Note: Yesterday RackN posted Are you impatient enough to be an SRE? and then the CIA wikileaks news hit… perhaps the right question is “Are you scared enough to automate deeply yet?”
As an industry, the CIA hacking release yesterday should be driving discussions about how to make our IT infrastructure more robust and fluid. It is not simply enough to harden because both the attack and the platforms are evolving to quickly.
We must be delivering solutions with continuous delivery and immutability assumptions baked in.
A more fluid IT that assumes constant updates and rebuilding from sources (immutable) is not just a security posture but a proven business benefit. For me, that means actually building from the hardware up where we patch and scrub systems regularly to shorten the half-life of all attach surfaces. It also means enabling existing security built into our systems that are generally ignored because of configuration complexity. These are hard but solvable automation challenges.
The problem is too big to fix individually: we need to collaborate in the open.
I’ve been really thinking deeply about how we accelerate SRE and DevOps collaboration across organizations and in open communities. The lack of common infrastructure foundations costs companies significant overhead and speed as teams across the globe reimplement automation in divergent ways. It also drags down software platforms that must adapt to each data center as a unique snowflake.
That’s why hybrid automation within AND between companies is an imperative. It enables collaboration.
Making automation portable able to handle the differences between infrastructure and environments is harder; however, it also enables sharing and reuse that creates allows us to improve collectively instead of individually.
That’s been a vision driving us at RackN with the open hybrid Digital Rebar project. Curious? Here’s RackN post that inspired this one:
From RackN’s Are you impatient enough to be an SRE?
“Like the hardware that runs it, the foundation automation layer must be commoditized. That means that Operators should be able to buy infrastructure (physical and cloud) from any vendor and run it in a consistent way. Instead of days or weeks to get infrastructure running, it should take hours and be fully automated from power-on. We should be able to rehearse on cloud and transfer that automation directly to (and from) physical without modification. That practice and pace should be the norm instead of the exception.”