Australia Post has spent the past 18 months laying FinOps foundations and restructuring the way it uses cloud services in preparation for another wave of workload migrations out of its data centres.
Cloud services manager Jason Gorringe told the recent AWS Summit Canberra 2022 that the postal service had been successful so far in reining in cloud costs via a four-pillared FinOps strategy.
Gorringe said that pre-FinOps, the way Australia Post consumed cloud services made costs difficult to track, leading to rising bills and scrutiny from corporate finance.
“We were living in a big, shared environment where there were three dev/test/prod accounts,” Gorringe said.
“Everyone was jumping in, piling in and building stuff, and we didn't know who was doing what.”
The organisation needed to get corporate finance onside to move to a new phase of its cloud migration.
“We wanted to restore trust between IT and finance … so then we can make informed decisions as we go forward into the next phase,” he said.
Gorringe later explained: “We're looking at more of a migration out of [our] data centres and into the cloud.”
“There’s going to be more spend going in there, so we want to make sure that we've got visibility of that spend and we don't get bill shock.”
Gorringe didn’t quantify Australia Post’s cloud costs in his presentation, but did say “the bill was going up [and] we didn't know why."
“We wanted to try and flatten those costs, which we were able to do,” he said.
One of Australia Post’s immediate actions to achieve this was to restructure the way different teams consumed cloud services.
“We've moved to a multi-account architecture where a particular team or a particular application gets their own dev/test/prod environment and [can] build [or do] whatever else they need,” Gorringe said.
He said that each account came with baseline “guardrails” - high-level governance rules covering security, access and network controls, to ensure these were consistently used.
Australia Post has also implemented and is enforcing tagging - a standard FinOps strategy that identifies who owns or uses a cloud resource and why, which enables cost allocation.
The tagging is consistent across Australia Post’s multi-cloud environment, which is known to include AWS and Google Cloud Platform.
Gorringe indicated Australia Post isn’t pursuing workload portability between clouds, but instead uses more than one cloud to get access to specific advantages or capabilities inherent in the differing environments.
He said that, theoretically, a team could have a product or application that had elements hosted across several clouds, and needed a way to get “visibility of their whole spend.”
“Unfortunately, native cloud services do not offer that, and that's why a billing tool, especially as you are moving out to that [multi-cloud vision], is good,” Gorringe said.
Australia Post is using Apptio’s Cloudability product for cost management and optimisation as part of its FinOps efforts.
In addition to the multi-account structure, tagging and controls, the postal service has set up a service catalog to guide teams on instance selection, which it is “building out continuously.”
It has also set up resource scheduler in AWS, which is used to automatically start and cease the consumption of cloud resources at certain times of day, for example.
“People just have to put in a tag and it'll automatically turn stuff off,” Gorringe said.
“In the hierarchy of [cloud] cost savings, that's probably where your biggest savings are.”
Through its FinOps efforts to date, Gorringe said that Australia Post had succeeded in accurately allocating consumption costs, creating strategies to avoid costs, and increasing accountability for costs being incurred.
He said that FinOps offered to “assist, inform and talk to developers” about ways to cut costs, such as through instance rightsizing or the use of reserved instances, for example, but ultimately left decisions and actions to development teams.
“As a FinOps person, I'm not going to turn off or ‘rightsize’ someone's EC2 [instance] because if I do, I'm going to break something,” he said.
Gorringe said that Australia Post may also look to use spot instances - spare compute capacity in AWS cloud - in future, but that further work is required.
“We're working with our team to bring in a spot policy, but it depends on the use cases and where we’re working,” he said.
Gorringe said giving teams information and visibility into their resource usage so they could “make the right decisions” had proven an important outcome of Australia Post’s FinOps work.
Similarly, he said that “constant two-way communication” between technology, finance and management, and close work with finance on moving from a capex to opex model for IT resource purchasing and consumption, had helped progress action on cost management.
.png&h=140&w=231&c=1&s=0)
.jpeg&h=271&w=480&c=1&s=1)
