Balancing the Art and Science of Application Release Management
February 07, 2017

Derek Langone
XebiaLabs

Since the start of this decade, Agile development patterns such as Extreme Programming (XP), Scrum and Feature-Driven Development (FDD) have been all the rage. That shift has led to massive gains in developer productivity, resulting in more applications and associated updates being delivered at increasingly faster rates. The increased volume of sheer code being moved into production environments has fostered the rise of a new approaches to managing the roll out of applications based on the principles of Continuous Integration and Continuous Delivery (CI/CD).

As part of that process, IT operations teams have embraced a plethora of technologies, ranging from open source CI tools like Jenkins, to IT automation frameworks like Puppet Labs. CI tools ensure the consistent building of application code based on developer changes, while infrastructure as code tools are employed to programmatically and consistently provision IT infrastructure.

The problem that many IT operations teams now encounter is that all these tools are not especially well integrated, which results in limited visibility into the overall application development pipeline. More applications are being built and deployed faster than ever. And more often than not, individual development teams are choosing their tools to deliver their application changes. But overall, there's not much in the way of real governance being applied to how applications are being released into production, to which team and on what schedule.

IT leaders need to be able to manage application development at scale using a factory metaphor that requires lots of instrumentation. The challenge is that, in the case of applications, the actual products being manufactured consist of as much art and craft as they do science. Optimizing the application release cycle requires adding a layer of software abstraction above and around the application development process that serves to make the overall process more efficient without adding more friction.

Application Release Automation Brings Scale and Speed

Stepping into the void is a new category of application release automation (ARA) tools that provide the framework required for managing the roll out applications at unprecedented levels of scale and speed. Application release automation frameworks provide hooks into all the products and services that make up the application development and release process. IT operations teams not only gain access to dashboards that enable them to precisely determine the status of any application development project, they can model those processes in a way that drives a desired set of best practices. In effect, application development and operations teams can now orchestrate the entire application development process on an end-to-end basis to drive development of higher-quality applications faster than ever before.

Historically, the core challenge many IT teams face when trying to implement such an application pipeline process is that it's not feasible to force a development team or IT manager to use a specific set of tools. Each developer and IT manager has their favorite set. Retraining them to use another only generates resentment and lost productivity.

Rather than trying to overcome that resistance, IT operations teams need to be able to impose order from above in a way that creates as little disruption as possible. A modern approach to application release automation requires flexibility. The days when IT leaders could impose highly-structured approaches to building and deploying applications are long over. Each team has its own core skill set that needs to be incorporated into the greater application release management process.

The good news is that most modern tools are based on open interfaces that make it simpler to gather data in a way that is unobtrusive. Instead of requiring everyone in the process to fill out reports that take away time from their core job function, a modern application release management platform automatically gathers all the relevant data based on the information surfaced up through multiple application programming interfaces (APIs). That data is then organized via a series of dashboards that enable everyone in the IT operation teams to see the status of any given project at a glance.

A New Era of Release Management

In effect, the days when project managers needed to directly interrogate or harass developers and IT managers for updates are part of a bygone era. So too are those nasty surprises that occur any time an application development project falls behind schedule with little to no warning. IT operations teams will be informed of any potential issue likely to adversely impact the application development pipeline as it happens. That not only provides peace of mind for everyone involved, it ultimately results in better applications being developed and deployed faster every step of the way.

Best Practices for ARA

Derek Langone is CEO of XebiaLabs.

Derek Langone is CEO of XebiaLabs

The Latest

July 17, 2018

In my first blog in this series, I highlighted some of the main challenges teams face with trying to scale mainframe DevOps. To get past these hurdles, the key is to develop an incremental approach that enables teams to capture value along each step of the journey ...

July 16, 2018

The key to mainframe DevOps success is in quickly identifying and removing major bottlenecks in the application delivery lifecycle. Major challenges include collaboration between mainframe and distributed teams, lack of visibility into the impact of software changes, and limited resource flexibility with scaling out necessary testing initiatives. Now let's take a closer look at some of these key challenges and how IT departments can address them ...

July 11, 2018

How much are organizations investing in the shift to cloud native, how much is it getting them? ...

July 10, 2018

In the shift to cloud native, many organizations have adopted a configuration-as-code approach. This helps drive up application deployment velocity by letting developers and DevOps teams reconfigure their deployments as their needs arise. Other organizations, particularly the more regulated ones, still have security people owning these tools, but that creates increased pressure on the security organization to keep up. How much are organizations investing in this process, and how much is it getting them? ...

June 28, 2018

More than a third of companies that use serverless functions are not employing any application security best practices and are not using any tools or standard security methodologies to secure them, according to the State of Serverless Security survey, conducted by PureSec ...

June 27, 2018

The popularity of social media platforms and applications is spurring enterprises to adopt "social business" models to better engage with employees and customers and improve collaboration, according to a new study published by ISG ...

June 25, 2018

The previous chapter in this WhiteHat Security series discussed Codebase as the first step of the Twelve-Factor App and defined a security best practice approach for ensuring a secure source control system. Considering the importance of applying security in a modern DevOps world, this next chapter examines the security component of step two of the Twelve-Factor methodology. Here follows some actionable advice from the WhiteHat Security Addendum Checklist, which developers and ops engineers can follow during the SaaS build and operations stages ...

June 21, 2018

DevSecOps is quickly gaining support and traction, within and beyond information security teams. In fact, 70% of respondents believe their culture can embrace the change needed to fuse Security and DevOps, according to a new survey of 80 security professionals by Aqua Security ...

June 20, 2018

The larger the company size, the higher the proportion of low IT performers, according to the State of DevOps: Market Segmentation Report from Puppet, based on the 2017 State of DevOps Survey data ...

June 18, 2018

An overwhelming 83 percent of respondents have concerns about deploying traditional firewalls in the cloud, according to Firewalls and the Cloud, a survey conducted by Barracuda Networks...

Share this