 Hi, everyone. Welcome. My name's James Curran, and I work for the UK Civil Service, and for people that don't know what that is, that is the government arm for the UK. So it could be covering work, pensions, trade, the NHS, so like national health, things like that. And my colleague Justin Cook, we're going to be going through how we use OpenStack and what the benefits that are that we saw from using OpenStack, and then towards the end of it, we'll give you a demonstration of our application that we've built under OpenStack as well. So in terms of a background, so the government's got a lot of different services. So we cover a wide spectrum of areas. It's not just looking at this small case study that we're going to show you in trade. We have a lot of areas such as it can go as far wide as national health. It can go over to... Just leave it. It can go far through everything. So we've got plenty of things going on. For this purpose of a case study, we're going to show you import and export licensing. So in terms of the UK, we were recognised as the most digitally advanced in the world, and that was from last year in the United Nations eGovernment Survey. That covers a wide range of areas. So we do have a central area which is called the Government Digital Service, and they have an overarching responsibility to look at departments on what type of work they're going to be doing. So one thing that's been created is something called the Digital Service Standard, and that gives us an idea of how government should be developing services. So it covers areas, so technology. So we have a specific idea on open source technology that we want as much of our services to be using open source. And it also goes as far as areas such as user research. So we want to make sure we understand what people want that are using the service, and we have certain design principles. So for people that have seen any of the UK services, actually we have a very bespoke design area. So you'll notice that all our services look similar, and that gives a consistency for users so that they can understand how we're moving forward. One thing that we have got that's looking to push that agenda forward is the UK digital strategy. So here we're not just looking at how we develop services, but also looking at how we can increase digital capability within the UK. So we're looking at how we can increase our broadband capability and how we can get people more access to services. One thing that's been quite a problem for government is that we had a lot of siloed working over the past 20 or 30 years. We had government departments that were all doing the same thing that was very similar, but in fact we wanted to develop it ourselves. We wanted to be the ones that were saying, look, we're doing great here, when we could be making a much better impact if we had cross-government services. And one of the things that OpenStack allows us to do is to support them cross-government services. So as we move into the case study we'll be showing you how we're making our components reusable and how we're going to be looking at sharing our knowledge with other departments. Some of the examples that we've got that have been developed throughout government, and these have not been using OpenStack, but to give you a flavour of what we've been doing, is we're currently creating a single sign-on for exporters. So rather than our exporters having to log into loads of different services, they'll be able to log in with us once and then we'll have mutual sign-on throughout the whole of all of our services. And as a wider government policy we also have three cross-government services, so we have something called Gov.uk Pay, so that enables us to take payments from citizens and only have to log into one area. We have Gov.uk Notify, so that allows us to send emails, text messages as a cross-government solution so we don't all have to build our own messaging components. And we also have Gov.uk Verify, which allows us to do a digital verification of some of our users. So we use partners such as Experian to go through and validate them through a digital capability. So in terms of the case study, we're going to go through import and export licensing. So one thing that's important to note here is that it's an end-to-end digital transformation, so we're not just delivering a service, we're delivering a transformation to the business and pushing it forward. So rather than just having an IT service, we're actually looking at how we can deliver real benefits. And part of that is also developing cross-government components, so in terms of import and export licensing, you actually would have to go to probably five or six departments if you were working at all type of goods that are licensed. So you can have military goods that are licensed, you can have arts and antiques that are licensed, you can have animals and plants that are licensed, and for us as a UK government that is actually dealt with by different departments, so you'd be liaising with different people. What we're looking to do here is actually develop reusable patterns and reusable components that we can then have them all going to one service for import and export licensing, rather than having to go off and deal with different areas all the time. So if I give you a bit of background of our service, so we are at the moment focused on military and what we term dual use goods, and these dual use are things that could be repurposed, so stuff like chemicals fall into that category and things like that. Ten years ago we had a completely manual process, they did it all on paper and they sent couriers around Westminster on sending all these papers over so that you could get wet signatures and everything could be signed off. Eight years ago we created our legacy system which is called SPIRE, so that is a replication of a manual process onto an IT system, so you'll find there's a lot of counter signatures, so you'll go through it and you'll have loads of people going to have to sign off at the bottom because it just replicates exactly what they used to do for a manual