Anthos for Africa

Sizwe Mabanga, Digicloud Africa

tl;dr: Anthos Workload Agility plus DevOps Style Team Agility is
African Enterprise’s Opportunity to Leapfrog Global Competition

Introducing Anthos

The New DevOps Team Practices

The Leapfrog

Cost Curves and Better Teams

Enterprise DevSecRegOps = Anthos

Flattening the Cost of Change Curve

Encapsulating Change

Explore, Exploit, Engineer for Reliability

Conclusions

1
tl;dr: Anthos Workload Agility plus DevOps Style Team Agility is
African Enterprise’s Opportunity to Leapfrog Global
Competition

We live in interesting times. Given the ever-increasing pace of change these days, maybe
the almost universal global lockdowns and unprecedented global pandemics offer us a
chance to reflect on how we approach cloud computing.

The purpose of this paper is to highlight the opportunities that Google’s Anthos, together with
changes to team practices, make available to the African market to accelerate digital
transformation and increase the global competitiveness of African enterprises.

Introducing Anthos

Anthos​ is Google’s highly anticipated answer to enterprise workload

orchestration. The reality in enterprises today is a mix of hybrid and
multi-cloud strategies. Organisations choose the best fit for their
technology needs, using price, location, and vendor requirements
as decision points.

Anthos gives the enterprise the power to:

● Modernise in place,
● Automate policy and security at scale and
● Future proof investments with an interface that provides
consistency across platforms.

Anthos is built on Kubernetes, the Google-backed, open-source industry leader in container

orchestration and workload portability. Kubernetes is now ​globally considered the best​ way
to design and orchestrate enterprise architecture while still maintaining platform portability.

Anthos also supports a new way of delivery. Even as enterprises change the way they build
their software, so they find themselves changing how they build teams...

The New DevOps Team Practices

Kubernetes and Anthos are accompanied and

supported by a big change in the way teams
structure themselves to achieve their goals within
enterprise organisations.

2
Historically, and as a result of companies finding themselves in new territories of growth and
expansion in the past 50 odd years, we found that most enterprise organisations created
teams and departments by grouping competency. This meant that teams generally were
good at one thing (i.e. development, database administration or networking) and relied on a
precarious chain of task handovers between different teams to deliver overall value to
business. While this approach worked well for task-based efficiencies, knowledge
management and depth of skills, it created the​ now famous multi-VP problem​ and
considerably slowed down delivery of business value.

Devops is a paradigm that uses ​Conway’s Law​ to address these organisational issues. It
empowers teams to deliver value with a reduction of dependencies on other teams. This
means that the team will, in most cases, not depend upon any other team to deliver value
and can truly say “The buck stops with us!”

DevOps teams are made up of all the people, processes, tools and skills needed to design,
deliver and maintain an enterprise business solution in the live environment. The transition to
this type of team is supported by innovative tooling such as the GCP console and its box of
tools (Anthos and other cloud-based managed services) that abstract and encapsulate the
architectural complexity inherent in IT solutions.

Adoption of DevOps practices has been shown to​ increase development velocity while also
materially increasing solution stability​. This puts businesses in a position to keep the
nimbleness of startups while still achieving the scale of enterprise operations.

The Leapfrog

It is the position of this paper that if African enterprises use Google’s Anthos solution and
modernised team practices to service Africa’s service gap, Africa’s enterprises can create
better service architectures that help it leapfrog global competitors.

Early data on the return on investment (ROI) realised by implementing Anthos is incredibly
promising, as detailed in ​a recent Forrester Total Economic Impact report on Anthos​, but
these results speak to European and North American markets where IT Systems and
Processes were already entrenched and in need of modernisation.

The process of taking entrenched, collocated systems and teams into this new distributed,
DevOps style of work is often prohibitive in terms of both time and cost. Markets that are free
of these entrenched systems and costs have a marked advantage over competitors and can,
by using the modern tools and methods detailed ahead, use this advantage to competitively
grow their market share.

African markets are an example of just such an opportunity. With the exception of a few
outliers, corporations in Africa are at a nascent stage of IT development and are not heavily

3
invested in existing systems and processes. African markets are therefore well positioned to
take advantage of new technical tooling and modern team practises.

Cost Curves and Better Teams

Enterprise DevSecRegOps = Anthos

As of this writing, ​Google has announced Anthos’s general availability on AWS​ and that
availability on Azure is in user testing. With that, Anthos will present African enterprises with
the ability to coordinate workloads across different cloud platforms​ and on-premise​, allowing
true flexibility to leverage the best qualities of each cloud platform while managing costs and
overhead through a standard interface.

