How to make sure your Cloud is balanced, healthy to your company bottom line and friendly to your staff
Cloud computing offers a huge opportunity to transform your company offering considerable business agility, service improvements and cost efficiencies.
However, none of the above comes for free: you do need to craft a sound strategy and execute it well, keep costs under control and address the disruption killers. But most importantly, you need to invest into transforming people’s attitudes and ways of working.
Focusing solely on the technology without dedicating a significant amount of time and resources on organizational change and process reengineering can lead to negligible improvements.
In this post I will go through some of the ideas I’m most familiar with — it is really meant to be an introduction, call it a conversation starter.
In fact, it is not covering every problem and every solution out there: there are excellent deeper articles on the execution of cloud transformation. And a lot of experts around.
Enough disclaiming. Let’s start.
- Enforcing a cloud strategy
And a vision. Whatever that vision may be, you need to have a strategy for your journey. Everyone’s journey is different, and also the starting point and the ending point may differ significantly.
There is no perfect recipe, but some ingredients are the base of any great dish. The following is by no means an exhaustive list, but can be used to sanity check your own journey towards an optimised cloud strategy:
People, people, people. And a cloud operational model. And a cloud guardian team.
The best place to start in the cloud journey is by first looking at your people.
Building and running applications and services in the cloud changes roles and responsibilities for many people across many different teams. Security and operations must get more involved earlier in the systems development life cycle. Development must assume more ownership of running their code. Ownership of certain tasks may move from one team to another. Some roles may go away, while new roles may be required. New skills will be required and a new operational model around cloud based applications will need to be established.
The agility that the cloud brings cannot be fully achieved if you do not change the way in which things are done. And to do that you need to establish a movement within your company, so that everybody understands the value and the changes that the cloud brings, and actively participates in making them happen: for example, since the cloud enables everybody in your company to spin up workloads at the click of the mouse and with a credit card, then everybody must understand how to keep costs and usage under control.
Seed good messages, evangelize the new way. After all, a line with the word “cloud” on everybody’s CV can only be a good reference for the future.
Create new roles and a team of excellence to coordinate all efforts.
One of the first focus areas should be an assessment of your application estate in order to classify them.
There are many criteria for doing this, one good model being the 6R model from AWS , which can be summarized as follows:
1. Cloud applications — the three main categories being:
i. Lift-and-shift, representing the bulk of enterprise workloads. This is typically about moving a workload to a cloud infrastructure, with minimal saving, but forcing teams to develop cloud skills.
ii. Re-platforming, which really means applications adapted to use some cloud technologies and techniques.
iii. Cloud-native, mostly workloads born in the cloud and exploiting all advantages of cloud. Very uncommon in the enterprise, yet the target category for most of them.
2. Repurchasing applications — where you run the SaaS applications available from a cloud provider.
3. Applications that can’t cost-effectively run on a cloud, whether for prohibitive refactoring costs or specialty requirements such as latency that a cloud provider can’t satisfy, but can still find a new home at a managed service provider or a colocation provider.
4. On-premises applications that can’t readily be moved even to a hosted platform and need to stay in the company’s own data centre. The number of such applications may become zero over time as they get retired, but this may not happen right away.
Plan to move as much applications as you can to the first and second tier, so to unlock the full potential of the cloud. Create an application portfolio roadmap across multiple domains and business functions and take a Minimal Viable Cloud (MVC) approach to get to the cloud quickly, one workload at a time. The MVC approach focuses on smaller, manageable projects that show business value sooner, while allowing your teams to learn and improve their cloud skills along the way.
Assess your fixed assets and your data centre life cycle.
Depending on where you are in your own on-premises data centre lifecycle, you can determine which assets are at a good spot in their lifecycle to phase out or upgrade. Investing money to move an application to the cloud today, whilst you still need to continue to pay the infrastructure it used to run for the next three years may not be the best strategy.
Meticulously define your security needs.
