For those who don't know: "18F is a digital services agency built on the lean startup model based within the United States federal government." (wikipedia)
I hope I'm not the only one who thought the headline was someone trying to be hip while saying 18 year old female. (Dr Evil: I'm hip, I'm cool. I'm with it!)
Interesting to see Cloud Foundry take off this year after many years of being more of a curiosity on its own island.
I personally didn't get it until I saw Docker a couple of years ago and wondered "how will we operate all of these apps, services or even the servers they run on without playing yet another shell game and resorting back to traditional shit IT?". And that brought me back to Cloud Foundry and BOSH, to the point where I quit my old job and joined Pivotal.
This is a huge validation of everything we've been saying and working on at Pivotal. In order to be successful at running software at scale you need your operations to get out of your way as a developer, and you need tools and architecture that make being an operator painless.
That's the goal with CF and Bosh, and it's clear that it pays off.
As someone who worked in the Federal sphere, nothing's changed at all.
The same procurement rules and regulations remain in place with all the issues they cause. 18F is a nice experiment, and they do have some wins, but they are just a drop in the bucket.
The whole procurement and management process is so broken that it's a wonder any project gets completed. The same few bad actors keep winning contracts over and over again, fail, but then don't have any repercussions. In fact, their failures actually net them more money more often than not as contracts get extended now that the contractor has the government by the balls.
IMO the best thing the government could do is a massive in-housing of functions. So much infrastructure within the Federal sphere has contractors essentially acting as PMs, the rank and file builders, the maintenance staff, etc., all with many layers of prime contractors and subs stuffed with middlemen.
This doesn't go just for IT. Lots of simple functions are outsourced to little benefit. Some of it I think might be because it's hard to fire Federal workers and contractors aren't unionized, but it would be better to fix those issues than hire the same person for twice the salary (when accounting for middlemen, margins, etc.)
The video at the "byzantine regulatory framework" link[1] is worth a watch (at least the first 10 minutes to get a taste). One of the most valuable offerings of cloud.gov is (hopefully) the ease with which it can go through the ATO and FISMA processes because it was designed with them in mind.
I'm not sure how this will expedite the ATO process as it uses technology that has not been STIG'd yet and may not have a "by the book" way to sign off (Docker, for instance, can be painful to ATO).
EDIT: After viewing Noah's FISMA guidance vid (nice work) there is definitely possibility to expedite but to really grease things you'd want to create a certification arm within GSA that can sign off the risk or perform a "certified" risk assessment on behalf of the customer agency so you could do things your way while still allowing them to sleep at night. Once you get into sensitive data loads and non-public stuff people start to get even more risk averse. / End Edit
That said, I'm hopeful that it does pave the way for change because this kind of platform is critical to reducing the barriers to experimentation in government. Perhaps because 18F is committing to supporting / upgrading the platform it will allow Federal CIOs and CISOs to shift some of the risk to 18F and sign the paperwork more quickly.
This is awesome work that is going to make it easier for a number of our digital service teams across government to deploy services.
[shameless plug to join public service for a year or two]
If you're interested in joining 18F or the U.S. Digital Service (which has an HQ office in the White House but also has teams across government), this application works for both teams: https://www.whitehouse.gov/usds/apply
There are upsides to big companies, and if they can keep the downsides (beuracracy, etc) under control... Once upon a time HP was supposedly a phenomenal place to work.
One of the strangest things I've run across on Reddit is a group of people with a kind of thalassophobia (fear of the sea) that is focused on man-made things under or partially submerged in water. They call it submechanophobia and share pictures of such things to spook each other out on their subreddit (https://www.reddit.com/r/submechanophobia).
I am really enthusiastic about the potential for building Eco-systems of small developer companies that focus on building the thousands and thousands of package that governments the world over need for their stutory obligations
The blueprint for USDS was the UK digital service, this is hitting some issues as they have started a ball rolling but now look like a bottleneck. Some of the "agile" restrictions and some of the centralised nature of development teams are likely to go - but the essence is a fantastic opportunity and landscape ahead
> The magic happens when an infrastructure team encapsulates their expertise, and then exposes that expertise as a service which can be used directly by developers.
I like this statement - how do you deal with educating team members on areas that require deep expertise? (e.g.., security, accessibility, localization).
Do you offer training, brown-bags, educational videos, or do you say "don't worry about it - if you do this in $x way, magic[1] will take care of you".