process. Some of the positives for that are they that we've managed to get numerous departments using this, so when you come to make a decision on this type of licensing we need to get Ministry of Defence and Foreign Office involved, so we've actually got multiple departments within government all using the same service, so it actually gave us a really good foundation to start building a new service and looking at how we can improve that. So what are the goods that go through the system? So military goods they're quite obvious say a tank, a rifle and they're quite obvious you know what a military good is. Jewel use can be a bit more difficult, so it could be carbon fibre and bicycle tithes that could then go into a missile tip, so it's looking at different ways of how we could do that, so it's not just the UK that's responsible for this type of licensing, all countries do it, it comes down from the World Trade Organisation and different countries do it in different ways, so we're looking to share as much as we can with other countries and understand the best way to do that, but this is how we take the approach. So if you go through what the problem with our current services is, we have a lot of confusing legislation, so our legislation is written by policy experts that aren't necessarily focused on the users, they're looking at how we can write the legislation and push that through. Similar legislation isn't necessarily written by the UK, either it could come down from international laws or things like that, so one of the key areas of our content designers is actually making our service usable, so when we do a demonstration later I'll show you how we're rewording things to users so they can understand the different type of goods and pushing that forward. Our current service isn't particularly usable, so we've got some areas where it's really difficult to find what licenses we should be using, we have over 50 types of licenses that people could be using, so they're going through it trying to understand how they fit into that and how they can export, when really these type of services should be encouraging exports and enabling people to export as well, so we're looking at how we can counter that and make sure that the usability of the service is much better. And because we're using legacy kit it's actually expensive for us to maintain, so we're looking at how we can make cost savings and also push that forward. Unsurprisingly a system that's 10 years old and there's a lot of cost associated with hosting and maintenance and pushing that forward with upgrades, so we're looking at how we can continue to use other services like OpenStack to push that forward and hopefully drive our cost down. So what are we going to do in the near future? So as I mentioned before we do have some cross government services and say an exporter would realise and identify that they need to export. We then have a central hub called U.K. where all of our services originate, so you would go into our gov.uk portal and you would look at what activity that you want to do. You will get a lot of guidance on that activity and then we have another sub-layer underneath that is when you'll get pushed to our services, so all of our services are on a domain called service.gov.uk, so it's all quite straightforward for a user to understand them where they're going. So in the near future with currently what I'm showing you is from the Department for International Trade, so looking at control goods, but we're actually looking at how we can extend that out to other services, so Ministry of Defence, Department for Environment and Arts Council, so that covers different types of licensable goods, so we've got artwork, animals, plants, and they're all got a commonality. It's all a complex case management system, so it's looking at how we can reuse patterns and components to deliver an efficient service for the whole of government. So at this point I'm going to hand over to my colleague Justin to talk around how we solved our problem using OpenStack. So how did we solve the problem? These days, I guess I'll just scroll the slides. Right, so everything, digital transformation is, the way we do business digitally is changing, it's basically permeating every aspect of our lives, right? You do something, you pick up your phone, you forget your phone and leave it at home, it's going to be a bad day more than likely, and we need to collaborate across departments, which has already been said, all the silos, people using Ubuntu here, Windows there, REL here, CentOS, there's a smorgasbord of all sorts of technological choices, and if we converge the infrastructure pieces, we'll be able to save a lot of money. All this kind of makes sense, doesn't it? To build the environment, we need to evaluate a potential data center, right? It takes a lot of time to do that. What's the geographical location of that data center? What's the, are they tier three? They meet the requirements you need for uptime, and the availability. You don't need to order kit and provision the cabinets in and send a team of people there, airfare, hotels, all that good stuff. Three to six months goes by and you may actually have provisioned and racked stacked cabinets where you can start installing the platforms. Right? So it's not the way we do business anymore, obviously. With technology that opens stack in the cloud, all the patterns you use in infrastructure are undergoing significant transformation. They did this what, seven or eight years ago, and now with containers it's even transforming again. A year ago, this was becoming fairly heavily used, a container portion of it, but even accessing providers other than AWS or Azure, for instance, was fairly difficult to get a good provider that could meet your requirements. Then you need a talent pool to continue on and maintain that environment in the long run. In this case, we do have security classifications. The data is classified, it has personal identifier information, amongst other things, so you have issues with that. We need to align it with the government strategy as