As GigaOm Analyst Shea Stewart explains in this GigaOm Analyst Insight Video, Kubernetes resource management solutions analyze configuration and resource usage continuously across all Kubernetes platforms within an organization. They surface configuration issues and guide application and platform owners toward configurations that align with business needs. When implemented properly, these solutions ensure the availability of their platforms and applications while minimizing infrastructure waste.

This AIV presentation draws on research conducted for the Key Criteria Report for Evaluating Kubernetes Resource Management Solutions and the GigaOm Radar Report for Kubernetes Resource Management Solutions. It provides an overview of the workings of Kubernetes resource management solutions and explores the specific key criteria, evaluation metrics, and emerging technologies that IT decision-makers should consider when selecting a solution. The presentation also explores the findings of the GigaOm Radar report, which provides a detailed competitive analysis of nine Kubernetes resource management vendor solutions.

The post Kubernetes Resource Management Solutions appeared first on Gigaom.

Policy as code solutions help centralize the storage of organizational and regulatory IT policies, enable decisions to be made under these policies, and discover and report on IT systems that have passed or failed policy compliance. They can prevent violations from entering production environments, and reveal new systems that have slipped into production without conforming to established policies. Additionally, they provide tools that enable policymakers and technical implementation teams to collaborate on policy controls, mapping human-readable policies to machine-enforceable code.

As business leaders evaluate policy as code solutions, it’s important to keep the following in mind:

• Policy as code solutions are evolving out of existing sectors, including compliance management solutions, infrastructure provisioning platforms, and Kubernetes platform governance tooling. The goal is for solutions to support all use cases, but this can rarely be achieved today without significant effort. Look for easy wins with a solution that continues to innovate and evolve with the overall technology landscape.
• There’s a considerable focus today on support for Kubernetes policy management, which will be attractive to organizations. Keep in mind, however, that policy and compliance must extend outside of Kubernetes clusters into bare metal servers, virtual machines (VMs), and managed cloud resources (such as DBaaS or cloud storage). Be wary of solutions that are not full-featured across all needed resource types.
• Policy needs to take into account not only how resources are configured or deployed but also what other resources they can interact with. When looking for solutions that help manage authorization policy, consider that this capability is part of the application flow, and policy decision-making must be available as a critical component to the underlying applications.
• This space is evolving quickly and has heavy dependencies on exactly how infrastructure is provisioned and managed, along with how applications communicate. Consider existing infrastructure and application development tooling roadmaps when seeking a policy as code solution to ensure it will be interoperable in the coming years.

The post GigaOm Radar for Policy As Code appeared first on Gigaom.

Consider, for example, a simple policy that states that office visitors must park in designated visitor parking spaces. If there’s no sign in the parking lot that indicates this, visitors will be unaware of the policy and may not notice or find the designated spots. Thus, a sign that documents the policy and is easy to find can help with enforcement, though if visitors don’t notice the sign, they may still park in the wrong space. If, instead, the company places a fence around the parking spaces visitors shouldn’t use, they will have no choice but to park in a designated parking space, whether they have read the policy or not.

When it comes to developing IT infrastructure or software components, the same challenges exist in organizations. Policies need to exist, be visible, and have some method of enforcement. Without these capabilities, organizations may release software or IT infrastructure components that don’t adhere to standards, best practices, or security guidelines and expose themselves to immense risk. Furthermore, organizations that are in regulated industries or need to adhere to specific compliance standards must be able to demonstrate that specific controls are in place, and must do so on a regular basis.

To address these needs, organizations can leverage policy as code solutions to create a centralized repository that contains industry regulatory policies, IT standards, best practices, and other custom organizational policies. These policies can dictate exactly how something should be configured or which types of systems may interact with each other. By enforcing policies, rules, and best practices across the software development lifecycle (SDLC), organizations can safely speed up innovation and scale up security, governance, and compliance. Additionally, these solutions help provide attestation during regular audits and reduce the cost and effort of compliance audits.

This GigaOm Key Criteria report details the criteria and evaluation metrics for selecting an effective policy as code platform. The companion GigaOm Radar report identifies vendors and products that excel in those criteria and metrics. Together, these reports provide an overview of the category and its underlying technology, identify leading policy as code offerings, and help decision-makers evaluate these platforms so they can make a more informed investment decision.

The post Key Criteria for Evaluating Policy as Code Solutions appeared first on Gigaom.

And yet, we need to recognize that this goal is fundamentally unachievable—or at least no more achievable than having a hit record. For every digital success story, dozens of failures go quietly undiscussed. The reality is that delivering technology-based innovation is hard for multiple reasons, which might all boil down into one word: complexity. Technology is constantly evolving, and so are the ways in which it can be used. At the same time, once technology is deployed, it immediately creates inertia because it needs to be operated and managed. Technical debt—the cost of maintenance that takes money away from innovation—is a challenge for all organizations.

