
Cloud.gov - gmays
https://cloud.gov/
======
bmogilefsky
I'm the product lead on cloud.gov... Thanks for noticing us! There are other
Cloud Foundry deployments, but what makes cloud.gov special is the focus on
ensuring federal agencies are actually able to use it. Federal compliance for
a cloud service provider is a tough bar to clear, and without it most agencies
are simply unable to take advantage of capabilities the rest of the world now
takes for granted. That in turn impedes improvements in the many services the
government has to offer. We've just reached the "FedRAMP Ready" status, which
is a signifier of confidence that cloud.gov will make it through the
exhaustive auditing process to come. Best of all, everything were doing is
open source, including all the compliance work, so others will be able to
follow in our footsteps. AMA!

~~~
empath75
What sorts of jobs are available there and what's the salary like? I currently
do devops at a large Internet content company near Dulles and I've got federal
government experience from many years ago.

~~~
bmogilefsky
We're recruiting actively across many disciplines. 18F employs a huge range of
amazing people with diverse histories from both inside and outside of
government. Everyone is an impact junkie. Salary is competitive with industry
through a special hiring authority although capped at government levels
without bonus, stock, etc. There are intangibles that come from actually being
able to improve the way government approaches technology and adopts user-
centered design, agile culture, and DevOps that are totally unique.
[https://18f.gsa.gov/join](https://18f.gsa.gov/join)

~~~
gooserock
For what it's worth, I applied to work with 18F late last year. I'm a web
developer with a wide array of skills - front-end, back-end, and even UI/UX
design, product design, and some marketing and management - with about 8 years
of experience, mostly doing independent consulting with a couple years at a SF
startup in there. I'm also very civic minded, doing a bunch of pro-bono work
and (since) getting involved in community activism.

I had two phone interviews in which both interviewers asked almost the exact
same questions (which struck me as odd). Then I had a _third_ phone interview
in which the interviewer - who had a law background, as I recall - seemed very
disappointed that I had not worked on Google-sized teams before. Maybe he was
having a bad day, but his tone made it sound like I was wasting his time. That
was the last I heard from them.

Sorry, this probably isn't the right place to comment on this, but I just
wanted to share my experience with you. I was somewhat disappointed in the
process, even though I LOVE the mission of 18F. I was prepared to up and move
to DC, and honestly take whatever salary you offered - I was in it for the
mission, not the money.

~~~
jrockway
What is a Google-sized team?

~~~
gooserock
My experience has all been with teams and companies < 15 people, and he seemed
unhappy about that.

The startup I worked on had 12 people at its height (before it was bought by a
large tech company), and I was the first employee hire so I was in a position
of some leadership.

He kept asking me strange questions that presupposed I knew how to negotiate
with large entities like government agencies... as a developer.

That interview - plus the other two "groundhog day" interviews - were the
strangest interview process I've ever experienced.

~~~
jcrites
> He kept asking me strange questions that presupposed I knew how to negotiate
> with large entities like government agencies... as a developer.

Perhaps that's part of the skills that are needed to succeed at 18F. It sounds
like these folks are in a sort of consulting position where they help other
government agencies with technical projects and policy efforts. Take a look at
the 18F Innovation Specialist GS-14 and -15 roles:
[https://pages.18f.gov/joining-18f/pay-
grades/](https://pages.18f.gov/joining-18f/pay-grades/) \- based on your
background, they might have expected you to fall somewhere around, I'm
guessing, GS-14 (1). Some of the qualifications required are:

> Knowledge of and expertise in driving and implementing technology solutions
> that overcome significant challenges resulting from complex or bureaucratic
> environments, or technically difficult problems

> Skill in oral communication to present sensitive recommendations to higher
> authority, to obtain compliance with policies from activities nationwide, to
> articulate positions/policy of vast technical complexity, and to represent
> the agency on task forces

> Comprehensive knowledge of and expertise in all stages of product or
> business development, and ability to lead complex technology and policy
> initiatives from inception to implementation

