the unit cost is over the threshold, the team need to focus on optimizing the application and cloud resources it is using. Quite catchy?

Can you link these approaches to any trend? Hint: compare the content of the session to evolution of financial operations of Cloud. The first example of cutting cloud costs is close to traditional Cloud cost management. Whereas, the second example of measuring the value, applies very much to FinOps. Is your organization capable of utilizing the value of cloud deployments instead of just focusing on cutting costs?

That was the final session for me. Sadly, I had to skip final key note to catch my flight. The topic of the key note was: “The Poker Game of Life: Using Poker to Enhance Thinking and Decision Making!”. Would have been very intresting to listen to the topic.

Conclusions

So, that was the last part of the second day, and at the same time, the last day of the conference. There were many interesting topics, some of them futuristic but some of them very pragmatic. To put it into a nutshell, let my briefly summarize the output for the last part of the second day sessions:

Cloud Platform Operations as an in-house function is not an easy job. Organizations having in-house approach to Cloud Platform Operations may take a role model from Cloud Managed Service Provider’s (MSP) way of working. Strenghts of MSP approach include 1) customer-centric mindset, 2) use of product management practises and 3) high utilization of automation.

Optimizing Cloud costs can be done either by focusing on 1) cutting costs of Cloud or by 2) measuring the value of Cloud deployments. Cutting costs is easy to perform, however it does not bring business value directly. Whereas, measuring the business value and correlating the costs against the value is better way to measure the actual Cloud cost.

That’s it! Now it’s time to take a cab to the airport and get back to home.  Again, I hope you got new insights and ideas from this article. All the best to your organization’s Cloud journey! Thanks again for reading!

Visiting Gartner IT IOCS conference (part 2/3)

Latest insights from Gartner IT Infrastructure, Operations & Cloud Strategies conference.

Kirjoittaja: Kimmo Kekkonen Product Development Lead

Greetings again dear reader! I hope you enjoyed my last post, visiting Gartner IT IOCS conference part 1. Now it’s time for the second day and part 2. Sessions I planned to visit during the second day were as follows:

  • Part 2 (THIS ARTICLE)
    • The Future of Cloud: Prepare for 2027
    • Kick Your Infrastructure-as-Code Journey Into High Gear
  • Part 3
    • Cloud Platform Operations: How to Deliver Services Like a Cloud MSP
    • From Cutting Costs to Measuring the Value of Cloud Deployments

Again, in this article, I will summarize some of the key takeaways per session from my point of view. But before going into that, first quickly insights from the first day evening.

First Day Evening

Once I managed to get out from the conference area, it was time to visit city of London. During my visit, I saw an Amazon Fresh crocery in one corner. Instead of cashiers there was only one guard next to the doors. I had to try it out!

I downloaded the app, added my Amazon account into it, scanned myself in at the gates and did shopping.

Once I had collected all what I need, I just walked away and that’s it! Credit card was charged based on what I collected from the store. And quess what? I tried if the system is so clever that it would recognize if I return a product that I had previously collected. It actually worked! I was only charged from the products I had with me when I walked out of the store. Awesome! 🙂

When I returned back to the hotel, I took a river boat to see what London looks like from the river. Below you can see the Tower Bridge.

Nice view from Thames, isn’t it? 🙂

Okay, but let’s get down to the business and start going through the sessions.

The Future of Cloud: Prepare for 2027

The first session was about Cloud predictions. What the future of Cloud looks like ? The main message was that Cloud is disrupting the scene. While Cloud has been a technology disruptor by this far, in the future it will be a business disruptor.

Cloud Journeys

Following this, organizations will have many different kind of cloud adoption journeys. Those who focus on “technology replacement” will have “replacement journeys” whereas organizations who target to “develop business and innovate” will have “business transformation journey”. It was highlighted that a business-driven strategy coupled with a pragmatic cloud adoption plan is critical for success. I totally agree this while being working with many organizations. Therefore, we have actually concepted “Business Driven Cloud Transformation” approach. The point is to keep the business focus in the cloud adoption journey. I can tell you, although it sounds easy, it is not! To succeed, we had to combine transformation and business competence with more technical application and cloud competence.

Recommendations for IT Leaders

Then there was some recommendations for IT leaders to focus on while preparing for the future. To highlight a few, Applications/Software
Engineering leaders were advised to 1) apply agile and DevOps, 2) avoid monolithic solutions, 3) promote joint business-IT development, and 4) promote low-code technologies. These are familiar topics that we are doing already with our customers. If you are interested, check for example how Terveystalo accelerates service development with Solita CloudBlox®.

