DevOps Transformation at DevOpsDays Warsaw
After our visit to AWS Summit London, we knew that embracing DevOps culture is important for becoming a first-class citizen of the cloud. To learn more about it, we went to DevOpsDays Warsaw. Over 400 experienced developers and system administrators debated there about DevOps transformation and ways to apply the best patterns, add value to a business and avoid common pitfalls in DevOps transformation process. We’ve summarised most important points of the agenda:
High-performing organizations adopt DevOps
High-performing organizations have 2500x shorter lead time, 200x more frequent deployments, 3x lower failure rate and 24x shorter mean time to recover. By adopting DevOps they are able to outperform their competition in development speed and stability. It makes them agile and helps adapt to changing market requirements.
DevOps is a culture, not a role
DevOps is a culture that embraces collaboration between software developers (dev) and software operations (ops). The whole company needs to be doing DevOps for it to work. You can’t hire “DevOps”. DevOps is the way you organize your processes, organization structure and culture in order to provide top-level business value in an easy, quick and repeatable way.
Transformation requires management buy-in
Because of the way DevOps affects whole organization it requires management buy-in. The first step towards DevOps transformation is moving away from silos organization. Silos organizations trying to adopt DevOps without changing their structure tend to land on sub-optimal solutions.
Transformation requires moving away from checklists that suppose to prevent problems from happening. It means no more long deployment instructions, recovery procedures, manual application scaling. In the new culture, you need to admit that you can’t prevent all of them. Instead, you should focus on early detection and resolution. This kind of appreciation for short feedback loop is a must have for successful DevOps adoption.
Optimize flow, not resources
“Some leaders optimize resources instead of flow. Stop starting, start finishing”
Automation is a big thing in DevOps culture. It helps you organize flow, do more with less and be better. What some leaders don’t understand is the importance of a good flow.
If you decide to work on all projects at once, they’re going to be finished in similar time, at the end. This seems like a good thing, but in fact, all projects except the last one will be delivered later than if you’d decide to work on only one project at a time.
DevOps problems are complex and need to be treated accordlingly
Cynefin framework defines 4 categories of problems, each of them requires different approach. Most of the problems that DevOps are about, fall into the complex category. This means they require iterative testing and probing to find a solution. Most leaders don’t understand that they are not complicated problems, and thus shouldn’t be solved by complex analysis.
Docker is not a world saviour
Docker is the cool kid on the block. It gives developers a lot of freedom. Unfortunately, because of the current hype, most teams are using Docker for everything now. They don’t realize that Docker is not a silver bullet and traditional virtual machines are still better solutions in many cases.
Surprisingly only a few of teams on DevOpsDays were using Docker in production systems. It is caused by step learning curve when it comes to container deployments, lack of standard monitoring and security tools.
Security has to be automated
Latest Equifax data security breach involving more than 143 million US consumers’ financial data and personal information could have been prevented by applying automated security scanning as dependency vulnerability was well known for a while already. Security automation should be performed on different levels including dependency scanning, artefact checksum comparison, immutable infrastructure for a recreation of non-breached systems as a backup plan.
Is your cloud protected against malicious file uploads?
Protecting against malicious file uploads is a must these days as most applications store and process data files in one way or another. Building a self-driven, automated and accurate pipeline for eliminating those threats is not a simple task
Key takeaways for Cloud Transformation after AWS Summit London
Last Wednesday we took part in AWS Summit conference in London which brought together over 6,000 tech professionals to learn about AWS toolkit. Here’s what every business should takeaway from it.