Bureaucratic environment is right there in the job description :-) More
seriously, this sounds like a reasonably senior technical role in which one
would likely interface with other agencies in the way you're describing. GS-15
is even more demanding. While it's disappointing that the interview expressed
condescension at your lack of expertise in this area (and expressed anything
other than professionalism), I can understand given these qualifications why
they'd probe into those skills. It appears they're looking for technical
leaders, and not exclusively heads-down individual contributors -- this makes
sense to me given their mission. These positions seem to be about influencing
the government through policy and technology initiatives, and influencing
other government agencies (which is harder than influencing one's local
environment), not just delivering technical projects.

I am not trying to excuse the interview experience that you had, just to be
clear. I'm just making an observation about the kind of challenges they appear
to have, and the kind of qualifications they might be looking for in
candidates to tackle them. Innovation Specialist GS-14 and GS-15 sounds like
pretty interesting roles. I am personally glad that they expect such
leadership from technical specialists; this kind of broader influence is key
to career growth as a technical person past a certain point. Organizations
that _don 't_ expect this and foster this in individual contributors are
organizations where you need to move into management in order to keep moving
up.

However, it sounds like they could have done a lot better job communicating
with you respectfully and professionally, as well as conveying what they're
looking for.

(1) I know nothing about 18F beyond what I've read on these sites, nor about
government pay grades. I'm just taking a guess based on your industry
experience, and by comparing the 18F job role levels to the qualifications
expected of candidates with similar background in private industry.

~~~
gooserock
Thanks for your thoughts, I think you have a decent point there.

My experience does include running front-end at the startup I worked at, and
even being part of the three-person group that decided on the direction of the
product (with the two founders). My communication skills are battle-tested
from years of contracting (and a liberal arts university background), but I do
lack experience dealing with huge bureaucracies and I lack experience with
business development. So maybe that was it.

That said, if your theory is right that they were slotting me in as a GS-14,
they could have communicated with me about that difficulty. I would have been
totally fine with whatever role they wanted to give me - which I made clear in
the "groundhog day" interviews - because I just wanted to help. :-D

------
verst
I'm about to join 18F (in a few weeks), working on cloud.gov.

I worked on the Google Cloud Platform team around the time Compute Engine and
Big Query were launched (but spent most of my time on App Engine).

A few weeks ago at the Cloud Foundry Summit the folks from cloud.gov.au gave a
keynote. Cloud.gov got some nice shoutouts - the Australian counterparts
reused a lot of the cloud.gov work, thanks to the transparent open-source
approach.

Listing of cloud.gov related Github repos:
[https://docs.cloud.gov/ops/repos/](https://docs.cloud.gov/ops/repos/)

~~~
Veratyr
> Australian counterparts

Could you elaborate? I'm an Australian but I haven't heard about anything
18F/Cloud.gov-like back home.

~~~
auxesis
[https://www.dto.gov.au/our-work/cloud/](https://www.dto.gov.au/our-
work/cloud/)

------
nvas
I work in GSA as well, and I have a lot of trouble getting software approved
that you use all the time, even getting nginx approved took a long time.
Forget about vagrant, virtual box, recent versions of python, etc...

How were you able to get ATOs to operate most of your systems and work through
these policies?

~~~
Godel_unicode
They cheat.

Edit: they ignore a lot of the rules that GSA (among others) mandate the rest
of the government follow. One great example is cloud.gov, operating on the
public Internet without finishing the fedramp approval process. It also
doesn't comply with the TIC requirements GSA pushes on the rest of the .gov.

