devops: from buzz to building block october 25, 2016 · client logo (insert on master) devops: from...
TRANSCRIPT
Client
Logo
(Insert on
Master)
DevOps: From Buzz to Building Block
October 25, 2016
Irwin Lazar
Vice President and Service Director
@nemertes @imlazar
2
About Nemertes
© Nemertes Research 2016 www.nemertes.com 1-888-241-2685
DN5420
Research & strategic consulting firm analyzing the
business impact of emerging technologies
• Founded in 2002
• Women-Owned Business
• Emerging Technologies
• Focus on communications,
cloud, security
• Trusted Advisor criteria,
challenges, benefits for both
vendors and IT leaders
• Cost, operational metrics
Topics we cover
• Benchmarks: Live
discussions with IT leaders
• Surveys: Industry-leading
data integrity methodology
• Vendor discussions:
Product, technology
analysis
Research we conduct
• Research advisory service
• Strategy & roadmap
consulting
• Vendor & technology
assessment
• Cost Modeling
• Annual conference
Services we provide
3
Agenda
DevOps:Why?
DevOps:What?
DevOps:How?
Business Benefits and Metrics
Best Practices and Recommendations
© Nemertes Research 2016 www.nemertes.com DN5071
4
DevOps: Why?
© Nemertes Research 2016 www.nemertes.com DN5071
5
Digital Transformation
Digital Transformation
Strategy
Data Driven
Responsive
Efficient
Narrowly Targeted and Mass-Customizable
Mobile and Cloud Enabled
Evolving
© Nemertes Research 2016 www.nemertes.com DN5071
6
Digital Transformation
Digital IT
Digital Marketing
Digital Business
Digital Transformation
Strategy
© Nemertes Research 2016 www.nemertes.com DN5071
7
Characteristics of Digital Transformation
Speed
Speed
Speed
And did we say?
© Nemertes Research 2016 www.nemertes.com DN5071
Speed!
8
The Current Reality for Most
Plan Build Run
© Nemertes Research 2016 www.nemertes.com DN5071
Clear lines of
demarcation
How do we respond to rapid change?
Who owns security?
Who’s responsible for problems?
Incentive to pass the buck…
9
Current Scenario Isn’t Working
© Nemertes Research 2016 www.nemertes.com DN5071
Overly complex
Struggles to scale
Not able to quickly respond to security challenges
Not agile
Current IT is:
10
DevOps: What?
© Nemertes Research 2016 www.nemertes.com DN5071
11
Historical Perspective
1980s: Lean manufacturing
Toyota Motor North America Inc. lead the charge to Lean, with results:
At least four times the productivity of other manufacturers
Twice the output (assembled cars ready to be sold)
With only one-half the inputs (floor space, work in process, etc.)
Other manufacturers adopted lean philosophies, leading to
Improved worker productivity
Better delivery performance
Reduced inventory levels
Higher customer satisfaction and employee happiness
Those that failed to adopt lean… disappeared
“DevOps is the result of implementing Lean principles to the IT value stream” –Gene Kim, author, The Phoenix Project
© Nemertes Research 2016 www.nemertes.com DN5071
12
DevOps Unifies Plan/Build/Run
Silos eliminated
• Lob, developers, operations, security, unified with common purpose / goal
• Everyone equally accountable
Workflow optimized
• Inputs prioritized to match available resources, additional resources applied to identified constraints
• Automation
© Nemertes Research 2016 www.nemertes.com DN5071
13
The Three Ways
DevOps
Continuous Experimentation and Learning
Amplify Feedback
Systems Thinking
© Nemertes Research 2016 www.nemertes.com DN5071
Source: Gene Kim
http://itrevolution.com/the-
three-ways-principles-
underpinning-devops/
14
Scrums
Small teams (5 to 8)
Cross functional: include
developers, QA testers,
security staff, operations
folks, and business users
Sprints
Short bursts of
development (~2 weeks)
Deliver majority of current
requirements
DevOps Being Agile: Scrums, Sprints, and All That
© Nemertes Research 2016 www.nemertes.com DN5071
15
Epics
Frame specific
requirements in a day-in-
the-life story of a user
working with the tool
Engagement
Users tell you stories
Users are in the scrums
Users test at every step and keep
the feature list a living thing
DevOps and The Great American Requirements List
Hypothesis-driven development
Hypothesize requirements
Get code out quickly
Validate/invalidate hypotheses
Modify rapidly
Rinse and repeat!
© Nemertes Research 2016 www.nemertes.com DN5071
16
Agile vs DevOps
© Nemertes Research 2016 www.nemertes.com DN5071
• Good code, fastAgile
• Good code, fast
• And maintainableDevOps
17
In Build
Secure coding practices – secure ab initio
In Testing
Automated security testing at every level
In Deployment
Configurations used in testing secured like production
In Monitoring
Support robust security logging
Compliance, Auditing – every code change requested has an audit trail, and can
be tested to keep in compliance
DevOps and Security
Security
© Nemertes Research 2016 www.nemertes.com DN5071
18
Automation is the key to speed, consistency, production-readiness
Automating every aspect of the process as far as possible:
• Code management
• Code testing
• Deployment
• Monitoring and management
DevOps and Automation
© Nemertes Research 2016 www.nemertes.com DN5071
19
DevOps: How?
