“Take the name of my practice: Cloud & DevSecOps,” suggests Serhii Shydlovskyi, Lead System Engineer. “It incorporates two of the most significant trends: cloud technologies (Cloud) and security (Sec part in DevSecOps).”
We have asked Serhii to share his expert opinion on what trends will continue to gain momentum in 2022, what beauty does the Kubernetes hold, and why systems engineers will have to pay more attention to regulations governing the protection of personal information.
Multicloud and hybrid solutions
It is no secret that using the cloud as your primary business platform reduces cost and ensures system flexibility. However, in the future, we will see more fans of a hybrid approach who prefer storing their critical business applications in their own data centers while simultaneously employing several cloud providers.
This approach partly stems from the peculiarities of migration to or from the cloud when many customer systems duplicate themselves. Greenfield projects (similarly to greenfield land building) not encumbered by the so-called legacy restrictions imposed by the previous work on the project have the advantage of starting immediately in the cloud.
All popular cloud providers have pros and cons, so the multi-cloud strategy, which allows you to get services with the best price to quality ratio, is rapidly gaining popularity.
Still, based on my observations, the financial side of the issue is taking second place lately. Business owners are focused primarily on ensuring the viability of their systems, and the number one priority is the relevance of services to the needs of their projects.
I have been working with Kubernetes for some time, so I speak from my experience when I say that this tool enables DevOps engineers to implement functionality that seemed magic-like a couple of years ago. It allows one to expand the working capabilities of local data centers almost to the level of their cloud counterparts.
Kubernetes solves many network issues, helps quickly and easily integrate numerous services. All I have to do is write and run manifests, and they start working. The main advantage of implementing Kubernetes is the simplification of the infrastructure. Moreover, Kubernetes is changing the infrastructure outlook, gradually turning thousands of code lines of automation into simple YAML files.
But these changes also require a transformation in the mindset of the engineers: the approach, that "launching a single script solves virtually any problem", is no longer working. It is superseded by another scenario: you add the code to Git, do the code review, run it through pipelines and it is ready to install.
Key cloud providers — Amazon (AWS Lambda), Microsoft (Azure Functions), and IBM Cloud Functions — are actively developing serverless technologies. It is the next evolutionary step after containerization and a separate direction in CI/CD practice.
With the serverless organization of a system or application, engineers run the code without concerning themselves with where and how it will be executed. Cloud service providers have already taken care of that. They support an infrastructure that scales to the needs of a particular application: no worries about configuration and requirements, developers can focus on writing code. It also globally changes the approach to continuous integration: it is no longer practical to run quick tests on a local server.
Data protection laws and regulations
Informally, it is called regulatory compliance. As a CI/CD automation engineer, I frequently get the same old question from customers: How do you plan to comply with industry regulations?
What is more, in some industries, such as healthcare or banking, regulations dictate the development process. These days, system engineers need to know at least basic concepts of GDPR and HIPPA.
EPAM, for instance, already has a dedicated department checking applications infrastructure for compliance with security standards.
The development of cloud technologies creates new requirements for system engineers. It also gives rise to branching of the DevOps direction into narrower specializations: DevSecOps → DevSecTestOps → Cloud&DevSecTestOps.
Reduced Time-to-Market has always been one of the priorities of automation, which has been consistently holding top positions in the list of IT trends for many years. Automation that had started with running bash scripts (command-line scripts written for the bash shell) has since evolved and moved to CI/CD platforms with a vast number of pre-installed quality control tools and even tools for automating the automation itself. I am talking about such features as creating Jenkins pipelines automatically when a new service is added to the project development or deploying clusters within a few minutes.
Today, automation is coming to the fore in many areas, DevOps being no exception. For example, EPAM has been developing an internal open-source project, EDP (EPAM Delivery Platform), designed to automate CI/CD. Simply put, it is a framework that enables the quick and unified setup of a CI/CD pipeline. When performed manually, such setup is very time-consuming, and its quality depends on the level of training of the engineer writing the code.
So, to recap:
Summarizing what I've said above, I want to highlight the main trend of future years in Cloud & DevOps: a steady increase in the complexity of the solutions. Metaphorically speaking, we used to build houses out of bricks, and now we build space fleets out of rockets. Containerization, clouds, and serverless technologies are the flagships of development, and development, in turn, is a catalyst for the evolution of automation. These are interconnected components that cannot exist in isolation from each other. After all, the infinity sign is the symbol of DevOps for a reason.
Thinking of taking a closer look at these trends from the inside, or perhaps, becoming a trendsetter yourself? Register for the Cloud & DevOps educational programs from EPAM and help to shape the engineering community of the future!