DevOps is the software practice of iterative realization of product to target environments as the intersection of development, operations and quality assurance
Background
Development, QA and Operation teams have a common vested interest in ensuring that applications are meeting their stated objectives in the most efficient manner.
Development
- Development teams are tasked with application delivery.
- Modern practices assume that development activities will be conducted as efficiently as possible.
- Developers therefore are expected to perform the minimum viable activities to produce the required product
Quality Assurance
- Quality Assurance teams are tasked with ensuring applications are meeting the stated objectives of the product
- Failure in a public environment can be costly to a business in time, expense, reputation
- QA teams therefore attempt to ensure that applications meet the required objectives prior to the application failing in a production environment
- QA teams also assist the mitigation planning and resolution activities to resolve defects found either in production or other environments
Operations
- Operations teams are tasked with ensuring that applications are available to the target audience
- Operations teams are also tasked with the monitoring and lifecycle of applications and their underlying infrastructure
- As a result are best placed to detect aberrant application behaviour, user behaviours and the underlying data persistence and communication channels which support modern applications
Pipeline
The pipeline acknowledges that applications and their dependencies:
- require planning
- change over time
- require testing to provide assurance
- are interdependent on what has come before (and to a lesser extent, what may come in the future)
Plan
Planning typical covers:
- Acquiring and understanding historical goals
- Preparing and defining future goals
- Application features, behaviours and maintenance of known issue lists
- Data, backups, and compression
- Reliability and accessibility of Communication channels
- Security of the application, its underlying data, the host infrastructure
- Delivery into the planned environments and removal of applications from old environments
- Requirements needed to sufficiently test an application, and model its behaviour in a production like environment
- Monitoring and logging of applications in flight and at rest
- Project hosting costs and changes to projected infrastructure needs
Create
Create typically includes application development activity however may also include:
- Infrastructure commissioning
- Database maintenance
- Security modifications, including firewall patch design and transport level encryption changes
- Application load balancing changes
Verify
Verification is required to ensure that activities undertaken in a Create phase, meet the stated objectives of those outlined in the Plan phase
- What has and has not changed
- Why have changes occurred
- Is the change correct and complete
- Is there a change to risk as a result of the change
Package
Packaging is the act of collecting all planned and approved changes into an asset ready for release.
- Is the package ready to be deployed?
- Are all the package dependencies available, secure, reliable, licenced and vetted?
- Does the owner of the package understand the content of the package?
- Has authority been provided to proceed with a release?
- What mitigation plans will be undertaken to produce a rollback in the event of a failure?
Release
Release implements the planned release of a package into and its associated dependencies, but also:
- Acknowledges change windows are adhered to by the operation team
- Communicates the actions taken during the change and records any activities which require further scrutiny
- Acknowledges when a release has either succeeded or failed
- Implements mitigation where required to resolution of issues, using plans where possible
Configure
Configuration after release ensures that the package is operating within the planned environment, with the planned changes to the infrastructure and other dependencies
- Make changes to network and application firewalls
- Make adjustments to load balancing and tuning of the resources required to make the application or package operate within planned tolerances
- Update application log monitoring to track new resources
Monitor
Inspection of application behaviour may be monitored automatically or be implemented manually, however the end result is that:
- Authorised users are able to access the applications
- Devices hosting the applications and their dependencies are operating correctly
- Issues are identified early
- Communication is distributed quickly and covers the minimum detail required to address or further investigate issues
- Monitoring suitability is assessed and addressed promptly when gaps are detected
- Preparation for future planning activities is also prepared, based on all DevOp phases