devops cd and multispeed it in regulated industries (fug presentation)
TRANSCRIPT
1Copyright © Serena Softw are 2015
Julian Fish
Director of Products
Serena Software
Move Fast Without Breaking ThingsDevOps, Continuous Delivery and Multi-Speed IT Delivery in Regulated Environments
3
Need to drive competitive
advantage and respond to market
needs
Adoption of Agile practices have
increased the speed of engineering
delivery
Still ruled by a SLA’s, stability and
an inherent resistance to change
BUSINESS DEVELOPMENT OPERATIONS
Move Fast Without Breaking Things
COMPLIANCE (CONTROL)AGILITY (SPEED)
4
“Who has an Agile Transformation Project /
Program in place currently?”
Define
Develop
Construct
Deploy
Verify
5
“Who has a DevOpsTransformation Project /
Program in place currently?”
Development Teams “Shift Right”
Dev Test UAT Prod
Operations Teams “Shift Left”
9
“Devops good news!
Devops is 100% peoples
and culture so you not
have of understand
functional programming!”
DevOps?
© 2013 @DevOpsBorat
10
DevOps, Continuous Delivery and Multi-Speed IT
DevOps tries to align goals between Development and Operations
Continuous Delivery ensures software is always production ready and releases are tied
to business needs and not operational constraints
Multi-Speed IT understands that there isn’t a simple ‘CD or non-CD’ approach but a
collection of approaches and speeds that IT can use to release software
11
DevOps…
Automation?
Infrastructure as code?
Continuous Delivery (CD)?
Infrastructure Automation?
Continuous Integration (CI)?
“A movement to address the gap between
Dev and Ops”
What is DevOps?
“82% of high performing companies
automate their code deployments”
12
DevOps / CD Benefits for Regulated Industries
Reduced risk by implementing frequent, smaller changes
Developers have better understanding of development, test and production infrastructure
Operations gain application-centric understanding
Simplified end to end IT processes inclusive of Audit and Compliance requirements
Supportive of Application Automation
= Increased collaboration between Dev and Ops / Lower Risk / Faster Time to Value
Ops
QADev
DevOps
13
End to End Domain Interaction – The Sum of the Parts
Continuous Delivery
Source Code
ManagementBUILD / CI Deployment / Test Automation Formal Release
ContainersVirtual
InfrastructurePhysical
Infrastructure
Cloud
Infrastructure
Enterprise Change Management
Dev Test UAT Prod
APM
IT Service
Management &
DML
Agile
Planning
Requirements
Management
Project Portfolio Management
Enterprise Release Management
Is this DevOps?
Is this DevOps?Is THIS DevOps?
14
Identifying the Challenges in Federal / Regulated Industries
One size fits all approach won’t work for traditional Federal organizations
Legacy, Transitional and Innovative Applications must co-exist
Organizational Framework based approach with multiple ”Flavors” of implementation
Multiple Contract teams own areas of the End to End process, adding complexity
SPOC and ownership is difficult to find – what is the sponsor trying to achieve
Startup “Application is the Business” doesn’t apply
15
“More than 95% of IT operations organizations lack a
centralized release management process”
“Through 2016, a lack of effective release management
will contribute up to 80% of production incidents in large
organizations with complex IT services”
“82% of high performing companies
automate their code deployments”
16
Bi-Modal vs Multi-Modal IT
“By 2017, 75% of IT organizations will have a bimodal capability”*
“95% of Large Enterprises require multi-modal capabilities. Type 1 &
Type 2 becomes Type 1 - 5”
17
“By 2017, 75% of IT organizations will have a bimodal capability”*
Systems of Innovation
Systems of Differentiation
Systems of Record
Mode 1
Reliability
Waterfall, V-Model
IT-centric
Release in
Months/Years
Mode 2
Agility
Agile, Kanban
Business-centric
Release in
Days/WeeksDependencies
Go
vern
anceC
hange
*Gartner predictions, 2014
18
Systems of Innovation
Systems of Differentiation
Systems of Record
App 1
TraditionalWaterfall, V-Model
IT-centricRelease in
Months/Years
App 2
AgileAgile, Kanban
Business-centric
Release in
Days/Weeks Go
vern
anceC
hange
App 3
TransitionalScrum fall
Product-centricRelease in
Weeks/Months
Serena Provides Multi-Modal IT Support
Dependencies
Application Deployment speed determined by Application Architecture, Application Type and Compliance requirements
19
Shift Left vs. Shift Right
Development Teams “Shift Right”
Dev Test UAT Prod
Operations Teams “Shift Left”
Measured Functional Competence (High – Low)Key:
2020
Where to Start?
• What matters to the business?
• How do we Define and
measure success
• Look to Eliminate waste
• Incremental changes/quick
wins
• Focus on continuous
improvement
• Implement Process and
Technology Simultaneously
• Automate Everything
21
How Responsive are you to the Business?
