The focus of cloud operations, or cloudops, should be to create processes, approaches, and tool stacks that will allow you to run cloud-based systems long term, with no outages and a high degree of business satisfaction. Your ability to serve the business should be your number one objective.
Take a large Global 2000 company that has migrated more than a thousand workloads to the cloud. This included lifting and shifting half of them, using containers for about 25 percent of the workloads, and significantly refactoring the rest to become cloud native.
Now the company is turning all of it over to the new cloudops organization. After spending months of planning what needed to be done, the tools required, and the skills needed through either training or hiring, nothing was overlooked, right? Wrong.
Here are two common issues I’m finding with enterprise cloudops planning:
First, there is little thinking around the scalability of cloudops. The common mistake is leveraging too many native monitoring and management tools. Indeed, new cloudops organizations never meet a tool they did not like.
Although it makes sense to use one tool to manage and monitor AWS, another for Microsoft, and still another for Google, you’ll find that approach is complex and inefficient. When you add more public clouds and more cloud services such as compute, storage, and databases, things become so unwieldy that the cloudops team won’t be able to scale without many more resources. Better to plan common management layers and common tooling.
Second, lack of security operations, or secops, planning altogether. The common mistake is not to include security in operations at all, and leave a dangerous gap between those who run security systems longer term and core operations.
You cannot do both separately. Indeed, common directory services that drive identity management need to be stood up and maintained. This spans core security as well as other operational activities such as management and monitoring.
Security is often thought of as a different task, team, and tools, but the emerging best practices in cloudops and secops are to keep those teams, tools, and services tightly coupled.
So, what are you missing? Chances are it’s something important. Let’s spend some time understanding cloudops and emerging best practices.