DevOps in 2019 (Part 3)
DevOps in 2019 (Part 3)
In 2019, automation comes to DevOps. See what else industry leaders are predicting.
Join the DZone community and get the full member experience.Join For Free
DevOps involves integrating development, testing, deployment and release cycles into a collaborative process. Learn more about the 4 steps to an effective DevSecOps infrastructure.
Given how fast technology is changing, we thought it would be interesting to ask IT executives to share their predictions about the future of DevOps in 2019. Here's more of what they told us:
DevOps - AIOps overtakes DevOps in importance as organizations continue to spend on AI application development (and have outsized expectations of AI overall).
1) DevOps will continue to face a talent vacuum in 2019, making it increasingly challenging for organizations to recruit personnel with the specialized knowledge and capabilities necessary to execute DevOps at the highest level. At the same time, turnover on DevOps teams will remain relatively high – and when the talent an enterprise has in place moves on, the knowledge lost might prove near-impossible to replace. This challenge of recruiting and retaining DevOps talent will thus drive more enterprises to turn to managed service providers for their DevOps needs. With capable MSPs able to stabilize the availability of high-quality DevOps support and expertise, enterprises will take the opportunity to sidestep the challenges of managing internal DevOps talent while achieving all the benefits they seek.
2) The newest generation of startups will change and expand the scope and complexity of DevOps in 2019, due to the fact that DevOps is inherent within them from their start – not an add-on. Whereas in previous years, approaches to DevOps have centered on shifting mindsets and making the transformation to adopt DevOps, we now have businesses that are born with that understanding from Day One. These companies are pushing the envelope as far as where DevOps offers the best advantages throughout the software development process, reaching into areas such as infrastructure-as-code, auto-scaling, CI/CD pipelines, and ever-more complex applications. Look for DevOps to go increasingly beyond just development and production environments in 2019 to affect staging and UX, and to deliver more advanced features across a greater breadth of use cases.
The ecosystem of developer tools will continue to expand, even as more vendors pitch all-in-one solutions. We will see developers continue to choose best-of-breed tools, as one toolchain cannot meet all the varying needs of modern software teams. ‘Open’ is here to stay, and the vendors that combine openness and ease of use will thrive.
Agile software teams will continue to influence and change traditional IT organizations. They won’t just change the org charts, they will impact how the culture changes when a traditional IT organization moves to a team-based approach – especially when building, running, and supporting modern software services. IT organizations that ran in the waterfall era won’t succeed in the modern SaaS world, and we’re going to see that waterfall continue to dry up.
ITIL v4 is going to surprise some laggard enterprise IT organizations with the degree to which it embraces software teams and DevOps practices such as continuous delivery. Even enterprises that have already started to embrace continuous delivery are going to hit a wall with heavily centralized efforts as they discover over-standardizing on tools impedes adoption. As development teams look forward toward cloud-native development, operations teams will be left trying to figure out how to make legacy applications take better advantage of cloud services.
In 2019, organizations will use DevOps and cloud-native tools.
The growth of cloud and software-defined architectures is having a profound effect on infrastructure, and yet we are still seeing non-appropriate workloads continue to be deployed in cloud-native setups. This is akin to using a hammer to fit things into Kubernetes, where they shouldn’t be. In response, we are seeing the focus turning to DevOps and the importance of these teams in ensuring mission-critical apps are scalable and run efficiently in today’s environments. In 2019 we predict that organizations will continue to embrace DevOps and use new, cloud-native tools to support their applications.
The biggest surprise of 2018 was the speed at which K8s became the dominant platform for container-orchestration, automating deployment, scaling, and management of containerized applications. For 2019, we believe the main trend influencing the DevOps world will be the 'Shift-Left' approach. Although this isn't a new concept, it appears the core technology is becoming more mature and we will see more DevOps toolchain components, especially security, pushed 'to the left'.
Leading companies getting serious about DevOps will increasingly adopt DevSecOps, which focuses on the integration of security practices within the DevOps process. The urgency behind this is driven in part by the GDPR regulations that went into effect in May 2018. Compliance with GDPR’s breach notification requirement means DevOps teams need to integrate web application security best practices. In the months ahead, companies currently in or moving to the cloud will look to integrate security into the coding phase (security as code) of software development, rather than as a separate “security hardening” sprint. These organizations will also automate testing to ensure security and reliability are present without sacrificing feature velocity. As DevOps is as much about culture as process, we expect to see a cultural shift that has security and development teams working together in new and efficient ways.
We’ll see DevOps shift to become DevSecOps at an increased pace in 2019, driven by enterprises’ need to implement application security that encompasses the build-ship-run lifecycle from start to finish. It’s now clear to enterprises that image scanning and host security alone fails to safeguard applications from the threat of devastating zero-day exploits. Containerized environments make the need for DevSecOps and security across the full application lifecycle especially crucial, due to the facts that enterprises now utilize containers in production, and that automated, specialized container network security is required to thwart attacks upon these highly dynamic environments.
