Welcome to the Art of Modern Ops - a podcast series on modernizing cloud infrastructure; hosted by Cornelia Davis, Weaveworks CTO, and author of the book Cloud Native Patterns. Through a series of interviews with both visionaries and practitioners, she discusses hands-on use cases with those who have completed the digital transformation and others still in transition. https://www.weave.works
The Art of Modern Ops: Authorize better with OPA - security policy as code
In this episode of the Art of Modern Ops, Cornelia interviews Gareth Rushgrove, VP of Product at Snyk, in Cambridge, England. Together, they talk Kubernetes, GitOps and policy – focusing on Open Policy Agent (OPA) a recently graduated project in the CNCF.
With a background including stints at Docker and Puppet as well as the UK Government Digital Service, Gareth specializes in application development security tools, including OPA. As Gareth explains in this episode, OPA is important because it provides an essential function: the ability to define and enforce a single set of policies and manage them all through a single interface, rather than using different languages, models, and APIs for different tools, across your organization.
OpenGitOps - The Vendor-Neutral GitOps Project
Weaveworks CTO Cornelia Davis leads an insightful and very lively discussion with some of the founding members and active contributors of the GitOps Working Group (GWG). The focus of the GWG, a working group under the CNCF App Delivery SIG, is to clearly define a vendor-neutral, principle-led meaning of GitOps. The goal however is to express a foundation for interoperability between tools, conformance, and certification.
All of our 6 podcast guests have extensive working knowledge of GitOps, from the way it came into being to the way their customers are putting it to work today:
Brice Fernandes, Senior Solutions Architect, WeaveworksChristian Hernandez, Senior Principal Technical Marketing Manager, Red HatChris Patterson, Staff Product Manager, GitHubChris Sanders, Program Manager, MicrosoftDan Garfield, Chief Open Source Officer, CodeFreshJesse Butler, Senior Developer Advocate, Kubernetes team AWSTalking points range from defining GitOps to what its underlying principles are and why we are seeing a steadily growing number of practitioners.
Delivery engineering = GitOps at State Farm
As the owner of the GitOps Platform team, Mae Large is responsible for “delivery engineering”. She explains that delivery engineering is about enabling every product team to deploy changes to platforms in a simple, compliant, and repeatable manner - a very succinct explanation of the term "GitOps".
"Our goal is to give every product team the ability to deploy their changes to our modern strategic platforms in a simple, compliant and repeatable manner."
They achieved their primary goal to improve the developer experience by enabling a self-service developer platform. The job of the GitOps platform team in this case is to enforce compliance while giving more power to developers. This is a challenging balance to walk, but Large and her team at State Farm have found a way to achieve this balance.
How the Service Mesh became a Service Mess
The nature of technology is to continuously evolve. Each iteration draws on learnings and mistakes of the past. As we move past the cusp of change from monolithic infrastructures to cloud based microservices we are experiencing an evolution of the tooling and monitoring of our applications. We knew how to monitor our servers, network devices and our applications running on our systems, however the shift to microservices required a new infrastructure and with that new ways to automate and monitor it.
In the early days at Twitter, William Morgan, worked heavily on their in house tools to monitor their transformation to a microservices infrastructure. One critical tool, called Finagle, was eventually open sourced and became the basis for Linkerd which William and co-founder Oliver Gould eventually dubbed a “Service Mesh”.
Linkerd is reminiscent of a monitoring system developed at CloudFoundry leveraging some of Netflix OSS releases as well as the Spring Framework. Without out of the box tools, innovators built what they needed without knowing it was a service mesh.
Now with the widespread adoption of service meshes to manage microservices infrastructures, Buoyant has watched Linkerd adoption skyrocket among organizations adopting cloud native technology such as Kubernetes. (Here is an excellent article by William explaining what every Software Engineer needs to know about service meshes.)
Tune in for a brilliant discussion on the origins of service mesh, its ecosystem and why it’s important for Kubernetes centric infrastructures today.
DevOps Foundations and Future
In this episode of the Art of Modern Ops, Cornelia Davis and Wall Street Journal bestselling author, Gene Kim discuss the ways of working with DevOps as portrayed in Gene’s ground breaking books on DevOps.
In “The Phoenix Project” Gene describes how the 3 ways: Flow (System Thinking), Feedback and Continual Experimentation and learning, help the operations teams during their digital transformation. Although DevOps starts with development, we hear Gene discuss his thought process around why Phoenix Project revolves around Operations.
In the follow up “The Unicorn Project”, we view the same problem from the lens of the Developer who uses the 5 ideals: locality / simplicity, focus / flow / joy, improvement of daily work, psychological safety and customer focus during their digital transformation. Here, Gene circles back to his roots as a developer to bring to light key elements of successful development. Cornelia and Gene riff on how the teamwork between Dev and Ops is crucial to winning the game.
Gene Kim “All the hopes dreams and aspirations of the organization, as people think about digital transformation, will be done through the act of development.[...].So much of infrastructure and operations are really now in service of elevating developer productivity”
Tech as Fashion: Do tools drive developer cultural change?
Listen to the rest of the episode as Cornelia and James drill down on choosing technologies, testing in production and progressive delivery.