Though the gospel of DevOps has been a key feature in federal agencies’ playbook for cloud adoption, that’s not where the future is headed, industry stakeholders said Thursday.
The buzzword-worthy strategy of integrating an agency’s engineering (Dev) and operations (Ops) teams to approach a large-scale software project through agile development and iterative testing has been a staple of the federal government’s IT modernization best practices. It’s even gone as far as to spawn buzzier titles reflecting a desire to loop in cybersecurity and acquisition professionals.
But former White House director of cybersecurity policy — and current strategic adviser for Google Cloud Public Sector — Dan Prieto said that cloud companies are starting to expand their role in providing infrastructure management services normally overseen by an entity’s IT department, a concept he calls “NoOps”.
“Basically Google and other cloud providers are increasingly offering cloud [services] where you really don’t have to worry about the infrastructure or updating it or running code to automate patch management, lifecycle management or all of the above,” he said Thursday at the General Services Administration’s Cloud Reverse Industry Day. “It’s all handled in the background by a cloud service provider.”
The concept of NoOps centers on purchasing on-demand infrastructure from a cloud service provider to theoretically offer the customer’s engineering staff more time to develop operations that can streamline mission delivery.
“That is particularly valuable for use cases like application development, working in databases and analytics,” Prieto said. “Because it allows an app developer to just code, and when they need more capacity, it automatically spins up. The environment has the tools to allow them to just focus on the coding.”
NoOps has been a much-discussed topic as far back as 2011 when Forrester produced a report that called on leveraging the concept to augment DevOps in an organization. The value-add, Prieto said, was to unshackle developers from the tasks of maintaining background operations by handing them off to automation and machine-learning tools or outsourcing them to vendors.
Such a move would create a greater dependence for agencies to the services provided by cloud vendors, and possibly even some security operations, but the benefits could mean even more cost and productivity savings, Prieto said.
So where does that leave government? At present, cloud adoption offers an expanding slate of services but shifts the price point to how much usage an agency can accumulate.
That puts greater responsibility on contracting officers to understand where the cost drivers are in cloud offerings, former Department of Agriculture CIO Jonathan Alboum said.
“[Data] overages are going to happen. I think the question is what can the vendor do to prevent it? And that’s a question you have to ask,” he said. “This happened to me on the government side in multiple agencies. You get a bill from a vendor with an unexpected dollar amount that you have to pay because you used the service and suddenly that affects your plans across the enterprise to do other things. That’s the last thing you want as an operator of IT, a CIO or program manager.”
Small Business Administration CIO Maria Roat, who moved her agency’s IT operations to a hybrid cloud structure last year, said managing the infrastructure on this new business model requires buy-in from and collaboration with your chief financial officer and acquisition staff to account for data storage needs but also the flexibility to monitor where systems can be scaled back.
“We’re not passively monitoring it, we’re actively monitoring and managing the environments that we have to be able to manage our spend,” she said. “We have to watch what we are doing. Turn things off as it’s not being used. That’s the beauty of the cloud, you turn it off.”