Phase 1: Review Rancher installation
You work with a balanced team of engineers, architects and consultants to plot where you are, define your desired end state and methodologically plan the path to achieve them.
- Compare the current state of the Rancher installation against best practices
- Review the level of automation
- Track the performance of third-party integrations: What are they supposed to do? Do they deliver the intended results?
- Inspect security posture: role-based access control; encryption for critical data; secret management solution; authentication & authorisation; network security
- Review observability approach: Are Cloud Native observability tools installed with centralised logs, metric connection, and an effective alert management system?
- Evaluate transparency of operational strategy
- Assess operational practices and procedures
- Review architecture: How does Rancher interact with the rest of the architecture?
- Organisation: How are other teams working with the Rancher platform ops team?
- Identify and prioritise work items for phases 2 + 3 together with the customer
- Reporting on review and work items for active stakeholder management
- Build a prioritised list of work items for the enhanced MVP phase
Phase 2: Build enhanced MVP to stabilise the situation
This is where the change begins. It includes a multifunctional team of engineers to implement the designed solutions, integrations, and architectures together with your team.
- Upgrade the installation following Rancher best practices
- Impact engineering: Resolve high-priority blockers with MVP-style installation for cloud vendors, identity providers, and other CNCF tools
- Finalise designs for updated Cloud Native architecture
- Finalise design infrastructure-as-code (IaC) approach
- Immersive knowledge sharing: training sessions, pair programming, workshops, hackathon
- Agree on a prioritised list of work items for the Cloud Native day 2 operations phase
- Active stakeholder management: Presentation of solution designs & upgrades
Phase 3: Scale implementation to enable day 2 operational excellence
We implement the designed solutions, integrations, and architecture together with your team.
Security
- Improve authentication with identity provider configuration and authorisation using Role-based Access Control (RBAC) through built-in Rancher functionality
- Establish Kubernetes security best practices according to CIS benchmarking, with configuration settings like node hardening and encryption of etcd
- Improve container security by implementing vulnerability monitoring with tools like Trivy or NeuVector and implementing runtime security with Falco or NeuVector
Observability
- Improve metrics collection to increase visibility across the environment
- Implement alert management to respond to incidents more proactively
- Enable log centralisation through built-in Rancher functionality or open-source tools like the ELK Stack and Grafana Loki, to allow practical insights from a single pane of glass
Performance
- Apply horizontal pod and cluster autoscaling
- Instance right sizing and application resource configuration to optimise the utilisation of resources in the environment
Automation
- Reduce toil and manual operations with infrastructure automation (Ansible, Terraform) and improved CI/CD implementation
- Implement a GitOps approach using open-source tools like ArgoCD to improve deployment strategy
- Improve reliability
- Validate your error budgets, SLIs, SLOs, and SLAs
Phase 4: Completion and handover
We implement the designed solutions, integrations, and architecture together with your team.
- Provide options for further immersive upskilling of the customer team during implementation: training sessions, pair-programming, workshops, and hackathons.
- Documentation
- Complete knowledge transfer and handover
- Delivery review: What did we achieve together?
- Discuss further improvements