Continuous Delivery (CD) will become the hot buzzword of 2019, replacing AI and Machine Learning in 2018. All DevOps infrastructure vendors will rebrand and claim CD as their core value proposition while continuing to sell the same old infrastructure automation software they've sold for the past 5 years. A new breed of DevOps vendor will emerge in 2019 focused on the application layer, providing deep insight, context, and management capabilities that enable true Continuous Delivery of software.
In 2019, we'll see more DevOps teams taking more risk and begin to test in production. The only way to really test your code, to make sure your code works, is to actually put it in place and see if it works. The companies who are moving fast are doing so because they’re testing in production and willing to take some risk. For the rest, it’s not a question of if they do it, but when they can get themselves in gear to do it. Otherwise, they will be left behind by the competition. The key is to do it right, which takes more than an agile environment -- it involves strong release automation, carefully health monitoring, and of course helping top leadership understand why they must learn to stomach it. We'll see testing in production become a more widely adopted best practice for detecting bugs in the real world scenarios and ensuring their application works the way is it expected to after the deployment.
Over 90 percent of tech companies will automate DevOps processes. In 2019, the vast majority of tech companies will have some sort of DevOps process automation in place. Thanks to better tooling, increased community awareness and adoption from the largest players in the tech space, we’ll finally see widespread usage of automation. Now more than ever, inefficiency in software rollouts costs companies time and money they can’t afford. With automation, businesses can get more done while allowing employees to allocate their time to other, more strategic tasks. This year, we saw massive announcements from cloud providers like Google, which are rolling out continuous integration and delivery platforms. I expect these offerings to have a trickle-down effect to the rest of the industry. DevOps professionals, many of whom already use Google Cloud and other leading cloud services, will take note and begin implementing their own process automation in the year ahead.
Cloud-native complexity and immaturity create new security risks. When built and used properly, cloud-native environments are inherently more secure. But these environments involve new tech, new tools, and extensive configuration — all of which is unfamiliar territory for many DevOps teams and most traditional security teams. In 2019, these teams figure out what “properly” looks like and how to get up to speed.
Container security will rely on the ability to secure Kubernetes. As the orchestrator of choice for most container deployments, Kubernetes sits at the heart of effective container security. If you don’t set it up right, misconfigurations could expose your organization to significant risk and greater adoption means more frequent targeting. That’s why the focus over the next year has to turn from adoption to protection and hardening. Container security platforms must encompass strong Kubernetes security to protect containerized applications effectively.
Security moves closer to the application. Resilience and agility can be optimized through the granularity of container technology. The control layer and data plane are mixed together in cloud-native environments. You can programmatically decide how to secure the application, and write in that layer of logic to create continuous and instantaneous enforcement. Containers help you tap into the built-in application security strengths of their infrastructure. Container security platforms that leverage the native DevOps tooling, like using Kubernetes for network policy enforcement, will help DevOps and security work together in unprecedented ways and speak the same language while they do so.
The central role of DevOps will extend to more IT functions. Given the migration to cloud services, and on-prem use of cloud-native architectures, central IT has shifted to enabling applications rather than directly running the infrastructure that supports them. In today’s application development world, DevOps holds center stage, and the roles and responsibilities of this group are expanding. While the security team will define policies and put guardrails in place, DevOps will operate the security tools tied to containerized applications.
Meshing around. Interest in and deployments of service meshes will continue to rise. Expect new emergence in the space and a number of existing offerings to affix “Mesh” onto their offering name as they jump on the coattails of this hot technology.
While some service meshes assist in modernizing existing, non-containerized workloads, they are particularly helpful in sophisticated, distributed systems given that such deployments only exacerbate the need for visibility, control, and security of their networks.
For the non-network-savvy, service meshes immediately eliminate hard-to-solve challenges, facilitating a decoupling of developers and operators, who may now exert control over their services’ networks declaratively and independently—without the need for rolling a new release.
As something of a third step in containerized deployments, service meshes captured much mindshare in 2018 and will only grow in popularity and adoption in 2019 and 2020.
Creating Chaos. Principles and tools in this emergent practice space will evolve and expand in use as the complexity and rate of change of large-scale distributed systems demand new tools and techniques for increasing reliability and resiliency.
Some organizations will push past chaos engineering tools such as Chaos Monkey inducing machine failures, skip Chaos Kong evacuating entire regions, and move to Gremlin to perform precise experiments on their path to improving resiliency through orchestrated chaos.
It’s through exploration of the impact of increased latency and methodical failure of specific services that service teams will build confidence in their system’s capability to withstand turbulent conditions in production—and begin to sleep more soundly in 2019.
Opinions expressed by DZone contributors are their own.