In the world of DevOps there are ‘known good practices’ – aka ‘patterns’ – and ‘known bad practices’ – aka ‘anti-patterns.’ Many of these patterns and anti-patterns have been developed from real world experience, especially by the early adopters of DevOps theory; but many are more feasible in theory than in practice, especially for more recent entrants to the DevOps scene. In this power panel at @DevOpsSummit at 18th Cloud Expo, moderated by DevOps Conference Chair Andi Mann, panelists discussed the patterns and anti-patterns of DevOps, and what it means to ‘do the right thing’ in a DevOps way, but in the real world.

read more

• According to the Cisco Visual Networking Index, M2M connections will represent 46% of connected devices by 2020.
• 95% of execs surveyed plan to launch an IoT business within three years.

These and many other insights are from the recently published Cisco Internet of Things (IoT) study, The Journey to IoT Value: Challenges, Breakthroughs, and Best Practices published on SlideShare last month. The study is based on a survey of 1,845 IT and business decision-makers in the United States, UK, and India. Industries included in the analysis include manufacturing, local government, retail/hospitality/sports, energy (utilities/oil & gas/mining), transportation, and healthcare. All respondents worked for organizations that are implementing or have completed IoT initiatives. 56% of all respondents are from enterprises.

Key takeaways from the study include the following:

73% are using Internet of Things data to improve their business

The data and insights gained from IoT are most often used for improving product quality or performance (47%), improving decision-making (46%) and lowering operational costs (45%). Improving or creating new customer relationships (44%) and reducing maintenance or downtime (42%) are also strategic areas where IoT is making a contribution today according to the Cisco study.

IT executives often see IoT initiatives as more successful (35%) than their line-of-business counterparts (15%)

With IT concentrating on technologies and line-of-business users focused on strategy and business cases, the potential exists for differences of opinion regarding IoT initiatives’ value. The following graphic provides an overview of how stark these differences are.

Engaging with the IoT partner ecosystem in every phase of a project or initiative improves the probability of success

The most valuable phases to engage with ecosystem partners include strategic planning (60%), implementation and deployment (58%) and technical consulting or support (58%). The following graphic provides an overview of most and less successful organizations by their level of involvement in the IoT partner ecosystem.

Other statistics:

• Only 26% of all companies are successful with their IoT initiatives. The three best practices that lead to a successful IoT implementations include collaboration between IT and business, the availability of internal and external partnerships to gain IoT expertise; and a strong technology-focused culture.
• 60% of companies believe IoT projects look good on paper but prove more complex that expected. This finding underscores how critical it is for IT and line-of-business executives to have the same goals and objectives going into an IoT project. Being selective about which integration, technology, and professional services partners are chosen needs to be a shared priority between both IT and line-of-business executives.

«NetApp’s vision is how we help organizations manage data – delivering the right data in the right place, in the right time, to the people who need it, and doing it agnostic to what the platform is,» explained Josh Atwell, Developer Advocate for NetApp, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.

read more

«We began as LinuxAcademy.com about five years ago as a very small outfit. Since then we’ve transitioned into more of a DevOps training company – the technologies and the tooling around DevOps,» explained Doug Vanderweide, an instructor at Linux Academy, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.

read more

After more than five years of DevOps, definitions are evolving, boundaries are expanding, ‘unicorns’ are no longer rare, enterprises are on board, and pundits are moving on. Can we now look at an evolution of DevOps? Should we? Is the foundation of DevOps ‘done’, or is there still too much left to do? What is mature, and what is still missing? What does the next 5 years of DevOps look like? In this Power Panel at DevOps Summit, moderated by DevOps Summit Conference Chair Andi Mann, panelists looked back at what DevOps has become, and forward at what it might create next.

read more

The computing world just keeps on progressing but as we all know with progress comes additional challenges. This is especially true of challenges around security. Every advance in computing has given rise to the same question: “how do we secure this new toy?”

When client/server architecture was all the rage in the late 1990s there was great excitement about the advantages it brought about but also a concern for the security implications of distributed clients and centralised servers. When server consolidation came of age in the early 2000s the concern was how to keep applications secure when running on the same server.

In the age of cloud computing, we seem to have introduced more security impacts than ever before. Cloud computing has been the basis for many tremendous benefits in the computing industry and has positively impacted many businesses around the world. While we can celebrate all the advances we need to be very aware of all the new threats that have come with the steps forward. The following are some of the areas that concern security professionals in the 2017:

Cloud

As I have stated in a past article, security concerns are still the number one impediment to cloud adoption in the computing world today. With that said, more and more organisations are moving production workloads to the cloud every day and how to secure those workloads is a question with no single answer. Whether cloud workloads are treated as if they are in one’s own data center or secured through as-a-service tools, placing workloads into the cloud comes with some measure of uncertainty that requires research, planning, and execution to mitigate.

Edge/fog networks

The concept behind fog computing isn’t really all that new. I remember moving web servers to the outer edge of the network, outside the firewall, so that they can be closer to the users. The difference now is that fog computing supports larger numbers of devices either at the edge of the managed network or, in the case of IoT, placed physically very far from the control plane.

