11 Ways DevOps Is Evolving

on 2/18/2021 by Lisa Morgan

Collected at: https://www.informationweek.com/devops/11-ways-devops-is-evolving/d/d-id/1340185?_mc=NL_IWK_EDT_IWK_review_20210226&cid=NL_IWK_EDT_IWK_review_20210226&elq_mid=102320&elq_cid=27653255

While DevOps as a practice is evolving, so are the roles within a DevOps team. Following are explanations of some of the trends worth watching.

DevOps teams are committed to continuous improvement so they’re always refining how they’re developing, testing, and delivering code. Not surprisingly, the DevOps concept has evolved over the years from Dev and Ops working together to integrated teams that have implemented a CI/CD pipeline.

Of course, not every software team represents the same brand of DevOps. While some teams are deploying code hundreds or thousands of times per day, others are merely trying to improve software delivery speed and code quality incrementally because there are constraints such as regulatory compliance that may also need to be considered.

While DevOps as a practice is evolving, so are the roles within a DevOps team.

According to Kirill Semenov, head of DevOps at IT consultancy DataArt, the future building blocks of DevOps include:

Build automation and continuous integration
Test automation
Deployment automation
GitOps platform provisioning and configuration management
Monitoring and observability
DevSecOps
AI/ML Ops
Site reliability engineer

Of those, the last three (DevSecOps, AI/ML Ops and site reliability engineers) are among some of the relatively recent developments that will color the future of DevOps along with some others we’ve included. In the meantime, there are plenty of organizations which are still trying to get DevOps basic working right.

Following are an explanation of some of the trends worth watching.

DevSecOps

Image: zoteva87 - stock.adobe.com — Image: zoteva87 – stock.adobe.com

DevSecOps is the next logical step for DevOps teams. When DevOps teams need to work with a siloed security team, it slows the DevOps teams down and more importantly it exposes the organization to a higher level of risk than if Dev, Sec and Ops are working together as a cohesive team. Clearly, a quick vulnerability scan late in the SDLC is inadequate by today’s standards. Security must be built in. DevSecOps is the best way to do that.

“[A]s dev teams erect their release pipelines, they’re recognizing that building [in] security after the fact often means they’re dealing with a security incident after they’ve already been hacked,” said Lucas Mitchell, managing partner at secure digital solutions company Infinite Ranges. “Companies can’t afford that risk and they certain can’t afford to lose the public’s faith now.”

AI/ML Ops

Image: Blue Planet Studio - stock.adobe.com — Image: Blue Planet Studio – stock.adobe.com

Few software conversations exclude AI and ML these days. Like DevOps teams, AIOps, MLOps, and DataOps need to shorten the time to value delivery without sacrificing quality. DevOps is the model by which other teams attempt to optimize their processes, and the teams aren’t necessarily separate from each other. For example, many of the applications DevOps teams are building now include AI or ML, and to operate properly they require the right data.

“DevOps teams are facing pressure to build, test and deploy applications more quickly than ever. However, the fragmented nature of enterprise data that is spreading across dozens or hundreds of application-centric data sources is a major roadblock,” said Yuval Perlov, CEO of data management solutions provider K2View.

Adopting a Microservices Architecture and Strategy

The move to containers and microservices is on. Some of the main drivers include faster development, code reusability and cloud portability. Companies with monolithic applications are embracing microservices to address the regression testing bottleneck that’s causing them to be out of sync with what has become agile business operations.

“Kubernetes offers countless advantages in standardizing how DevOps teams approach the packaging, running and monitoring of workloads,” said Bruno Andrade, CEO of Shipa.io, a full lifecycle application management framework for Kubernetes. “Kubernetes also has productivity-limiting pain points including challenging complexity and pervasive operational inefficiencies. The opaqueness of Kubernetes makes maintenance and troubleshooting issues that much tougher to resolve and provides dark corners where security threats might lurk until they’re ready to strike.”

Value Stream Management

Image: AshaSreenivas - stock.adobe.com — Image: AshaSreenivas – stock.adobe.com

Value stream management is a relatively new term, and one that is sometimes used interchangeably with “ValueOps.” The idea is to understand the flow of value, how well products align with what the company wants to achieve, process impediments and ROI.

“Value stream mapping tools are becoming an integral part of DevOps to show the ROI or benefits from these 10 DevOps teams,” said Venky Chennapragada, DevOps Architect at global consulting firm Capgemini. “To do that, teams need to understand all the steps in a process (e.g., application design, develop, test, deploy, provision infrastructure, etc.), the time it takes to do each one and where the wait times are occurring.