Infrastructure and Operations leaders were advised to shift from centralized control to adaptive governance. Also building platform teams and capabilities was recommended. This is a trend I can see now already in organizations. Due to the challenge of talent shortage, many organizations have turned into us to provide cloud platform development and operations as a service.

Security and Risk leaders were avised to drive “policy as code” practise. Again, I can see this happening already now. It is a very powerful tool when you can have your cloud policies defined as code. Therefore we also included “policy as code” into our Solita CloudBlox® modern managed cloud services.

Future Figures

Finally, some figures that were presented during the session regarding the future:

  • Cloud business is predicted to be huge and it will exceed all other IT markets by 2026 globally reaching 1T$ of value.
  • Multicloud expectations of the organizations are going to change since many of the requirements will be unachievable.
  • Deglobalization trend will make the sovereign cloud a critical requirements for some of the organizations.
  • Industry cloud platforms will be used by 50% of the organizations to boost digital business initiatives.
  • Cloud-native development divides so that 70 % of the requirements are fullfiled by hyperscaler capabilities and 30% using containers.

There were also many other insights presented but to move forward I wanted to highlight these ones for you from the serving. Then it was time for a lunch.

Kick Your Infrastructure-as-Code Journey Into High Gear

After the lunch next session was about Infrastructure-as-Code or IaC and how to make most out of it.

Fundamentals

Some basics about Infrastructure-as-Code (IaC) were first introduced. IaC tooling may have different meanings based on who you talk with. To clarify this, in the session IaC tooling was divided into two different categories and on top of that infrastructure orchestrations was introduced:

  1. Provisioning automation
  2. Configuration automation
  3. Infrastructure Orchestration

First, provisioning automation basically gives you the tools to e.g. define networks, firewall rules or setup virtual machines. Another example would be for example sending alarms to Microsoft Teams channel. Tools like Terraform, Pulumi, AWS CloudFormation, Azure Resource Manager and Google Cloud Deploy can be used for this purpose.

Second, configuration automation gives you the capability for example to define virtual machine configurations. Tools that can be used for this purpose include e.g. Ansible, Chef, Puppet, AWS Systems Manager, Azure Automation and Google Cloud Deploy.

Third, infrastructure orchestration helps to manage orchestration of IaC. That is, provisioning and configuration automation from one central place.  Tools like Morpheus Data, Cloudify or Quali can be used as infrastructure orchestration platforms.

Extend Use of IaC

But what is then the next step you can take to utilize infrastructure-as-Code (IaC) in your organization? Four add-on dimensions were highlighted as follows to extend use of IaC:

  1. IaC testing to validate and find possible errors in Infrastructure as Code (IaC).
  2. IaC security to detect, prevent and remediate security risks in Infrastructure as Code (IaC).
  3. IaC cost to automatically output the cost of resources and to show how that cost evolves from one deployment to the next one over time.
  4. IaC mapping to overcome common state management issues and to create IaC from manually-provisioned public cloud resources.

Adopting infrastructure-as-Code (IaC) is not a straightforward to do, albeit it brings a lot of benefits for the organization. The following challenges were raised that you need to be aware of:

  • hard to build necessary skills in Infrastructure and Operations teams
  • hard to have consistent coding practises for infrastructure
  • hard to know where to start due to the vast amount of different options

These challenges we at Solita have learned to overcome. Of course we don’t have the problem where to start. Still, however, we need to continuously train new people IaC skills and train how modern infrastructure development and operations is managed. You might have noticed yourself that it is not always easy to combine sysadmin, infrastructure and coding competences.

That was about the infrastructure-as-Code (IaC) session.

Conclusions

So, that was the first part of the second day! There were many interesting topics, some of them futuristic but some of them very pragmatic. To put it into a nutshell, let my briefly summarize the output for the first part of the second day sessions:

Public cloud, as we see it today, will considerably change its form during the next few years. Public cloud will spread from “public Internet” to the edge, on-premises, and eventually everywhere enabling so called “Distributed Cloud”.

Public cloud will not be just a technology disruptor anymore but will disrupt the businesses. This is due to the fact that competition and speed of innovation will eventually push Cloud hyperscalers to fight against commoditization. To meet the requirements of the speed of innovation, the abstraction level of public clouds will increase. This will mean that in the future the public cloud will be faster to configure (e.g. with Infrastructure as Code (IaC)) and they will provide “out-of-the-box” solutions for organizations in different industries.

