DevOps State of the Union 2015

The Presentation inside:

Slide 0

Slide 1

The Agile Admins Ernest Mueller (@ernestmueller) James Wickett (@wickett) Karthik Gaekwad (@iteration1) Who Are We?

Slide 2

Who Are You?

Slide 3

Things DevOpsers Care About Source: Devopsdays Austin Survey 2015 (500 participants)

Slide 4

Topics covered today What is DevOps? Why would I use it? What’s hot in DevOps? What does the future look like?

Slide 5

DevOps Defined DevOps is the practice of operations and development engineers participating together in the entire service lifecycle, from design through the development process to production support. DevOps is also characterized by operations staff making use many of the same techniques as developers for their systems work.

Slide 6

Slide 7

The Layers of DevOps DevOps Principles DevOps Tools DevOps Practices

Slide 8

DevOps Principles The Three Ways (Gene Kim) Systems Thinking Amplify Feedback Loops Culture of Continual Experimentation CAMS (John Willis) Culture – People > Process > Tools Automation – Infrastructure as Code Measurement – Measure Everything Sharing – Collaboration/Feedback Informed by the values in the Agile Manifesto and Lean Theory of Constraints

Slide 9

DevOps Practices •Version Control For All •Automated Testing •Proactive Monitoring and Metrics •Kanban/Scrum •Visible Ops/Change Management •Configuration Management •Incident Command System •Continuous Integration/Deployment/Delivery •“Put Developers On Call” •Virtualization/Cloud/Containers •Toolchain Approach •Transparent Uptime/Incident Retrospectives

Slide 10

DevOps Tools Hardware (System provisioning/automation) Software (Software delivery pipeline) Wetware (Process/human element) Monitoring/Metrics (of all the above)

Slide 11

DevOps Adoption Impact 2014 State of DevOps survey by Puppet Labs, Thoughtworks, and IT Revolution Press Top indicators of high organizational performance: IT performance - Leaders here are twice as likely to exceed their profitability, market share, and productivity goals. Deployment frequency, lead time for changes, mean time to recover from failure are positively impacted by DevOps practices. Organizational culture and climate for learning Job satisfaction

Slide 12

What’s Hot Now Security and DevOps Internet of Things Containers and Docker Microservices and 12-Factor Apps ChatOps Unicorns to Horses to Donkeys

Slide 13

Security is where ops was 5 years ago...

Slide 14

Epiphanies in Security and DevOps Smaller batches make you more secure Departure from the perimeter mentality Instrument your runtime environment and correlate disparate metrics (e.g. transactions to csrf token generations) Emphasis on MTTD and MTTR

Slide 15

Epiphanies in Security and DevOps We can go fast and still do compliance Major vulnerabilities like Heartbleed exposed weaknesses in our software supply chain Security testing can be done in development

Slide 16

Security Companies to Watch Signal Sciences Threat Stack Sonatype Contrast Security

Slide 17

Internet of Things

Slide 18

DevOps and IoT Fully distributed compute on networks you can’t/don’t control Software and tracking components becomes really hard Automation even more necessary Security even more necessary

Slide 19

Containers and Docker

Slide 20

Open source platform for developers and sysadmins to build, ship and run distributed applications anywhere. What is Docker?

Slide 21

Docker Components Docker Engine Runtime and packaging tool Installed on hosts that run Docker Docker Hub Cloud service for storing and sharing apps Save your docker images (public/private)

Slide 22

Why is it so popular? Portability Write once, run anywhere Standardized Environments Dev/QA/Production can be modeled exactly the same way Rapid scale-up/scale-down Containers take seconds to deploy Ability to build a continuous delivery (CD) pipeline

Slide 23

Use cases for Docker Continuous Integration & Delivery Yelp, Spotify, Mailgun, Cambridge Healthcare PaaS Yandex, Baidu Easier Development & Deployment Ebay, Bleacher Report, New Relic Hosting Legacy Applications

Slide 24

Players in the space

Slide 25


Slide 26

“Independent processes communicating with each other with well defined API’s to form larger more complex applications” Microservices

Slide 27

Microservices characteristics Do one thing, and do it well (fine grained) Independently built- common language to communicate Independently deployable Fault tolerant and reliable

Slide 28

12 Factor App Use declarative formats for setup automation; minimize time and cost for new developers joining the project Clean contract with the underlying OS, offering maximum portability between execution environments; Suitable for deployment on modern cloud platforms Minimize divergence between development and production- enabling continuous deployment Scale up without significant changes to tooling, architecture, or development practices.

Slide 29

Relationship with containers Microservices and containers are a great fit. Single service on a container. Isolates service and makes it easy to manage Emerging best practice for new architectures with containers. Consider building your architecture in this manner.

Slide 30

ChatOps ChatOps ChatOps

Slide 31

Unicorns to Horses to Donkeys Gartner: “By 2016 25% of the G2000 will be employing DevOps.” “By 2018, 90% of I&O organizations attempting to use DevOps without specifically addressing their cultural foundations will fail.”

Slide 32

The Future...

Slide 33

Future More Lean Extension Security Fully DevOpsed Cloudification/Compute Fabric Testing and Monitoring Devops - The New Normal Containers Rule The World

Slide 34

Nice (Software Supply) Chain! Extension of Lean

Slide 35

Delivery Pipeline extension to Lean Your BOM is part of your product Ability to track where all code came from which products are using it just like automotive and aeronautical industries Quality metrics extending to customer usage

Slide 36

Slide 37

Security into Devops Security rebranded in language of Rugged as features ( Growth around integrating security at all phases of the delivery pipeline Instrument runtime environment with security metrics Movement from security training to security testing Searching for aspirational moment like “10 deploys a day” did for devops

Slide 38

Cloud/Compute Fabric Rightscale 2015 State of the Cloud Survey reveals 93% of organizations are running apps on or experimenting with IaaS 82% of enterprises have a hybrid cloud strategy IoT and Big Data mean large heaps of data it’s hard to move around the network Containerization and microservices mean it’s easier to move compute to the data than vice versa Eventual: Complex, ultra-distributed compute

Slide 39

Testing and Monitoring Automated testing is a best practice Light/fast testing feeds CD App and system monitoring is a best practice Logging, analytics being absorbed into it There is no difference between monitoring and regression testing theoretically - only historically Eventual: Convergence of regression testing and monitoring

Slide 40

Containers rule the world Yesterday: Docker didn’t exist Today: Engineers playing with Docker in dev/test. Tomorrow: Production Docker Even lesser emphasis on hardware/cloud. Eventual: Microservices and 12 factor apps inside containers will be the defacto standard to deploy apps.

Slide 41

DevOps: The New Normal Devops is penetrating enterprises. Yesterday: Unicorns Today: Horses & Donkeys Tomorrow: Everyone Backlash: Where’s the silver bullet? What is the correct implementation of DevOps? Eventual: Devops will be the new normal

Slide 42