Every organization is different and for most, the DevOps journey isn't a smooth, straight line. There's no such thing as a "linear" DevOps journey. Rather, "there are many starts and stops along the way, which can kill early momentum and lead to cynicism."
This is one of the key takeaways from a recent survey of 3,000 IT managers and professionals conducted by Puppet and Splunk Inc., which documents the DevOps journey, from start to finish. The study was underwritten by Amazon Web Services, Cloudability, Cognizant, CyberArk, Diaxion, Eficode and Splunk.
Also: Where does DevOps start? Not where you think
As a refresher, DevOps is best defined as "a set of practices that automates the processes between software development and IT teams, in order that they can build, test, and release software faster and more reliably." (This nice concise definition courtesy of the folks at Atlassian.) DevOps harnesses the creative energy of developers and channels it into cadenced releases as required by the business.
There is one common denominator all successful DevOps enterprises have, the researchers find -- a culture of collaboration and sharing across any and all fiefdoms. "The practices with the most significant impact across the entire DevOps evolutionary journey are dependent on sharing, one of the key pillars of DevOps," the survey reports authors state. "Organizations that have small pockets of DevOps success, yet never manage to spread that success further, are stalled and can't progress to higher levels of automation and self-service. So the business impact of their DevOps success may not be felt where it matters."
Tellingly, those higher up in organizations often think they have DevOps in force, but those people further down in the trenches don't necessarily see it that way. "C-suite respondents were more likely to report that DevOps practices were in frequent use," the survey's authors find. For example, 64 percent of C-suite respondents believe that security teams are involved in technology design and deployment versus 39 percent at the team level. Additionally, 54 percent of C-suite respondents believe their organization automates security policy configurations versus 38 percent at the team level.
Also: A proactive flavor of DevOps grows at Google
The survey report's authors identified the six key stages of DevOps progression. About 11 percent fall into the most advanced category, which likely means they have highly collaborative teams functioning across their organizations, and offer tremendous self-service capabilities as well to practitioners. That means 89 percent have plenty of work to do, and 10 percent are really struggling:
- Building the foundation: "When development and operations teams -- and frequently other stakeholders, such as testing or security -- are just starting to grasp the importance of collaboration and sharing, they rapidly implement technologies and processes to facilitate sharing of ideas, metrics, knowledge, processes, and technologies."
- Normalizing the technology stack: "Dev teams make a coordinated move to more agile development methods (e.g., an enterprisewide Agile mandate), or a few teams organically adopting new methods for specific products or workflows. Development teams at this stage have adopted version control,which is the first step on the path to continuous integration and continuous delivery. They're also beginning to normalize their tech stacks by eliminating redundant systems, perhaps refactoring applications to work on a smaller set of operating systems."
- Standardizing and reducing variability: "Both dev and ops teams concentrate on reducing variance, continuing to standardize the tech stack by further reducing the number of operating systems to a single OS or OS family and building on a standard set of technologies: databases, key value stores, message queues,identity stores and more."
- Expanding DevOps practices: With new levelx of trust engendered through DevOps, "important cultural shifts can take place in the organization. For example, individual team members can gain the ability and organizational permission to do work without manual approval from outside the team, eliminating bureaucratic overhead and promoting more efficient workflows."
- Automating infrastructure delivery: "Systems configuration and provisioning are automated, which "resolves the issue of developer throughput outpacing operations, and therefore the ability to deploy. Automated system configuration makes it possible for ops teams to deliver systems to developers and QA that match the eventual production environment -- and deliver them faster."
- Providing self-service capabilities: Infrastructure automation "catalyzes the creation of self-service more broadly throughout the organization in subsequent stages. At this stage, resources are available via self-service, and incident response is automated. With self-service capabilities, teams across the business can work at their own pace, freed from the bureaucratic overhead of manual approvals, handoffs, tickets and long wait times."
The survey report's authors also make the following three key recommendations to move DevOps from isolated teams to a wider scale across enterprises:
Start with the practices that are closest to production; then address processes that happen earlier in the software delivery cycle. "We recommend starting where the pain is most acute and visible, which is typically application deployments -- the boundary between dev and ops."
Encourage cross-team sharing is key to scale DevOps success."To ensure you can scale your early success, prioritize the building blocks that can be reused and consumed across teams,such as deployment patterns. Promoting reuse of successful patterns, enabling teams to contribute improvements to other teams' tooling, and sharing both successes and failures are all critical to expanding the other three pillars of DevOps: culture,automation and measurement.
Automating security policy configurations is mission-critical to reaching the highest levels of DevOps evolution. "Highly-evolved organizations are 24 times more likely to always automate security policy configurations compared to the least evolved organizations. This finding underscores how as organizations evolve, security policy becomes a part of operations, not just an afterthought when an audit looms," the survey report's authors point out.
Also: DevOps: A cheat sheet TechRepublic
Here is some poetic prose one can ascribe to the DevOps movement, expressed by the report's authors:
"Most successful DevOps journeys start as a ripple in the pond, then radiate out across the business. Individual teams see early success; that success spreads to multiple teams, then through a department, and finally out to multiple departments."
The bottom line is that DevOps doesn't just happen overnight; it's an evolutionary process that needs to be built and mastered over a period of time, often with trial and error. Every organization has a different mix of talent, motivations, and, of course, technologies.