Inside CBP's Quest for the Cloud
Download as PPTX, PDF1 like487 views
The document outlines the plan for the Customs and Border Protection (CBP) to migrate to a cloud-based architecture in response to an expiring data center lease and the need for modernization. It details the establishment of a Managed Service Organization (MSO) to facilitate the delivery of integrated technology services and the adoption of cloud native principles to enhance mission resiliency. Key components include cloud provisioning, application migration, and the implementation of DevOps methodologies to improve efficiency and scalability.
Inside CBP's Quest for the Cloud
- 1. CBP OIT Data Center Migration | Cloud Migration Overview & Approach May 2017 | Better enabling CBP’s mission by modernizing and transforming current applications and services This document is incomplete without accompanying discussion VisionandTransformation Current State Product Focused Siloed Delivery Future State Managed Service Organization (MSO) Future State Integrated Services Model Border Enforcement Targeting Operations Cargo Processing Passenger Processing OIT The Future State Operating Model includes standing up a Managed Service Organization (MSO) to restructure the delivery of services to CBP mission customers. This future state MSO orchestrates the delivery of key technology and infrastructure services, spanning cloud providers, OIT/EDMED, Program Directorates, and System Owners. EDMED will transform to manage the provisioning of cloud infrastructure, and cloud service providers will take over many current EDMED services. Project Tiger teams will assist with the migration of individual applications and capabilities. Future State Operating Model Critical Path Items CBP is facing a challenge: the lease for National Data Center (NDC) is expiring, while new technologies, mission resiliency, and Federal mandates are all driving the need to migrate to cloud based architecture. Background Improved mission resiliency Technology evolutions offer new capabilities in cloud Data Center lease expires in September 2019 DCOI memo restricts new data center builds Timeline Q2 FY17 Q3 FY17 Q4 FY17 Q1 FY18 Q2 FY18 Q3 FY18 Q4 FY18 Q1 FY19 Q2 FY19 Q3 FY19 Q4 FY19 INITIATION DISCOVERY & ASSESSMENT SUSTAINMENT & OPTIMIZATION MIGRATION & TRANSITION EXIT NDC • Security – Cloud General Support System (GSS) Approval • Finance – Cost Assessment Leveraging Cloud TCO Models • Procurement – Cloud Service Provider Contracts Established • Organizational – Skills Assessment • Workforce – Union Negotiations • PMO – IMS and RACI Completed • Engineering – Detailed Engineering Assessments Completed in Program Offices; Mainframe Decommissioned • Portfolio – Prioritized Application Migration Roadmap
- 2. 2 Cloud Native Principles Speed: Self-contained units of mission services at the core of design patterns Cloud Native Benefits Resiliency: Gracefully handle and recover from failures Scale: Handle increases in load without impact to performance Deliver speed, resilience, and scale built on a set of core principles that govern software and infrastructure modernization. The 12 Factor App and Beyond 1. One Codebase, One Application A repo/set of repos that share a common root, and is used to produce any number of immutable releases. 2. API First Recognize API as a first class artifact. 3. Dependency Management Declare and isolate dependencies. 4. Design, Build, Release, and Run Each deployment stage is isolated and occurs separately. 5. Configuration, Credentials, and Code Treat configuration, credentials, and code as volatile substances that explode when combined. 6. Logs Treat logs as event streams. 7. Disposability Processes are disposable, which means they can be started or stopped rapidly. 8. Backing Services Treat backing services as attached resources. 9. Environment Parity Keep all environments as similar as possible. 10.Administrative Processes Separate admin processes from main app and develop as separate micro-service. 11.Port binding Export services via port binding. 12.Stateless Processes Makes no assumptions about the contents of memory prior to/after handling a request. 13.Concurrency Embrace horizontal scaling. 14.Telemetry Audit and monitor cloud applications remotely. 15.Authentication and Authorization Security should never be an afterthought. DevOps Principles Flow Feedback Improvement Ensure there is a flow of values from the developers to the users though a deployment pipeline. Iterate by continuously improving on builds. Increase flow of CICD through the pipeline by • Smaller deployments of loosely coupled software components (Microservices, Event driven, Serverless) • Automation of build and testing • Reduction in approvals Leverage containerization using a microservices architecture Rapid feature development and increased system resiliency Implement the 12-Factor Application Patterns Loosely Coupled application that contain all dependencies Organize around mission capabilities using Domain Driven Design Understand the level of granularity of services to support the mission Integrate and automate the software delivery pipeline with core IT operation processes Increase delivery speed and quality Implement eventual consistency patterns for data management Enable distributed database architectures Use event-driven software architecture patterns Develop highly fault tolerant systems that scale horizontally Leverage infrastructure automation by standing up runtime platforms Ensures consistent error free deployments across environments Focus on products, not projects Organizes the organization into teams that plan, design, built, test, and operate the products they build New development focuses on core DevOps principles Develop Build Test Measure Learn and Simple Cost- effective Scalable Industry standard Code Flexible Automation Mission focused DevOps focusedPillars of future architecture design Architecture OIT Toolbox How We Got There Development OIT Cloud Native Guiding Principles