To address issues and questions around security, you need to know exactly what kind of security you need for each service. The best practice is to establish security policies for each application. Such policies then become requirements as you seek a cloud provider and make other critical decisions. You’ll want to know your provider’s security measures, as well — in the data centre itself, in the network and on the application level.
Be acquainted with your cloud provider.
Your cloud provider is not just another IT vendor. Whatever organisation you entrust with your important data and integral cloud services needs to have the entirety of your confidence. So, it’s important to learn all you can about the provider: the physical data centre, the network connecting to its data centres, certifications, best practises, lock-out options.
Make it hybrid cloud. And multi cloud. And no cloud.
Customers experiment with multiple clouds nowadays. And they even use multiple clouds in their production environments.
Diversifying into a multi-cloud strategy enables teams to access specialized capabilities available from different providers. Considering the hybrid option is also important, so that critical applications which access in-house bespoke systems can leverage security and latency environments that complement the service offering.
The shift to multiple cloud adoption for supporting IaaS, PaaS and SaaS capabilities requires additional operational burden and skill set requirements and is a critical milestone that an organization must evaluate, plan for and ensure it can sustain.
Ironically, the no-cloud option is an important component to your cloud computing strategy as well: applications you can’t move to the cloud will still need to have a roof, although that means that you will need to keep your data centre — hopefully continuously shrinking, so that there is no delay or reduction to the tremendous advantages of moving the rest of your applications to the cloud.
Cloud introduces a new dynamic for vendor management: many cloud providers will offer discounts and credits tied to the level of spend on their platform. By choosing a strategy with multiple clouds, you risk splitting the credits or losing them entirely. Spend must be evaluated against the cumulative IT capacity needs, to ensure that any credit or discount can be valuable to the business.
In addition to vendor management for platforms, many cloud implementations require using new third-party tools and services specifically developed for cloud environments. These should be preferred compared to re-engineered tools as not only the technology could be quite different, but also the way they are themselves developed and distributed could be paramount to enable the same agile and DevOps principles they are trying to facilitate.
Institute a Cloud Centre of Excellence to oversee all of the above, so that all efforts can be coordinated and optimised across different teams and departments: businesses that don’t have a recipe shared at all levels of their organisation, may find themselves hopelessly trying to keep up with the rapidly evolving requirements of the cloud world.
And as in any good recipe, there’s always space for improvement. So, evaluate positive and negative effects and learnings, and use them to regularly update your strategy to make sure it maximizes the advantages of the cloud.
- Keeping costs under control
In order to realize a good cloud, you need to unlock the advantages of its pay-per-use cost model.
Firstly, you need to understand cloud costs. This is a complicated business: cloud applications typically consume a variety of services, each measured and billed in different ways.
Originally, several third-party vendors tried to address this complexity by providing advanced reporting and cost attribution tools and techniques. Only recently, the leading cloud providers improved their capabilities, leading to consolidation in the cloud cost management market including acquisitions and expanded native functionalities.
However, in the meantime pricing points and rules proliferated, custom pricing, discounts, credits were added to the picture but not taken into account and amortisation of RI pre-payments to show an accrual-based view of spending was ignored to the point that only specialized tools could truly address the so called “True Cost”.
Today cloud providers provide good table stakes tooling in these areas which are a great place to start if you’re spending less than — say — 75k/mo. Beyond that, the native tools still don’t provide the allocation or flexibility that enterprises need.
To solve their needs, companies go to market with specialized tool vendors. Recently, I stumbled upon Cloudability, which on top of being one of the leading, easy-to-use tools in this area, has a very useful resources section.
The next step after cloud cost visibility is cloud cost optimisation — ensuring that your enterprise pays the lowest price for the same level of cloud service.
Keep in mind that the new world is truly very different from the old one.
Today most traditional enterprises have very low hardware utilization because of the excess capacity required to handle peak demands. As such, many companies carry up to 5 times the required hardware, networking, and data centre space during nominal business cycles. When demand spikes, they are well equipped to sustain that.