well. All this consolidation of infrastructure pieces needs to be obviously reliable and deliver all the performance that we need. How do you do that? You really don't know. Even for other providers, they may give you a baseline standard, but doesn't really meet that. We also need to have relationships with engineers because we do have issues. We don't just write websites and put it out there. We do all three tiers of the stack. They need to be pragmatic. A lot of the managed services that are provided today are either fairly expensive or they all add up. People just take advantage of all these managed services and you get a huge bill in the mail. The numbers don't lie when you do tracing sys calls and things like that. IOPS, you can see the numbers and again, it doesn't lie. Who do I pick up the phone call or a Slack message or something like that? These things really matter to us. I personally found that the larger providers get, sometimes it gets very difficult to get to the root of a problem and just make a pragmatic result. I'm quoting myself. It's kind of funny. So we'll go on from that. We create the estate. This is actually more your field. One thing that we wanted to highlight is that the UK digital estate is actually quite a wide-ranging thing. We have something called digital marketplace. We encourage a lot of SME providers to register themselves on the digital marketplace. That's where we have our authorised frameworks to be able to pick suppliers from. There's quite a lot of suppliers. Over 2,000 suppliers and they provide about 26,000 services. That's quite a big area. G-Cloud is only one of the sections of areas where we can procure services from. We also have areas for outcomes. So we can procure specific outcome. We can say we want an alpha or a beta service and we also can procure specialists as well. It also allows us to take advantage of pooling all of our government knowledge together because we can then put the markets on there and get the rates that we're looking for. For our service, we use Red Hat OpenStack as infrastructure as a service which is hosted by UK Cloud. These might be some companies that you've heard of that have previously been yesterday in different areas looking at what we're doing. Then we use Red Hat OpenShift for our microservices. We're currently using a company called CoScale for monitoring and log aggregation. Certainly I've been walking around here and seeing there's a lot of competition on monitoring and logging. There's a lot of options and things that can be used. For our current service, this is the choices that we made. All the three or four months go by, but in our case we submit a ticket for an account and resources, how many CPUs, storage, volumes, et cetera. We get that assigned to us. We log into Horizon and we then go to Access and Credentials and we download our credential file. We then source that file in our environment and we can then run our answerable playbooks is what we use, whatever you want. If you've done well, the estate is ready to go. It's really that easy. Using the estate, after we've ran our SuperWamidine answerable playbooks, we now have a bare metal platform to us. We've installed RHEL, we've configured the environments, the networks, the security groups, the volumes, all that good stuff. We have RHEL 7 platforms that are subscribed and ready to go. We can create snapshots, do backups, whatever we want. I can even create an image from an existing platform and transfer that over to another project if I have other projects that want to use that or if I want to mirror it for whatever reason. And now we can do the things that we really should be doing and that's, at this point in time, a lot of user research solving the problems. The developers are actually working with them very closely, pretty much sitting right next to them, developing the application. We have private beta testers that are actually testing this and feeding back the information and monitoring backups. All the infrastructure components that you used to have to worry about, absolutely, that's their problem. So, in the end, what the business wants, we have successfully abstracted that using our idempotent configuration management system. It's just repeatable. I can redeploy it in a moment's notice if I need to. And monitoring so we can tell, you know, be proactive. We can see if there's going to be issues before those issues arise before they become noticeable by the user base. We should know about them beforehand. And then we can argue about whatever we want amongst the techies, right? So all the things that we used to argue about are not our problem anymore, that's abstracted away and focus on the big things. Again, it's repeatable, maintainable. All infrastructure is code. And we can sit in front of the commons and confidently answer questions if we're actually put on the spot in the box or in the chair. And we've devolved each piece with precision, I think. So instead of having all the managed services, we can innovate ourselves and do things exactly the way we want them, make things reusable that we can share across different organizations. It's all on GitHub. You send a pull request if you want, fork it. And life is good. We can also multi-tenant, so go back to converged infrastructure. Hyperconvergence is the thing these days. We have other parts of the government departments that are interested in what we've built that they can multi-tenant with us. So we have a team that comes in, they need to develop X, whatever the app does, how many resources they need. If they're using the microservices patterns, then we give them a project account and an open shift. And then even at that point, our guests become abstracted away to them. So it's just a matter of, do we have the compute resources available as a whole? We could also go to multiple hosting providers if need be, which is, you know, that's a good thing. Be redundant across suppliers. Put it in AWS if you wanted to. Other open stack carriers, which that's a good thing. I mean, literally just give me a different API endpoint and boom, it's up