Operating such an enterprise service network, with attendant interdependencies and critical
chains of execution, requires DevOps teams that have the bigger picture of the architecture.
Teams that have this bigger picture often begin seeing that there are three core sources of
change to the system they are looking after:
● The need to create business value,
● The need to constantly ensure the security of the systems, and
● The need to meet regulatory requirements.

DevOps teams that take responsibility for all these concerns are sometimes said to be
practising DevSecRegOps. DevSecRegOps puts security and regulatory concerns on equal
footing with development and operational concerns.

DevSecRegOps teams can leverage Anthos to run an arbitrarily scalable development,

security and regulatory operations shop in these ways:

● Development​: As we better understand microservices and the individual volatilities

they encapsulate, ​the architectures microservices are deployed to begin to take
center stage​. Evolving architectures are putting ever more well encapsulated
services into their own self managing Kubernetes pods which create value by
interacting with other related pods. Anthos uses ​KNative ​to enable this paradigm shift
for developers and has them thinking clearly about where the code runs and thus
writing better APIs. With cloud architectures, the pipeline from code change to
production deployment can now be automated by developers themselves.

● Security​: As an ever present concern with moving goal posts and black swan breach
events lurking around every corner, security requires a clear, enterprise-level
strategy. Many enterprises found themselves compromised through an ad hoc piece
of architecture that broke security protocols for some reason that made sense at the
time. Anthos, using ​Istio’s service mesh​, encodes security protocols and policies for
each server interaction and allows teams of teams to apply them consistently across
sub-architectures. This makes it much harder for malicious behaviours to propagate

4
 beyond their point of entry, should they gain purchase. Breaches are corralled and
contained in this manner.

● Regulations​: As industry regulators come up with ever more rules and regulations
that must be adhered to in order to maintain business licenses, the ability to quickly
comply is a key competency for any team. Unmet, regulatory requirements can derail
delivery of value. Meeting regulatory requirements can often mean running sensitive
workloads locally because of data sovereignty regulations or it can mean providing
an audit log across multiple sub-systems. Anthos allows you to have all the flexibility
of cloud architectures on your local servers while keeping an audit log across all
systems under management. With ​Anthos On-premise​, part of your cloud workload
can be deployed to on-premise servers yet still be integrated and managed as part of
the larger multi-cloud environment. This is but one example of how Anthos can be
used to meet regulatory requirements without resorting to outdated architectures.

● Operations​: Operations is the engine of delivery behind every solution. Enabling

enterprise IT operations is the not-so-secret Anthos mission. In this way, it might be
likened to an operating system for your enterprise architecture. Like an operating
system, it presents a useful set of easy to use services and automates and abstracts
away underlying complexities and volatilities.

A key metric in scaling enterprise solutions is the operational cost of making development,
security and regulatory changes. Unmonitored and unmanaged, the cost of making changes
can begin to balloon and turn software assets into liabilities. This is one of the main hurdles
for modern enterprise architectures to overcome. With Anthos, they have a tool designed
specifically for the job of supporting them as they manage their cost of change curve.

Flattening the Cost of Change Curve

The cost of running an IT infrastructure and codebase ​grows exponentially with the number
of integrated production services deployed​. This has been borne out by countless
experiences reported by Chief Technology Officers (CTOs) and Chief Financial Officers
(CFOs) that watched their IT investments go from key business enablers to an ever growing
cost centre and, finally, to a liability.

This traditional IT cost curve is the driver behind various innovations such as the move to
cloud computing and agile practices. The big idea behind these new processes and
technologies is to “flatten the curve” of costs associated with running IT systems at scale.

The following diagram is an extrapolated model based on ​Kent Beck’s Cost of Change
theory​ where he illustrated his projection of the cost savings that can be realised by agile
practices. It is a similar idealisation that replaces agile practices with DevOps practices and
the Anthos multi-cloud platform. It also replaces time on the x axis with the number of
deployed production services.

5
As shown in the diagram, DevOps team strategies and Anthos’s multi-cloud plus hybrid
infrastructure platform have the direct aim of ensuring that IT remains an agile and cost
efficient enabler, never becoming a cost center nor a liability.

The most interesting thing about the modern cost curve is that the area under the curve is
equal to that of the traditional cost curve, meaning that there is an increased investment
required at project inception, which then ensures that costs remain manageable in the long
run. This initial higher investment is what “flattens the curve” by putting in place the
necessary infrastructure for later efficiencies. The right way to flatten the cost curve is to
encapsulate change.

Encapsulating Change

Juval Lowy is a well-known author, architect and speaker who has helped many
organisations to think clearly about their enterprise software architecture. ​In his workshops
he explains the dangers of functional decomposition (designing a system by it’s core use
cases) as the basis for analysis and software design. He lists reasons why functional
decomposition has thwarted good architectural design for decades.

