Why Developers Need a Management Plan – The New Stack

We’ve written before about how businesses need a management plan to more easily shift left and enable more users and roles to take control of infrastructure and application deployments.

Eric Brown

Eric is Vice President of Product Management and Business Strategy for F5 NGINX. Eric is a 20 year veteran of SaaS, PaaS and IaaS with 10 years of cloud experience – public, private (systems software) and hybrid at Joyent, Samsung, Oracle and Deutsche Telekom’s MobiledgeX (acquired by Google). Eric is a community and ecosystem architect with expertise in developer experiences as well as the intersection of cloud with telecom and emerging AI, ML, XR and other use cases and devices. connected.

No group benefits more from a management plan than developers.

Here’s why yes, moving left means greater autonomy, agility, and productivity for developers. This means faster time to market. The shift to the left also means that developers are increasingly expected to perform tasks previously done by more specialized teams – tasks in operations, security, networking, and application architecture. This is the nature of microservices. Developers increasingly own the entire application, not just bits of code. With greater ownership comes greater responsibility

Unfortunately, the learning curve for all of these other disciplines is steep; that’s why there are so many types of “ops” jobs today. And just saying “shift to the left” doesn’t make it a viable development strategy. And expect developers to know how to set up a Web Application Firewallconfigure a load balancer or write policies for a API Gateway invites errors and security risks. This is where a new construct – the management plane – becomes a necessary part of the cloud-native stack for developers, giving them meta-Ops superpowers.

Wanted: Happy Ops support for modern apps

Developers today want and expect more control over how and where their application code executes. This control allows them to scale faster and build more resilient, loosely coupled applications that are cloud-agnostic and operate in the cloud-native deployment model. Having more control allows developers to configure the infrastructure that best meets the needs of the application.

At the same time, developers prefer to spend the majority of their time writing code. Setting up infrastructure, securing networks, or determining API rate limits aren’t high on their wish list to spend time on. Because developer time is so valuable, any way to allow developers to move left more efficiently with a shorter learning curve can deliver real business value (and make developers happier). Platform operations teams, in particular, strive to minimize complexity while maintaining choice and flexibility for developers. This is where the management plan becomes critical for developers.

Why developers need a management plan

To recap, the management plane is a necessary layer of abstraction to manage the new levels of complexity exposed by shifting left. The data plane is the layer where networking systems (load balancers, firewalls, API gateways, ingress controllers, caching systems) read incoming or outgoing packets and decide what to do with them.

The control plane is the policy layer residing above the data plane. In the control plane, data plane behavior rules are managed and configured. The two must be clearly separated to be scalable and independent of system and architecture; this is a long-standing tenet of NGINX product design.

The management plane is a layer above the control plane that eliminates the need for developers to become a networking, security, and API expert. The management plan gives developers a quick and easy way to get the following:

  • Granular observability of their application and relevant infrastructure
  • Governance and policy setting of multiple features in a single workspace
  • Out-of-the-box security and easily adjust app security and access controls
  • The configurability of all these settings allows developers to easily modify controls and policies (e.g. to achieve resiliency and scalability) without crossing security barriers

A management plane allows line developers to accomplish all of this without having a deep understanding or mastery of how to work with native data plane configuration files and policies for firewalls, networking , API management, and application performance management.

With the management plane, platform operations teams can reduce the need for developers to develop domain-specific knowledge outside of the normal domain of developer expertise. For example, a management plan might have a menu of options or decision trees to determine the degree of availability and resiliency required by an application, the volume of API calls that can be made against an application or cloud service or application location. for data privacy or regulatory reasons.

Equally important, the management plane can improve security by providing developers with intelligent recommendations on security best practices or by putting in place specific limits on key resources or infrastructure to ensure that developers moving to left do not inadvertently put their organization at serious risk. For example, a management plane may recommend (or enforce) port forwarding or proxy rules to prevent exposure of sensitive personally identifiable information (PII) or customer data to other services or IP addresses. external. Or PlatformOps teams can automatically add both a Kubernetes Ingress Controller and one WAF to all developer deployments as part of the CI/CD pipeline, ensuring that developers releasing Kubernetes applications deploy them more securely. (We wrote about this as “which makes it possible to run with scissors in complete safety. »

This becomes especially important as the total number of microservices and small applications skyrockets. Many companies have thousands of microservices, far more than any security team or network operations team could sufficiently review and recommend. Rather than filing a ticket, a developer can access their management plan and follow workflows that give them choices but minimize risk. This is how management planes can become a happy medium of operations that saves developers days or weeks of wasted time on configuration management, security design and more.

Characteristic picture Going through Pixabay.