and running. And once again, build reusable microservices across the organizations, which is, that seems to be the latest and greatest thing that's caught hold in the market. So keep it simple, stupid, obviously a kiss. That's the acronym I've always known of as. We keep it simple and we win every time. We don't have to worry about... I mean, for instance, if I do something 10 years ago that I thought was incredibly clever and once it goes by, I'm like, oh my God, what does that do? What was I thinking? Then I have to go back and try and figure out what I thought was clever at the time. So when you think you're being really clever, sometimes you're just kicking yourself. Cool. So we've told you a lot of stuff. So what we're going to help now is visualise what our service actually looks like. So what we've actually built onto open stack. So while we just get the video up. Cool. Right. So this is our service. The front end is finding out if you need an import license. One thing that we have been looking for is we... Government is particularly concerned with our people able to use the internet. Are they able to use digital services? We do a lot of testing with what we term assisted digital users. So these are people that might find it difficult to use the internet. We also have people that... due to age barriers and different barriers, why they can't use a service. And we found out that in fact a lot of people find it difficult to get through the end-to-end service. It's quite a long process to work out if you need an import or an export license. So we created a save and continue functionality. So this is before our account registration happens. If someone wants to leave our service, we'll pull them straight back into the service from there. So you have the option to email this code and for the purpose of this demo we send it to a test account. So that's all important because it helps people have the confidence to get through the service. What we then look at is trying to work out where our items are going. And you might think that this looks like a really straightforward screen. So we've got things around an export or an import. But our user research was showing us that people didn't necessarily know what an export or an import was. We had some examples of people thinking they were importing shotguns into New Zealand when in fact they were exporting it from the UK. So they were going down the complete wrong user journey. So we have to actually tell people now are you going out of the UK? Are you coming in? Or are you facilitating shipments? So it kind of gives them a good overview of what they're looking at. So this screen here is to help navigate our Gov.UK content. So you can see all the different types of goods. So around Gov.UK we have numerous guidance pages where people can then find what they need to do. So for this journey where we're looking at military goods you would go down into our service. So if you go to animals or plants or arts we'll actually direct people to the right Gov.UK area so it finds it a lot easier to find what they need. And hopefully moving forward we'll be able to digitise all of them systems so that we can have it all in one place and people can have a generic account where they can export and import. So once they expand an area they get an overview of what it is. And then they'll be moving into what type is your goods. So even though they've told us it's a military good we then need to try and work out what is it. So it could be a physical good, it could be software, it could be technical information. All of these are what we term controlled. So we need to work out well what is it. So at this point once they've done that say this one here is going down a physical goods journey. So in terms of what they do they then need to describe their item. So it's a free text box. We have had numerous iterations of the screen. So we did have loads of categories going down about this. We found out that our user base are a lot of them actually quite expert at what they do. So they end up putting almost the technical specification into these boxes. So what we actually want them to do is give us a brief overview of what their good is. So at this point it gives them opportunities to type this in. So what's going to happen here is we use something called elastic search. So it's going to go back and go into our database and try and rate the good. So in terms of what I mean by a rating you have a type of good it needs to be rated against something called a control list and that's about a 300 page document that has a lot of codes. So it could go down the route of a rifle is military list one. But military list can go down into the 100. So it's kind of looking how you rate it in the terminology as well. So here we go it's going to search for a shotgun and it's going to come back with possible matches. So at this point these possible matches we've converted into plain English. So they're actually a lot more lengthy than that. So it's trying to work out how we can make it more presentable to people. So if you go down this route it then shows what type are available. So we're looking here and you've come to this and you're reading about your firearm it's well is your item list for the above. If it is then you've actually got the wrong control list. So as you can probably see it's quite a complex area in order to try and rate your good. So we're trying to get a journey where people can go through. And this is the first time that we introduce into the concept of what this military list is. So our expert users know lots about this this list and they almost can recite it in terms of what they're doing. But here we're trying to introduce the concept. So we're giving almost like a breadcrumb trail to understand exactly what it is. And you might have noticed now that the more technical specifications are coming out. So previously we said it was a smoothbore weapon but in fact this list here needs to be a certain millimetre but presenting that someone as a first time user is actually quite intimidating for an exporter. It's very detailed