Cloud breaks all this: there is no need to purchase hardware and space upfront, as users can simply require and get resources dynamically, on the fly. And they are infinite.
This new way of doing things, however, can lead to overuse and overspending if the right culture of usage and cost management is not embedded at all levels of the organization. It’s exactly what many say about turning IT into a utility model: you pay as long as you use, but as a responsible person when you are not home you turn the electricity off.
A shared cost management culture is all about making informed decisions with the power of data and knowledge, avoiding surprises because expectation and rules are known and especially being able to manage consumption and plan resources upfront rather than in catch-up mode.
To achieve the above, three factors are of paramount importance:
1. Share and seed the cost management culture at all levels and make sure they all agree on the same rules and expectations: from engineers to executives.
2. Data, data, data: know what your resource usage is and make a lot of analysis of past and future trends.
3. Create a Cloud Economist role, so that all efforts on cost optimisation can be coordinated and optimised across all business lines.
Understanding the cloud way
The new cloud paradigm influences how deployment and operations are done, which in turn has obvious effects on cost: even the basic principle of infinite resource availability could tempt your people to over usage. Your people were used to buy more resources upfront to manage peaks, but now this is not necessary anymore: it can be done in real-time.
There’s quite some new dynamics that can be introduced with the cloud and these need to be carefully considered:
Workout your potential overspending upfront. Auto-scaling is a way to automatically and dynamically scale up or down the number of resources that are being allocated to your application based on demand. Ignoring proper boundaries and limits can quickly add up and make costs uncontrollable.
2. Use only what you need
Since you pay for what you actually use, it is important that you do not pay for idle time: if your R&D department, for example, keeps many compute resources dormant during the night or the weekend, this does not mean that billing is also going to be in the same state.
Basically, unattended pay per use can add up to the cost. And in a big way.
Cracking cloud costs and optimising usage
Cloud cost is mainly composed of two factors — usage and rate. Minimize them both and you get the maximum gain.
So how do you practically master cloud costs then?
First and foremost — gain visibility of your cloud costs along with the costs that your provider is advertising:
· Turn your understanding from monthly to daily, so to avoid bitter situations at the end of the month.
I had once this customer that released a new version of their service and because of a bug, some newly released code would spin off duplicated requests for a high computational job.
Naturally, nobody realized that until the next monthly bill was twentyfold the one of the month before. Not a news to share comfortably with the executives.
· Separate cloud spending among different accounts: these could be assigned by products, or teams, or business areas, or even subsidiaries. Regardless of the criteria, it is good to separate things out as it helps diving into the details.
· Build a cost allocation strategy and socialize it to all levels of the company.
· Create a tagging taxonomy and implement it throughout all your workloads consistently. This will drive deeper classification and enable more elaborate saving techniques eventually.
Once you know what you are spending, it’s time to turn the focus on optimisation:
· Use a combination of account segregation and as many tags as possible to track usage, understand dynamics and gain insights on how your company uses resources.
· Look for underutilised resources and aggregate them together, where possible. Look at optimising instance families.
· Spin down unused resources during off hour. Nobody wants to pay for a bulb in a closet, brightening folders during the night.
· Develop a formal plan for your reserved and spot instances. These go a bit against the pay per use model, but unlock some significant savings. Some vertical skills are needed to optimise this, and these are generally inspired by the following sound principles:
o Regularly identify needs and create a purchase plan
o Make sure you re-use already purchased RIs, first expiring soon.
o Reserved instances can be bought for specific service regions, not necessarily Availability Zones only.
o Do not over engineer your spend plan: start small, then capitalise on the learnings
Cloud agility is the ability to rapidly change an IT infrastructure in order to adapt to the evolving needs of the business. This is becoming increasingly important in today’s disruptive markets and in the way services evolve and are made available to consumers and businesses.
