Rethinking Infrastructure Architecture: Bridging the Gap Kevin Sangwell Infrastructure Architect Microsoft EMEA HQ

Waterfall Dev, Test, Release Development Environment Characteristics Component development takes place on individual developer workstations Developers have local admin rights Minimal (if any) security policies applied Runtime environment is the developer workstation (i.e. not distributed) DevelopIntegrate Test Deploy

Waterfall Dev, Test, Release Integration Environment Characteristics The first time a component gets “deployed” Minimal “formal” testing Code often runs with admin rights Some security policies applied Runtime environment is semi-distributed DevelopIntegrate Test Deploy

Waterfall Dev, Test, Release Test Environment Characteristics Objective is to prove functional requirements Code runs with production (limited) rights Full security policies applied Runtime environment reflects production Host separation Security Zones DevelopIntegrate Test Deploy

Waterfall Dev, Test, Release Deployment Pains No automated deployment Minimal (if any) install instructions No documented requirements for the service accounts No list of infrastructure requirements; Firewall ports Load balancing config MDAC version DevelopIntegrate Test Deploy

A Better Way Development Team Infrastructure Team Business requirements Non-functionals Availability Scalability/Capacity Disaster Recovery Branch Performance Agree contract Business Requirements

Development Team Infrastructure Team Infrastructure requirements/ constraints Dev, Integration and Test need to know Operations requirements Security requirements Data Centre requirements Infrastructure Architectural Principals Share Infrastructure requirements/constraints

Development Team Infrastructure Team Infrastructure requirements/ constraints Dev, Integration and Test need to know Operations requirements Security requirements Data Centre requirements Infrastructure Architectural Principals

Development Team Infrastructure Team Operations requirements on Dev team Dev team are expected to provide Health Model & Instrumentation Automated Installation (MSI) Operations guides (deployment, backup, recovery, weekly tasks) Performance characteristics Disaster Recovery constraints Network constraints (high latency = page validation rather than field)

Development Team Infrastructure Team Health Model & Instrumentation Automated Installation (MSI) Operations guides (deployment, backup, recovery, weekly tasks) Performance characteristics Disaster Recovery constraints Network constraints (high latency = page validation rather than field)

Development Team Infrastructure Team Infrastructure requirements/ constraints Dev, Integration and Test need to know Operations requirements Security requirements Data Centre requirements Infrastructure Architectural Principals

Development Team Infrastructure Team Security requirements on Dev team Communication between zones Authentication & Identity Management Encryption & non-repudiation Host hardening

Development Team Infrastructure Team Security requirements from Dev team Service Accounts & Permissions Certificates or PKI Partner communications New products

Development Team Infrastructure Team Infrastructure requirements/ constraints Dev, Integration and Test need to know Operations requirements Security requirements Data Centre requirements Infrastructure Architectural Principals

Development Team Infrastructure Team Data centre constraints on Dev team Rack space Heat Power

Development Team Infrastructure Team Data centre requirements from Dev team New WAN connections Volume of data

Development Team Infrastructure Team Infrastructure requirements/ constraints Dev, Integration and Test need to know Operations requirements Security requirements Data Centre requirements Infrastructure Architectural Principals

Development Team Infrastructure Team Infrastructure Architectural Principals Don’t develop where infrastructure has a solution Re-use / extend existing identity store No state stored in DMZ Deployment requirements (automated..) Availability & scaling strategies

An Architectural Approach to Infrastructure 1. Collect Business requirements for Infrastructure 2. Share Infrastructure requirements/constraints 3. Reduce delta between Integration and production 4. Make Infrastructure requirements part of Test activities 5. Move code through Integration and Test frequently

The point of Integration and Test Risk Reduction Apply production security policies to the environment Ensure component is installed consistently across environments Attempt to reflect the distributed nature of production Use virtualisation to reduce hardware requirements and achieve above

test becomes TEST Make the Test team responsible for ALL testing Functional requirements Non-functional requirements Operations requirements Security requirements Tests become end-to-end Deployment Test most Functional & Non-Functional Requirements concurrently Operations tests validate other tests

Test Matrix Functionality, Performance and Scalability tests can occur concurrently Functionality: the test tool is looking for a specific response Performance: the result must occur within a specific amount of time Scalability: both functionality and performance must succeed when the component is under load Hidden Slide Add Security to table below

Agile Development Move code through Integration and Test frequently Automate, automate, automate Leverage virtualisation and the operations infrastructure Benefits Identify issues sooner Increases confidence for deployment This is the internal Microsoft Approach

Bringing it all together Business Test / Integration DevInfrastructure Functional Requirements Non-functional Requirements Functional Requirements Code Non-functional Requirements Operations Requirements Environments Security, Operations & Data Centre Constraints Developer Environment Operations Guides Solution Deployment Constraints

Tools Today Business Test / Integration DevInfrastructure Functional Spec. in Word/Excel Serena/Borland Contract in Word/Excel Serane/Borland Word Document, VSTS MSI/Scripts Health Model (Word Document) ADS, VirtualServer, RIS, SMS, MOM VSTS Logical DataCentre Tasks in Project/VSTS ADS, VirtualPC, RIS, SMS Word Document, Health Model, SDM (VS)

Tools in the future Business Test / Integration DevInfrastructure Functional Spec. in Word/Excel Serena/Borland Contract in Word/Excel Serane/Borland Word Document, VSTS SDM (MSI/Scripts) Word Document SDM (WDS, SMS, MOM) SDM (VS LDD), Tasks in VSTS Windows Deployment Services Vista, SMS Word Document SDM (VS)

Logical Datacentre Demo Using Visual Studio

Data Architectural Approach Integrating the streams Vertical streams focus on functional areas* Horizontal streams focus on non-functional Someone in each vertical is the owner for the horizontal (i.e. sits in both teams) and is responsible for horizontal deliverables NetworkSANCore BuildSystems ManagementSecurity Performance Availability/Scalability Operational Requirements Disaster Recovery OO O OO OO O OO OO O OO OO O OO * some streams will be both vertical and horizontal, the important point is the intersection of the streams Security Data O O O O O OO O OO O OO O OO