Siili was delighted to be a part of the event as a participant and sponsor of the two-day Azure Igloo 2022.The conference was a relaxing, stress-free and welcoming event packed with interesting talks, experience sharing and discussion. Although the conference did not have an emphasis on any specific feature from Microsoft, it gave space for open conversation and collaborative problem solving for practical challenges.
Speakers at the event were either Azure MVP, Regional Directors or Microsoft representatives who shared their experience and ideas on a variety of fields. The topics included cloud infrastructure, cloud migration, data partitioning strategies, AI & Data analytics, etc. Within each discussion, we gained insights and ideas on solving the challenges of our customers, along with improving our own competence.
Highlights and notes from Igloo talks:
Azure Cloud Development
Within the cloud infrastructure domain, we saw recurring themes and challenges for many companies. The speakers also pointed out these four domains: FinOps, Security, Operations and Compliance.
- One of the highlights of hard challenges for companies is cloud spending. Magnus Mårtensson put a new perspective on cloud challenges. The speaker was referring to cloud challenges as more of business constraints rather than technical ones. Therefore, HR Directors and HR should be part of cloud strategy discussions.
- Cloud teams, management and HR departments should work together and spend time optimizing the cloud costs. Though sometimes neglected, Azure offers tools to help with this kind of endeavors, such as Azure Cost Management, Budgets and Cost Recommendations. Utilizing such tools help teams become aware and responsible for their cloud costs.
- Providing FinOps analytics to customers will help them keep their cloud spending optimal and improve their competitive edge. Some surveys suggest cloud spending waste could be as high as 32%. Minimizing this waste could provide more investment opportunities in other areas of development.
- Though security has always been a large concern for all industries, it is rarely seen well strategized and incorporated into business plans. During his talk, Karl Ots mentioned that companies allocate unbalanced resources to FireWall and other security features. Commonly, FireWall has been too privileged and consumes an unnecessary amount of development effort. Other aspects of security should also share the same level of concern. Organizations need to restructure and re-strategize to improve overall security performance.
- For multiple cloud resources, there is no hat that fits all. Security resources should be developed and maintained for each cloud from different providers. It is important to understand how each cloud works and the unique requirements that make them secure. Following each provider’s recommendations and framework is always key for maintaining security.
- It is vital that organizations understand that security is on everyone’s responsibility. All levels need to contribute to protecting the assets of companies. Therefore, security should never be an afterthought. Security needs to be integrated in key decisions such as defining business processes, policies outline and roles delegation.
- Another mistake that has been observed is how many teams skipped security testing in CI/CD pipelines. A good mitigation for zero-day attacks is incorporating security checks within the release process. It is already common to integrate QA tests within the lifecycles of products. Teams should expand to also include security tests as there are already numerous tools available
Operations & Compliance:
- During the first talks of Igloo, Rik Hepworth made an insightful analogy of application in the cloud: “Once your application is in the cloud, it is like a puppy. You need to look after it, see how it grows, and constantly and carefully take care of it.” After migrating applications to the cloud, there will always be more work to ensure its quality. Azure has many built-in policies, initiatives and compliance checks to help maintain applications. However, companies are not fully utilizing these functions.
- The use of DevOps methodology was emphasized during some talks. It is crucial for products to have a constant schedule of quality improvement. Additionally, teams with clear tasks and schedules perform much better and are more productive. DevOps not only ensures the constant release of necessary changes but also recovery during disasters.
- Evaluating the responsibility chain is a good approach to understanding roles and delegating tasks. Companies need to have a clear view of team structures, roles and responsible areas. This ensures correct resource allocation along with collaboration across teams and departments.
Bonus tips – Cloud Migration & CAF model utilization:
- Most important aspect to consider when migrating any application is to understand the expertise of the customer’s teams. It is not enough to just migrate all data and applications to the cloud. Every consultancy also needs to ensure long-term success of the customer. Therefore, during the hand-off, the customer’s expertise level needs to be clearly evaluated. If there’s a clear lack in this area, the consultant needs to address this issue immediately.
- Within the Microsoft CAF model, there are clear instructions and tools to implement SRE along with cloud optimization, which is something any organization can implement. Although the model is not easy to fully grasp, businesses should embrace it to optimize Azure usage. A good approach is to compare the model with current practices. Find similarity to continue working and outsource areas that need improving.
- For any migration project, CAF Landing Zone is recommended. Microsoft had outlined procedures and resources needed to quickly create functioning cloud application infrastructure. This model will help teams easily transition to the cloud.
As always, application development had many innovative tools along with new methodologies. During Igloo, we got to see such features through many talks, including Sakari Nahi’s improv sessions and Michaël Hompus’s Dapr demo. These talks gave us not only new features but also great lessons on the experience of professionals.
- For any team starting out with application development on Azure, it can be daunting to find the right tools for development needs. However, there is a list of core services that have been utilized in most projects. Understanding the list well and utilizing these services is a good base for any starting project. Tools in the list include: App Services, CosmosDB, SQL DB, Data Lake, Azure Storage, etc.
- During software development planning, it is not enough just to plan for the functionality of the application. Teams need to also consider the entire ecosystem surrounding their product. Some questions need to be asked: “Who is responsible for what area?”, “Who is financing the project?”, “Are we starting from green-field or brown-field?”, etc. The answers will give great insights on direction for everyone involved in the process.
- To accelerate the beginning of development projects, an open-source tool called Dapr was introduced. io takes care of initial architecture decisions and unnecessary complexity. This tool functions as a sidecar to any microservices within the product (front-end, query, logs, etc). Dapr also manages states and APIs for the application. This ensure that all microservices can communicate along with ensuring their states through the process.
Inspiration & Action points:
Through the talks and discussion, we received many great notes and ideas on how to improve our current offering. It was also reassuring to know that many of our practices and projects are in line with Azure best practices. For example, Siili is constantly emphasizing on the use of monitoring and logging within cloud infrastructure. Additionally, we also integrate security within all our cloud development. Our Azure Partner Lead has also mentioned our practices in their blog post: “How to get the best of cloud”.
However, there will always be room for improvement. Some action points and future discussion:
- Research and implement security testing in CI/CD for current and future projects
- Research and implement FinOps analytics services for customer’s infrastructure
- Have more open discussion on cloud migration strategies and challenges
- Implement IAM vending machine
- Bring CAF Landing Zones to more customers
Two days with 11 talks is too much to cover in one single blog post. While we have shared many highlights, they are only scratching the surface of the topic. Siili’s team had a wonderful time at Igloo and we are looking forward to the next one.
Playlist for the Conference: IglooConf 2022 - Summer Edition - YouTube