He advocates that we instead use volatility-based decomposition which asks architects and
developers to instead design systems by:
➔ identifying areas of potential change and encapsulating them in services that allow
clients to be unaffected by the changes;
➔ implementing behavior as interactions between services or subsystems;
➔ creating delivery milestones based on service integration, not feature delivery; and

6
 ➔ assuming the domain is constant and thus avoiding cross-domain concerns.

This change-encapsulation approach is key for teams that wish to manage the cost of
change over time. DevOps as an approach to productivity requires a team that itself
encapsulates changes for those who consume its services. Kubernetes as a choice of
infrastructure platform gives a DevOps team the opportunity to encapsulate architectural
change and present a consistent service. Anthos then allows you to orchestrate multiple
Kubernetes implementations across multiple clouds.

The switch to volatility-based design using Kubernetes and Anthos has higher upfront
investment. It requires time to tease out the volatilities of a new system and encapsulate
them in Kubernetes configurations and Anthos policies. But once these architectural
volatilities are understood and encapsulated, therein lies the long term benefit of a system
that is easy to maintain, evolve and pivot.

This upfront investment pattern is symptomatic of the explore, exploit, repeat strategy
advocated by DevOps.

Explore, Exploit, Engineer for Reliability

In the explore, exploit computational pattern, a learning entity faced with a new environment
swings it’s behaviour like a pendulum across the explore-exploit behavioural spectrum. In
the context of a DevOps team, exploration is a team exercise tackled at the beginning of
each delivery cycle consisting of analysing the volatility of the undertaking’s components and
attempting different models of encapsulation.

This focuses on team learning as an all-important phase of each team endeavour, ensuring
that the whole team understands multiple aspects of the problem domain. It is this collective
understanding that will allow them to effectively encapsulate volatility for their stakeholders
and service consumers.

Having explored enough to truly collectively grasp their problem domain, the team swings
over to the other end of the spectrum, exploitation, which leverages the learnings of the
exploration phase to create fast and consistent value. The exploitation phase is about the
automation of the key processes that deliver value and ​Site Reliability Engineering​ (SRE).
Site Reliability Engineering can be seen as Google’s “implementation” of DevOps. It
provides more detailed guidance on role responsibilities, team processes, automation,
monitoring and change release pipelines.

Having delivered value and set up the SRE service dashboard, the team then swings back to
exploration, repeating the explore-exploit-engineer-for-reliability pattern with each new
delivery cycle. DevOps teams that embrace this cycle are poised to create durable systems
that consistently deliver value which aligns with businesses’ needs.

7
As illustrated by the below diagram, it is these repeated cycles that enable teams to control
and lower the cost of change even as the number of services grows. This is in contrast with
the traditional, failed approach to delivery that starts out cheap and fast, but quickly ramps
up to slow and expensive because of unencapsulated volatility.

SRE as a role within a DevOps team is responsible for managing and decreasing the cost of
change as envisioned in the above diagram. Kubernetes is the tooling an SRE would use to
orchestrate their service domains. Anthos then gives teams of SREs the tooling and platform
consistency needed to create a service monitoring and control dashboard across multiple
services domains.

This platform consistency allows DevOps teams to stay plugged in to the metrics that matter
(like the long term cost curve) and not get bogged down or led astray by vanity metrics (like
early but unsustainable delivery wins).

8
 Conclusions

Africa is an industrial and technological revolution waiting to happen. This revolution, though,
has the distinct advantages available to those who have watched others go to market before
them. They have seen what went wrong and what went right and can do it all from scratch.

The impetus of this paper is that African enterprises looking to grow and truly introduce
digital transformation have the opportunity to reshape the playing field using DevOps and
Anthos which are practical tools for consistently clearing through complexity and arriving at
fast, repeatable value.

As Africa bridges it’s own service gap, DevOps teams backed with the right tooling will be
key to creating the velocity of production required to leapfrog global competitors. Many
African corporations’ global competitors enjoy an established market lead but suffer ageing
digital infrastructure, tooling and practices.

A well organised DevOps team with the right tools and a good understanding of the volatility
they are encapsulating can deliver value much faster than a set of functional departments
whose intrinsic value has, over time, become based on task completion rather than delivery
of value.

The right tools will be tools that allow frictionless orchestration by teams of all the
components that make up their solutions. The act of encoding infrastructure in Anthos not
only creates consistency, reusability and scalability but also visibility to the teams at large.
With the entire team, from developers to delivery managers to SREs, able to discuss and
work with the encoded architecture, many tasks that traditionally fell outside of the scope of
a single team can now fall within it, allowing them to carry delivery and value all the way past
the competition to the finish line.