Cloud complexity is nothing new. Solving for it has been an intractable problem.

Cloud-native applications based on microservices can have thousands of moving parts and application program interfaces. Although that’s made application development faster and more reliable, it’s also introduced a dizzying web of interconnectedness.

The challenge of figuring out what’s responsible for a slowdown or outage has given birth to a $17 billion market for log monitoring and cloud observability tools. Nevertheless, a new survey commissioned by Gigamon Inc. found that 99% of information technology professionals said their team has missed or failed to meet a service-level agreement because of overly complex cloud infrastructure, and 96% said cloud complexity or network performance bottlenecks have slowed migration projects.

VMware’s Tom Hatch: “The core problem with the cloud is scaling people.” Photo: LinkedIn

Tom Hatch has come up with a new approach to observability and automation that he wants to share with the world. Hatch, who is director of engineering at VMware Inc. and creator of the Salt open-source project that is widely used to automate infrastructure configuration and management, believes that instead of writing scripts to automate events in the cloud, cloud services should do more of their own automation. His newly launched Idem Project scans current cloud deployments and generates data that can be used to trigger remediation events with little human intervention.

Idem’s automation code is written in the widely used Python language and designed to be modular and extensible. “The runtime execution is just 35 lines of code,” Hatch said in a video interview recorded at SaltConf last fall. Idem has been successfully tested on the three largest U.S. cloud platforms as well as on GitHub.

Humans don’t scale

“The only way we will overcome the site reliability engineering crisis is by rethinking the approach,” Hatch said in an interview with SiliconANGLE. “We want to turn the process on its head and make it much simpler to manage cloud resources.”

Operators are becoming overwhelmed with data and unable to keep up with the growth and complexity. “The real bottlenecks come back to people,” Hatch said in the video interview. “The core problem with the cloud is scaling people.”

Idem, which launched last month under an Apache open-source license, is named for the mathematical term “idempotent,” which refers to an element of a set that doesn’t change in value when multiplied or otherwise operated on by itself. Idempotence is used in programming to verify that services perform consistently under different operational conditions.

As useful as Salt is, it was developed for less complex environments than the ones that are common in the cloud today. “Salt was about managing [virtual machines],” Hatch said in the video interview. “It’s a lot more complicated now.” Idem is described as a companion to and not a replacement for Salt.

Outside-in approach

Idem takes advantage of the ubiquitous use of application program interfaces to tap into cloud resources and look for anomalies. “The core constructs are inspired by Salt but we’ve expanded it quite a bit,” Hatch said. “It’s idempotent resource management: know where the resource is, its state and the parameters that are relevant to it. Make it so the automation approach is geared toward getting the observability we need and immediately apply the observation deck to action.”

The goal is for code to be auto-generated instead of written by hand. “The underlying function determines the state of the resource, what needs to be changed and makes the changes,” he said. “The end-user doesn’t need to deal with scripts.”

Idem is currently being maintained inside VMware but there is the possibility it could be moved under the oversight of an independent external organization, Hatch said. “We’re working on moving a significant amount of VMware infrastructure to Idem,” he said. “We wanted to create a universal data extraction system that makes ingestion easier within VMware products. Making it open source ensures that it’s generalized.”

The next item on the project’s agenda is to develop an approach to working with secret data such as Secure Shell Protocol keys. “We have a pipeline we’ll deliver in a few weeks,” Hatch said. “Beyond that, a lot of our work will be about supporting more APIs and clouds.”

Photo: Unsplash