Infrastructure as Code (IaC) based development and deployment will get closer and closer to the software development practises. This includes testing, versioning, releasing, orchestration and ways-of-working to name a few. Skills gap, however, prevents organizations to utilize the full potential of Infrastructure as Code (IaC).

First part of the second day (part 2) covered. Thanks for reading! I hope you got again new insights and ideas from this article. Next time I will go through the final part (part 3) of the blog series. Until then, bye!

Visiting Gartner IT IOCS conference (part 1/3)

Latest insights from Gartner IT Infrastructure, Operations & Cloud Strategies conference.

Kirjoittaja: Kimmo Kekkonen Product Development Lead

Greetings dear reader! It’s again the time of the year to travel to London to hear the latest insights from Gartner regarding IT Infrastructure, Operations and Cloud. What makes this journey exiting is that basically all conferences have been virtual or cancelled during the past few years since start of the Covid-19 pandemic. So, it’s time to pack the suitcase and head to London – physically!

The Gartner IT Symposium/Xpo has just been held in Barcelona. Few weeks after IT Symposium Gartner arranges a conference dedicated to IT infrastructure and Operations. This year conference carried the name Gartner IT Infrastructure, Operations & Cloud Strategies and it was arranged during 20th-21st November 2022.

Conference was held just next to O2 arena in InterContinental London – the O2. Place is easy to catch e.g. with an underground.

First registration and then to grab a cup of tea. While having a cup of tea and waiting for the Keynote to start, some autumn view from the window over Thames towards Canary Wharf.

Day 1 Agenda

Agenda that I build for the first day was as follows. Very interesting topics in the sessions, right?

  • Keynote: I&O Forward — Leading the Next Phase of Growth
  • Avoiding the Top Mistakes in Your Cloud Strategy
  • Leadership Vision for 2023: Infrastructure and Operations
  • Is Public Cloud Cheaper Than My Data Center?
  • How to Implement a Cloud Center of Excellence That Empowers, enables and Educates

In this article, I will summarize some main points per session from my point of view from each session. Let’s start.

Keynote: I&O Forward — Leading the Next Phase of Growth

First day started with Keynote with the topic of “I&O Forward — Leading the Next Phase of Growth”. The main message was that after the pandemic, world has changed and organizations need to rethink how they adapt to new normal to support next phase of growth. The solution was divided into four dimensions.

First, since digital pace of the organizations is increasing, it will set new requirements for collaboration between business and IT. The trend seems to be that technology skills are wanted more and more also outside of IT in the future. This trend will create a new type of a role in business called “Business Technologists”. They will utilize technology and work between business and IT. Digital business is a team work. These teams combining business and IT staff Gartner calls “Fusion teams”.

Second, in order to be fast and innovative, organizations must decrease complexity of platforms. To meet these needs, organizations will accelerate the adoption of intelligent automation and delivery of shared infrastructure platforms. Gartner calls this as a “platform engineering” approach. Yet another buzz word? Maybe – or maybe not. At least the focus of shared platform concept is nicely summarized: Stop focusing on tools – start building engines. As a side note, we have been helping our customer with similar approach using our Solita CloudBlox service offering. Additionally low-code/no-code was mentioned as one of the ways to increase pace and decrease time-to-market in digital development.

Third, for organizations to be competitive and attractive for new talent, they need to put focus on workforce reskilling and dynamic work management.

Finally, when all previous three themes are in place, organizations can establish “innovation engine”. This engine is powered by innovation labs that test and evaluate new technologies and opportunities. Then the best candidates will be further developed.

After the Keynote it was time to head to the first actual session.

Avoiding the Top Mistakes in Your Cloud Strategy

The session went through some key mistakes Gartner had found out organizations are doing when developing their Cloud strategies. The top 10 mistakes were:

  1. Assuming It’s an IT (Only) Strategy
  2. Not Having an Exit Strategy
  3. Combining or Confusing a Cloud Strategy With a Cloud Implementation Plan
  4. Believing It’s Too Late to Devise a Cloud Strategy
  5. Equating a Cloud Strategy With “We’re Moving Everything to the Cloud”
  6. Saying “Our Cloud Strategy Is Our Data Center Strategy” or “It’s All in or Nothing”
  7. Believing That an Executive Mandate Is a Strategy
  8. Believing That Being a Shop Means That Is the Cloud Strategy
  9. Outsourcing Development of Your Cloud Strategy
  10. Saying “Our Strategy Is Cloud First” Is The Entire Cloud Strategy

I have witnessed same kind of “mistakes” organizations easily fall-into. Therefore, we have developed Business Driven Cloud Strategy, to ensure Cloud strategies are developed business needs in mind. You can check e.g this Crash Course on Business driven cloud adoption for a reference.

