1Copyright © Serena Softw are 2015

Julian Fish

Director of Products

Serena Software

Move Fast Without Breaking ThingsDevOps, Continuous Delivery and Multi-Speed IT Delivery in Regulated Environments

2

3

Need to drive competitive

advantage and respond to market

needs

Adoption of Agile practices have

increased the speed of engineering

delivery

Still ruled by a SLA’s, stability and

an inherent resistance to change

BUSINESS DEVELOPMENT OPERATIONS

Move Fast Without Breaking Things

COMPLIANCE (CONTROL)AGILITY (SPEED)

4

“Who has an Agile Transformation Project /

Program in place currently?”

Define

Develop

Construct

Deploy

Verify

5

“Who has a DevOpsTransformation Project /

Program in place currently?”

Development Teams “Shift Right”

Dev Test UAT Prod

Operations Teams “Shift Left”

6

“Who has a defined goal / objective for these programs in place?”

7

“What is DevOps?”

8

DevOps – NOT just Release or Infrastructure Management

Image: IT Revolution

9

“Devops good news!

Devops is 100% peoples

and culture so you not

have of understand

functional programming!”

DevOps?

© 2013 @DevOpsBorat

10

DevOps, Continuous Delivery and Multi-Speed IT

DevOps tries to align goals between Development and Operations

Continuous Delivery ensures software is always production ready and releases are tied

to business needs and not operational constraints

Multi-Speed IT understands that there isn’t a simple ‘CD or non-CD’ approach but a

collection of approaches and speeds that IT can use to release software

11

DevOps…

Automation?

Infrastructure as code?

Continuous Delivery (CD)?

Infrastructure Automation?

Continuous Integration (CI)?

“A movement to address the gap between

Dev and Ops”

What is DevOps?

“82% of high performing companies

automate their code deployments”

12

DevOps / CD Benefits for Regulated Industries

Reduced risk by implementing frequent, smaller changes

Developers have better understanding of development, test and production infrastructure

Operations gain application-centric understanding

Simplified end to end IT processes inclusive of Audit and Compliance requirements

Supportive of Application Automation

= Increased collaboration between Dev and Ops / Lower Risk / Faster Time to Value

Ops

QADev

DevOps

13

End to End Domain Interaction – The Sum of the Parts

Continuous Delivery

Source Code

ManagementBUILD / CI Deployment / Test Automation Formal Release

ContainersVirtual

InfrastructurePhysical

Infrastructure

Cloud

Infrastructure

Enterprise Change Management

Dev Test UAT Prod

APM

IT Service

Management &

DML

Agile

Planning

Requirements

Management

Project Portfolio Management

Enterprise Release Management

Is this DevOps?

Is this DevOps?Is THIS DevOps?

14

Identifying the Challenges in Federal / Regulated Industries

One size fits all approach won’t work for traditional Federal organizations

Legacy, Transitional and Innovative Applications must co-exist

Organizational Framework based approach with multiple ”Flavors” of implementation

Multiple Contract teams own areas of the End to End process, adding complexity

SPOC and ownership is difficult to find – what is the sponsor trying to achieve

Startup “Application is the Business” doesn’t apply

15

“More than 95% of IT operations organizations lack a

centralized release management process”

“Through 2016, a lack of effective release management

will contribute up to 80% of production incidents in large

organizations with complex IT services”

“82% of high performing companies

automate their code deployments”

16

Bi-Modal vs Multi-Modal IT

“By 2017, 75% of IT organizations will have a bimodal capability”*

“95% of Large Enterprises require multi-modal capabilities. Type 1 &

Type 2 becomes Type 1 - 5”

17

“By 2017, 75% of IT organizations will have a bimodal capability”*

Systems of Innovation

Systems of Differentiation

Systems of Record

Mode 1

Reliability

Waterfall, V-Model

IT-centric

Release in

Months/Years

Mode 2

Agility

Agile, Kanban

Business-centric

Release in

Days/WeeksDependencies

Go

vern

anceC

hange

*Gartner predictions, 2014

18

Systems of Innovation

Systems of Differentiation

Systems of Record

App 1

TraditionalWaterfall, V-Model

IT-centricRelease in

Months/Years

App 2

AgileAgile, Kanban

Business-centric

Release in

Days/Weeks Go

vern

anceC

hange

App 3

TransitionalScrum fall

Product-centricRelease in

Weeks/Months

Serena Provides Multi-Modal IT Support

Dependencies

Application Deployment speed determined by Application Architecture, Application Type and Compliance requirements

19

Shift Left vs. Shift Right

Development Teams “Shift Right”

Dev Test UAT Prod

Operations Teams “Shift Left”

Measured Functional Competence (High – Low)Key:

2020

Where to Start?

• What matters to the business?

• How do we Define and

measure success

• Look to Eliminate waste

• Incremental changes/quick

wins

• Focus on continuous

improvement

• Implement Process and

Technology Simultaneously

• Automate Everything

21

How Responsive are you to the Business?

