Cloud sandboxing for DevOps: What you need to know
Sandboxes provide environments for developers and testers to reproduce even the most complex infrastructures, from data centers to public and hybrid clouds.
Sandboxes allow ITOps and dev/test teams to create personalized replicas of production environments with self-service, on-demand environments that can quickly allow even the most complex environments to be created, modeled, orchestrated and deployed -- from physical patch panels to distributed applications. This can rapidly speed up release cycles while drastically lowering cost and reducing risk.
Technology brings forth a constant tenor of cultural change and is central to most businesses regardless of the industry they are operating in. Non-technologists from different professions including construction, manufacturing, healthcare or government use software and technology to increase their productivity, sometimes without a conscious effort. Drones are being deployed to survey remote sites and map data. Self-driving cars are ready to become a reality. Financial services institutions are at the leading edge of technology adoption to differentiate their offerings in a digital world.
The pace at which technology has changed has impacted popular culture and practices in waves across different industry verticals and geographies. We also see technology allowing humans to automate a lot of the mundane tasks, allowing them to focus on higher value activities. This will cause a greater shift as the industry matures in bringing together automation, artificial intelligence (AI) and machine learning. It should create newer opportunities for learning and skill augmentation.
In layman’s terms, DevOps is about engineering organizations being able to move fast with the right controls in place. Practically, DevOps is a new cultural, process and organizational shift we’re seeing in agile IT organizations that allows them to bring together the best of faster innovation cycles with the ability to have operational process, governance and analytics tied around it. It would bring agility with control, especially as many IT organizations are being challenged by their business leaders to move faster and to do more with less.
Done right, it should help bring together organizational silos to produce innovations at a faster pace with lower risk and higher quality. It is most pertinent to development processes now, but could very easily be applied to non-IT domains.
DevOps done right provides a platform for fast IT without it becoming reckless IT. Organizations flex their innovation muscles better with a disciplined approach to DevOps. With infrastructure being treated as code, it is easy to choose open source toolsets and customize, or be able to allow open interfaces to established commercial tools and start the DevOps journey.
With some training, the DevOps talent can drive rapid releases with continuous integration, testing and delivery (CI/CT/CD) with structured baton passing across the development, test, and operations teams. Since "automate-first" is the bedrock of DevOps, it can accelerate time to market and provide a competitive advantage in business situations while lowering both risk and cost.
For most IT organizations the key question about DevOps is "How much will it cost?". The costs can vary, but roughly map to the "four Ts" -- tools, talent, training and time. Embracing DevOps concepts requires time investment, the ability to have a top-down and bottom-up structure across the organization to support it, and the willingness to automate what is possible to free up human resources to be more productive. DevOps resources can be expensive and more so if they’re not efficiently used. The costs in tools and training are higher at first, but gradually taper off as the ROI is realized. Tool choices are important to avoid a tool sprawl that can drive operational complexity.
Leveraging sandboxes to replicate production environments can be a great cost-saver in the context of DevOps and BizOps processes. That said, no tool can offset costs if the culture is not set in place to foster it.
Concerns with DevOps
As with any process, there are financial, legal and security concerns with DevOps processes as well. It should be no different from anything else. I’ve seen some interesting nuances around DevOps and open source.
There’s a perception that open source is free. However, working with different open source tools on a project basis can increase the operational cost and complexity at times, especially given that DevOps resources are expensive and some are brought in on a per-project basis and don’t have the proper context or continuity. Legally, working with open source means adhering to the proper community laws and respecting IP where required. Security can sometimes be an afterthought, especially in DevOps environments, so there needs to be specialized oversight to ensure that nothing’s slipping between the cracks.
Becoming a DevOps Leader
A lot of success in a DevOps environment is a derivative of how much effort goes in and to what degree automation can be baked in. Knowledge and best-practice sharing is quite vital to avoid complexity later on. It is important to try new things and set up a culture where it is okay for some things to fail. The willingness to experiment is a necessity. "Fail fast" is a key tenet of this culture, where the onus is on trying something new to raise the bar, recognizing failure quickly, and applying the learnings from the failure to a new effort to maximize the chance of success.
Overall, embracing the philosophy of DevOps internally and externally in an authentic manner is a good measure of demonstrating leadership. It helps to have an executive sponsor and a DevOps champion work in tandem. This will in turn translate into business success and operational excellence. Finally, trust is an important aspect. Teams need to trust one another and not think in terms of silos and be supportive of each other.
Cloud Sandboxes and How Can They Help Developers
Sandboxes are self-contained infrastructure environments that can be configured to exactly mimic the final live deployment environment. Think of them as containers, but more flexible as they can model infrastructure and applications.
Cloud sandboxes enable each software developer and tester to have their own personal replica of the production infrastructure environment, from physical and virtual machines and networks to applications and cloud interfaces. DevTest and Ops can deploy cloud sandboxes to build and test new applications, stage them and then just take down the virtual sandbox environment when the task is completed. This allows releases to move faster while decreasing risk, cost and complexity.
IT Ops teams also get the benefit of ensuring smooth governance as they can create blueprints of these environments, set usage policies and derive business and operational metrics.
Sandboxes can be an integral tool in a DevOps strategy for continuous iteration, encompassing the CI/CD phases as we know. We often refer this to as the CI/CT/CD phase, to ensure that continuous testing is not an afterthought. Continuous iteration today has some challenges. These include fragmented toolsets, elongation of test cycles, lack of end-to-end automation, etc. The result is that only about 17 percent of IT organizations can call themselves high-performing and keep pace with business needs.
By being able to invoke sandboxes in different stages of the CI/CD lifecycle and offering up standardized environments, the automation becomes much easier. Then it is a question of choosing the right deployment path -- whether it be into a container, a private cloud or a public cloud environment. Continuous sandboxes allow users to discover which settings or configurations would cause the software to break when it goes into live production, without any of the associated downtime or costs. This can drastically reduce re-work required by 30 to 40 percent, improving productivity.
With the pace of change increasing, the engineering leaders are being increasingly asked to manage change and to do more with less. So they are challenged to move fast, while looking at resource efficiency and use. Empowering developers and testers is therefore extremely important to minimize hurdles for innovation.
These innovators can leverage the power of cloud sandboxes consumed-as-a-service during the dev/test/staging and even production phases to model complex environments, evaluate dependencies and better understand how new apps will impact the infrastructure, including identifying where any network breakdowns may occur.
By combining cloud sandboxes with tools for automation, security testing can be built directly into the automation loop to enable continuous deployment. This level of security is necessary for DevOps to succeed, especially in such highly regulated industries as banking, financial services and healthcare.
Shashi Kiran, chief marketing officer at Quali.
Published under license from ITProPortal.com, a Future plc Publication. All rights reserved.