Cloud computing is one of the great disruptions in the history of IT, fundamentally because of its promise to deliver software, platforms, and infrastructure from afar. The SaaS/PaaS/IaaS continuum has brought a revolution to enterprise IT, and accelerated another revolution, the movement toward DevOps.
Disruption and revolution are very exciting things to talk and write about. But the topics bring chills down the spines of most IT executives and managers. Disruption and revolution can mean chaos to the people who are responsible for setting and maintaining policies and governance within the complex enterprise IT systems they build and manage.
Enter Apcera with a platform it calls Continuum, which aims to disrupt the disruptors in the PaaS space with “a policy-driven platform that gives IT the agility it wants and the governance it needs,” according to the company. Apcera has just announced the sale of a majority stake in the company to Ericsson,
Apcera was founded in 2012 by former Google and VMware executive Derek Collison, who serves as CEO, “with the intent of bridging the divide between developers and ops organizations with an enterprise-class platform that integrates policy and security from the start.”
We had a few questions for Derek, and here’s what he had to say:
Cloud Computing Journal: We think of Apcera as a PaaS vendor. Yet you say that you’re going beyond that, that “PaaS is not enough.” Why is this so?
Derek Collison: Traditional PaaS was designed with a limited purpose: To speed up the deployment and lifecycle management of modern greenfield apps. Essentially, it was designed by developers, for developers, to enable fast innovation and deployment.
When you take a holistic view of the enterprise, you will see that traditional PaaS doesn’t address traditional needs for security, access control, governance and additional features that are critical for other departments within the enterprise. And enterprises need a platform that is capable of handling more than just new apps.
A platform also must be able to handle legacy applications, operating systems and containers, such as Docker images. Traditional PaaS is simply a black box when it comes to handling such a diversity of workloads.
CCJ: And how do you go beyond this?
Derek: As we innovate beyond the traditional PaaS, we took these important considerations to heart and developed our policy-driven platform, called Continuum, which empowers both developers and operational teams to quickly and efficiently deploy, orchestrate and govern a diverse set of workloads on premise and in the cloud.
By integrating policy and governance a part of the core of the platform, Continuum will enable developers and operations teams to deploy workloads of any kind significantly faster without sacrificing crucial security requirements.
CCJ: Governance and policy are enterprise IT linchpins, along with security. They seem to cause anxiety to many enterprise IT managers who are starting to work with cloud computing. How are you addressing this anxiety?
Derek: The anxiety exists because, in increasingly complex and heterogeneous IT environments, enterprises often face a critical trade off. They can develop new services faster with increased risk or maintain security by implementing policy after solutions are developed, which hampers their agility.
These trade-offs in agility and security often cause conflicts between the developers and operations team within an enterprise.
Developers innovate at warp speed. But ops organizations often put the brakes on their development progress to ensure that the enterprise can maintain compliance and new solutions work well and adhere to policy within the current environment.
The reason for the hesitancy is because ops fear these innovations may break the complex balance they’ve created to prevent data breaches, outages and other problems, whether done unintentionally or with malice. They don’t want to be responsible for their companies being in the headlines because of significant data breaches or outages that impact large swaths of the economy.
CCJ: And your specific approach to this is…?
Derek: While there are many approaches being considered today for bridging this divide, most of them attempt to “bolt on” the security and governance to the existing platforms designed to enable them to innovate faster.
But these bolt-on solutions don’t work very well. The system quickly becomes very brittle and fragile, because one incorrect change can cause a spiraling effect across the entire system. And when these types of problems occur, it makes the ops team even more resistant to change.
What we’ve done with Continuum is to build a modern platform capable of deploying a diverse set of workloads, from a basic operating system, to a greenfield application, and everything in-between, while presenting the proper layer of abstraction for each. Our platform makes it possible to transparently compose systems, without any code changes or dependencies and offers a policy-driven core that drives compliance, trust and safety.
CCJ: What strategies and principles have you carried over into your present work from your days as architect of Cloud Foundry? What sort of journey has this been for you?
Derek: I carried many strategies and principles over from my experience with Cloud Foundry. With Cloud Foundry, we were really focused on just the developers.
But after that product launched, I realized that a platform had to be more universally useful to the enterprise, and address the needs of the whole organization. My fundamental belief is that technology should be presented to the enterprise in an intuitive, simple package that adds value to the business.
While the innovation coming from developers is incredibly important, I believe we must establish trust to effectively drive this innovation across the finish line. That is where Apcera is focused—enabling customers to derive real value and real innovation from our next-generation platform.