• How do you measure success?

• Average cycle time for moving a business request from Development to Production?

• Number of business requests

implements this week, month, year?

• Cost of moving a unit of change through your application lifecycle?

• Percentage of a release focused on

technical debt?

• Develop metrics to support what matters to the business

22

inetOrgPerson inetOrgPerson

Secured

Repository

Common

Build Process

Secured build processes

ensures audit compliance and

artifact traceability.

Secured artifact repository

provides common source

for artifact deployment.

Continuous Integration & Standard Build Frameworks

2323

Automate Almost Everything

• People should not move the “bits”

• Automate code and configuration deployments with a single set of

deployment processes across all environments

• All pre-prod deployments should be rehearsals for the final deploy into prod

• Quick incremental wins with big impact

24

Developer

Commits Code

Test Automation

Validates CodeOperations

Releases Code

DEV TEST PROD

Process

Artifacts

Build

Initiated

Centralized Release Management Process and Path to Production

2525

Standardize the Release ProcessStreamline and accelerate the release lifecycle

• Single system of record for release planning and execution

– Schedules

– Milestones

– Gates and Approvals

• Automatic cycle-time capture

• Ensure audit trails for compliance and learning

26

Process and Technology work together

Release Control

Release Train

Release Package

Tasks

Integration Framework / Service Layer / Widgets

SDA DIM CM ZMF EROOTHER

RELEASE

PROCESS

ARTIFACT

MANAGEMENT

27

Identify Teams for Continuous Delivery vs. Release Management

Continuous Delivery Enterprise Release Management

Dev

Source Code

ManagementBUILD / CI

Deployment / Test

Automation

Test UAT Prod

Formal Release

Containers Virtual Infrastructure Physical InfrastructureCloud Infrastructure Infrastructure as Code

Enterprise Change Management

APM

IT Service

Management

28

Release Control Object Overview

Release Package

Dev Test UAT Prod

Request

Release Train

Deployment Path

Release Package

Release Package Release Package

Deploy UnitDeploy Task

Dev Test UAT Prod

Request

Deployment Path

Deploy

UnitDeploy Task

Dev Test UAT Prod

Request

Deployment Path

Deploy

UnitDeploy Task

Integration Framework

Integration Framework

29

Package level control and visibility

Dev Test UAT Prod

Request

Deployment Path

Deploy UnitDeploy Task

Release Package

Integration to Serena and 3rd party artifact

management / source code solutions

(Dimensions CM, ChangeMan ZMF, Serena

Deployment Automation, Artifactory, TFS,

Jenkins, IBM, CA etc.)

Integration to Serena and 3rd party request /

ticketing systems (Dimensions CM, SBM,

Rally, Jira, Version One, Bugzilla etc.)

Defines the activities to deploy / implement

the Package via integrations to Serena and

3rd party tools (Dimensions CM, ChangeMan

ZMF, Serena Deployment Automation, CA

Nolio, IBM uDeploy, XebiaLabs, Manual

Steps etc.)

Integration Framework

Package Deployed via configurable

deployment paths

30

Enterprise Deployment Pipelines

Key Capabilities

• Create, manage and automate deployment pipelines

• Enforce environment sequencing and auto promote

• Full stack automation with new plug-ins:

• Chef, Puppet, Jenkins workflow

• Docker, Bamboo, Openstack and more

Benefits

• Supports Dev / Test Churn with Managed Stage &

Production Releases

• Improves quality with a single repeatable deployment

process

• Reduces cycle time

• Provides end-to-end traceability for compliance and audit

31

Continuous Delivery Maturity Model for Enterprises

REPEATABLE

BUILD

CONTINUOUS

INTEGRATION

AUTOMATED

APPLICATION AND

INFRASTRUCTURE

DEPLOYMENTS

TEST

AUTOMATION

ENTERPRISE

CONTINUOUS

DELIVERY

Standard Build

processes across all

development and SCM

tools. Daily / nightly

builds exist utilizing

secured SDLC

CI Build processes

build deliverables upon

code commit and

invoke automated unit

tests

Target integrated

Application and

Infrastructure

Deployments

(provisioning on

demand – Cloud, Virtual

or Physical for app

deployments)

Fully Automated Test

Suites allowing entire

application to be Tested

without user

intervention

End to End Build, Test

and Deployment

Capabilities

32

“Full Stack” Provisioning

APPLICATION CONFIGURATION

APPLICATION DEPLOYMENT

CONFIGURED APPLICATION

STACKVM VM VM

OS PROVISIONINGP

RO

VIS

IOIN

G O

RD

ER

OS CONFIGURATION

BARE METAL / CLOUD STORAGE

• Infrastructure / Cloud / Virtual

Provisioning

• Application Architecture

Deployment

• Application Configuration

• Build Up &Tear Down

Capabilities

Essential Steps for Enterprise Continuous Delivery