The somewhat obvious threat vector is the vulnerability of these fog/edge to attack and the continuation of that attack to the control plane, aggregation layer or even all the way to the virtual private network or data centre. This needs to be dealt with in much the same way as this type of problem was handled in past. The fog/edge devices need to be hardened and the communications path between those devices and the aggregation layer and the data center (cloud or other) need to be secured.

Mobile users

It was so much easier to secure an environment when we knew who our user base was. Well, not anymore. The preponderance of mobile devices that the service developers can have no control over, leaves the service network open to attack via those devices. A user who utilizes your provided tested and secured app could easily have installed another app which is just a front for malware of some kind. Beyond just writing apps that are secure the systems as the front end of the data centre or cloud environment that support these apps have to be strongly secured. Additionally, communications between app and service layer need to be secured and monitored.   

Malware

On June 26 the largest container shipping company in the world Maersk Lines, Russian oil producer Rosneft, and pharmaceutical giant Merck, along with hundreds of other institutions around the world, were all but shut down by a global malware/ransomware attack.

That the perpetrators used various public cloud-based resources to launch the attack is a very real possibility. Security professionals around the globe are concerned about the form the next big malware, virus, or ransomware attack will take. Practical and logical steps, including planning for recovery, training, and maintenance, need to be taken to prevent organizations from falling prey to these attacks.

Global data expansion

Many years ago, I wrote an article on how server consolidation can positively impact data centre security by reducing the number of operating system instance to maintain and by reducing the number of possible targets for hackers. In today’s ever expanding global data environment we have to ask ourselves: have we provided too many targets for the bad guys?

The answer is maybe. Each individual and organisation have to be engaged in preventing data loss and data theft by utilising the many means of securing data that exist today. Data at rest encryption, automated and versioned replication or version backup, are just some of the ways an enterprise can protect themselves. These security concepts apply equally to preventing and/or recovering from malware attacks.

The only way to survive the many security threats that exist is to: recognise the threats, learn about them and how to fight them; build a comprehensive plan for protecting your organisation and for reaction to and recovery from an attack; whether it is basic security maintenance or implementation of major security efforts, take action. Don’t just sit back and wait for an attack to happen.

The public cloud computing sector is in a constant state of evolution, as vendors design new IT infrastructure architectures and service providers deploy them in their own unique hyperscale data centre facilities.

According to the latest analysis of cloud pricing by 451 Research, for the majority of new applications, a serverless solution offers a lower total cost of ownership (TCO) than both virtual machines (VMs) or containers.

Severless cloud market development

When analyzing serverless offerings from the leading public cloud service providers, 451 Research determined that IBM generally offers the least expensive service, with Microsoft leading for certain other configurations.

According to the 451 Research assessment, the TCO of serverless tends to be lower than VMs, even when the VM is hosting containers, because there is no need for developers to provision, configure and manage the infrastructure.

As an example, when a serverless function is active for just three quarters of the month, it only takes a 10-minute saving in operational overhead for serverless to beat virtual machines on TCO.

451 Research analysts believe that even without the savings in developer time, the ability of serverless to increase utilisation means it is cheaper than using VMs when the code is executed fewer than 500,000 times each month.

451 Research finds that IBM is least expensive for 0.1 second duration scripts, and Azure is cheapest for 10-second scripts – assuming memory requirements match predetermined size allocations.

Besides, IBM offers a distinct cost advantage by allowing users to choose exact memory requirements, whereas other cloud service providers round up the figures, resulting in users typically paying for unused capacity.

That being said, and considering the similarities in pricing methods and offerings between cloud service providers, 451 Research believes serverless is poised to undergo a round of price cutting this year.

«Serverless is more than just hype; it has the potential to transform the way we develop, build and run applications in the cloud. Understanding the economics of serverless technology is vital to understanding its potential to disrupt the industry,» said Owen Rogers, research director at 451 Research.

Outlook for serverless cloud services

Freemium serverless offerings are already fueling the growth of new services by stimulating experimentation and helping enterprises gain skills. In the analyst’s opinion, this could result in serverless solutions becoming the next cloud ‘price war’ battleground.

451 Research expects adoption of serverless – or FaaS (functions as a service) – to continue growing over the next few years. In its 2016 market study, 37 percent of the IT decision-makers surveyed were already using serverless technology.

The term ‘serverless’ implies that no servers are used to run an application or service. But in reality, this model means that developers and cloud service providers do not encounter the typical complexity and maintenance management of VMs or containers.

Cloud Expo, Inc. has announced today that Andi Mann and Aruna Ravichandran have been named Co-Chairs of @DevOpsSummit at Cloud Expo Silicon Valley which will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. «DevOps is at the intersection of technology and business-optimizing tools, organizations and processes to bring measurable improvements in productivity and profitability,» said Aruna Ravichandran, vice president, DevOps product and solutions marketing, CA Technologies. «It’s this results-driven combination of technology and business that makes me so passionate about DevOps and its future in the industry. I am truly honored to take on this co-chair role, and look forward to working with the DevOps Summit team at Cloud Expo and attendees to advance DevOps.»

read more