DevOps breaks down the silos between development and IT operations teams. As a methodology, it enables an IT organization to serve its customers, secure its software and bring applications to market more efficiently.
But as DevOps grows in popularity, so does the marketing spin around it; every systems integrator and tool vendor puts a unique spin on DevOps to attract customers -- which can obfuscate the true definition.
The DevOps process demands close collaboration between operations and development teams in each phase of the service lifecycle from design through development to production. You can't go online and order DevOps. It's not a product; it's a cultural movement. A lack of silos between teams necessarily changes the working relationships between them to build trust and mutual benefit.
Let's walk through the core principles of DevOps and the key stages that make up the DevOps process.
There are seven principles that form the foundation of DevOps:
- Maintain version control on all production artifacts. Both development and IT ops teams must place their production artifacts under a centralized version control system that's part of their CI/CD pipelines.
- Implement CI/CD. Teams deliver software updates and patches continuously, rather than on a calendar-driven deadline.
- Automate acceptance testing of executable specifications of the system's behavior.
- Enforce peer review processes. Testers, developers and system administrators must review production changes collaboratively via a documented and systematic approach.
- Create a culture of high trust. No one should be afraid to ask hard questions, get into debates and take accountability because the fear of reprisal no longer exists. A high-trust culture also extends to giving teams the freedom to experiment with new tools and processes that can improve product delivery without fear of failure.
- Instate proactive monitoring practices in the production environment. Provide stakeholders and all other vested parties with tailored reporting and alerts based on the configuration of the monitoring tools you have in place. Stakeholders include technical, security and business leadership in the organization.
- Foster win-win relationships across the organization. Everybody is on one team, as neither development nor IT operations can succeed on its own. In our current economic climate, it also means extending relationships to customer success, professional services and even sales teams.
To reach these principles in practice often requires the organization to bring in an outside party to set its IT teams on the right path. Regardless, no team or stakeholder can reach these levels alone. Management teams -- as well as senior developers and sys admins -- must set a collaborative tone for all involved.
Break down the DevOps process
DevOps involves a delivery pipeline that enables teams to develop and release software continuously and make necessary security and feature updates without delay. Some industry professionals use the term DevOps infinity loop to describe the continuous integration and development process. There's no waterfall or final phase when product iteration is continuous.
However, it's up to each individual organization to craft its own DevOps infinity loop. Take time to plan and document processes, and don't hesitate to iterate on those processes if something isn't working. With the advancements in AI and analytics and reporting tools, technical, cybersecurity and business stakeholders must also be strategic about their data and reporting requirements for each phase.
Here's a look at the key phases typically involved, to inform your own DevOps implementation.
Planning. This is the stage where development and IT operations teams -- along with other stakeholders -- determine the features desired, accompanied by an iteration value and criteria for each project phase. Developers, cybersecurity specialists, system administrators, product management, product marketing and technical writers all need a seat at the table to collaborate on the development plan.
Project documentation efforts should commence in this phase with developers and writers factoring content milestones into the overall project schedule. Tools such as Hugo, Jekyll and Docusaurus are becoming the tools of choice for internal and external documentation publishing.
Project plans should reside in a secure centralized repository. If your organization has standardized on an all-in-one DevOps platform, such as GitLab, project plans should reside there. Otherwise, centralize plans and other project documentation on a platform, such as JetBrains Space or Wrike. Visual whiteboard tools, such as Miro or Mural, are also proving their value in this phase. And every team member should be able to access the project plans at any time from any place.
Code and build. Some teams treat code and build as separate phases. Determine what works best for your organization. Don't be afraid to iterate on these elements of your DevOps process, depending on staffing availability and other project factors.
In the code phase, developers perform their assigned coding work. When they complete their tasks, they check their work into a centralized source code repository, such as GitLab or GitHub, which must serve as the single source of truth for code.
AI and machine learning in the form of tools such as GitHub Copilot, Amazon CodeGuru and Amazon CodeWhisperer could help during this phase, as more enterprises are seeking additional tools that can increase developer productivity.
If your teams develop and deploy containers, they should check their containers in a central repository, such as Mirantis Secure Registry or the secure container registry offered by your cloud service provider.
The build phase entails software code retrieval from the centralized repository through an automated tool, such as Chef, Puppet or the build feature included in your all-in-one DevOps platform. This automation tool compiles the software code into a binary artifact, executes functional tests and publishes the artifact into a shared centralized repository.
Continuous integration. Continuous integration is a practice through which development teams merge code into a central repository. Organizations automate tasks such as code reviews, validation and testing.
Testing. DevOps testing balances on smart automation, but it won't replace human testers on the software development team. Automation enables developers to achieve continuous testing via tools such as Selenium or JUnit to test multiple codebases in parallel. An automated testing strategy ensures there are no flaws in an application's functionality.
Automated testing also produces detailed reports about the codebase that can be sent directly to developers and stakeholders. An organization's stakeholders can use this reporting to gain insights into the development cycle and product maturity.
Continuous deployment. DevOps eliminates the all-hands-on-deck manual process at the end of the development cycle. Instead, with continuous deployment, every code change goes through the entire pipeline and into production automatically. An organization can schedule as many deployments per day as it needs, based on the requirements and velocity of its team.
Operations. In this phase of the DevOps process, IT admins manage software during production. Tools such as Ansible, Puppet, PowerShell, Chef, Salt and Otter provide the necessary management and data collection capabilities, as well as operational views into production applications. AI also plays a growing role in data collection and reporting during this phase.
Continuous monitoring. Development and operations teams should continually monitor their production applications. All groups and their stakeholders need a view into the application's health. Additionally, install collaboration and communication channels to alert all teams to production issues as they occur. The metrics captured during this phase show the success of your project, plus count toward the success of your overall DevOps initiative.
Popular monitoring tools for this phase include New Relic, Datadog, Grafana, Wireshark, Splunk and Nagios.