@@ -215,6 +215,136 @@ <h2>The Responsibility Triad</h2>
215215 centrally maintain them over time. An IDP is only as valuable as its ability to affect change at scale, and keeping
216216 the responsibility triad in mind as you develop your IDP ensures its scalability over the long term.</ p >
217217
218+ < h2 > Choosing a responsibility model</ h2 >
219+
220+ < p > Those looking to introduce platform engineering into existing DevOps teams face three common realities:</ p >
221+
222+ < ul >
223+ < li > Your IDP is a greenfield project</ li >
224+ < li > Your platform team must reduce the mental burden of an existing, complex environment</ li >
225+ < li > Your customers are technically adept</ li >
226+ </ ul >
227+
228+ < p >
229+ The purpose of an IDP is to generate opinionated artifacts embedding the accumulated business knowledge and best
230+ practices learned by your customers over the years. By design, these artifacts abstract away much of the tribal
231+ knowledge required to build high quality solutions, allowing DevOps team to focus on solving novel problems rather
232+ than duplicating the effort required to solve already solved problems.
233+ </ p >
234+
235+ < p >
236+ The challenge when developing such abstractions is to strike the right balance between hiding complexity and
237+ enabling flexibility.
238+ </ p >
239+
240+ < p >
241+ Platform teams have the added challenge of being compared to the established platforms their IDP seeks to
242+ abstract away. The reality is that these existing platforms were adopted because of the many years, countless hours,
243+ and eye-watering sums of money that were spent refining the balance between complexity and flexibility. For example,
244+ popular operating systems, hypervisors, cloud platforms, and container orchestration platforms all have billions
245+ of dollars worth of development behind them.
246+ </ p >
247+
248+ < p >
249+ Meanwhile, enough of your customers will be comfortable with these underlying platforms, meaning they will quickly
250+ spot, and likely be frustrated by, the limitations of your abstractions. This risks making your IDP the kind of
251+ blocker that it was supposed to remove.
252+ </ p >
253+
254+ < p >
255+ It is not a question of whether abstractions are valuable or possible to build correctly, as every successful piece
256+ of
257+ technology is an example of building a useful abstraction: a car abstracts the complexity of an engine and
258+ transmission behind a steering wheel, accelerator, and brake; an electrical powerpoint abstracts the continent sized
259+ infrastructure of a power grid; and a phone abstracts a worldwide communication network. The better question,
260+ especially for new platform teams, is whether you have the knowledge to create the correct level of abstraction?
261+ </ p >
262+
263+ < p >
264+ The only safe initial answer to this question is "No", with an aim to reach the point where the answer is "Yes,
265+ but...".
266+ While you will never have perfect knowledge of your customer's needs, a successful platform team can refine their
267+ abstractions over time. But you do need to have some level of early success to earn the time required to refine
268+ the artifacts provided by your IDP.
269+ </ p >
270+
271+ < p >
272+ Anyone aiming to provide an opinionated solution faces this same dilemma, but the survivorship bias of every
273+ successful abstraction you see in daily life can make it seem like building abstractions is easy. However, new
274+ platform teams must assume building abstractions is, in fact, quite difficult, and therefor have a plan to support
275+ customers with unique needs or opinions of their own. This is the crux of the responsibilities presented in
276+ the chapter "Platform Engineering Responsibility Models":
277+ </ p >
278+
279+ < ul >
280+ < li >
281+ Centralized responsibility (or "enforced consistency") artifacts provide highly opinionated solutions exposing a
282+ relatively small number of
283+ options to customize the end result. The
284+ success of the centralized responsibility model is highly dependent on how closely aligned your abstractions are
285+ to the needs of your customers.
286+ </ li >
287+ < li >
288+ Shared responsibility (or "eventual consistency") artifacts can be modified by customers, providing them with
289+ the ability to customize their
290+ solution while still allowing the platform team to centrally distribute updates. These artifacts are the most
291+ flexible and provide a sliding scale between enforcing opinions and exposing flexibility (with the caveat that
292+ increased
293+ customization will typically decrease the ability to centrally distribute updates). The shared responsibility
294+ model assumes abstractions will be imperfect and emphasises a workflow that allows platform teams and their
295+ customers to jointly refine the solution over time.
296+ </ li >
297+ < li >
298+ Customer responsibility (or "eventual inconsistency") artifacts provide customers with a base template that they
299+ are expected to own and
300+ modify to suit their needs. While the templates can provide an initial set of opinions, they are
301+ expected to be heavily modified. The customer responsibility model assumes customers will keep what is useful
302+ and discard what is not.
303+ </ li >
304+ </ ul >
305+
306+ < p >
307+ An anti-pattern to avoid when starting a new platform team is focusing too heavily on the centralized responsibility
308+ model. This
309+ model requires that you build the most accurate abstractions, and starting a new platform team is the time when you
310+ have the least amount of information to do so.
311+ </ p >
312+
313+ < p >
314+ Instead, new platform teams should aim to initially offer artifacts under the shared responsibility or customer
315+ responsibility models.
316+ </ p >
317+ < p >
318+ In the unlikely event that you managed to get your abstractions just right first time, there is little practical
319+ difference between the three responsibility models, as the resulting solutions will all remain mostly unchanged
320+ from the initial artifact generated by your IDP. However, in the more likely event that your abstractions require
321+ refinement, the shared responsibility model allows you to work with your customers to evolve your abstractions, and
322+ the customer responsibility model allows customers to make whatever changes they need.
323+ </ p >
324+
325+ < div > < img class ="icon " alt ="Anecdotes Icon " src ="images/anecdote.png "/> </ div >
326+
327+ < p > < i >
328+ I was part of a team that designed new steps in Octopus to deploy applications to Kubernetes and AWS ECS. One of the
329+ challenges in designing these steps was deciding how to support use cases we hadn't anticipated or might be
330+ introduced
331+ by the underlying platforms after our steps were released. After spending some time thinking about all the hooks or
332+ custom scripting we could expose in these steps, we decided that the best course of action was to offer both
333+ highly opinionated steps that supported most common use cases and generic steps that allowed the deployment of
334+ raw YAML for either Kubernetes resources or CloudFormation templates. Importantly, the opinionated steps offered a
335+ way
336+ to export the equivalent YAML that they would generate, giving customers a way to jump from the opinionated step
337+ (which aligns with the central responsibility model) to the generic step (which aligns with the customer
338+ responsibility model).
339+ </ i > </ p >
340+
341+ < p > < i >
342+ This kind of "break glass in emergency" process to move from one responsibility model to another meant we could
343+ offer a path for any customers blocked by a lack of functionality in the opinionated steps, with the understanding
344+ that customers had to take more responsibility for what was now considered bespoke YAML. This is a practical, and
345+ now battle tested, example of the responsibility models in action.
346+ </ i > </ p >
347+
218348< h2 > Example Checklist</ h2 >
219349
220350< p > This example checklist lists artifacts produced by the IDP and defines the responsibility model associated with each.
0 commit comments