Accelerate Cloud Success. What do factories have to do with DevOps? Consider that the introduction of factories vastly improved society’s ability to manufacture goods, replacing a system where each component of a product needed to be individually created by a craftsman. In contrast, factories introduced parts that were machine-created to such precise specifications that they became interchangeable and as a result ushered in an era of mass production. In much the same way, factories replace the individual craftsmanship of our Operations and Development employees, replacing their time-consuming construction of individual cloud components with a factory that can quickly create precise and secure IT artifacts.
What is a Factory?
While the idea of factories has been around for a little while (e.g. you may have heard of Amazon’s AWS SaaS Factory), we’ve seen interest in the topic growing recently. In case you aren’t familiar with the concept, with factories, enterprises can accelerate their path to cloud success by quickly, reliably and securely deploying artifacts consistent with industry best practices and internal requirements.
Factories help establish a cloud system that will efficiently deploy a variety of workloads to the right cloud service at the speed of business. Moreover, factories support DevOps at scale by creating a virtuous cycle, growing operational efficiencies and developer productivity as part of an ongoing effort to move from ‘good to great’.
Yet, for many organizations, the spirit of pre-industrial craftsmanship lives on. In these organizations, artifacts are often fragile snowflakes as they are each crafted by hand. Conversely, factories enable a core DevOps tenet: Treat systems like cattle. In a factory, artifacts are easily and consistently created, disposed of, and re-created as business needs demand.
Calculate Factory ROI
The investment in building a factory may not pencil out for every organization. If you are only experimenting with the cloud, or run only a few cloud-based workloads, the time and cost benefits received may not exceed the investment. However, there is a strong argument for deploying factories in enterprises where there are regular and recurring needs for specific tasks.
These organizations will benefit with:
- Time and labor spent on more strategic initiatives
- Greater precision that supports security requirements
- Enhanced consistency and repeatability that supports both GRC goals and the ability to fail fast.
VPC, AMI Factories and More!
At Flux7, we frequently build several types of factories for our customers, addressing a variety of needs. Based on a combination of processes, technology and knowledge transfer that creates a team able to maintain and extend the factory, commonly built factories that support AWS DevOps initiatives include:
An account factory automates the creation, bootstrapping and hardening of new accounts. While there is no one-size-fits-all answer for how many AWS accounts an enterprise should have, most companies will want to create more than one AWS account as having multiple accounts will provide the highest level of resource and security isolation.
For a marketing solutions customer, the Flux7 DevOps consulting team addressed the company’s account security concerns with an Account Factory which allows it to now create multiple AWS accounts with the highest level of resource and security isolation. The account factory was coupled with the firm’s IAM; applied applications of the principle of least privilege; and included an Okta integration for secure identity management, single sign-on and multi-factor authentication.
An AMI factory provides a repeatable and tested process for the creation, distribution, verification, and compliance of Golden AMIs. The primary benefit of using a Golden AMI is providing a standardized machine image to business groups that meet the organization’s security and compliance requirements.
For example, Flux7 created an AMI Factory for a large regional bank. The AMI factory uses Hashicorp Packer and Ansible to orchestrate and implement the creation of Golden AMIs and is used as the bootstrapping tool to bake the AMIs. Once a Golden AMI has been built, it can then be shared with other accounts and is the basis for EC2 instances. When coupled with AWS Config for configuration compliance, the AMI factory accelerates workflows as it can easily update the AMI for new patches and the like.
Application Automation Factory
Part of a healthy approach to achieving enterprise DevOps at scale, the application automation factory accelerates modernization of systems through cloud migration. This factory should be used after the process of pattern identification has been completed. (Patterns help much more easily and successfully move to an enterprise DevOps at scale model by identifying applications that share common infrastructure and deployment pipelines.
After establishing patterns, an application automation factory streamlines the process of deploying applications to the cloud. For example, for a global media customer, the Flux7 DevOps consulting team created an application automation factory. The factory creates a templated Docker file, makes a tweak, and allows developers to push the code, all without the involvement of the IT team.
The infrastructure factory provides rapid, consistent and secure creation and deletion of infrastructure components like VPCs. For our marketing solution customer, we also created a VPC factory. It provides the firm with advanced, secure VPCs along with Transit VPC, and a shared services VPC.
In addition, Flux7 creates specialized factories, like the Kubernetes Factory we created for a large media company. This Kubernetes factory features several pipelines through which people can deploy as many Kubernetes clusters as needed into a sandbox AWS account.
Just as the industrial revolution ushered in an era of mass production, factories can automate the process of creating precise artifacts for a variety of cloud needs. In the process, factories bring important and much needed consistency, security, resource savings and system confidence. Having worked with dozens of organizations to help them build and maintain a variety of factories in support of their cloud and DevOps needs, we highly recommend that organizations find an expert that can guide the building process and teach the team how to manage and extend their factory moving forward.