The Expanding Culture of DevOps
In today's rapidly changing and expanding business environments simply breaking down the walls between development and operations is not enough. Now database, security, compliance and quality assurance (QA) must be added to the DevOps mix and here's why.
Involve Database Administrators Earlier To Avoid Deployment Delays
For many organizations data is the golden asset so any database outage, no matter how small, is extremely costly. In traditional development models, the Database Administrator (DBA) only gets involved just before an application is deployed into production at which point changes are not only costly but may cause significant delays in deployment. DevOps for databases means involving the DBA earlier and using automation wherever possible.
Opening communications channels and involving the DBA as soon as possible will lead to an agreement between the DBA and developers on how to properly make database changes smoothing the final phases of deployment into production as well as reducing the risk of costly database outages.
Additionally, when multiple development teams are in motion rapidly developing and deploying releases it is imperative that database teams be involved early. A DevOps model that includes the database teams can identify and automate changes which not only ensures a working build (code and database) is available at any given point, but also provides version control, rollback capability, and an audit trail to help diagnose issues that do arise.
Integrate Security Teams To Lower Risks of Continuous Integration
In a DevOps model, one goal is to increase the velocity of continuous integration and deployment workflow. To be more efficient and increase velocity DevOps teams may take some risky shortcuts – share credentials or allow unrestricted access to privileged accounts making audit trails completely useless.
In efforts to maintain security confidence, security teams are forced to put the brakes on the DevOps workflow, furthering the perception that security slows the development process.
For DevOps to see continued success security must be brought into the fold. Security teams must create clear policies and procedures that are easy for all parties to understand and agree to so that security is assimilated into every team’s processes and culture. Security, however, must go beyond that, each team member must take an ownership stake in security and adhere to security best practices within their roles on the team.
Security too will benefit from automation. Automation in the areas of code analysis, configuration management, credential management to name a few, reduces risk from human error, downtime and vulnerability exposure. Automation will also help security keep pace with DevOps thus improving the overall workflow.
Incorporate Compliance in DevOps Culture To Avoid Barriers To Change
Utter the word compliance and everyone in the room groans. Beyond that, compliance travels in waves through any organization, rising frantically when audits approach and ebbing shortly after uncovered, high-priority issues are resolved. Consistent vigilance is something that escapes many organizations.
DevOps views compliance as resistance to change and in direct conflict with the DevOps culture which is all about change, and rapid change at that. But take a moment to consider automation which plays a key role in the DevOps workflow. Automation introduces reliable, repeatable and traceable practices, the crucial elements of compliance. With a little effort, compliance requirements can be expressed as code, thus allowing it to be tested just like any other code in the DevOps workflow.
Including compliance as part of DevOps workflow brings irregularities in compliance to light much earlier prompting faster remediation. Beyond that, building compliance into the DevOps workflow brings constant, focused, and documented vigilance to a previously tedious, disruptive task with far less effort and stress for the entire organization.
Prioritize QA Testing Without Sacrificing Development
DevOps is not just about turning out faster releases, but also about improving the quality of each release. Even in the DevOps world, improved quality still means testing, finding and fixing defects before the release becomes production. In the DevOps model, developers are writing and automating testing for their own code, but developers are not testers. Testing without thought or purpose is also not testing.
Testers are trained to find quality issues, therefore QA too must be included early on to help craft acceptance criteria. With deep knowledge of security, performance and reliability the QA team becomes mentors to the development staff as they add test cases to the QA repository. Working together QA and development can design and develop the testing methodology and framework used throughout the organization so that automated testing remains efficient and effective.
As the DevOps workflow gains velocity releases will be produced faster than ever. Any friction that exists between groups will only increase as this velocity grows which is why bringing those groups into the fold now is crucial to the continued success of the DevOps culture.
Sign up to receive updates and announcements from DynAgility.