The hard problems in government IT are being able to pay enough to attract top
talent and dealing with all the authorities and oversight that parent refers
to. If you remove those two legally-required obstacles, you're cheating.
That's not necessarily a bad thing, but comparing GSA's pet project to normal
government is disingenuous at best.

~~~
noahkunin
Hi Godel -

I’m Noah Kunin, the Infrastructure Director at 18F/GSA.

While the Department of Homeland Security (DHS) owns the Trusted Internet
Connections (TIC) policy and controls ([https://www.dhs.gov/trusted-internet-
connections](https://www.dhs.gov/trusted-internet-connections)) we’ve been
working hard with DHS teams to clarify and improve implementation guidance.

We hear you - loud and clear - and understand there’s a lot of frustration.

Check out our updates with one of our pilot partners, Amazon Web Services:

* [https://www.youtube.com/watch?v=ikm5XsUuWR4&t=10m11s](https://www.youtube.com/watch?v=ikm5XsUuWR4&t=10m11s)

* [https://aws.amazon.com/blogs/publicsector/fedramp-trusted-in...](https://aws.amazon.com/blogs/publicsector/fedramp-trusted-internet-connection-tic-overlay-pilot-program/)

Also please sign up for updates to our blog - hopefully you’ll see more news
on this soon, but feel free to contact us directly as well.

[https://18f.gsa.gov/blog/](https://18f.gsa.gov/blog/) 18F@gsa.gov

------
darawk
This is really cool. 18F has been doing a lot of amazing work, it seems like
the possibility of government tech not totally sucking may be on the (somewhat
distant) horizon.

~~~
wslack
:) Thanks! I also work at 18F, but not directly on cloud.gov. Govtech is a
huge market, and I wouldn't expect any individual effort to turn the entire
ship. Hopefully, though, we can provide a space to experiment and build with
modern solutions and practices to make them more "normal."

I'm especially a fan of developing in the open - you can see our commits and
issue discussions and keep track of how we're doing as your civil servants.
The other thing I love is that all of our work is in the public domain or CC0.

------
rambos
As someone who develops for a Gov't agency, this is the wrong move. So much
money has been spent on mimicking the private sector innovators. Millions and
millions of tax dollars spent on these type of projects.

The focus really needs to be on building a process to better integrate private
cloud services and gov't applications. I mean they already are for the most
part:
[https://aws.amazon.com/compliance/fedramp/](https://aws.amazon.com/compliance/fedramp/)

[https://www.microsoft.com/en-
us/TrustCenter/Compliance/FedRA...](https://www.microsoft.com/en-
us/TrustCenter/Compliance/FedRAMP)

[http://www.businesswire.com/news/home/20160229005262/en/Serv...](http://www.businesswire.com/news/home/20160229005262/en/ServiceNow-
Gains-FedRAMP-Certification-U.S.-Government)

Seriously this is just another wasteful program. The Gov't and 18F will hype
it up, but don't be fooled.

~~~
bmogilefsky
You listed two IaaS provider and one SaaS provider. cloud.gov is a PaaS
provider. There is no FedRAMP PaaS available to agencies, and PaaS is the
level of abstraction needed to accelerate delivery of services the government
itself provides.

We also leverage the fact that AWS GovCloud already has FedRAMP status as an
IaaS to accelerate our delivery of cloud.gov (which sits on top of it), so
we're piggy-backing on the money and effort already spent and eliminating the
millions we would otherwise spend by having the government run the IaaS layer.

In other words...

> The focus really needs to be on building a process to better integrate
> private cloud services and gov't applications.

...that's what we're doing!

~~~
ddelmoli
Actually, there are several FedRAMP PaaS' available to agencies. A quick look
at [https://www.fedramp.gov/marketplace/compliant-
systems/](https://www.fedramp.gov/marketplace/compliant-systems/) lists
several compliant PaaS offerings, including one (Autonomic Resources LLC –
ARCWRX) based on OpenShift. It's great to see activity in this space.

~~~
aclater
Correct - Multiple PaaS providers have reached FedRAMP already:

[http://www.fedramp.gov/marketplace/compliant-
systems/blackme...](http://www.fedramp.gov/marketplace/compliant-
systems/blackmesh-securecloud/)

[http://www.fedramp.gov/marketplace/compliant-
systems/autonom...](http://www.fedramp.gov/marketplace/compliant-
systems/autonomic-resources-llc-arcwrx/)

Both built on Red Hat OpenShift

~~~
mtndan
Acquia is FedRAMP accredited as well. Acquia is optimized for Drupal. Drupal
now powers 40% of .gov sites in the US (and growing). It's a fully managed and
supported platform, which offers not only the CLI integrations that developers
appreciate but accessible, responsive GUI DevOps tools and 24/7/365
application support.