Low Code

Developers have been slow to accept the idea of low-code development because they know how tough it is to write good code. However, as software delivery cycles continue to shrink, more developers are embracing the idea because they can use visual tools to quickly build prototypes and applications while using a command line window that allows for the creation of custom code. The economics of low code are hard to argue with when one realizes that cycle times, costs, and productivity all improve. Granted, not all low-code platforms are created equal, but there are enterprise-grade options that are well worth considering.

Don’t confuse low code with no code, however. No code is aimed at line of business professionals who lack coding experience. Low code is aimed at power users and at the high-end developers who want to increase their software development productivity.

Remote Collaboration

Image: fizkes - stock.adobe.com — Image: fizkes – stock.adobe.com

DevOps teams were affected by the pandemic like everyone else in the organization. How well they faired had a lot to do with how virtual they were to begin with, the visibility they have had into code status, and how well they collaborated without physical standup meetings, for example.

“DevOps teams are more isolated from the rest of the organization than ever before. This siloing limits how well DevOps teams can respond and adjust to other team’s needs,” said Jean Hsu, vice president of engineering at team effectiveness software platform provider Range. “We’re seeing DevOps tools evolving from serving the functional needs of a team or individual to include features that support how a team functions.”

Site Reliability Engineer

Image: Funtap - stock.adobe.com — Image: Funtap – stock.adobe.com

Site reliability engineers (SREs) apply software engineering concepts to infrastructure and operations problems. Infrastructure as code is one of the factors driving the need for site reliability engineers, but certainly not the only one. According to Gartner, “Site reliability engineering promises methods to improve resilience in organizations while they pursue agility in digital transformation. However, many [innovation and operations] leaders remain unfamiliar with SRE concepts, making it difficult to implement SRE methods or hire or train for SRE roles.”

“The site reliability engineer is the future of the operations engineer. Earlier we used DBAs and other specialists. Now, the site reliability engineer is a sysadmin or a DBA with a lot of automation expertise,” said Capgemini’s Chennapragada. “They work hand-in-hand with DevOps engineers, assisting them with automation, and then ensuring the performance and reliability of the application once it’s been put into production.”

Test Automation

Image: Egor - stock.adobe.com — Image: Egor – stock.adobe.com

A classic DevOps oversight is failing to consider continuous testing along with continuous integration (CI) and continuous delivery (CD). As a result, testing becomes a bottleneck. Not all testing needs to be automated, especially when a quick eye scan of code takes less time than writing an automation script. However, the number and types of tests being automated continues to grow and automation is necessary to build a CI/CD pipeline (though it’s not limited to automated testing). Even without a CI/CD pipeline, testing is so critical that some are advancing the concept of DevTestOps, which conveys that testing is as important as Dev and Ops.

“Quality engineering integrated into the DevOps process has been the most common issue I have seen,” said Robert Dutile, chief commercial officer at digital transformation and IT services and solution provider UST. “Many organizations had started DevOps did not have an integrated and automated quality process engineered in. It was product or stack dependent and had to address issues in order to scale.”

Deployment Automation

Like builds and testing, deployment must be automated for speed and quality. Typically, enterprise DevOps teams have adopted continuous integration practices and later added continuous delivery practices as they advance from DevOps to CI/CD. A common misunderstanding and stumbling block to CD is the misunderstanding that “CD” means continuous deployment when all but the digital elite have no plans to deploy code hundreds or thousands of times per day.

“The highly advanced organizations are working on microservices and when you’re working on a microservice, the deployment time is in seconds [because] their footprint is three to five megabytes,” said Capgemini’s Chennapragada.

Monitoring and Observability

Application monitoring in production is essential, especially since customer experience is now synonymous with a company’s brand image. DevOps teams are using application monitoring tools (APM) to understand application performance and what’s affecting it as well as user experience. The goal is to identify and remediate an issue, hopefully before it becomes obvious to users. To achieve that, monitoring tools are tied into other tools as part of the DevOps toolchain. Like other DevOps tools, APM tools collect and generate a lot of data, which can be used for DevOps optimization purposes.

“If developers can get continuous feedback about how the application is performing in production, then they can constantly improve their design, coding style, [and] architecture,” said Capgemini’s Chennapragada.

Legacy Modernization

Legacy modernization certainly isn’t a new concept, but it’s far from over because companies can’t just rip out their mission-critical systems and replace them with the latest and greatest thing. Increasingly, organizations have been making strategic decisions about what needs to move to the cloud and what doesn’t. In a lot of cases, the new applications are cloud-native applications and legacy applications are being extended, such as to support mobile devices, for example.

“In 2021, we see more enterprises ensuring that they are getting smarter at preparing customers and other users for iterative improvements,” said UST’s Dutile. “In large enterprises with diverse legacy systems, we see more of them coming around to less of a big bang change and more of the planning and actions needed to deliver that incremental functionality for the user without forcing a change to every aspect of the legacy system, its output and usage.”