As we said before, utilisation has a direct influence on costs. However, closely associated with utilisation is business agility. Traditionally, high utilization reduces IT spend, but limits agility and negatively impacts innovation and business growth. Conversely, the cloud can provide significant savings and nearly infinite agility. The value of this agility is challenging to calculate so we tend to ignore it. That is a big mistake.
The business value of cloud is more about agility and utilization than any other cost consideration. Consider that the cloud provides you with the ability to provision and de-provision nearly unlimited resources as needed with complete control. This provides significant cost advantages and even greater value in the ability to quickly solve business problems without waiting for software and hardware procurement and installation. With the cloud, businesses can enter into new markets, accommodate new customers, avoid compliance penalties, or just move fast when they need to move fast, all while concurrently maintaining fully-utilized hardware and networking resources.
Cloud agility provides a huge strategic advantage and significantly increases a business’ chance of long-term survival.
Agility will depend on number of times that the business reinvents itself to adapt to market demands and the amount of money made as a direct result of changing the business.
Also, consider how different individuals at the same company view the benefits of agility: your perspective as a CIO will vary widely compared to how a Head of Infrastructure or Head of Engineering values their organization’s ability to change. Keep in mind that usually most successful companies are the ones that align on the strategic perspective generally in line with how CIOs view their organization’s ability to change.
Finally, do not forget that what’s more difficult to quantify is the value of countless ideas and projects that are started, only to be placed lower on the priority list because by the time the resources are provisioned, other initiatives have taken priority.
With the agility of the cloud, projects can be conceived, provisioned, and deployed within hours, allowing for real-time planning and execution. And this can not only be a recipe for survival, but a way to consistently being entitled to beat the competition.
( _Tweet me_ )
- Addressing the disruption killers
There are several factors threatening cloud adoption and change. These need to be considered thoroughly and appropriate actions need to be put in place well upfront in the process:
Good old company politics comes in many flavours. Sometimes there is disagreement within teams or individuals — some drive cloud adoption, whilst some others run the data centre. Some drive cloud native application deployment, whilst some others defensively resist application re-factoring.
A Cloud Centre of Excellence or a Cloud Advocate is needed to drive the agenda and resolve conflicts. These need blessing from above and from the organization overall: the journey to cloud adds business value and all anti-cloud myths should clear up early in the process.
While these days enterprises are migrating applications and data to the cloud with no hesitation, security remains a serious concern. Although as of today there’s been no serious breach in any of the hyperscalers, compared to the many security breaches of private companies, probably this false myth remains because effectively security teams lose overall control.
In fact public cloud providers adopt a shared security model, where the provider has the responsibility of the security OF the cloud, and your security team takes the responsibility of the security IN the cloud.
However, this is a weak argument: again it’s all about upskilling security teams and creating new policies, so conflicts can be kept at a minimum, and the the speed of cloud adoption is not decreased.
Watch out when any time a large enterprise suffers a breach of any kind, the security fear reaches public cloud initiatives, even though that is exactly the point: it all started and developed outside of the cloud world.
Distrust people in your organization that may favour historical vendors, even when they are not the optimal solution for a cloud environment. Alternatively, they may push a host of misleading statements about the leading cloud vendors in order to push forward their agenda for false clouds. Worst case, they may also promote false myths about public cloud to force leaders to continue to invest in data centre and home brew clouds.
Technical challenges. And a different team attitude.
Building solutions in the cloud can bring a number of technical challenges, especially when your staff lacks in-house skills and cloud native thinking when re-factoring into cloud native applications, but also when cloud applications need to integrate with on-premises solutions. Integrating with non-cloud technologies could create complexities which could lead to slow progress.
Old fashioned thinking leads to suboptimal architectures and solutions, resulting in the cloud becoming nothing more than another data centre, instead of an agile and innovative platform. It is imperative to update mindsets, tools and procedures to the new era.
Since cloud is all about agility, a new delivery model needs to be crafted: re-evaluate the entire software development lifecycle by empowering frequent deployments which rely on full stack automation. Manual interventions give way to automated security, standard blueprints, automated patching and proactive monitoring. This is such a radical change, yet essential and critical.
