The 4 Capabilities You Need for Database DevOps Success
September 20, 2018

Matt Hilbert
Redgate Software

The latest Accelerate State of DevOps Report from DORA concludes that successful software delivery unlocks competitive advantages including "increased profitability, productivity, market share, customer satisfaction and the ability to achieve organizational and mission goals." The result of over five years of research with over 30,000 data points, it shows a direct correlation between DevOps and better business performance.

Importantly, it outlines how organizations can achieve those advantages by explaining the key technical practices which are essential to any successful technology transformation. For the first time in its long history, it also focuses on the importance of the database and shows that integrating it into DevOps avoids time-consuming, unprofitable delays that can derail the benefits DevOps otherwise brings.

It highlights four key practices that are essential to successful database DevOps:

1. Database change management

Today's fast-moving organizations are deploying updates to their database much more frequently than ever before. The 2018 State of Database DevOps Survey from Redgate found that over a third (35%) make changes either daily or more than once a week. If not handled as part of the DevOps flow, this can lead to bottlenecks in the process that prevent true DevOps.

Organizations therefore need to integrate database development into the software delivery process in order to drive continuous delivery, and adopt common tools across database and application development. This starts with strong communication and collaboration between development teams and includes changes being handled in the same way with, for example, database migration scripts version controlled like changes to the application.

2. Monitoring and observability

The proactive monitoring of applications and infrastructure is vital to being able to make informed decisions around DevOps. DORA defines monitoring tools as solutions that enable teams to watch and understand the state of their systems, based on gathering predefined sets of metrics. Observability is a newer category of tool that allows teams to actively debug their systems and to look at performance patterns that they've not defined in advance.

The research found that companies with monitoring and observability solutions were 1.3 times more likely to be in the leading group when it came to DevOps performance. Again, it is vital that organizations deploy solutions that provide them with the right metrics and enable them to proactively manage their database performance alongside the rest of their infrastructure. They need to adopt common indicators and link them to business SLAs in order to achieve a comprehensive picture of their entire infrastructure.

3. Continuous testing

Many organizations have adopted automated testing, using fast, reliable suites of automated tests that are primarily created and maintained by developers. Continuous testing goes further than this, bringing together developers and testers to work together, focusing on continually improving testing.

One key stumbling block to adopting continuous testing is around the data used in the process. To ensure that applications function correctly, developers prefer to use copies of production databases in their testing environments, but this leads to justifiable concerns around the privacy of personal data.

Continuous testing therefore needs to include data masking tools that anonymize sensitive information automatically, yet also make that masked data realistic and truly representative of the original in order to retain its referential integrity and distribution characteristics.

4. Shifting left on security

Compliance and security are now high level business issues for every organization. This is being driven by a combination of increased consumer concerns about how their data is collected and used and a greater risk of hacking and security breaches. 87% of those surveyed as part of the DORA report said they were subject to regulations like PCI DSS, HIPAA, or Sarbanes-Oxley, for example. With more legislation like the GDPR and the California Consumer Privacy Act coming into force to ensure the protection of personal data, this trend will only continue.

Clearly, security needs to be part of DevOps because the very nature of DevOps means security reviews which were previously at the end of the development process can no longer exist. Instead, teams need to shift left on security, ensuring that development practices factor in security from the start. This can include running tests to help discover security problems throughout the software development process, making it easy for teams to use pre-approved libraries, packages, and toolchains, and using static code analysis for database code as well as application code.

Summary

DevOps has come a long way since the first DORA report appeared five years ago, with its benefits now recognized across industries and companies of all sizes. At the same time, data has become the lifeblood of agile businesses. By bringing the two together and adopting DevOps for the database as well as the application, database changes will no longer slow teams down or cause problems during deployments.

Matt Hilbert is a Technology Writer at Redgate Software
Share this

Industry News

December 19, 2024

Check Point® Software Technologies Ltd. has been recognized as a Leader in the 2024 Gartner® Magic Quadrant™ for Email Security Platforms (ESP).

December 19, 2024

Progress announced its partnership with the American Institute of CPAs (AICPA), the world’s largest member association representing the CPA profession.

December 18, 2024

Kurrent announced $12 million in funding, its rebrand from Event Store and the official launch of Kurrent Enterprise Edition, now commercially available.

December 18, 2024

Blitzy announced the launch of the Blitzy Platform, a category-defining agentic platform that accelerates software development for enterprises by autonomously batch building up to 80% of software applications.

December 17, 2024

Sonata Software launched IntellQA, a Harmoni.AI powered testing automation and acceleration platform designed to transform software delivery for global enterprises.

December 17, 2024

Sonar signed a definitive agreement to acquire Tidelift, a provider of software supply chain security solutions that help organizations manage the risk of open source software.

December 17, 2024

Kindo formally launched its channel partner program.

December 16, 2024

Red Hat announced the latest release of Red Hat Enterprise Linux AI (RHEL AI), Red Hat’s foundation model platform for more seamlessly developing, testing and running generative artificial intelligence (gen AI) models for enterprise applications.

December 16, 2024

Fastly announced the general availability of Fastly AI Accelerator.

December 12, 2024

Amazon Web Services (AWS) announced the launch and general availability of Amazon Q Developer plugins for Datadog and Wiz in the AWS Management Console.

December 12, 2024

vFunction released new capabilities that solve a major microservices headache for development teams – keeping documentation current as systems evolve – and make it simpler to manage and remediate tech debt.

December 11, 2024

CyberArk announced the launch of FuzzyAI, an open-source framework that helps organizations identify and address AI model vulnerabilities, like guardrail bypassing and harmful output generation, in cloud-hosted and in-house AI models.

December 11, 2024

Grid Dynamics announced the launch of its developer portal.

December 10, 2024

LTIMindtree announced a strategic partnership with GitHub.