BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
BOSTON -- Organizations from enterprises to governments need to spin up workloads faster and without complication, so they're turning to containers and cloud to create modern IT infrastructure.
"We had a process to get infrastructure [for a project] that was so brutally hard and slow that by the time the hardware arrived, you'd have forgotten what you wanted it for," said Pat Healey, CTO of infrastructure and shared technology services at Deutsche Bank, a global banking and financial services company headquartered in Frankfurt, Germany, speaking at Red Hat Summit here this week.
Deutsche Bank lacked architectural best practices; it ran dozens of OSes on hundreds of thousands of compute cores at single digital utilization and largely outsourced the heterogeneous mix. The company pursued modern IT infrastructure that could run workloads at a chosen service-level agreement, and it moved to a multi-tenant platform-as-a-service (PaaS) model. Now, it runs workloads portable across different data centers on Red Hat OpenShift Containerization Platform, with an eye toward adding multiple public clouds to the mix.
"We want the capability that allows us to select a provider in real time ... if that provider has given us the right risk and cost profile for that particular workload," Healey said.
Put in the grunt work
When you create a consumable platform, infrastructure becomes invisible to users, but never out of IT's sight. Infrastructure provisioning and management is all about meeting developers and application owners where they need you.
"Don't underestimate the work you need to do to make your platforms or applications agnostic in containers," said Rajay Rai, head of digital ninja at Macquarie Group, a global investment banking and diversified financial services group headquartered in Sydney. Macquarie has undergone a cloud transformation to fit applications into containers and make them portable across infrastructure.
Organizations that aren't global or cutting-edge also want to meet developers' needs. A group at the University of North Carolina at Chapel Hill (UNCCH) proved that small teams can create a more agile and higher-utilization platform at a smaller scale. Facing pressure from users to offer easily requested and provisioned, no-maintenance modern IT infrastructure, UNCCH turned to containers in its on-premises data centers. The university deployed containers on OpenShift to replace virtualization for specific workloads -- from internal services to student projects -- as well as sensitive applications, such as student records.
Get everyone on board
Every IT team risks dedicating research, design and implementation work to a technology stack that, once unveiled, doesn't appeal to target users within the organization.
To encourage project migration to the container infrastructure, the UNCCH team reached out to users across campus via a developer liaison. The liaison guides departments through the process of migrating applications to OpenShift containers. They facilitate platform understanding, but don't actually develop code, said Stephen Braswell, senior solutions engineer at UNCCH, in a Red Hat Summit session.
This job has grown from one person to several as the container deployment matures, necessitating large changes to processes and technologies with an update to OpenShift 3.4, he said. The UNCCH team also writes documentation for diverse users -- from beginners to seasoned developers. Documentation is a never-ending task, and they welcome requests from users for more, Braswell said.
Another way to ensure you're on track with the technology stack is to walk past the developers' desks and into the front office. "You've got to have the mind of your executives and show value to the business," Rai said.
Macquarie relies on the concept of internal lab, external beta and production; executives can try out applications in the lab, and actual customers participate in beta tests. The underpinning OpenShift containers and Amazon Web Services cloud enable the bank to quickly move through each stage to production once the release gains approval.
Contain your enthusiasm
Pat HealeyCTO of infrastructure and shared technology services at Deutsche Bank
Success or failure, especially at the start, depends on how the IT team rolls out a container platform. Access control prevents a plethora of diverse and unused deployments, users clamoring at the gates, and the platform crumbling under its own weight.
"There's no point in having a great environment if you let any old rubbish into it, nor if you eventually create a wall so high you can't get anyone in to use it," Healey said. Instead, build controls into the platform and automate their enforcement so projects continuously deploy into production without endangering the live environment.
UNCCH's initial container platform caught on quickly; container use has grown 200% since October 2014, and it continues to grow, as the organization recently gained approval to host sensitive data there. The platform keeps a few empty nodes at the ready to scale up capacity.
The success of a modern IT infrastructure project is measured first by speed of deployment and changes, and then in terms of reduced costs and increased resource and operations efficiency.
"Previously, it would take three months to provision infrastructure," Macquarie's Rai said. "Now, in Amazon, it takes under an hour, [and] releases take minutes." Operations creates environments dynamically to fix bugs without downtime, providing better customer service. Amazon may cost more than the same deployment on premises, but the efficiency gains justify the cost, he said.
Consider value, rather than cost, urged Todd Wilson, DevOps product director of the BC Developers' Exchange, a group established by the government of British Columbia that encourages IT agility in government. The province shifted from a traditional managed data center model to a containerized one. "The density and efficiency that we're able to get for the same spend is an order of magnitude more," Wilson said. The IT budget might not look much different, but the value of IT surges.
Efficiency can also reduce costs, even if that wasn't your primary goal.
Deploying onto the container platform enabled UNCCH to curb overprovisioning for projects, standardize security and maintenance on the stack, and entice users away from outsourcing. It's investigating ways to collapse servers and take advantage of the density of containers that OpenShift provides, potentially shedding 25% of the total server farm.
At Deutsche Bank, Healey estimated that 85% of workloads could migrate to PaaS, which creates high utilization on 20% of the infrastructure the company needed back when projects ran on disparate servers. Cost and throughput benefits become clear when you bring 300 projects onto four VMs with 50 cores of compute, he said. To reach this goal, the firm migrates users free of charge into the new Red Hat PaaS, but offers an old homegrown PaaS -- at a price -- for the time being.
To continue improving the platform, BC Developers' Exchange asks the operations and development staff for feedback and suggestions. "We want to make sure we're making them more efficient and [their] work is exciting," Wilson said.
He also offered a word of caution. The technology stack changes are impressive, he said, but IT teams shouldn't forget that users are human. Changes affect how they do their jobs and the skills they apply. "All of the sudden, you're moving machines somewhere else, and they're going to have to figure out a new way to work," he said. Improve the technology stack with them in mind.
When you've created modern IT infrastructure that's right for users, you'll know. "It's exciting to see people want to use our platform," UNCCH's Braswell said.
How containers create a modern PaaS
OpenShift roadmap points to more portable containers
Traditional apps jump into containers for modern benefits