Taking the pulse of DevOps: “Kubernetes has won the orchestration war”
Should you pay more attention to security when drafting your DevOps approach? Is there a skills shortage in the DevOps space? Will containers-as-a-service become a thing in 2018? We talked with Nicki Watt, CTO at OpenCredo about all this and more.
JAXenter: What are your DevOps predictions for 2018? What should we pay attention to?
Nicki Watt: The increasing adoption of complex distributed systems, underpinned by microservices and serverless architectures is resulting in systems with more unpredictable outcomes. I believe the next wave of DevOps practices and tooling will look to address these challenges by focusing on reliability, as well as gaining more intelligent, runtime insight. I see disciplines like Chaos Engineering, and toolchains optimized for runtime Observability becoming more prevalent.
I also believe there is a very real skills shortage in the DevOps space. This will increasingly incentivize organizations to offload their “DevOps” responsibility to commoditized offerings in the cloud. For example, migrating from bespoke, in-house Kubernetes clusters to a PaaS offering from cloud vendors (e.g. EKS, GKE, AKS).
JAXenter: What makes a good DevOps practitioner?
Nicki Watt: Let’s be honest, technical competence is a key factor. To be truly effective, however, you need a combination of technical competence and human empathy. Being able to appreciate the fundamental technical and human concerns of your colleagues goes a long way in helping you to become a key part of a team that can drive and deliver change.
I believe there is a very real skills shortage in the DevOps space.
JAXenter: Will DevOps stay as it is now or is there a chance that we’ll be calling it DevSecOps from now on?
Nicki Watt: I have always seen security as a core component of any DevOps initiative. As security tools and processes become more API driven and automation friendly, we will begin to see more aspects being incorporated into pipelines and processes. Whatever we call it, as long as we build security in from the beginning, that’s all that matters!
JAXenter: Do you think more organizations will move their business to the cloud in 2018?
Nicki Watt: Yes, for a few of reasons, but I shall elaborate on just two.
Security concerns have been a significant factor holding organizations back from adopting the cloud, but this is changing. Education, as well as active steps taken by cloud vendors to address security concerns, have allowed previously security wary organizations to be enticed into action. Additionally, I believe hearing cloud success stories from traditional enterprises (at conferences etc.) acts to remove barriers. It emboldens others in similar situations to (re)consider what benefits it may bring them.
The ability to innovate, experiment and scale quickly is something which the cloud excels at. Whilst running production workloads may still be a step too far for some organizations, many are prepared to start using the cloud for experimentation, and dev/test workloads. As more familiarity and experience is gained, production workloads, in time, will also be conquered.
I have always seen security as a core component of any DevOps initiative.
JAXenter: Will containers-as-a-service become a thing in 2018? What platform should we keep an eye on?
Nicki Watt: I believe so. Managing complex distributed systems is hard. The shortage of good skills, and desire to focus available engineering effort on adding genuine business value, makes CaaS a good option for many organizations.
The key differentiator between CaaS platforms is the orchestration layer and herein lays the choice. In my opinion, all other things considered equal, Kubernetes has won the orchestration war. As part of the CNCF — and backed by a myriad of impressive organizations —, the Kubernetes platform provides a consistent, open, vendor-neutral way to manage & run your workloads. It is also available in various CaaS forms from the major cloud vendors now.
JAXenter: Is Java ideal for microservices developments? Should companies continue to invest resources in this direction?
Nicki Watt: Absolutely, no, maybe … it depends. Any technology choice involves tradeoffs and the language you choose to write your microservices in is no different. One of the benefits of microservices is that you should be able to mix and match. Whatever is most appropriate, and I don’t see why Java should not be in the mix.
In its favor, Java has a large ecosystem of supporting tools and frameworks out there, including those supporting microservice architectures (SpringBoot, DropWizard etc). Recruitment wise, Java developers are also far easier to get hold of. It is not however without its critics; too verbose, too slow & heavy on resources, especially for short-running processes. In these cases, maybe an alternative would be better.
The question for me is, what are you optimizing for? Are you planning on running 100’s of microservices or 10’s? Are you latency, memory or process startup sensitive? What does your workforce and current skill base look like? And a crucial one, especially for enterprises, what freedom are you willing, or not, to give development teams? The answer lies in the grey intersection of the response to questions such as these.
JAXenter: Containers (and orchestration tools) are all the rage right now. Will general interest in containers grow this year?
I still observe that people have a hope that serverless will usher in a “NoOps” era.
Nicki Watt: Yes I think so. Containers offer a great simplified packaging and deployment strategy and whilst serverless is also on the charge, I see interest in containers continuing.
In terms of handling older applications, not everything has to be implemented in containers; this depends on business objectives and requirements. Sometimes a complete rewrite is required but progression along slightly gentler evolutionary tracks is also a good option.
For example: carve monolithic applications up, implementing only the parts in new tech where it makes sense. Alternatively, merely being able to get out of a data center and into the cloud, even on VM’s as a first pass, could yield great business returns too.
JAXenter: What challenges should Kubernetes address in 2018?
Nicki Watt: As Kubernetes-based CaaS offers increase, it would be nice to see the community concentrating on how the security of the cloud providers is better integrated and offered through the Kubernetes platform.
JAXenter: How will serverless change in 2018? Will it have an impact on DevOps?
Nicki Watt: Adoption-wise serverless is still pretty new, so it’s early days to make strong predictions. One obvious way I see it evolving is by supporting broader language and option support. e.g. as already seen by AWS Lambda support for Golang.
I still observe that people have a hope that serverless will usher in a “NoOps” era — i.e. one where they don’t have to worry about operations at all — it will magically happen! The reality is that people land up acquiring an “AlternativeOps” model. Serverless can magnify many distributed system challenges; for example, there tend to be more processes than say, compared to a microservices architecture. They also often have a temporal (limited time to run) angle to them. Whilst there may be less low-level config going on, there will be more at the API, interprocess and runtime inspection level (logging, tracing and debugging). I believe more DevOps processes and tooling will need to focus on providing cohesive intelligence and insight into the runtime aspects of such systems.
JAXenter: Will serverless be seen as a competitor to container-based cloud infrastructure or will they somehow go hand in hand?
Nicki Watt: I see them more as options in your architectural toolbox. Each offers a very different architectural approach and style, and have different trade-offs. Sometimes all you will need is a hammer. Other times, a quick-fire nail gun, other times a bit of both.
Context is always key and your resulting architecture should evolve based on questions like Do you need long-running processes? Are you latency and/or cost sensitive? Is this an event-driven system? etc.
Architectures also change and evolve. The only approach I would definitely not recommend is one where a decision to go in some direction is made up front, at a high level, without considering context.
JAXenter: Could you offer us some tips & tricks that you discovered this year and decided to stick to?
Nicki Watt: More a principle than tip or trick per se but one I feel more strongly about as time goes on: “Invest your engineering effort in what matters most and adds value, offload the rest”.
Choose to concentrate your engineering resources on work which actually adds business value. Where someone else (cloud provider or SaaS) have competently demonstrated the ability to manage and run complex supporting infrastructure type of resources, and it fits (or you can adjust to make it fit) your requirements, let them do it.
A specific simple example, in this case, is using something like AWS RDS instead of running your own HA RDBMS setup on VMs, but there are many more (K8S clusters, observability platforms etc.). In my opinion, this approach saves time and effort and gives you (and your investors) more bang for your buck than trying to do it yourself.
Thank you very much!