Everyone wants to automate IT operations. And for businesses that have moved most workloads to the cloud, automation is easier than ever, thanks to the automated deployment, monitoring and administration services that public clouds offer.
That doesn't mean, however, that simply lifting and shifting applications into cloud environments guarantees that you're taking full advantage of automation. Instead, making the very most of automation requires having a deliberate strategy, deploying tools beyond the basic management services you get from your public cloud, and incorporating rigor in your development process.
Keep reading for tips on what it takes to achieve full cloud automation — and, in turn, reduce your IT operational burden to the point that the nirvana of "NoOps" — a concept that was introduced a decade ago but has become practical only in recent years thanks to modern cloud automation tooling — comes within reach.
Automation comes in many forms
The first step toward maximizing cloud automation is to understand that automation is not a singular thing. There are many ways to automate, many processes that can be automated, many teams that can benefit from automation and many tools that drive automation.
For example, in a cloud-based Kubernetes environment, your IT team will want to automate the way it provisions the servers that operate as Kubernetes nodes. Meanwhile, your developers will want to automate the process of deploying container images into Pods. For their part, your network engineers will need to automate ingress rules that define how traffic flows to and from your clusters. And your security engineers will benefit from automating user and permission settings via Kubernetes's Role Based Access Control framework.
The mistake some organizations make is focusing just on automating one layer or type of process. Typically, that layer is the underlying cloud infrastructure on which everything else runs. The underlying infrastructure is the easiest layer of a cloud-based application stack to automate.
But as we've just explained, it's not the only layer you can automate. And it can't be the only layer you automate, if you want to get to the point where you minimize the amount of manual operations work that your various teams have to perform.
Don't automate for automation's sake alone
To achieve full-stack automation — and, in turn, to make NoOps possible — you must recognize that the point of automation isn't just to say you've automated. Instead, you should treat automation as a means to an end. The end is creating value in areas like the following:
- Efficiency: When you automate as much of your cloud operations as possible, you minimize the engineering resources that your organization has to devote to managing your cloud resources.
- Predictability: Automation breeds consistency and predictability. You can run the same automation tool a thousand times and get the same result, as long as its configuration remains the same. But if you ask a thousand engineers to complete a process of any complexity, they're unlikely to produce identical results.
- Security: By a similar token, automation minimizes security risks by reducing the chances that an oversight or configuration error could lead to a breach. In addition, if you use automation tools to update your resources frequently using an immutable infrastructure approach, you'll quickly lock out anyone who does manage to get inside your environment.
- Cost savings: All of the above leads to cost savings for the business. When you reduce the time your staff spends managing your cloud, maximize the consistency and repeatability of management processes and minimize security and compliance risks, you get a healthier bottom line.
When your team understands that the ultimate point of full automation is to achieve goals like these, it's easier to get buy-in for automating as much as possible, as opposed to creating automations for the lowest-hanging fruit in your cloud environment.
Putting total automation into practice
How do you actually automate everything? And which tools can help you do it?
The answers to these questions will vary depending on the unique characteristics of your organization and its IT estate, of course. But in general, a good place to start is by embracing immutable infrastructure, which means a strategy where you treat cloud resources as "cattle," not "pets," by destroying and replacing them whenever you need to update something. In other words, instead of trying to patch a virtual server instance that is already running, you replace it with a new VM based on an updated image.
You should also leverage Infrastructure-as-Code (IaC) tools. Today's IaC platforms can configure not just conventional infrastructure, like servers. They can also automate application delivery, network management, identity and access management (IAM) provisioning, and much more. This means that everyone in your organization — IT teams, security teams, network engineers and beyond — can leverage IaC to automate the bulk of their cloud operations work.
Finally, make sure your approach to automation is holistic, in the sense that your discrete automation processes work together and remain in sync. Instead of leaving it to each team to deploy its own automation tools and processes, standardize them around a central IaC platform and a common set of rules regarding how engineers create and manage automation policies. This is important because your various teams may need to coordinate their automation policies. When everyone can see what everyone else is automating, automation becomes a single source of truth and a vector for centralized visibility into IT operations.
Conclusion: Automation as the key to NoOps
Ultimately, as we've seen, the point of cloud automation initiatives should be to reduce your operational burden to the point that you can call yourself a NoOps organization.
We know because we have seen it in practice. One great example is one of our clients that has virtually completely automated cloud operations surrounding the deployment of 8 million IoT devices on a major public cloud. Their automation is so complete that manual access to the environment doesn't even exist for most of their engineers because there is no need for human intervention.
Admittedly, not everyone can achieve this level of automation. Some environments are too complex to make operations go away entirely. But almost everyone can find opportunities to automate cloud operations beyond the basics — and they must do so, if they are to keep their operations efficient, secure and cost-effective as their environments grow ever larger and more complex.
Scott Wheeler is the Cloud Practice Lead at Asperitas Consulting.