Top 5 DevOps Challenges & Solutions Part 3: Focus on Technology Implementation
People, Process & Technology
November 16, 2016

Jeanne Morain
iSpeak Cloud

Start with Top 5 DevOps Challenges & Solutions Part 1: Focus on Business

Start with Top 5 DevOps Challenges & Solutions Part 2: Focus on Technology Leadership

Vision without execution is delusion. (iSpeak Cloud 2016)

The success of DevOps depends on both the cultural shift around people and process as well as the technical implementation skills of the team across Dev and Ops. For example, one DevOps initiative was struck down by the CIO because of technical impact issues to the business of the continuous integration and continuous delivery process. The reality did not point to either process or leadership flaws, but improperly written and executed tests. At the end of the day, the damage was done. The executives only heard the sound bite that the system issues were due to the “DevOps” process. The official initiative was cut to placate the source of the issues as a result. Ironically, the final implementation of their cloud strategy was around DevOps, but to this day, the technology team will not call it that.

In Part 1 of this 3-part series on Challenges and Solutions for implementing DevOps, I provided an overview of the Top 5 Challenges and Solutions the Business faces when the technology team implements a DevOps Strategy. Part 2 focused on technology leadership challenges and suggested solutions. Finally, in this post, Part 3, I will focus on the top 5 technology implementation mistakes.

Challenge 1: Not Understanding Security and Access Management

Security was the number one concern of every person I interviewed for the iSpeak Cloud series. Why? Because implementation of both DevOps and Cloud solutions has often been in a vacuum, with security requirements as an afterthought. As a result, companies have discovered that they are vulnerable in areas that could significantly impact not only their DevOps implementation, but also their company overall.

One critical success factor is as simple as ensuring that the security team has a seat at the table when you are creating your overall strategy. From all perspectives, the team should understand the security features of the identity and access management solutions and the best routes to implement them to reduce risk and ensure compliance.

Another success factor is to ensure that your team is trained on the security requirements for your company from both a Control Objective Baseline for IT Standards (COBIT) and Cloud Security Alliance perspective. This will reduce the need to re-do later because solutions will be architected for security and compliance from the start.

In addition to extending the security tool sets to the DevOps team, the team should map out a plan to use them. In other words, before they begin, the entire team should have mapped out a strategy to secure all the applications, services, microservices and/or APIs.

Challenge 2: Not consistently managing all environments

The second challenge is that every environment throughout the DevOps process must be consistently managed across teams.

Environmental differences can cause differences in development and deployment. One large retailer overcame its environment inconsistency issues by leveraging an orchestration tool as the framework for their DevOps platform. This enabled the company to create a library of repeatable run books to automate.

An IT leader of another company reported addressing consistency issues by automating redundant processes such as change management. This company reduced time to value as well as the traffic associated with the previous layers of approval by automating the approval process for sign off to roll into production.

Finally, top performers standardize every stage and enforce those standards across teams based on a bonus pool for quality. These top performers hold everyone accountable to the agreed upon standard throughout the process from the business leaders to the DevOps engineers. Not only did this reduce shadow IT, but it also helped to improve the quality and consistency of releases as part of Continuous Integration Continuous Delivery process.

Challenge 3: Ignoring the importance of monitoring and/or metrics from the business perspective

One top performer I interviewed hit quality issues across multiple business lines in different regions. In post mortem, the company discovered that it was caused by an undetected latency in the system. It turns out that the services were only being monitored if they were up or down, not if they were actually working. Although the users could log into the application because it was up, they could not use it because it would hang or take too long to load. The team realized that in order for their DevOps practice to be successful, they had to provide value to the business.

Top performers implemented monitoring against service level agreements for all of the components in the stack. This ensured that they were measuring what was important to the company overall, rather than what was important to IT.

Metrics should be defined not only for the services, but also the underlying systems and team members throughout the process. For example, understanding the velocity issues of your scrum team can assist in identifying bottlenecks or critical skills gaps that will impact quality and agility.

