Welcome!

Related Topics: Microservices Expo, Industrial IoT, Containers Expo Blog, @CloudExpo

Microservices Expo: Blog Feed Post

Devops Is Not All About Automation

Tools are for automation, devops is for people

It’s easy to get caught up in the view that devops is all about automation. That’s because right now, most of the value of devops and repeatable processes is focused on deployment of applications within virtual or cloud computing environments and dealing with that volatility requires automation and orchestration to combat the growing dearth of human resources available to handle it. But devops isn’t about the environment, or the automation. Those are just tools, albeit important ones, to achieving devops. Devops is more about the agility and efficiency gained through streamlining processes and being able to react rapidly. You know, agile. It’s about iterating over processes and refining them to make them more efficient. You know, agile.

blue devops Devops is about continuity; about ensuring continuous delivery. More often than not this focuses on automated and integrated deployment processes enabling rapid elasticity, but that’s just the most obvious use case. Not every process can be automated, nor should they be. Agility is about being able to react; to have processes in place that can efficiently and effectively address challenges that crop up from time to time.

devopsmaturitymodel_thumb[3]The programmability of infrastructure, for example, can enable devops to put into place processes that define how IT reacts to emerging threats. This is one of the promises of SDN and OpenFlow – that the network can adapt to external pressures and events through programmatic intervention. With generally new and unknown threats, there’s no immediate remediation available and no button operations can push to deploy a preventive measure against it. Programmatic intervention is necessary. But who is responsible for intervening? That’s part of the question devops should be able to answer.

AN EXAMPLE

If we take as an example the typical response to an emerging threat, say a 0-day threat, we can see how devops applies.

Initially, organizations respond by panicking (more or less. The agitated state of a security professional upon learning about the threat appears similar to panicking in the general population). The response is unpredictable and reactive. If the threat is in the application or application server infrastructure layers, no one’s quite sure who is responsible for handling. The threat may remain real and active for hours or days before someone figures out what it is they’re going to do.

In a more mature devops stage, experience may have taught operations what to do, but response is still reactive. Operations may not always proactively monitor or scan for potential threats and thus may be caught off-guard when one suddenly appears on the threat radar. The process for handling, however, is repeatable on a per-service basis.

As organizations continue to mature, standards evolve regarding how such threats are handled. Potential threats are monitored and processes are in place to manage eventual emergence. Responsibility is well understood and shared across operations and development. Operations understands at this point how what stop-gap measures – such as network-side scripts to prevent penetration of emergent application layer threats – are likely to be needed, and development and administrators understand which of these threats must be addressed by whom, and at what point in the process they must be mitigated.

Quantifying metrics for success follows, with both development and operations using the same metrics. Time to initial redress, time to complete resolution, time at risk, etc… Finally optimization – streamlining – of processes can begin as devops fully matures. Substitution of automated scanning and virtual patching for scanning and manual mitigation occurs, speeding up the process as well as assuring a higher security profile for the entire organization.

Most of this maturation process does not involve nor require automation. Most of it requires people; people who collaborate and define processes and policies that govern the delivery of applications. Devops must first define and refine processes before they can be automated, thus automation is unlikely to occur except in the most mature of devops-enabled organizations.

In many cases, processes will still comprise manual steps. Some of those steps and tasks may be automated at a later date, but until an organization is fully invested in devops and allows the maturation process to occur organically (with guidance of course) automation may result in nothing less than what developers and architects got with SOA – lots of duplication of services that made the entire system more complex, more costly to manage, and more difficult to troubleshoot.

Devops is a verb. It’s not something you build, it’s something you do.

Read the original blog entry...

More Stories By Lori MacVittie

Lori MacVittie is responsible for education and evangelism of application services available across F5’s entire product suite. Her role includes authorship of technical materials and participation in a number of community-based forums and industry standards organizations, among other efforts. MacVittie has extensive programming experience as an application architect, as well as network and systems development and administration expertise. Prior to joining F5, MacVittie was an award-winning Senior Technology Editor at Network Computing Magazine, where she conducted product research and evaluation focused on integration with application and network architectures, and authored articles on a variety of topics aimed at IT professionals. Her most recent area of focus included SOA-related products and architectures. She holds a B.S. in Information and Computing Science from the University of Wisconsin at Green Bay, and an M.S. in Computer Science from Nova Southeastern University.