What’s all this got to do with value stream management (VSM)? As we wrote in the companion Key Criteria report, VSM exists to ensure the value of technology delivery as defined by benefits minus costs. Costs can certainly be better understood and managed with VSM tools and practices by removing bottlenecks and enabling efficiency improvements; however, delivering faster and cheaper means nothing if the resulting outputs are not of value to the business. In this Radar report, we look at how solution providers enable this value to be visualized, mapped to business goals, and then optimized, which is highly useful in itself.

While reviewing vendors, we have seen different yet equally valid approaches have emerged to drive greater value. In their most straightforward incarnation, VSM tools combine a data integration platform—which pulls together information from continuous integration/continuous delivery (CI/CD) and other development tooling—and information dashboards, enabling users to see what is going on. For organizations looking to build a coherent picture and move away from spreadsheets and customized business intelligence (BI) tools, there’s a lot to like about VSM.

What happens next largely depends on who the audience is, which also underpins the rationale founders embraced when first specifying their solutions. Some target development teams directly, while others take aim at a level (or two) above, focusing on product owners; some go higher still, helping VPs of engineering and CTOs; and a handful aim directly at the board of directors level. The other significant variable is what the tooling aims to achieve over time. Some providers have adopted a do-it-right-the-first-time approach (as espoused by many quality management approaches), strongly prescribing a top-down methodology; whereas others are more about helping their customers evolve on their own journey towards standardization.

We focus on these target areas as we review VSM vendors, and in the wrap-up, we advise against tactical adoption of VSM, even if shorter-term gains are relied upon to bring its concepts over the threshold. If solving for complexity is the goal, organizations cannot afford to bring in yet another management platform in isolation from their greater goals. Instead, these tools are best considered as mechanisms to support and drive strategy, as enablers to enterprises on their digital transformation journeys.

The post GigaOm Radar for Value Stream Management appeared first on Gigaom.

• Tooling: Organizations were using multiple poorly integrated development and deployment tools.
• Process: Teams were working in uncontrolled and ill-defined ways, even as they adopted facets of agile methodologies, such as scrums and sprints.

While these issues can be addressed in multiple ways, a first response is to offer visibility into development activities, pulling together information from existing continuous integration/continuous delivery (CI/CD) and other pipeline tools. This enables managers and engineers alike to make better decisions and set priorities, improving efficiency. VSM does not stop there, however; the more significant question is “Are the solutions I create delivering real value to the business, its customers, and its users?”

GigaOm’s 2020 VSM Key Criteria report examined how VSM addressed and improved efficiency (saving money) and effectiveness (adding benefit and improving outcomes). GigaOm’s 2021 DevOps VSM Key Criteria report detailed how engineering teams could benefit from the increased visibility and focus VSM tools and practices could provide. In this report, we focus specifically on the emerging tooling and approaches used to help decision makers deliver on their business value goals.

While VSM providers offer specific techniques for data collection, process management, analytics, or visualization, we are more concerned about how well organizations are supported to build and deliver more effective solutions while ensuring that engineering teams and other stakeholders can work productively and without undue stress.

We recognize that VSM practices and tools are not an end in themselves but act as enablers to help organizations scale their efforts and deliver technology-based innovation more quickly. The ultimate goal of the digitally transformed organization should be that technology supports the business in its activities, enabling rather than constraining innovation. Successful VSM solutions are business-enablement tools, not technical dashboards, and should be judged accordingly.

The post Key Criteria for Evaluating Value Stream Management Solutions appeared first on Gigaom.

Kubernetes, however awesome and flexible, allows developers and application owners to deploy a container without guardrails—guardrails that would ensure some sensible configurations are applied. This often unintentional oversight includes configurations that apply to resources, such as CPU or memory limits and requests (upper and lower boundaries), storage configurations, and so on. In fact, unless an organization has gone through extensive efforts to apply some sensible guardrails, many applications deployed to Kubernetes have no resource configurations applied to them at all, meaning they compete for resources at whim. On the other hand, those that use resource configurations tend to “aim high” and “run low,” which can generate wasted resources that are sitting idle. Just as all systems need to have sensible capacity management strategies, Kubernetes does as well.

As business leaders evaluate Kubernetes resource management solutions, it’s important to keep the following in mind:

• Resource management solutions should closely align with financial operations (FinOps) tooling, as a shared goal for FinOps and resource optimization solutions is to better align performance and cost.

• Enterprises need an objective solution that can span public and private Kubernetes resources, ensuring that the focus is on reducing hard and soft costs (such as cloud spend or engineering time spent tuning systems).

• This space is evolving quickly, which provides many different approaches to a similar problem; vendor roadmaps should be an important factor within an organization’s Kubernetes journey.

The post GigaOm Radar for Kubernetes Resource Management Solutions appeared first on Gigaom.

Kubernetes has become the de facto standard for container orchestration, and organizations today often operate many Kubernetes clusters across public and private-infrastructure resources. While Kubernetes provides an abstraction layer that ensures applications can run easily across any public or private infrastructure, it also adds significant complexity (such as allowing developers to define or omit their resource requests).

