Tech Radar — Platform — DigIO
Author: Sam McLeod & Simon Richards
Each year as part of our approach to Tech Vitality DigIO runs a number of Tech Radar workshops with a diverse range of engineers across multiple Mantel Group brands to provide insights from their consulting experiences and research.
If you’d like to learn more about the DigIO Tech Radar and how it fits into our Tech Vitality process then Sangeeta Vishwanath, our Digital Practice Lead, describes it in detail in her article — Tech radar — Discover emerging tech trends.
In this piece, we will review some of the key themes to come out of our most recent 2022 Platform Tech Radar.
Key Themes
In general, we find that the Platform space has not moved as substantially in the past year as we have seen in development.
Cloud vendors continue to mature their platform offering for platforms like Kubernetes, event streaming, and security but still fall behind when comparing CI/CD tooling to GitHub, GitLab or other dedicated offerings in this space.
The monitoring and APM market is becoming crowded and costly with no clear winners. Although cloud-native offerings are still not as feature-rich, they provide a good entry-level environment and are only improving over time especially for those looking for lower cost.
Adopting cloud native solutions over third-party integrations (e.g. AWS Secrets Manager over Hashicorp Vault) continues to show value and is the leading approach for the team.
In AWS specifically, CDK continues to gain momentum and is a technology the team will be focusing on upskilling so that there is a critical mass of capability across the team. Additional focus on upskilling platform engineers in languages including TypeScript to ensure development teams can leverage the CDK constructs and stacks.
With recent commercial changes in Docker the team has also identified interest in investigating Dockerless container image building both locally and via CI and for use in deployed environments. Investment will be dedicated to what alternatives are available and how they compare to more traditional approaches of using Docker.
Improving developer experience was also a key callout in techniques that we apply, and we need to understand where we have used them with success so future projects and engagements can leverage these benefits.
Adopt / Assess & Trial
AWS & Terraform CDKs
There is continued interest in AWS CDK with engineers looking to learn and possibly extend CDK using Terraform. Terraform has also released its own CDK with Typescript support.
AWS App Mesh
For workloads running on AWS looking for mTLS support without the need for a complex third-party tool such as Istio or LinkerD, AWS App Mesh could be an answer. Assessments and proof of concepts are required to understand its real-world limitations and use cases.
Cloud Native Secrets Engines
Solutions such as AWS Secrets Manager should be the first choice for secrets management, and third-party products such as Hashicorp Vault should be avoided unless there is a specific use case and team to properly support its deployment and maintenance, which can become significant overheads as complexity and teams grow.
Cloud Native Kubernetes Clusters
Cloud vendor-provided Kubernetes solutions such as EKS, GKE and AKS should be adopted to replace self-managed cluster deployments.
Dockerless Builds and Container Backends
We’re seeing platforms such as Kubernetes move away from Docker to options such as containerd. There has been increased interest in building container images without using the Docker daemon (using tools such as Buildah or Kaniko). Local container build tooling is shifting from Docker Desktop to solutions such as Podman or Colima (preferably running rootless).
GitHub Actions
We’ve seen significant interest in Github Actions for CI/CD throughout 2021. Historically the offering has not offered the same level of configurability and controls as GitLab however, recent product developments are quickly closing the gap. There are a growing number of open source projects and enterprise organisations that have — or are moving from legacy tooling such as Travis, Jenkins and Bamboo to Actions. Additionally Github’s integrated ‘advanced security’ offering is interesting — but comes at a significant cost for private repositories.
Improving Developer Experience
This is what we love to see called out from the team, there is a mixed understanding and comfort level of many techniques used to improve developer experience and help developers safely and securely deploy their workloads. The team will be investing time in capturing the experience of successful implementations in the form of opinionated accelerators that the wider team are able to use as examples of good. Some of the initial techniques to be focused on blue/green deployments, feature toggling (from an infrastructure/platform lens), and trunk-based deployment.
Avoid (Hold)
While it is important to talk about trends, it is just as important for us to talk about things to avoid. The following items were called out to restrict investment at present however we acknowledge these are still technologies still in operation.
AWS Code / Cloud Build
We find that AWS Code / Cloud Build is still not mature enough to invest in, the pipeline experience is poor, has a very simple feature set and doesn’t offer the same level of SCM integration as GitLab or Github.
Azure ARM
Use Terraform or Bicep instead.
Azure DevOps
Github Actions seems to be the path forward for Microsoft. Investing in Azure DevOps now may cause future rework.
Cloudformation
Use Terraform or CDK. Manually creating Cloudformation from scratch is time-consuming and, in some cases, can provide little reuse across teams without the need for complex conditions that make the templates hard to update and test.
Docker (Desktop)
Docker’s future is uncertain, and newly restrictive licensing has become an issue. Where possible, it should be replaced with daemonless build tools such as Buildah or Kaniko. For local development and running containers tooling such as Podman or Colima (preferably running rootless) should be adopted.
Hashicorp Vault
We are seeing an increase in engineering teams struggling with the overhead of deploying, maintaining and configuring self-hosted Vault for secrets management. Generally, we’ve seen that Cloud Native tooling is easier to use, requires less maintenance and often offers better Cloud-specific integration.
Istio
While fundamentally a good technology — bloat and complexity often outweigh Istio’s value while adding considerable maintenance and expertise overhead. Istio frequently makes troubleshooting more difficult and time-consuming. Its deployment and configuration require specialist knowledge. Cloud Native offerings or lighter weight options such as LinkerD should be considered alternatives.
What’s next?
Tech Radars serve as input to our wider technology strategy that helps us provide informed recommendations to our clients, relevant training for our engineers, and opportunities for Solution Accelerators. We at DigIO fully understand that investing in our team and our technology strategy will provide us the tools we need to service our partners more effectively.
Based on the techniques, tools, platforms and frameworks discussed in the technology radar, we vote on these as a group to determine where we see the most value to be invested. Those upvoted items are then prioritised into the categories below. The first cabs off the rank for investment are:
- Tech Assessments, we will be looking into Dockerless Image building and deployment. Narrowing down to only a select number of technologies and assessing how they compare.
- Training, we will be looking at beginner and intermediate entry to AWS CDK material, initially focusing on using Typescript Language. We believe that focusing on these two entry points will ensure we cover the areas where the team will get the most value.
- And for Solution Accelerators, we will be documenting and providing templates based on our successful experiences with blue/green deployment techniques. These aren’t expected to solve all scenarios for all engagements, but more demonstrate what has worked previously so they can be used for inspiration.
The team will meet monthly to discuss the approach and expected outcomes of each of the technology strategy items we prioritise. We look forward to sharing our insights in the near future.
DigIO — A human approach to technology.
Originally published at https://digio.com.au on September 26, 2022.