• How do you measure success?
• Average cycle time for moving a business request from Development to Production?
• Number of business requests
implements this week, month, year?
• Cost of moving a unit of change through your application lifecycle?
• Percentage of a release focused on
technical debt?
• Develop metrics to support what matters to the business
22
inetOrgPerson inetOrgPerson
Secured
Repository
Common
Build Process
Secured build processes
ensures audit compliance and
artifact traceability.
Secured artifact repository
provides common source
for artifact deployment.
Continuous Integration & Standard Build Frameworks
2323
Automate Almost Everything
• People should not move the “bits”
• Automate code and configuration deployments with a single set of
deployment processes across all environments
• All pre-prod deployments should be rehearsals for the final deploy into prod
• Quick incremental wins with big impact
24
Developer
Commits Code
Test Automation
Validates CodeOperations
Releases Code
DEV TEST PROD
Process
Artifacts
Build
Initiated
Centralized Release Management Process and Path to Production
2525
Standardize the Release ProcessStreamline and accelerate the release lifecycle
• Single system of record for release planning and execution
– Schedules
– Milestones
– Gates and Approvals
• Automatic cycle-time capture
• Ensure audit trails for compliance and learning
26
Process and Technology work together
Release Control
Release Train
Release Package
Tasks
Integration Framework / Service Layer / Widgets
SDA DIM CM ZMF EROOTHER
RELEASE
PROCESS
ARTIFACT
MANAGEMENT
27
Identify Teams for Continuous Delivery vs. Release Management
Continuous Delivery Enterprise Release Management
Dev
Source Code
ManagementBUILD / CI
Deployment / Test
Automation
Test UAT Prod
Formal Release
Containers Virtual Infrastructure Physical InfrastructureCloud Infrastructure Infrastructure as Code
Enterprise Change Management
APM
IT Service
Management
28
Release Control Object Overview
Release Package
Dev Test UAT Prod
Request
Release Train
Deployment Path
Release Package
Release Package Release Package
Deploy UnitDeploy Task
Dev Test UAT Prod
Request
Deployment Path
Deploy
UnitDeploy Task
Dev Test UAT Prod
Request
Deployment Path
Deploy
UnitDeploy Task
Integration Framework
Integration Framework
29
Package level control and visibility
Dev Test UAT Prod
Request
Deployment Path
Deploy UnitDeploy Task
Release Package
Integration to Serena and 3rd party artifact
management / source code solutions
(Dimensions CM, ChangeMan ZMF, Serena
Deployment Automation, Artifactory, TFS,
Jenkins, IBM, CA etc.)
Integration to Serena and 3rd party request /
ticketing systems (Dimensions CM, SBM,
Rally, Jira, Version One, Bugzilla etc.)
Defines the activities to deploy / implement
the Package via integrations to Serena and
3rd party tools (Dimensions CM, ChangeMan
ZMF, Serena Deployment Automation, CA
Nolio, IBM uDeploy, XebiaLabs, Manual
Steps etc.)
Integration Framework
Package Deployed via configurable
deployment paths
30
Enterprise Deployment Pipelines
Key Capabilities
• Create, manage and automate deployment pipelines
• Enforce environment sequencing and auto promote
• Full stack automation with new plug-ins:
• Chef, Puppet, Jenkins workflow
• Docker, Bamboo, Openstack and more
Benefits
• Supports Dev / Test Churn with Managed Stage &
Production Releases
• Improves quality with a single repeatable deployment
process
• Reduces cycle time
• Provides end-to-end traceability for compliance and audit
31
Continuous Delivery Maturity Model for Enterprises
REPEATABLE
BUILD
CONTINUOUS
INTEGRATION
AUTOMATED
APPLICATION AND
INFRASTRUCTURE
DEPLOYMENTS
TEST
AUTOMATION
ENTERPRISE
CONTINUOUS
DELIVERY
Standard Build
processes across all
development and SCM
tools. Daily / nightly
builds exist utilizing
secured SDLC
CI Build processes
build deliverables upon
code commit and
invoke automated unit
tests
Target integrated
Application and
Infrastructure
Deployments
(provisioning on
demand – Cloud, Virtual
or Physical for app
deployments)
Fully Automated Test
Suites allowing entire
application to be Tested
without user
intervention
End to End Build, Test
and Deployment
Capabilities
32
“Full Stack” Provisioning
APPLICATION CONFIGURATION
APPLICATION DEPLOYMENT
CONFIGURED APPLICATION
STACKVM VM VM
OS PROVISIONINGP
RO
VIS
IOIN
G O
RD
ER
OS CONFIGURATION
BARE METAL / CLOUD STORAGE
• Infrastructure / Cloud / Virtual
Provisioning
• Application Architecture
Deployment
• Application Configuration
• Build Up &Tear Down
Capabilities
Essential Steps for Enterprise Continuous Delivery