in terms of what they want to do. Although if you felt that you've gone down the wrong route and you can't describe your items you can go back into the search. So we have a lot of ways that you can go back into the service. So you can add more data. So if you put a rifle after it you can then go in and go down the correct route. So you'll find what you're looking for. So in this case going down the ammunition route. And then again these screens are actually quite important for our service because it's an ableness to understand what they're doing. So it's kind of looking to say well can we identify what it isn't and then we'll keep pushing forward until we find the right rating. Say if the load isn't then we come down to military list three. So there wasn't much difference between what this person was wanting but there's a difference between one and three. So that's quite a simple example and if you were to read through the document you would have seen that quite quickly but we do have issues of it is a very large document and it could be on the rating that they're reading could be on page five but the rating that they need is actually on page 210. So it's kind of like depending on what they're looking for it's not the best organised. So if this does describe their items we can then go through the final destination say what we're looking at is where are these goods going to? One really cool thing that we're currently looking at in government is how we use registers so we're looking to create a country register so we're inputting that into a cross-government service of does the UK have a common list of what countries we can use and export to? So this will be feeding into a register at the moment it's just using our previous data but say for the purposes of this demo we're going to send it to the United States and what we're now looking at is we're interested in is it going anywhere first and the impact our decision from a business point of view is if it's going through another country so you have the option to type in France so it's just going through a European country what we're doing here now is I mentioned earlier that we have a lot of license types so what we're doing here is trying to filter them down so we can present them with the most usable license that's coming through unfortunately if you were to use our legacy system it would come up with we have roughly two types of licenses we have an open license that's got preset terms and we have a standard license that then needs to be assessed by a government department unfortunately within the open licenses we have about 55 of them and within the standard licenses we've got about 20 so it's a considerable amount of license that you could use so we're using this screen here to start filtering down saying which ones are applicable and which ones could you use so if you were to say no to all of these questions it would then come back with the licenses that are possible that you could use so another interesting thing to point out here is that these licenses are quite lengthy themselves say if you were to read them straight away some of them are close to 18 pages long to understand if you could use this license you can probably imagine for an exporter that's not the best thing they want to be doing they want to work out if they can use this license so the first thing we're doing is filtering any questions out say if any of these apply you can't actually use this license then what we're doing is creating summaries for them so instead of having the 18 pages to read through you can now go through what you can do what you can't do and what you must do with a license so that we're really encouraging trade here so that people can start using it unfortunately we're still having to go out to other services say we're looking at providing information on if they need to know what the EU directive is unfortunately that's still quite lengthy but it's the option there that they can go through the hyperlink and understand what they want to do if you feel that that isn't applicable for you you can go back and you can go back to our search screen and pick a different license type again we'll filter this out so we'll be saying well if any of the supplies you can't actually use this license but we're helping them to understand what it means to use these licenses rather than just saying go away and read it at this point you can then register for the license so you'll notice that our saving continue code is there so you'd have noticed in the top right and corner that it's been there all the time so it allows people if they want to go out of the service they can go out and come back with a saving continue code we're reminding them again because at this point we're going through our account registration process so now they're moving into our service and we'll be registering them as a company or an individual depending on what they're doing we can have individuals who are going to the Olympics and they're shooting exercises so it's quite a diverse user base in terms of what they want to do so you have the option to change as well so you can go back into our service and you can say well actually it's not going through France I can take that out and then that will affect the licenses that could be available as well so you would take them back into the journey and identify different types of licenses that they could use but it might actually be that the license they had before actually works because a lot of these licenses are applicable to numerous destinations so one of the things that we want to do is start to increase trade and say you've got a license to the United States do you know it's also applicable to Australia or someone like that so it starts opening up different markets so in terms of license registration we've created a SAML interface with our SPIA system so SPIA is our legacy system if you have an account on SPIA you can log straight into our service so you almost use it as an early single sign-on mechanism that we're developing with Department for International Trades wider services so at this point