“DevOps” is an enterprise culture that focuses on the union between the Development teams (Dev) and the Operations teams (Ops). The main objective of this culture is to accelerate the implementation of new features by removing traditional blockers often found in enterprises.
More recently, the term “DevSecOps” has been coined, in which IT Security becomes a main component among the usual practices.
The DevOps culture brings numerous benefits:
- Faster delivery to production
- Increased agility and innovation opportunities
- Greater systems resiliency
- Better responsiveness to breakdowns
"DevOps starts where any application starts: when business people have an idea. This idea, concrete or not, will most likely be expressed as a user story. This story will then be split into features and tasks. This split (that may vary across teams) allows for both a high level and a very detailed vision of what the business expects: a developer will focus on a task, a tester on a feature, and so on. These work items can be regrouped in backlogs, dashboards, the list goes on. Every single stakeholder has a clear view on the system state and evolution."
The DevOps culture will insist on the automation of the most common tasks:
- When validated, the source code is built and packaged to be deployed
- The source code is:
- compiled at every change
- automatically tested at every change (unit tests, integration tests, etc.)
- analyzed at every change (best practices, vulnerabilities, open sources licenses, etc.)
- peer reviewed
- automatically deployed to testing and integration environments
- ready to be released into production (automatically or after approval)
This automation often goes further, even integrating the infrastructure:
- The infrastructure is managed through code (Infrastructure-as-Code)
- automatically deployed
The DevOps culture also implies to take care of the applications running in production:
- Monitoring and telemetry are setup to be easily accessible to all stakeholders through dashboards and queries
- Automatic, relevant alerts are configured
- Errors are quickly identified and fixed
- Patches are quickly delivered and automatically applied, through the usual process (no more “quick fix” in production)
- The team responsible for the implementation of an application stays in charge of the application health and maintenance, even when it’s “done”
“Automation” does not mean “loss of control”, of course. The source code is subject to very strict rules before being “releasable”, and sensitive environments always stay under the control of people in charge.
DevOps is, above all, an enterprise culture. That means its practices have an impact on the developers and the operations, but also on the system and its stakeholders as a whole.
Even the notion of a team evolves: the Dev and Ops teams work together and are aware of the business requirements. The team members come from both services. That way, anyone can anticipate the risks and participate to the realization, from the ground up. Moreover, a team is no longer formed around a “project”, but rather around a “product” (one or several applications, most of the time) that it maintains for its entire lifetime. Such an approach empowers the team and helps preserving knowledge.
The intensive automation and the innovation culture make the release cycles shorter, often shrinking from months to days or hours. When a brand new feature is released in production, stakeholders get feedback from the users very quickly and can adapt their effort accordingly.
The next logical step of automation, innovation and fast release pace is a culture of continuous learning and experiment. Discoveries from a team become global best practices, mistakes from someone prevent failures in someone else’s application. Every single stakeholder learn and participate, contributing to an ever growing knowledge base within the enterprise.
Many concrete practices accompany DevOps :
Continuous Integration & Continous Delivery (CI/CD)
- Automated compilation of the source code
- Automated vulnerabilities checks
- Automated tests runs
- Automated releases
- Infrastructure described through code
- Automated infrastructure deployment
- Immutable infrastructure
- Environments replication
- Applications health monitoring