Deployment and automation of applications in the cloud is usually described today as DevOps. Public cloud providers offer their own DevOps tools, but for multi-cloud normally a single, overall DevOps capability is needed. Some DevOps tools help manage scripts to describe deployment and redeployment steps — the imperative model — while others define states that represent the correct operation and generate the necessary commands to maintain those states — the declarative approach.
There are many options with cloud automation tools. Chef is the most popular imperative tool today, and Puppet the most widely used declarative one.
The essence of DevOps is in establishing a culture and an environment in which building, testing, and releasing software can happen frequently, rapidly, and reliably. Its key enablers are collaboration, communication, and automation.
This culture and environment needs to span across the entire ‘IT supply chain’, which involves all the stakeholders responsible for business demand, development, quality assurance, and operations.
This is likely to require cultural transformation, to break silos and embed collaboration and communication in the DNA of a ‘DevOps-ready’ organisational structure and processes.
Many organisations have lofty implementation plans for their cloud transformation programme and other strategic initiatives that require embracing agile. But without adopting DevOps their ‘delivery engine’ becomes a severe bottleneck and the main obstacle to success.
To ensure DevOps is aligned with business need, your IT needs to work with stakeholders to identify where it could provide the biggest benefits — and use that as the direction of travel for all related decisions.
Instead of embarking on a large DevOps transformation programme and risk “boiling the ocean”, it is important to start small, then capitalise on the success and the lessons learned to expand.
How to best reorganise people and processes to support DevOps will vary for each organisation, and there is not a single answer.
Regardless of the previous attention points, you still have to manage and execute this complex and transformational initiative effectively. The key here is to not take on too much too soon. The minimal viable cloud approach is the preferred one: a small set of workloads which allow an enterprise to iterate through building in the necessary security, controls and operations thus allowing to quickly deploy services to the cloud, without having to spend months or years trying to realize the perfect cloud. Successful cloud implementations require a true agile approach, with a fail fast culture. And the organization should allow for mistakes to happen. After all, that’s how people will learn and improve. Teams should in fact iterate through mistakes and small sprints and learn and adjust along the way.
Many enterprises start their cloud journey with unrealistic expectations. Performing a huge evaluation which spans multiple clouds, including private, with cloud management platforms and other advanced technologies before even having a clue on how to build a single application on the cloud is not the best way to start.
Start lean and simple, adjust from experience and re-iterate expectations and execution plans to achieve them.
- Final recommendation
Too often, companies try to build the perfect cloud and spend months to years wasting tons of money and effort with little or nothing to show for it. Meanwhile, they are still paying for all the infrastructure in the data centre and people keep investing their time and effort in the old stuff.
Plan to the best of your knowledge, by applying the idea of a Minimal Viable Cloud. Apply cost optimisation techniques. Create a Cloud Centre of excellence to master strategy, govern execution, foster the cloud culture, empower the cloud economist role and keep the disruptors under control.
Adopt agile and DevOps.
Learn from it all, improve cloud skills, change mentality accordingly. Involve everybody in the company, make them accountable and enthusiastic about the cloud being instrumental to positive change.
Seed, evangelize, explain.
Create an all-encompassing dynamic cloud strategy and execute. Once you are done with an iteration, try it out and check results. Then re-iterate the whole cycle again.
Your path to the best use of cloud is only as good as your ability to execute on your cloud strategy. And your people and the company culture are of paramount importance.
Cloud transformation is more about “transformation”, rather than “cloud”. It is mainly a people factor, not a technology factor.
( _Tweet me_ )
I would like to thank J.R. Storment for valuable feedback on improving the quality of this post, especially in the area of cost optimisation: most of the topics described in this article are complex as entire Universes with bespoke physics laws, hence it is incredibly good and healthy to be able to get advice from subject-matter experts like J.R.!