© Nemertes Research 2016 www.nemertes.com DN5071
20
DevOps Components
© Nemertes Research 2016 www.nemertes.com DN5071
DevOps
Culture
Organization Process
Tools
21
DevOps Culture and Tools
Culture:
No silos
Continuous integration
Empathy
Blameless post-mortems
Metrics, metrics, metrics—
and did we say metrics?
Constant communication
Trust
Speed
Responsiveness
Sustainability
Tools
Small teams
End-to-end ownership
Personal accountability
Engagement with
business stakeholders
throughout
Continuous feedback loop
to broader organization for
continuous improvement
© Nemertes Research 2016 www.nemertes.com DN5071
22
DevOps Process
© Nemertes Research 2016 www.nemertes.com DN5071
Configuration management
Continuous Delivery
MonitoringVersion Control
Test and Build
Security
23
DevOps Tools
© Nemertes Research 2016 www.nemertes.com DN5071
Configuration management
Continuous Delivery
MonitoringVersion Control
Test and Build
Security
Chef
PuppetAnsible
(RedHat)
Capistrano
Fabric
New RelicGitHubPerforce
Travis CIBuildHive
BMC
CA
Microsoft
IBM
24
DevOps and Friends
© Nemertes Research 2016 www.nemertes.com DN5071
Configuration management
Continuous Delivery
MonitoringVersion Control
Test and Build
Security
Modular Code
Apps and Services
Microservices
Cloud-Native Development
Container-first
Architecture
Lean Enterprise
Hypothesis-Driven
Design
Real-time
collaboration
25
Business Benefits and Metrics
© Nemertes Research 2016 www.nemertes.com DN5071
26
DevOps Business Benefits
© Nemertes Research 2016 www.nemertes.com DN5071
Higher quality (2x higher success rates)
Smaller teams (20:1 reduction in ops personnel)*
More secure*
Faster to deploy (8X more frequent production deployments)
Faster to fix (12x faster repairs)
Source = Gene Kim, Author, The Phoenix Project; *WSTA members
27
Case Study: Global Financial Services Org.
Vision: Develop a next generation applications approach that improved agility and lowered costs
• 12 person scrum (developers, ops, test, business) as a ‘pilot’ organization – included app developers from other groups as observers
• Focused initially on largest corporate app
Goals:
• Move to clean, modular code
• Move to services/microservices
• Move to cloud
• Move to Continuous Delivery
• Transition to Lean Enterprise
© Nemertes Research 2016 www.nemertes.com DN5071
28
Code Components
© Nemertes Research 2016 www.nemertes.com DN5071
Core Components Benefits
Atlassian Bitbucket Distributed version control / code
repository)
Bamboo Microservices code management
Industry standard
controls
SOC-x controls for risk
management
29
Cloud Components
© Nemertes Research 2016 www.nemertes.com DN5071
Core Components Benefits
Private Cloud PaaS
(moving to public cloud)
• Reduce time-to-market for
delivery of runtime environments
• Scale runtime environments
up/down
• No pre-allocation of runtime
environments
• Retire high-cost, legacy tools
• Reduce OpEx via automation
Pivotal Cloud Foundry Automated provisioning
Pivotal GemFire In-memory grid/ distributed caching
30
Organizational Strategy
Lessons learned:
• Evangelize and engage leaders/fast followers
• Require FF’s to report back to their existing teams
• Have someone explicitly chartered with PM and evangelization
• Have an explicit communications strategy (internal blogs, videos, reports, etc.) to inform other IT groups of the DevOps efforts and approaches
• Use standard agile/scrum/CD approach
• Develop strategy/architecture in tandem with writing major code
• Include QA and InfoSec in early efforts (enabled smoother transition to public cloud)
© Nemertes Research 2016 www.nemertes.com DN5071
31
DevOps: Best Practices and Recommendations
© Nemertes Research 2016 www.nemertes.com DN5071
32
Best Practices/Recommendations
Conduct POC with enthusiastic business unit
Line up executive sponsor
Gain commitment to continuous improvement
Engage operations and security from the get-go
Develop a culture of constant communication
Leverage existing investments in agile
Select user-centric metrics—and manage to them -
SMART
Treat it as a paradigm shift, not a religion
Adapt technologies, processes to your organization
Don’t use cloud, open-source if that’s not “you”
© Nemertes Research 2016 www.nemertes.com DN5071
33 © Nemertes Research 2016 www.nemertes.com DN5071
Thank you!
Questions?
To participate in our research, please
Contact [email protected]
@nemertes @imlazar