Capacity management and resource planning are often an afterthought, which results in excessive cloud spend or in applications competing for resources and causing service degradation. Furthermore, when resource issues arise, deep expertise in the Kubernetes platform is required to troubleshoot issues across hundreds or thousands of applications sharing the same cluster.

Kubernetes resource management solutions aim to analyze resource usage and configuration continuously across all Kubernetes platforms within an organization. These solutions should surface configuration issues and have the ability to guide application and platform owners toward configurations that align with the needs of their business. When implemented properly, these solutions ensure the availability of their platforms and applications while minimizing infrastructure waste.

The GigaOm Key Criteria and Radar reports provide an overview of Kubernetes resource management solutions, identify capabilities (table stakes, key criteria, emerging technologies) and evaluation factors for selecting a solution, and detail vendors and products that excel. These reports will give prospective buyers an overview of the top solutions in the market and will help decision makers evaluate platforms and decide where to invest.

The post Key Criteria for Evaluating Kubernetes Resource Management Solutions appeared first on Gigaom.

Furthermore, as the growth of cloud usage continues to outpace the rate at which IT operational analysts can be hired, automated optimization of these resources impacts the direct bottom-line of the cloud bill and the effectiveness of existing IT staff (who are freed up to work on higher-value business objectives). Taking an hour to determine whether a machine would benefit from less or more vCPU is hardly worth the time and effort but can generate significant excess spend or risk if ignored at scale.

As business leaders evaluate cloud resource optimization solutions, it’s important to keep the following in mind:

• Cloud resource optimization is closely aligned with the financial operations (FinOps) and cloud management platform (CMP) tooling categories, and solutions may lean in one of those directions with a strategy of providing a single solution.

• Private cloud and public cloud resources both require oversight and optimization, and solutions tend to be stronger in one area over another. Determine where your resource challenges exist today and what improvements you want to have made 12 to 18 months from now.

• Consider delegating resource and cost optimization to individual teams, with some limited central oversight. Individual teams are closely aligned to their application performance needs and, if motivated properly and given the right tools, will ensure a balance is reached between cost and performance.

In this report, we evaluate a number of vendors on their ability to analyze and optimize cloud resources. We’ve scored them against the functionality (key criteria) and requirements (evaluation metrics) necessary for successful cloud resource optimization. While the final report contains seven vendors, we ruled out many more in the process, including several vendors with offerings focused more heavily on FinOps or CMP (which are reviewed in separate GigaOm Key Criteria and Radar Reports).

The post GigaOm Radar for Cloud Resource Optimization appeared first on Gigaom.

• Cloud management platforms: Automation and deployment
• FinOps solutions: Budgeting, forecasting, and value management
• Cloud resource optimization: Performance optimization

While each of these focus areas may provide limited features that cross into an adjacent area, it’s more common to see solutions concentrating on one area and providing integrations with its neighbors.

Figure 1: Three Focus Areas of Cloud Management

Cloud resource optimization deals with the measurement, optimization, and reconfiguration of cloud assets that have already been deployed and are incurring costs to the organization. These solutions should address “how much do we need?” and identify where resources could be better balanced for cost or performance (or both). Solutions in this space should also play an active role within the IT planning phase (to better forecast resource needs) and in the overall capacity management conversation of an IT operations team within an organization.

This Gigaom Key Criteria report details the key issues and trends to consider around cloud resource optimization solutions. We’ll identify key criteria and evaluation metrics for selecting a cloud resource optimization platform and give you an overview of the key enabling technology available today. The companion Radar report will identify vendors and products that excel. The two reports will help decision-makers evaluate existing platforms and decide where to invest.

The post Key Criteria for Evaluating Cloud Resource Optimization Solutions appeared first on Gigaom.

Add to this situation an appreciation for how the role of the developer has changed vastly over the last few years: Developers aren’t just responsible for software components; they can write infrastructure components, security controls, automations/integrations, and so forth. This has blended the worlds of the traditional software developers and the infrastructure and operations teams responsible for the environments that software components are deployed to. A much wider range of job titles can be incorporated into the developer role now, which requires the same security tooling and process oversight as does traditional software development.

As we consider how to evaluate vendors for developer security tools, we need to take these points into account:

• All vendors involved in improving application security can contribute to an organization’s overall enhanced security posture.
• “Shift-left” mindsets do not imply that the work of reducing risk is simply shifted to the developer, but rather that adding a focus on security early in the process will reduce risk and rework as software moves through the delivery pipeline.
• Security throughout the entire software development lifecycle (SDLC) is key for any organization that is focused on reducing risk.

In this report we have identified a number of vendors that address the specific need to catch and remediate security issues earlier in the software development lifecycle, which we articulate in the report as table stakes, key criteria, and evaluation metrics. While we review 12 vendor solutions here, we ruled out many more, including several offering capabilities focused on runtime protection, which merit review in upcoming GigaOm Key Criteria and Radar Reports.

The post GigaOm Radar for Developer Security Tools appeared first on Gigaom.