A lot of IT historically has been reactive to new projects. But federal agencies are now moving in a world that requires they be more proactive. That means collapsing organizational silos, and finding a new way to think beyond the compute team, virtualization team and networking team. Rather than having these teams that don’t talk to each other, having a common language and common platform can help collapse those silos, and eliminate finger pointing and the issues that arise from it.
That’s where automation can come into play, especially when dealing with independent technology partners.
“There’s this massive influx of new applications that need to be deployed, new sets of data. Yet the IT admins aren’t really growing at the same kind of rate. So because of that, the idea is you need to start adopting more automation to really kind of bridge that gap,” said Garrett Clark, director Ansible GTM at Red Hat. “For example, there was 44% overall more data from 2019 to 2020. And there was 4% more admins, according to the Bureau of Labor Statistics. So the goal is to start to bridge that gap with automation. And the idea of the ISV work is how do we get this so that zero to one of automation work is effectively already done.”
Essentially, what Clark is talking about is a starter pack for automation. And with that automation, every action can be run prescriptively by putting it in playbooks, and duplicated across the enterprise. Everything becomes scalable, taking the tedious, repetitive work out of managing these applications. This allows administrators to build the infrastructure, the systems and the expertise to scale to a single admin managing 500 switches.
“The idea is, effectively, you have your test infrastructure, and then within your test infrastructure, you’d run one particular unit test as you would if you’re writing code, for example. And then from there, that effectively would push out into production,” Clark said. “That’s kind of the high level idea behind it, is that your infrastructure effectively is running on automation through a series of code that then in turn gets tested, rather than being run on a manual basis.”
This has the effect of drastically improving security, Clark said. For example, in a situation like the SolarWinds breach, the issue is how do you in a succinct manner update and patch each piece? When automating updates from independent technology partners, you would solve a particular one and, in doing so, create a playbook for that update or patch. The automation would then implement that playbook across the board. That’s proactive security.
And this can scale to the needs to the needs of the department or agency. Clark said he’s used this for customers with thousands of virtual machines, some of which were over 10 years old. In fact, he said, without this automation, those VMs can often get lost over time, and present major security issues.
This also has the potential to significantly improve customer experience. Clark said 70% of downtime in applications is caused by human error. In the case of the federal government, that could mean interruptions in life-saving services. By automating these updates, you’re effectively eliminating that risk before even putting it into production.
But this definitely isn’t the type of project agencies can jump into with both feet.
‘There definitely is a ‘crawl, walk, run’ to it. The reality of the matter is that probably just saying, ‘Hey, we’re going to automate absolutely everything tomorrow,’ that’s just not going to happen,” Clark said. “Typically, where most folks end up starting is they take one particular pain point, let’s say storage, for example. They would start automating that. And then from there, they move up the stack to maybe networking after that, maybe their ticketing system with ServiceNow, and those types of things. And effectively, just every three to six months, add on another layer until eventually the entire stack would be automated and implemented through.”
And it’s very easy to use, Clark said. Ansible uses simple YAML instances that are already pre-defined, pre-supported jointly collaborative playbooks. For example, Red Hat recently announced one with ServiceNow. Essentially, it can get agencies 90% of the way to automation. Some customization may be required for the last 10%, but the playbooks essentially allow federal IT personnel to plug it in, power it up and continue down the path.
And Red Hat offers a Ansible ISV Services Sprint Workshop for various partners, which Clark called a two-week kickstarter to get the automation up and running, and get employees comfortable with it.
“We just tried to make it as simple as possible so that they can implement that,” Clark said.