1 of 19

Cloud. Now what?�Where’s the instruction book?

2 of 19

Today’s Master Builders

Automation-first, cloud agnostic
Reimagine IT@TAMU
Less toil, less entropy, more efficiency

(We ❤️ robots)

“Service owner” of the public cloud

3 of 19

Service Owner?

Responsible for delivering the service within the agreed service levels (SLAs). -ITIL 🥱

Responsible for the success of the service
Deliver value to the organization
Manage performance, quality, and risk
Define requirements and objectives

4 of 19

Service Objectives

Deliver value through customer success
Make the cloud easier
Make the cloud more effective
Benefits:

Increase adoption
Cost Savings
Improved Security
Faster innovation

5 of 19

Customer Success

Make the cloud easier
Make the cloud more effective
Measure that with:

Utilization
Satisfaction
Business objectives and outcomes

6 of 19

Customer Success

Streamline the service
Offload complexity
Training and support
Optimize costs

7 of 19

Account Automation Journey

v0.0.0-pre12: Nothing. Absolutely none (ClickOps)
v0.0.1: Automated billing exports
v0.1.0: Automated-ish account creation

Using CloudFormation and Runbooks at first
OMG, Terraform!

v0.2.0: Cloud account GitHub repositories
v1.0.0: One repo for each cloud, source of truth. “Foundation”

Accounts, policy, OUs, global roles, etc.

v1.5.0: Improved terraform and automation in Foundation repos

8 of 19

*Batteries are Included

Like an airport for the public clouds
Landing Zones
We provide:

Security
Compliant Images
Networking
Financial Tools

9 of 19

Security

Compliant Images
CIS 1.2, w/ sprinkle of TAMU
Kion

Config and Security Findings
Exception requests
Auto-remediations

Single-sign on

10 of 19

Networking

Shared VPCs
Hub-and-spoke VNETs
IPAM
DirectExpressConnects^™️
Overlays/Tunnels
Firewalls and analysis

11 of 19

Financial Management�

Pass-through billing
Utility approach
TAMU accounts
Soon: PO & Invoices
Cloudability
Kion

Budgets
Funding Sources

12 of 19

Not What I Was Expecting

So what about those instruction books? This sounds like you’re preassembling some parts but still leaving the customer with a bucket and no book.

Fair. And true. That was the bait to make you attend this session over all the others.

We (the service owners) cannot write something like this (insert details Lego instruction book) for everything our organization is doing. Not at our size, and most likely not at yours, too.

So what more should we do?

Building the airport is a great start, and for us, has been critically important for our service, but what more can we do to, for instance, make flying the plane or assembling the LEGO colosseum, a bit easier? How can we make the hundreds of potential builders across IT, research, and more, Master Builders, too?

there are a few things we're doing now, and that we want to do in the future

13 of 19

Infrastructure-as-Code

The RIGHT way to do cloud

Organized and Explicit
Protections for common risks

Steep learning curve
Flatten the curve with Bits-o-Wisdom^™️

(terraform modules)
State, authentication, and starter templates

We wholeheartedly believe that using infrastructure as code is the right way to manage cloud resources.

It can protect you from making mistakes in so many ways:

it forces you to be organized and explicit and understand the resources you're using
something often abstracted by the consoles.

Add in the ecosystem of tools built around IaC, and it can also help with

- cost estimation

- fixing security and configuration issues before they're a problem.

But it's not an easy area of engineering to get started in. There are very steep learning curves to being productive.

We've been writing terraform together as a team for almost 3 years, and we’re still improving our practices and methods.

We're trying to bottle up that hard-learned wisdom into a growing collection of Terraform modules that can help you bootstrap your own.

14 of 19

Infrastructure-as-Code Library

What we thought might be popular

Static websites
Storage: object, file
Web app deployments
Autoscaling groups/scalesets

Watch out for new projects ideas

15 of 19

Automation

Robots are our friends
Automate Everything
Faster failures
Fewer errors
Repeatability
Less toil

16 of 19

Code Community

We build in public
Internal and customer projects made visible
Whole-story projects
Hope to inspire and improve others

17 of 19

Training

Start with Why and How
Led by Today’s Master Builders
Grow Tomorrow’s Master Builders
Leverage Partner Relationships
Food 🍕

We have a pretty big project about to launch, one that’s been in development by my team for quite a few months, and we found ourselves with a brand-new operations team for whom automated, code-based cloud infrastructure was foreign and unfamiliar. We started down the road most would probably start down first; let’s get them familiar with the cloud services used by this project. We started to do that, and they were becoming familiar with the services - in fact, they were relieved and enthused to find that it’s not that different from what they were used to with on-prem. But then we started going over the runbooks together, and everything fell apart. They no longer understood; they were confused and frustrated why our instructions didn’t have screenshots and step-by-step guides like these (show LEGO book).

We released they didn’t understand why it was done this way. Why was this all written in code? Why are all the deployments automated? How do I use these new tools?

We started with “What” but really should have started with ”Why.” So that’s precisely what we will do over the next couple of weeks. We’re assembling all of today’s master builders to hold workshops on infrastructure-as-code and automation for our new organization to find and grow tomorrow’s master builders.

18 of 19

LEGO Enlightenment

Technology Change
Organizational Change
Cultural Change

Something that stuck out to me from last year's Cloud Forum :

- most schools are struggling with changing the culture in their organization

- and we're no exception: the concepts and practices we represent are still relatively new to most of TAMU.

I mentioned on the last slide that brand-new operations teams are being formed, literally, as we meet here.

We're undergoing an organizational restructuring and leadership change unlike anything else before

These new teams are being formed by pulling talented engineers up and out of their previous silos and innovation deserts into a new, unified organization.

Our Master Builders have an engineering responsibility in most campus IT projects now, so we are strategically positioned to enhance and accelerate cultural change.

We think that by first understanding Why the tools are different and How to use them, they will be much more effective at the What. We want to make them all Master Builders because Master Builders make their own Cloud Instruction Books.

19 of 19

Everything is Awesome

jrafferty@tamu.edu