[https://www.fedramp.gov/marketplace/compliant-
systems/acquia...](https://www.fedramp.gov/marketplace/compliant-
systems/acquia-acquia-cloud/)

------
knomoslaw
Hi Bret, long time fan-first time commenter! In the govFresh excerpt that led
me here you state the 'Federal compliance for a cloud service provider is a
tough bar to clear'. Have you discovered the data policy map is in line with
US corporate standards (e.g. Microsoft data security) or separate and
distinct? I'd like to understand to what degree.gov innovation into the cloud
is at parity with existing, more public facing standards or rewriting what we
know and observe today.

Haven't read every comment but a quick ctrl+f didn't find any keywords on the
topic;) thanks for the insight!

Jesse@knomos.law

------
homero
I'd love to use them. Going to the source will reduce latency because the mitm
is removed. Now it's just the man. Seriously, I'd switch from DO.

~~~
verst
You can certainly host it yourself on AWS, GCP, Azure etc.

The general services administration is restricted to only assist federal
government agencies, so you wouldn't be able to use the version being managed
for the federal government.

~~~
bmogilefsky
Are you positive about that? :)
[https://books.google.com/books?id=bWI7AAAAIAAJ&pg=PA10&lpg=P...](https://books.google.com/books?id=bWI7AAAAIAAJ&pg=PA10&lpg=PA10&dq=105-50.000+gsa&source=bl&ots=h1zlSWQRZb&sig=noMZZDZNiY3iZZwcD21v1xbTy58&hl=en&sa=X&ved=0ahUKEwi7of7dhPHKAhXFWz4KHdsiDOgQ6AEIKTAC#v=onepage&q=105-50.000%20gsa&f=false)

~~~
verst
:) I remember having that discussion with you in person. You'd definitely know
it better.

------
zabador
This is the only government website I have seen that does not look like it was
designed in the 90's. It is pleasant to look at.

------
frozenport
Isn't the the "Platform-as-a-service" logo the Amazon AWS logo?

[https://upload.wikimedia.org/wikipedia/commons/thumb/1/1d/Am...](https://upload.wikimedia.org/wikipedia/commons/thumb/1/1d/AmazonWebservices_Logo.svg/2000px-
AmazonWebservices_Logo.svg.png)

~~~
Godel_unicode
Look the domain up in domaintools, they run on top of AWS govcloud.

[https://whois.domaintools.com/cloud.gov](https://whois.domaintools.com/cloud.gov)

~~~
frozenport
I wonder if they are just reselling: [https://aws.amazon.com/govcloud-
us/](https://aws.amazon.com/govcloud-us/)

~~~
bmogilefsky
We are using AWS GovCloud for our base IaaS layer, but we run a PaaS layer on
top based on Cloud Foundry... That's the actual cloud.gov service being
provided, the location on AWS GovCloud is just an implementation detail.

------
tfg4k
I apologize but browsing first thing in the morning, was I the only one who
assumed this was a joke?

~~~
herbst
You are not alone. I Still question how much of a good idea that is. It
certainly makes it self a popular target for attacks by default.

------
scalio
What is such a fabulous cloud made of? Broccoli? Or maybe still only _a
datacenter_?

------
cloudjacker
at first I was going to make fun of them for choosing "Cloud" half a decade
after that buzz word reached its peak, but then I looked at the service and it
is pretty cool