Leadership Vision for 2023: Infrastructure and Operations

Next session discussed what IT Infrastructure and Operations leaders are facing in 2023 and beoynd. In summary, session provided answers to the following questions:

  1. Top challenges facing Infrastructure and Operations leaders?
  2. Major trends
  3. What actions leaders need to take?

First, what are the top challenges Infrastructure and Operations leaders are going to face? Insufficient skills is the no. 1 challenge based on Gartner’s survey. Overall, Infrastructure & Operations leaders needs to fix the core capabilities of their units first. Then the next step is to reinvent Infrastructure & Operations, which means e.g. increase customer approach and change in culture and structures.

Second, what are the major trends Infrastructure and Operations leaders need to take into account? First of all, FTE increase was expected in Infrastructure and Operations in the next 12 months. Skill trends will be in understanding business, team collaboration, willingess to embrace change. Not forgetting more technical skills like automation, cloud, monitoring and platform operations skills. Top 3 skills Infrastructure and Operations will be investing: 1) Cloud, 2) Automation and 3) Advanced Analytics.

Third, what are the actions Infrastructure and Operations leaders need to take? Three actions were highlighted: 1) sense, respond and anticipate new business needs. Not an easy task, right? 2) Retain talent by focusing on e.g. in work-life balance. 3) Mature automation in Infrastructure and Operations to unlock innovation in the organization.

Next it was time for a lunch in exhibition area. Plenty of exhibitors were present.

Is Public Cloud Cheaper Than My Data Center?

After the lunch and exhibition area roundtrip, it was time to get back to the sessions. Have you heard debates wheter cloud is cheaper than data center? Yes, I thought so. So, next let’s take a look what I learned from this session.

Comparing cloud and on-premises/data center is not that straightforward task. There are many aspects you can neglect to get cloud or on-premises look more attractive. Instead, focus should in benefits, not only in costs. However, to calculate TCO one needs to calculate it e.g. for a five year period to capture all qualitative benefits and ROI figures. The final conclusion was that cloud brings cost savings compared to on-premises but it takes time, effort and skills to realize them. Therefore, a partner like Solita who manages digital business scene from strategy and design to creating digital services and managing and operating them, can help you succeed in your cloud journey!

Next it was a time for the the final session of the day.

How to Implement a Cloud Center of Excellence That Empowers, Enables and Educates

Last but not least, interesting topic about Cloud Center of Excellence (CCOE) and its latest trends. As a side note, we have run CCOEs together with our customers for years. We also included CCOE as a module into our Solita CloudBlox services to support our customers to succeed in their cloud adoption journeys. So, it’s interesting to see if something new can be adopted based on the session.

Cloud Center of Excellence (CCOE) is at the heart of Cloud Operating model, meaning that it plays a central role between steering and daily operations. I think the illustration of CCOE was now much more understandable in the organization context than previously. It highlighted CCOE key role as a enabler in “Cloud Enterprise Architecture” module. CCOE will co-operate with different councils, cloud community of practise, admin and support and cloud implementation side. 

It was also highlighted that CCOE is a temporary function in organization. The main driver for CCOE is to empower and enable the rest of the organization by spreading the cloud knowhow. Once organization is mature enough, a dedicated CCOE can be phased out and be absorbed to Enterprise Archictecture (EA) function or other architecture functions. How long is then temporary? I haven’t yet seen phased out CCOEs but I would assume it’s somewhere between 5-10 years. It depends heavily on how organization is able to adopt cloud knowhow widely. 

Final words

So, that was the first day. Full of interesting topics, lots of information, and great speakers! To put it into a nutshell, let my briefly summarize the output from the sessions:

Business units are more and more increasing their technology understanding as “technology users” that are able to utilize tech already themselves.

IT units need to increase collaboration with business and increase their understanding of the business.

Organizations have insufficient skills currently while they also need to increase the amount of workforce who will focus on the utilization of the technology. This sets new demands for recruiting talent and keeping them inhouse.

There is a big opportunity for organizations to modernize their business with public clouds. However, to be successful it requires a lot of skills and competence accross the organization. Therefore partnering with trusted technology, strategy and design provider will bring advantage to the cloud adoption journey.

Finally it’s time to grab some drinks and food in the networking dinner with other conference peers. Then time for a little rest and preparing for the day 2. Thanks for reading, I hope you enjoyed!