Open Credo

Moving from a single service provider lock-in towards cost-saving multi-cloud.

A central government department who provide a breadth of services to individuals and businesses – increasingly self-service and offered online – which must be cost-effective.

The Challenge

Like many central government departments, our client needed to reduce their technology costs, whilst also modernising their technology platform. They wanted to move beyond traditional hosting and locked-in supplier contracts, to incorporate more cloud-based services. In parallel, as a result of the growth of their internal technology teams, there was a need for the fast creation of repeatable and secure development environments.

The Discovery

We began our partnership with a number of workshops, designed to help us better understand the department’s current technology landscape, as well as their broader strategy. From this we ascertained there was:

  • A desire to add cloud service providers to the department’s supplier list without lock-in.
  • An existing dependency upon a single third-party provider, for environment creation and management, which was a lengthy and costly process.
  • A need to ensure the department’s architecture supported their broader technology strategy, and their ever-expanding in-house technology services.

Delivery

Having established intentions, we were able to propose a solution – a ‘cloud broker – that would enable the department to better manage their own environments across cloud providers. Having validated out this approach with a Proof of Solution (PoS), we were tasked with the creation of a production-quality solution for usage across the department. This necessitated liaising with 250+ stakeholders across the UK, numerous external third parties and the department’s most senior directorate.

Technologies

The final solution embraced a number of cutting-edge tools and practices such as public cloud, infrastructure-as-code, automation, API driven infrastructure and open source. Specifically: HashiCorp tools as Packer was used for consistent cloud image building; Terraform for IaaS provisioning; and Vault for secret management, with teams free to choose and use the most appropriate configuration management tools (Ansible, Puppet, Chef, etc) as required.

Mitigating supplier lock-in

The ability to consume infrastructure and cloud-based services from multiple providers is fast becoming a key requirement for many large enterprises and government departments. The ‘cloud broker is founded on contemporary principles providing architectural flexibility to support current, as well as potential future cloud and infrastructure provider requirements.

The Outcome

As a result of our partnership we were able to leave this Government department with:

  • The ability to manage environments within any preferred cloud provider.
  • A secure, repeatable and traceable self-service provisioning experience.
  • A faster environment creation lifecycle, reduced from several weeks to under 1 hour.