Latest Stories
With more than 30 Kubernetes solutions in the marketplace, it's tempting to think Kubernetes and the vendor ecosystem has solved the problem of operationalizing containers at scale or of automatically managing the elasticity of the underlying infrastructure that these solutions need to be truly scalable. Far from it. There are at least six major pain points that companies experience when they try to deploy and run Kubernetes in their complex environments. In this presentation, the speaker will d...
While DevOps most critically and famously fosters collaboration, communication, and integration through cultural change, culture is more of an output than an input. In order to actively drive cultural evolution, organizations must make substantial organizational and process changes, and adopt new technologies, to encourage a DevOps culture. Moderated by Andi Mann, panelists discussed how to balance these three pillars of DevOps, where to focus attention (and resources), where organizations might...
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
When building large, cloud-based applications that operate at a high scale, it's important to maintain a high availability and resilience to failures. In order to do that, you must be tolerant of failures, even in light of failures in other areas of your application. "Fly two mistakes high" is an old adage in the radio control airplane hobby. It means, fly high enough so that if you make a mistake, you can continue flying with room to still make mistakes. In his session at 18th Cloud Expo, Le...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
As Cybric's Chief Technology Officer, Mike D. Kail is responsible for the strategic vision and technical direction of the platform. Prior to founding Cybric, Mike was Yahoo's CIO and SVP of Infrastructure, where he led the IT and Data Center functions for the company. He has more than 24 years of IT Operations experience with a focus on highly-scalable architectures.
CI/CD is conceptually straightforward, yet often technically intricate to implement since it requires time and opportunities to develop intimate understanding on not only DevOps processes and operations, but likely product integrations with multiple platforms. This session intends to bridge the gap by offering an intense learning experience while witnessing the processes and operations to build from zero to a simple, yet functional CI/CD pipeline integrated with Jenkins, Github, Docker and Azure...
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...
René Bostic is the Technical VP of the IBM Cloud Unit in North America. Enjoying her career with IBM during the modern millennial technological era, she is an expert in cloud computing, DevOps and emerging cloud technologies such as Blockchain. Her strengths and core competencies include a proven record of accomplishments in consensus building at all levels to assess, plan, and implement enterprise and cloud computing solutions. René is a member of the Society of Women Engineers (SWE) and a m...
Dhiraj Sehgal works in Delphix's product and solution organization. His focus has been DevOps, DataOps, private cloud and datacenters customers, technologies and products. He has wealth of experience in cloud focused and virtualized technologies ranging from compute, networking to storage. He has spoken at Cloud Expo for last 3 years now in New York and Santa Clara.
Enterprises are striving to become digital businesses for differentiated innovation and customer-centricity. Traditionally, they focused on digitizing processes and paper workflow. To be a disruptor and compete against new players, they need to gain insight into business data and innovate at scale. Cloud and cognitive technologies can help them leverage hidden data in SAP/ERP systems to fuel their businesses to accelerate digital transformation success.
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
Poor data quality and analytics drive down business value. In fact, Gartner estimated that the average financial impact of poor data quality on organizations is $9.7 million per year. But bad data is much more than a cost center. By eroding trust in information, analytics and the business decisions based on these, it is a serious impediment to digital transformation.
Digital Transformation: Preparing Cloud & IoT Security for the Age of Artificial Intelligence. As automation and artificial intelligence (AI) power solution development and delivery, many businesses need to build backend cloud capabilities. Well-poised organizations, marketing smart devices with AI and BlockChain capabilities prepare to refine compliance and regulatory capabilities in 2018. Volumes of health, financial, technical and privacy data, along with tightening compliance requirements by...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.