Improve
workloads and solution deployments:
Solutions for the industry that are implemented new, benefit from
a set of principles that provide prescriptive guidance to improving the quality
of their deployments. When the industry
moves from digital adoption to digital transformation to digital acceleration,
the sustainability journey requires a strong digital foundation. It is the best
preparation for keeping pace with this rapid change.
This is true for meeting new sustainability requirements, avoiding
the worst impacts of climate change and other business priorities such as
driving growth, adapting to industry shifts, and navigating energy consumption
and economic conditions. It helps to track and manage data at scale, unifying
data and improving visibility across the organization. This helps to reliably
report your sustainability impact, driving meaningful progress and finding gaps
where the most impact can be delivered.
The
well-architected framework consists of five pillars. These are reliability
(REL), security (SEC), cost optimization (COST), operational excellence (OPS)
and performance efficiency (PERF). The elements that support these pillars are a review, a cost and
optimization advisor, documentation, patterns-support-and-service offers,
reference architectures and design principles.
This guidance provides a summary of how these principles
apply to the management of the data workloads.
Cost optimization
is one of the primary benefits of using the right tool for the right solution.
It helps to analyze the spend overtime as well as the effects of scale out and
scale up. An advisor can help improve reusability, on-demand scaling, reduced
data duplication, among many others.
Performance is usually based on external factors and is remarkably
close to customer satisfaction. Continuous telemetry and reactiveness are
essential to tuned up performance. The shared environment controls for
management and monitoring create alerts, dashboards, and notifications specific
to the performance of the workload. Performance considerations include storage
and compute abstractions, dynamic scaling, partitioning, storage pruning,
enhanced drivers, and multilayer cache.
Operational excellence comes with security and
reliability. Security and data management must be built right into the system
at layers for every application and workload. The data management and analytics
scenario focus on establishing a foundation for security. Although workload
specific solutions might be required, the foundation for security is built with
the Azure landing zones and managed independently from the workload.
Confidentiality and integrity of data including privilege management, data
privacy and appropriate controls must be ensured. Network isolation and
end-to-end encryption must be implemented. SSO, MFA, conditional access and
managed service identities are involved to secure authentication. Separation of
concerns between azure control plane and data plane as well as RBAC access
control must be used.
The key considerations for reliability are how to detect
change and how quickly the operations can be resumed. The existing environment
should also include auditing, monitoring, alerting and a notification
framework.
In addition to all the above, some consideration may be
given to improving individual service level agreements, redundancy of workload
specific architecture, and processes for monitoring and notification beyond
what is provided by the cloud operations teams.
Each pillar contains questions for which the answers
relate to technical and organizational decisions that are not related to the
features of the software to be deployed. For example, a software that allows
people to post comments must honor use cases where some people can write, and
others can read. But the system developed must also be safe enough to handle all
the traffic and should incur reasonable costs.
Since the most crucial pillars are OPS and SEC, they
should never be traded in to get more out of the other pillars.
The security pillar consists of Identity and access
management, detective controls, infrastructure protection, data protection and
incident response. Three questions are routinely asked for this pillar: How is
the access controlled for the serverless api? How are the security boundaries
managed for the serverless application? How is the application security
implemented for the workload?
The operational excellence pillar is made up of four
parts: organization, preparation, operation, and evolution. The questions that
drive the decisions for this pillar include: How is the health of the serverless
application known? How is the application lifecycle management approached?
The reliability pillar is made of three parts:
foundations, change management, and failure management. The questions asked for
this pillar include: How are the inbound request rates regulated? How is
resiliency built into the serverless application?
The cost optimization pillar consists of five parts:
cloud fiscal management practice, expenditure and usage awareness,
cost-effective resources, demand management and resources supply, and
optimizations over time. The questions asked for cost optimization include: How
are the costs optimized?
The performance efficiency pillar is composed of four
parts: selection, review, monitoring, and tradeoffs. The questions asked for
this pillar include: How is the performance optimized for the serverless
application?
In addition to these questions, there is quite a lot of
opinionated and even authoritative perspectives on the appropriateness of a
framework and they are often referred to as lenses. With these forms of
guidance, a well-architected framework moves closer to an optimized
realization.
No comments:
Post a Comment