[1] Magic being defined as the compiler, automated tests, etc., feeding into a central feedback system (bugs, tickets, email, or whatever you use) telling you what you did wrong, and hopefully how to fix it.
Accessibility and L10N are app-level concerns, not something that cloud.gov is going to be able to help with. However, 18F works on other efforts aimed at helping people do those things better, eg https://18f.gsa.gov/2015/09/28/web-design-standards/
As for security and other devops concerns, which is what cloud.gov is about: This is why we're in a scaling/pilot phase now. A successful PaaS should reduce the depth of expertise needed to do those things right. That said, there are things like awareness of 12factor.net app design principles which are very unevenly distributed in government once you get outside of 18F. We will be concentrating on generating materials and documentation to make learning about those things in the context of cloud.gov as self-service as possible, and expand the pilot outward to those who need help even approaching the concept of a PaaS once we have more of those materials.
I wonder how many agencies will allow developers to jump into this; seems many of the agencies have a "must be built internally here" attitude about some of this stuff. Still, looks like a good step forward.
The more I am observing the government I wonder if it will ever be possible for the the 18F treatment to hit the more old traditional Federal Government agencies like CMS. Talk about byzantine regulations.
I saw several people from 18F present at Code for America Summit the other week, and my understanding is that the regulatory overhead involved in launching new government tech services (something like 4000 pages of relevant regulations to comply with) is so large that it's usually a boondoggle. Part of what they are doing is building services with that regulatory compliance built into it, so agencies don't have to slog through all of that for every little thing they want built.
Governance, Risk and Compliance. Even if the private sector does GRC better than the government, they (the gov't) at the very least have control. Not to mention their stack appears to be mostly open source (Docker, CF, etc). This makes total sense and is a "best of both worlds" approach.
The cloud.gov platform is built on top of existing tooling and platforms (Docker, Cloud Foundry, AWS). It's possible recommendations and documentation for quickly deploying sites and services using these platforms is lacking, or changes too often to be provided as a supported, recommended solution to a large set of small teams.
This is cool, but,...18F are consultants, who pop in, wave a magic wand, and pop out. Many of its employees are.bound by law to a max 2 or 4 year term. Will cloud.gov support its users for 5, 10, 15 years?
> This is cool, but,...18F are consultants, who pop in, wave a magic wand, and pop out.
My understanding is that some of what 18F does is short-term, project-based consulting for other government agencies, but that that isn't all of what 18F does.
The limited employment term things is a real concern for non-consulting, ongoing functions, but may have salutary effects, if it means that design for shared maintainability and succession planning aren't the kind of afterthoughts that they are many places in government.
jstanley|10 years ago
aaronbrethorst|10 years ago
toomuchtodo|10 years ago
EDIT: USDS/18F folks, you're doing phenomenal work. Thank you.
Jemmeh|10 years ago
c3534l|10 years ago
parasubvert|10 years ago
I personally didn't get it until I saw Docker a couple of years ago and wondered "how will we operate all of these apps, services or even the servers they run on without playing yet another shell game and resorting back to traditional shit IT?". And that brought me back to Cloud Foundry and BOSH, to the point where I quit my old job and joined Pivotal.
zaksoup|10 years ago
That's the goal with CF and Bosh, and it's clear that it pays off.
frabcus|10 years ago
I've looked quickly at it, but unlike (say) Heroku, found it hard to know where to start to host a simple app.
cryowaffle|10 years ago
Zach_the_Lizard|10 years ago
The same procurement rules and regulations remain in place with all the issues they cause. 18F is a nice experiment, and they do have some wins, but they are just a drop in the bucket.
The whole procurement and management process is so broken that it's a wonder any project gets completed. The same few bad actors keep winning contracts over and over again, fail, but then don't have any repercussions. In fact, their failures actually net them more money more often than not as contracts get extended now that the contractor has the government by the balls.
IMO the best thing the government could do is a massive in-housing of functions. So much infrastructure within the Federal sphere has contractors essentially acting as PMs, the rank and file builders, the maintenance staff, etc., all with many layers of prime contractors and subs stuffed with middlemen.