you would then go into our service so you would go into our service and you have an account registration and if you don't have an account on our legacy system we'll then create you one and we've created APIs between the two services so our development team is currently working on a dashboard so that the exporters will get to use our nice new system and we'll be able to have API communication between the two services whereas the case processing element which is actually quite lengthy and quite big that will all be processed on our legacy system while we start to replace that to visualise our service and understand what it actually looks like and now it's time for any questions so if anybody's got any questions then please so we get different types of feedback as you can imagine the primary function is for user research so that people can start telling us is that the correct thing we want to understand how our database is working as well it's quite difficult to rate your goods so we want the feedback in terms of what type of good but actually the control code came wrong or it's understand how we can improve that and tweak our algorithms within that we do get some technical feedback as well so in terms of the main technical feedback that we get is through our monitoring and logging but in fact we do have people making comments and things around that so it's actually quite useful and it's an open forum that works really well for government services because people don't feel like they're being pressured by government to do anything so it's interesting if you want to do feedback any others yes well Justin yes we're using it just as infrastructure to service and we do all our own services internally like IPA server for Kerberus, LDAP and internal names or internal DNS etc so we've had some cost projections we won't know until we have completely implemented it but it's looking around the 50% mark in terms of our hosting we will obviously know as we implement more but the way that the previous service was built was that it replicated a manual process so about 10 years ago there wasn't much user research into what the service should be it was like this is how we're going to deliver a service through our user research we might find out that we need to build other services that actually makes the whole service bigger so our hosting cost might not be as a big reduction but if we were to do a complete replication then yeah that's the sort of figure but it depends on what other services we need to build on the back of our user research yes Justin the couple of users co-scale and they do have that capability built in I don't know if it's machine learning wouldn't call it that but they do forward looking like for instance if your trivial example would be if a directory is filling up at a pace faster than intended and I will get an alert beforehand and I can deal with it before the alert actually really happens but not really what you're asking I believe okay so you mentioned that you had you got cooperation among different organizations for this so I'm guessing it's the different organizations that control each of the specific fields like you're saying military goods versus some of the other fields what were the sort of challenges faced with convincing them that this is the way that they're going to do it the centralized means of doing this and is that going to the successes that you had in that area will that encourage other cross yes say the main challenges how we share it so there's different ways that we could do it we could say we'll build it on your behalf to the other department and you tell us what type of stuff you want or we could share design patterns and design libraries and then share it through that way so it's actually quite difficult in terms of what does the department want so if you take for example the arts and antiques they actually have a completely manual process at the moment and they would love for us to implement something that's an online service so that's quite an easy one it'll be like well actually we'll probably build it for you but there's a different approach for the animals and plants so animals and plants they've got a semi-automated system but they want to take advantage of some of the stuff that we've been building because the case processing flow is actually pretty similar like it's make an application some people have a look at it and then we'll make a decision if we'll issue it or not but they'll want to reuse some of their stuff and some of our stuff so it's like how do we actually share our knowledge and it's not always one way to do it there's different ways of doing it so I hope that answers the question but we've had like different ways of do it sharing it's proving quite difficult at the moment cool any final questions say at the moment the back end stuff say are you more interested in the infrastructure back end or what we would term our case processing so where the government employees would be making a decision okay yes in terms of a standard so assessing like UK government services we have something called the digital service standard and that's got 18 points that cover a wide range of things so some of it will cover the technology side but it also covers our user research practices, our design practices analytics and how we do things and at different stages of development you have to go through assessments by something called the government digital service and they are part of the cabinet office which is one of our like overarching departments and each stage say for alpha, beta and live you'll go through an assessment against that criteria and that's where some of these things would come up saying well how do we share our information and what do we do and this design template that you can see in front of you here is a standard template for all government services so all of our government services look like this so it's to give a consistent feel for all government services. If there's no more final questions thank you everyone coming along and please get in contact if you'd like to know anything more.