A big part of DevOps, along with Continuous Integration and Continuous Delivery, is Continuous Improvement. The team can build a proactive (versus reactive) process by monitoring and measuring the systems, team members and users interactions. In this way, the team is set to embrace change and be in tune with the business.

Challenge 4: Onboarding Codebase or Service to the DevOps Process Too Soon

Not every service or application codebase will be a good candidate for frequent releases or the type of agile development environment prescribed by DevOps.

One mistake cited by many early adopters was not categorizing their services and/or applications prior to migrating them onto the new cloud platform and/or DevOps Process. As a result, they hit issues with the continuous improvement and continuous delivery process.

Legacy services and applications, and even some new ones, should be reviewed. It is important to identify areas in the codebase that should be simplified and documented. Part of the documentation should be calling out key files that need refactoring to function properly on the new platform with the new process. Another key success factor to reduce the refactoring risk is to perform unit tests.

Challenge 5: Not Designing for Scale around Development & Testing

Be sure to consider the scalability of each unit, from interdependency design of the codebase, to the automated test. Otherwise, the entire system will start to break down.

Interdependencies should be kept at a minimum through the individual codebase and test cases.

Whenever possible, test casts should not be written to be dependent on the outcome of other tests.

Another best practice is to use temporary tests and/or QA pods for parallel testing of features.

Regardless of your strategy, the key take away is to ensure that reliability, availability, supportability, serviceability and scalability are an integral part of the solution.

Jeanne Morain is an Author/Strategist with iSpeak Cloud

The Latest

August 17, 2017

Mobile SDKs (software developments kits); love them or hate them, they're here to stay. They provide our apps with all sorts of functionality that would be incredibly time consuming to build, and they give us another means to monetize our apps. While it would be difficult to argue that SDKs aren’t useful, it’s also hard for developers to get a good idea of the amount of resources used by each SDK once the app is in production ...

August 15, 2017

A common belief within DevOps circles is that automation not only enables greater frequency of delivery and deployment, but improves its overall success rate. Whenever manual intervention is required, the chances of errors creeping in increases. Human error is a significant factor in many an outage, after all ...

August 14, 2017

DevOps and NetOps are both far more generous in their opinion of the other with respect to prioritization of efforts than traditional archetypes purport them to be, and they have a lot in common – even though they may disagree on details – according to a new survey by F5 ...

August 10, 2017

Only 12 percent of organizations can claim that their whole organization is on the path to business agility even though more than two thirds of survey participants agreed that agile organizations are better able to quickly respond to dynamic business conditions, according to a new survey from CA Technologies ...

August 09, 2017

Alongside its clear benefits, DevOps brings unique challenges when developing and operating a mobile environment. Mobile app developers and development teams face a unique set of requirements relating to collaboration, testing, and release. Technology fragmentation, disparate back-end systems, updates that require user action, and poor instrumentation can impede the DevOps process and become critical roadblocks to agile mobile development, ultimately impacting app retention and the bottom line ...

August 07, 2017

A crashing app might be a deal breaker, no matter how heavy the load that an alternative website entry point can handle would be. It is all about quickly verifying compliance against key functional and non-functional requirements in order to meet aggressive release schedules as part of the Go-to-market strategy. This means positioning unit testing, UI testing, API testing, and, of course, performance and load testing — as pillars of SDLC ...

August 03, 2017

Most software developers make themselves easy targets for hackers, even when they are behind a corporate firewall, according to a new survey from Netsparker Ltd. ...

August 01, 2017

Your top priority is to improve application development agility, but you may run into roadblocks put up by a security team that (mistakenly) believes speed is the enemy of effective cybersecurity. A new survey finds a majority of enterprises are working to overcome those roadblocks by integrating security into their existing DevOps methodology ...

July 31, 2017

Agile development compresses software testing cycles, jeopardizing risk coverage and opening the door for software failures. Here's what you can do ...

July 27, 2017

While 75 percent of organizations highlight continuous testing as critical or important, only a minority of survey respondents have made exceptional progress acquiring the necessary knowledge and key enablers to drive digital transformation, according to a global study by CA Technologies ...

Share this