This doesn't go just for IT. Lots of simple functions are outsourced to little benefit. Some of it I think might be because it's hard to fire Federal workers and contractors aren't unionized, but it would be better to fix those issues than hire the same person for twice the salary (when accounting for middlemen, margins, etc.)
wpears|10 years ago
[1]https://www.youtube.com/watch?v=T1S52B1-NT4
sailfast|10 years ago
EDIT: After viewing Noah's FISMA guidance vid (nice work) there is definitely possibility to expedite but to really grease things you'd want to create a certification arm within GSA that can sign off the risk or perform a "certified" risk assessment on behalf of the customer agency so you could do things your way while still allowing them to sleep at night. Once you get into sensitive data loads and non-public stuff people start to get even more risk averse. / End Edit
That said, I'm hopeful that it does pave the way for change because this kind of platform is critical to reducing the barriers to experimentation in government. Perhaps because 18F is committing to supporting / upgrading the platform it will allow Federal CIOs and CISOs to shift some of the risk to 18F and sign the paperwork more quickly.
ceworthington|10 years ago
[shameless plug to join public service for a year or two]
If you're interested in joining 18F or the U.S. Digital Service (which has an HQ office in the White House but also has teams across government), this application works for both teams: https://www.whitehouse.gov/usds/apply
wslack|10 years ago
js2|10 years ago
sliverstorm|10 years ago
Axsuul|10 years ago
dmerrick|10 years ago
[0] http://i.imgur.com/3q9Ujy0.png
[1] https://chrome.google.com/webstore/detail/butt-to-butt-plus/...
degenerate|10 years ago
chipgap98|10 years ago
toomuchtodo|10 years ago
http://i1.wp.com/gcaptain.com/wp-content/uploads/2013/06/ku-...
https://www.youtube.com/watch?v=Qx1EDAypi7g
michaelmior|10 years ago
jkldotio|10 years ago
zcdziura|10 years ago
lifeisstillgood|10 years ago
The blueprint for USDS was the UK digital service, this is hitting some issues as they have started a ball rolling but now look like a bottleneck. Some of the "agile" restrictions and some of the centralised nature of development teams are likely to go - but the essence is a fantastic opportunity and landscape ahead
(See my site gratuitous I know but http://www.oss4gov.org/manifesto)
Splines|10 years ago
I like this statement - how do you deal with educating team members on areas that require deep expertise? (e.g.., security, accessibility, localization).
Do you offer training, brown-bags, educational videos, or do you say "don't worry about it - if you do this in $x way, magic[1] will take care of you".
[1] Magic being defined as the compiler, automated tests, etc., feeding into a central feedback system (bugs, tickets, email, or whatever you use) telling you what you did wrong, and hopefully how to fix it.
bmogilefsky|10 years ago
Accessibility and L10N are app-level concerns, not something that cloud.gov is going to be able to help with. However, 18F works on other efforts aimed at helping people do those things better, eg https://18f.gsa.gov/2015/09/28/web-design-standards/
As for security and other devops concerns, which is what cloud.gov is about: This is why we're in a scaling/pilot phase now. A successful PaaS should reduce the depth of expertise needed to do those things right. That said, there are things like awareness of 12factor.net app design principles which are very unevenly distributed in government once you get outside of 18F. We will be concentrating on generating materials and documentation to make learning about those things in the context of cloud.gov as self-service as possible, and expand the pilot outward to those who need help even approaching the concept of a PaaS once we have more of those materials.
dlapiduz|10 years ago
BinaryIdiot|10 years ago
I wonder how many agencies will allow developers to jump into this; seems many of the agencies have a "must be built internally here" attitude about some of this stuff. Still, looks like a good step forward.
Yhippa|10 years ago
aidanfeldman|10 years ago
eonw|10 years ago
tvanantwerp|10 years ago
mbesto|10 years ago
bcjordan|10 years ago
mc32|10 years ago
mitchell_h|10 years ago
lebiru|10 years ago
brianpan|10 years ago
aidanfeldman|10 years ago
_Member of 18F._
motyar|10 years ago
plonh|10 years ago
toomuchtodo|10 years ago
EDIT: See sailfast's comment below. I think we're quibbling over semantics.
dragonwriter|10 years ago
My understanding is that some of what 18F does is short-term, project-based consulting for other government agencies, but that that isn't all of what 18F does.
The limited employment term things is a real concern for non-consulting, ongoing functions, but may have salutary effects, if it means that design for shared maintainability and succession planning aren't the kind of afterthoughts that they are many places in government.
spamlord|10 years ago
panzagl|10 years ago
azernik|10 years ago
unknown|10 years ago
[deleted]