16 best practices for DevOps transformation – Part 3
DevOps transformation in an organization is not a one-size-fits-all approach in terms of process and implementation. DevOps transformation is not only a process shift but a cultural transformation which includes proper planning on team structure, creating training plan for team, setting up process, automation, Track the actual process with centralized dashboard and so on…
Below are 16 key DevOps principles collated from the current industry + my own experience which will give you an explicit idea of how and where to start DevOps that can reduce the hurdles in deploying, securing, and running the software. Below best practices will help your organization to implement DevOps and reap the benefits out of its implementation.
The principles listed below may vary across Team & Enterprise. Most organizations will have their own strategy and principles behind their DevOps Approach. In this post, I will share my perspective on the underlying principles of the DevOps movement.
- Start small
- Version control
- Staging Environment
- Continuous Integration
- Continuous Testing
- Continuous Delivery
- Continuous Deployment
- Automation – Infra/App
- Continuous Monitoring
- Open Source
- Shift left approach
Start small Proof of Concept projects or Minimal Viable Product or Prototype that has high success probability to gain confidence in the team. For example don’t try to eat the Watermelon in one shot, Cut into pieces and consume piece by piece.
For successful faster delivery of software, Concentrate on the process and not on the tools. Work together instead of blaming each other, Dev & Ops should work together without much noise for successful results.
Don’t concentrate on tools. Focus on the Process, Tools will be easily replaceable (tailored) without much noise. Meaning that, If you freeze or crafted the process we can stitch the toolset for end-end software development and deployment process. Not only does automation enable higher productivity, but it also frees up organizations to focus on what really matters— driving performance.
The above line is from my experience. I mean it 🙂
Believe it or not: Version it each and every stuff be it Application code or Test cases or Design documents or External libraries or Database scripts or Automation scripts or Infra deployment scripts or Application deployment scripts or Jenkins configs or Application configs. Anything you need to update please put in the version control.
Preserve a production similar environment always ready to avoid issues that are found after going to production. For example, scaling issues, access issues, functionality issues, and environmental issues can be triaged in the staging environment for a quick resolution.
Have defined process to bulldoze developers to integrate their work from feature level branches to release level branches more frequently or at least daily and have automated tests against the build. By this approach, we can avoid integration issues and conflicts much earlier.
Have test suite running very often whenever code is integrated on every hour or day basis to make sure the code is stable with the release level branches.
is an extension of continuous integration to make sure that you have automated your release process with an appropriate approval process (Qa Sign Off, Performance testing, DR Testing … ) so that we can release new changes to your customers quickly without affecting the business continuity.
is a logical next step after continuous delivery: Automatically deploy the product into production whenever it passes QA!. ie. without any manual intervention.
Automation – Infra/App
Infra environment: Have the automation-ready for all the components starting from the load balancer, database … etc, to reduce complexity and manual errors.
App Deployment: Along with the Environment, please have the deployment automation for application added to the above environment build automation. It should include initializing the databases, initial setup of the application, installation of dependencies and others.
Have monitoring setup enabled to continuously run the site 24/7 without downtime.
Document each and everything. Be it any process like Change management (or) Pipelines or Run Book or Release Management or Patch Management or Rollout releases or Rollback releases to circulate better communication between teams.
Site Reliability Engineering
Use SRE best practices. Start with site reliability engineering (SRE) principles, because they help build collaboration, reduce waste, and increase efficiency. Refer for more info.
Enable security and compliance within the software deployment process (CI/CD). To improve security we have to integrate all security best practices parallelly while building a product rather than applying all the security checks to a finished product.
Leveraging open-source tools and engaging in the community will help the team to gain knowledge resulting in the best practices and solutions.
Shift left approach
Shift left is an approach to software development where security has to be built into the process and designed into the application at an earlier stage of SDLC. The main goal is to find security-related issues at an earlier stage of the development cycle. This article explores key considerations that have to follow to integrate security into the DevOps process.
DevOps is more than just a set of tools. Getting the team to align on the process and culture doesn’t happen overnight. Often we receive a lot of pushback from team/individuals/cross teams which could result in chaos, some times result in unstable product delivery to end-user. So to transform you have to start small and take one step at a time will result in making a DevOps a reality.
Related Online Courses
1. Online Courses – Modern DevOps Implementation
What you’ll get from it: This course helps you implement a complete DevOps cycle in your existing IT environment
2. Books – Practical DevOps
What you’ll get from it: This book covers multiple important subjects that every DevOps engineer should know from architecture, coding, testing, deploying, monitoring, and tracking issues.