Winner Spotlight: 10 Tips to Get the Most of the Pivotal Platform
The Customer Collaboration award
Today, Altoros is honored to announce it has received Pivotal’s Systems Integrator Award for Customer Collaboration for the Americas region. The recognition was given at Pivotal’s Partner Summit during the SpringOne Platform conference in Austin, TX. For many years, Altoros has been assisting the users of the Pivotal Platform with seamless adoption, enablement, operations, and training.
“At Altoros, we value the results achieved due to the strategic relationship with Pivotal. Over the years, we have delivered 30+ Fortune 500 deployments together, helping enterprises to fast-track their digital transformation journeys with the Pivotal platform. With about 100 customer engagements in total, this allowed tens of thousands of legacy app instances get hosted in new Pivotal Platform foundations, enjoying the benefits of CI/CD, microservices, and software deliveries within days and weeks—instead of months and years.” —Andrei Yurkevich, CTO, Altoros
Jason Nitta, Steven Beaver, and Pavel Orda of Altoros
While obtaining a platform is an important step for cloud-native transformation, it is just the beginning, since the adoption of a new technology comes with its own set of challenges. While things such as autoscaling or high-level monitoring may come out-of-the-box, the organization still needs to integrate the platform with its internal systems and facilitate user adoption. On top of that, the migration of legacy software (e.g., monoliths to microservices) or setting up continuous integration / delivery pipelines may take time, prolonging the results expected.
Therefore, we’ve caught up with our team and asked them to share some recommendations, tips, insights, and best practices on how to efficiently maintain a Pivotal Platform deployment.
1. Engage a control plane
Yauheni Kisialiou, Cloud Solutions Architect at Altoros, recommends to use a control plane. As he puts it, employing a separate OpsManager deployment to manage business workload foundations will reduce a blast radius and simplify foundations management. Furthermore, it will help to improve security by providing more granular roles and more segmentation.
“A control plane can also be utilized to install monitoring/logging/alerting software to achieve visibility across production workload foundations in a single place. Pay your attention to control plane deployment topologies, which address your security needs.” —Yauheni Kisialiou, Altoros
Yauheni also points out that by following a Pivotal reference architecture in terms of networking and load balancing, you will avoid many of the issues in the future. It is also important to upgrade in a timely manner (
n-1, it’s you choice) and use modern stem cells, stacks, and buildpacks.
2. Enable automation
Yauheni urges to remember that automation is code. In this regard, he suggests using a version control system to manage automation, as well as select one of the patterns and a strategy to manage the repository (or repos) where your automation is located.
“Employ branches, pull requests, releases in a way your developers are familiar and comfortable with. Remember about refactoring and code review.” —Yauheni Kisialiou
Elaborating automation repository structure in advance is essential, so mind the number of foundation types, the number of foundations per type, as well as secret and nonsecret variables. Try to follow common software development patterns related to avoiding duplication. You can use one of the reference repo structures, like this platform automation reference, provided by Pivotal.
3. Automate upgrades
Ensure platform management automation. Build a culture of continuous iteration by adopting the practice of small, repetitive platform updates. According to Yauheni, this is one of the best ways to simplify the process of platform upgrades. In addition, such an approach helps to significantly reduce risks, increase stability, as well as save time and effort. He recommends to build pipelines to manage PAS/PKS foundations, spin them up faster, enable disaster recovery, and avoid human mistakes. Update patch versions of PAS in an automated or semi-automated way.
4. Use the platform’s self-service features
The Pivotal Platform provides significant self-service features, such as database provisioning or message queues, which Yauheni considers truly worth using. Invest some time to teach developers to get the services they need and use them without the involvement of a DevOps team. Provide developers with access to a dev foundation to use such self-service features of the Pivotal Platform as services, buildpacks, etc.
To achieve visibility across overall platform health and capacity, he advised to collect metrics and employ sophisticated thresholds. By properly defining quotas, you will avoid competition for resources between teams. Provide access to continuous integration pipelines only in production to prevent credentials leaks.
Use platform add-ons to provide services where it is possible. This way, there is a possibility to have a common management strategy, pipelines, and up-to-date versions.
5. Ensure security
Yauheni warns against using an internal blobstore and a database for a production PAS deployment. He also recommended to employ SSL/TLS everywhere, specifically in a load balancer tier, as the Pivotal Platform is ready for it and expects it.
6. Stick to best practices
During migration to the Pivotal Platform, Yauheni recommends to use the lift-and-shift approach at the proof of concept stage, because it significantly saves time and effort.
According to best practices, it is better to deploy an application to at least three instances, so you will retain access to data in case of a system failure.
7. Enable proactive monitoring
Mariah Jenkins, Cloud Solutions Architect, provides some considerations around establishing sufficient monitoring. She recommends to integrate and configure alerting for your CI/CD pipelines across failures and capacity/utilization of your foundation resources (e.g., CPU, memory, disk).
“As your foundations scale, revisit and adjust these thresholds as needed to prevent noisy alerts from triggering.” —Mariah Jenkins, Altoros
For those who are using BOSH add-ons (e.g, IPSec or ClamAV) in the Pivotal Platform’s foundations, Mariah suggests creating/writing BOSH runtime configurations into named configurations. This will allow you to uniquely identify a specific BOSH add-on and introduce changes to it.
8. Be agile
Talking about project management, Mariah notes the perks of establishing well-balanced, weekly or bi-weekly Agile meetings—e.g., daily standups, retrospectives, demos, or iteration planning meetings. This way, all members of the platform team will have the same vision about the scope of work to be prioritized and completed next.
Dzmitryi Rudkouski, Cloud Solutions Architect, adds that it is necessary to consider and plan team availability, network issues, security checks, and project time estimation at each project step. This will help you to correctly distribute the workload across all project participants, as well as to prevent any blockers and delays.
9. Build a dedicated team
Yauheni and Dzmitryi then point out the importance of building a dedicated platform team with a product owner. Yauheni highlights the necessity to establish efficient cooperation across the platform, security, and infrastructure teams.
Referring to his own experience, Dzmitryi notes that often there are various kinds of questions and problems associated with installing, configuring, and testing the platform. By assigning a responsible point of contact, you will address the issues in an efficient manner and save time.
10. Perform timely backups
Mariah encourages to enable and perform backups for your Credentials Management Store (e.g., CredHub or Vault). Store these backup artifacts into an S3-compatible object store that supports versioning, such as Amazon S3 or Minio. Validate your backups by performing a restore to ensure that all secrets have been restored successfully.
To create backups of the core Pivotal Platform components, Siarhei Khudzinski, Cloud Solutions Architect, suggests using BOSH Backup and Restore. This will help to recover the platform, apps, and data in case of a disaster.
Congrats to our team on getting the award! We hope these recommendations will help enterprises during their cloud-native journey.
- The Ecosystem of PCF Tiles: Easier Deployment and Upgrades
- K8s Meets PCF: Pivotal Container Service from Different Perspectives
- Automating Deployment of Pivotal Container Service on AWS
Igor Aksinin, Yauheni Kisialiou, Mariah Jenkins, Dzmitryi Rudkouski, and Siarhei Khudzinski.