DevOps has often been a step behind, jumping into action only when problems pop up. This method, while useful in some situations, tends to leave DevOps teams in a constant state of firefighting. Even today, the focus remains on fixing issues as they occur, a cycle of endless troubleshooting and tweaking. However, there's a growing need for DevOps to evolve, to anticipate issues before they happen, moving beyond the traditional fix-it-when-it-breaks mindset. Enter platform engineering, a forward-looking strategy that promises more adaptability and insight, marking a significant shift in how DevOps operate.

In working with various companies, we've noticed a common trend of hefty cloud service bills, often hitting millions of dollars, leading to unnecessary overspending. Companies are now looking for ways to cut these costs, which, when added to security, compliance, and monitoring expenses, can significantly inflate the budget. The reliance on cloud services over the last decade has made this a widespread problem.

Here's a thought: why not address these issues head-on before they escalate? Adopting a proactive stance could greatly reduce inefficiencies, minimizing the endless cycle of audits and cost-cutting. This approach not only makes operations smoother but also supports a smarter, more sustainable future for cloud computing and DevOps.

We've identified two main strategies: the reactive 'By audit' and the proactive 'By design'. As we explore further, we'll see how platform engineering offers a promising way for DevOps to refine its approach, signaling a major transformation in our technological landscape.

The ‘By-Audit’ approach

The 'By-Audit' approach is a reactive method used in important tech areas like cloud cost management, compliance, security, disaster recovery, and monitoring. This method often results in repeated work and inefficiency. We will break down each aspect to understand this better:

  • Cloud Cost

    • Current Approach: Centralized teams analyze cost reports daily or weekly, then assign and track tasks across engineering teams.

    • Challenge: This is effort-intensive and, while it trims some excess, it doesn't fundamentally improve efficiency.

  • Compliance

    • Current Approach: Quarterly audits identify non-compliant teams, who are then tasked with rectification.

    • Challenge: There's no assurance that the issues won't recur.

  • Security

    • Current Approach: Regular reports are generated to spot potential misconfigurations.

    • Challenge: The high number of false alerts not only overwhelms but often causes the root causes to be overlooked. Misconfigurations can originate from multiple sources, adding to the complexity.

  • Disaster Recovery

    • Current Approach: Frequent disaster recovery drills stem from low confidence in backup systems or recovery playbooks.

    • Challenge: With rapidly evolving systems, static recovery playbooks become obsolete, indicating a deeper uncertainty and leading to repetitive drills rather than addressing the root issue.

  • Monitoring

    • Current Approach: Alerts and dashboards are often configured from scratch in monitoring tools.

    • Challenge: This can be overwhelming. For instance, a lack of alerts doesn't necessarily mean everything is functioning correctly; it could indicate misconfigured alerts or incomplete coverage.

These areas are vital for delivering software successfully but are often treated as secondary concerns rather than core elements of the design process. Imagine the improvement and foresight if these processes were part of a proactive, well-planned strategy from the start. This idea introduces the potential of moving from a 'By-Audit' to a 'By-Design' approach in DevOps, embedding anticipation and efficiency into our tech practices.

Embracing the 'By-Design' Approach

The 'By-Design' approach emphasizes planning and establishing proven methods from the start. It focuses on creating 'golden paths'—well-tested operational practices that guarantee compliance, security, and other needs are met efficiently. This method involves incorporating best practices and standard procedures early on, making sure everything is set up correctly from the beginning.

Take the process of setting up new credentials, for example. Instead of a casual, as-needed approach, 'By-Design' insists on a formal, predefined method for credential requests. This ensures a clear distinction between the purpose of the credentials and how they're implemented, allowing for straightforward validation of both aspects. This systematic approach eliminates the need for constant re-checks.

There should be clear rules for how credentials are created, isolated, stored, and updated, and these rules should be applied consistently. By integrating these rules into the initial request process, it's possible to enforce them automatically, reducing the need for manual checks. Starting these practices early in the software development life cycle (SDLC) reduces the need for ongoing audits.

Organizations that implement the 'By-Design' philosophy naturally meet compliance, security, and efficiency standards, avoiding the hassle of detailed audits. This strategy does more than just make developers' jobs easier; it leads to significant, lasting improvements across the organization. By embedding critical considerations like cost, security, and compliance into the foundation of processes, it cultivates a culture of proactive planning and foresight.

By-Audits v/s By-design approach

The table highlights the shift from traditional DevOps, which often reacts to problems, to the proactive 'By-Design' approach that integrates key operations from the start. By planning for compliance, security, disaster recovery, observability, and cost efficiency early in the development process, organizations can streamline operations, enhance security, and save costs. 'By-Design' is a strategic move towards built-in system integrity and excellence in operations.

The Advantages and Challenges of Both Approaches:

Challenges with by-design and by-audit approaches to DevOps

The future belongs to the By Design approach

Looking ahead at the next decade of cloud development, the 'By Design' approach stands out as crucial. It integrates best practices and strict standards directly into our cloud infrastructure, creating systems that are efficient, secure, and resilient. This proactive strategy emphasizes optimization and compliance from the start, rather than treating them as afterthoughts.

While the 'By Audit' method has effectively solved many issues, the growing cloud environment and increasing need for audit tools call for a 'By Design' strategy for a lasting solution. This method focuses on building a strong cloud ecosystem from the beginning. As cloud computing continues to grow, adopting a 'By Design' approach will lead the way, ensuring we reach our highest potential.