KPMG is a global network of independent member firms in 154 countries and is most commonly known for providing audit, tax and advisory services. In recent years, many IT departments have found themselves under increased pressure to keep up with the rapid pace of innovation and change within technology along with increased demand from customers for new features and services.
In order to address these challenges, KPMG in the UK has been going through a steady transformation by moving away from traditional waterfall models to a collaborative, customer-focused DevOps approach which encompasses agile methodologies and cloud technologies such as AWS, Azure and GCP. Due to the nature of the services KPMG provides, there are considerable regulatory and governance considerations to comply with in order to protect our client’s data and ourselves. With this in mind, in 2015 KPMG launched a pilot project with the vision to deliver services efficiently, reliably and securely to our customers.
We started off by creating a small business-centric team to deliver an application in the cloud with the vision to become the benchmark of future projects and evidence to the business that it is possible to do DevOps in the enterprise whilst adopting the necessary security and governance requirements. The application was to be hosted in AWS and utilised infrastructure as code, allowing deployments into multiple environments in a consistent, repeatable manner. It also allowed deployments without having to be concerned around configuration drifts and with the added benefit of rapid deployment speeds.
The infrastructure stack
We also began to slowly develop a pipeline which would allow us to release software code from development through to production consistently and also allow controls and checks in between. The infrastructure stack consisted of Atlassian Stash, now known as Bitbucket, which is our secure, and private source code repository, TeamCity for testing and building the application package and finally to be handed to Octopus Deploy which manages the deployments into a number of environments. The project was an immediate success, as the application team now had the ability to quickly accommodate customer requests, and ensure the stability of the environment without having to rebuild any component manually.
It is a common misconception that large enterprises cannot adopt DevOps and Agile practices, as it is often believed it is suited to smaller start-ups due to the number of processes within a large organisation. We had started our automation journey, however, we now needed to address stringent security requirements, service management considerations and ensuring the ongoing maintenance of the application. Instead of attempting to change an entire department process and method of working, we started having discussions and listening to the various concerns whilst keeping at the forefront cloud best practices such as utilising disposable resources, infrastructure as code, automation, loosely coupled components and asynchronous integration.
Each team had built up their own set of considerations and best practices, therefore when attempting to adopt a new method of working and to deliver value, it was extremely important to try to find a middle ground and compromise. Once there was a clear understanding of the various controls, due to our agile way of working, it was easy for us to change the architecture design whilst minimising both downtime and development impact. We ran two-week sprints and began to work through the deliverables in order to present back to the relevant teams and put in place the necessary documentation.
As the business saw how quickly we were able to deliver value, the word spread around the organisation and the team found themselves going from a single project almost 100 within the space of a year. In order to accommodate for such growth, the team rapidly increased the number of engineers and also began working more closely with service management continuously improving to ensure incidents, changes and problems were handled efficiently and in a timely manner. We saw improvements in change management as we developed all infrastructure as code, it was easy for us to track, review and manage changes. At a high level, everything was committed into source control, reviewed by senior engineers and evaluated by the product owner to validate there were no business risks.
Today we have matured our offering in a variety of ways from our pipeline by utilising services like Jenkins to handle orchestration, Terraform for infrastructure, Vault for security, Trend Micro for anti-malware and anti-virus along with our cloud transformation professional services helping some of the biggest companies in the world adopt DevOps and move towards working in a more agile manner to ultimately improve customer experience.
Adopting DevOps and cloud initiatives involves changes from all parts of the organisation and at all levels including culture, process and technology. Organisational change is a journey which takes time, understanding and collaboration to succeed.
Written by DevOps Manager at KPMG, Adnan Rashid