Executive Insights on the Future of DevOps

This article is featured in the new DZone Guide to DevOps. Get your free copy for more insightful articles, industry statistics, and more! 

To gather insights on the state of DevOps, we spoke with 22 executives at 19 companies implementing DevOps for themselves and helping clients to implement a DevOps methodology. Here’s who we talked to:

• Gil Sever, CEO, Applitools

• Mike Tria, Head of Infrastructure, Atlassian

• John Trembley, CMO, Atmosera

• Scott Harvey, V.P. Engineering, Atmosera

• Aruna Ravichandran, VP DevOps Products and Solutions Marketing, CA Technologies

• Flint Brenton, CEO, CollabNet

• Tom Hearn, Data Center Architect, Datalink

• Shehan Akmeemana, CTO, Data Dynamics

• Robert Reeves, Co-founder and CTO, Datical

• Anders Wallgren, CTO, Electric Cloud

• Job van der Voort, Vice President of Product, GitLab

• Ben Slater, Chief Product Officer, Instaclustr

• Ilya Pupko, Chief Architect, Jitterbit

• Tom Joyce, CEO, Pensa

• Stephanos Bacon, Chief of Product, Portfolio Strategy for Application Platforms, Red Hat

• Michael Mazyar, CTO, Samanage

• Eric Wahl, IT Director, Scribe Software

• John Joseph, Vice President of Marketing, Scribe Software

• Manish Gupta, CEO and Founder, ShiftLeft

• Martin Loewinger, Director of SaaS Operations, SmartBear

• Jonathan Parrilla, DevOps Engineer, SmartBear

• Chris McFadden, V.P. Engineering and Operations, SparkPost

And, here’s what they told us:

1. The most important elements of a successful DevOps implementation are a combination of people, culture, processes, and automation. Culture is the most important of these, and continues to be a huge issue. There’s a people problem with IT and security, development, and operations which must be brought together from the top down through the CTO or CIO. You cannot force developers to do operations; however, you must break the silos of development, operations, and testing to form one team with the same goals and objectives.

Identify the tools and processes that you will need for your organization. You need agile velocity for development cycles. CD as a process requires automating the entire value delivery lifecycle. Automate everything you can to reduce risk, secure code more thoroughly, and have more confidence in the entire pipeline.

2. Keys to addressing security with a DevOps methodology are to implement it early in the SDLC, use continuity, and to use automation. You must shift left and bring security into the SDLC. Security should be built into products when they are designed. Security models are part of the original plan. Security is integrated or layered with training, coding standards, testing, and peer-reviewed code. Involve security in the DevOps process and figure out how to automate security checks. Automate as much as you can, including penetration tests and static code analysis. Check versions of dependencies for known vulnerabilities.

3. The most significant change our respondents have seen in the evolution of DevOps is the speed at which it’s being implemented across the board – at start-ups and old-school enterprises. There’s greater awareness of DevOps and what it can do, people understand its benefits, it’s becoming a hard requirement for companies to be successful and to keep IT professionals who want to remain relevant during the digital transformation.

Three years ago, the State of DevOps Report showed the market cap growth for DevOps companies outperformed the S&P 500. Now finance is asking why organizations can’t release every 11.7 seconds like Amazon. The C-suite has realized the value DevOps brings to the organization and how it ultimately improves the customer experience.

4. Speed is where the greatest value is seen: time to market, mean-time-to-resolution, feedback loops, getting new features to customers, and less development time. Cultural value is also seen in breaking down the silos between developers and operations so they are attacking problems as a team rather than as adversaries.

DevOps accelerates the process of core software development. We ship quickly, have more positive feedback loops, and pick up new tools and technology faster. One company we spoke with decreased their time to market by 42% and improved the quality of their code by 48%, while also improving employee retention, efficiency, and productivity. Automation removes overhead and calendar time from the development process.

The majority of examples of real-world problems being solved by DevOps were in financial services and ran the gamut from rolling releases at greater speed with better security.

Examples of actual use cases included:

• An online trading company used to be able to deploy only after trading hours, which meant long nights and weekends for employees. DevOps tools enabled them to deploy in 45 seconds.

• A large financial services firm was able to reduce loan funding time by 5X while reducing regression testing by 93%.

• A large U.S. bank had an existing app that stood the test of time but could not move to mobile. They did a “lift and shift” to the respondent’s platform exposing what they needed to as REST services and built the user interface on top.

• A large U.S. airline changed their continuous testing paradigm, saving $500,000 while increasing code coverage by 85%.

• A large telecom company in China needed to reduce cycle times for development, building, and testing. The respondent’s company built a backbone of automation to get a small team of internal customers on board. Once the rest of the company saw the reduction in the time required to build, test, and deploy, all the other teams were anxious to deploy the new automated methodology.

5. The biggest obstacle to the success of DevOps implementation is the inability to embrace change on several fronts – culture is first and foremost, eliminating silos and fiefdoms, security, business practices, tools, and technology. Management and team members need to embrace change, embrace the mentality of fail early, fail fast, and quit worrying about the security of their current jobs because they fail to realize DevOps will take them away from mindlessly pushing buttons and put them in revenue-generating tasks that will enable them to add more value to the organization. Companies need to start with one project and a “tiger team” to implement it, then watch the organization change as their members see the impact the DevOps methodology can have once walls come down and automation is implemented.

6. Slightly more than half of the respondents had concerns regarding DevOps – most revolved around culture and change, as well as security. People try to cut corners without adopting the right culture or architecture. This will lead to failure and the responsibility will be laid at the feet of the methodology rather than the feet of the people responsible for the lack of proper implementation. Companies fail to realize this is a long-term initiative that begins with culture change.Because of the speed to CD, there’s a negative impact on security with obvious vulnerabilities getting through production. Companies need to be implementing security from the beginning of the process.

7. Respondents’ visions for the future of DevOps are wide-ranging, with ubiquity and security being the only topics mentioned more than once. According to the feedback we received, everyone will be doing DevOps in the near future. People need to be properly trained in the functions, activities, tasks, and responsibilities. DevOps will be fully adopted along with the strategy, tools, processes, and culture necessary to create value for the consumer. DevOps will continue to expand its footprint so infrastructure becomes generic and accessible by APIs.There will be continued growth of more sophisticated APIs.

The rate of code changes and deployments will continue to increase.As such, security and DevSecOps will continue to grow out of necessity.Growth in the security space will be massive as organizations strive to improve the security of all code and applications.

8. In order to be successful with DevOps, developers need to be mindful of collaborating with all other team members, own their new responsibilities, and learn operations since they will ultimately be responsible for it. Take an operations team member and a DBA to lunch. Quit thinking you’re superior to your team members and get to know what you can do to make their jobs easier since you will ultimately beresponsible for what they are doing. If you built it, you run it. Now is the time to reach out and learn why things need to be done a certain way. Build relationships across teams. Partner with teams to be monumentally successful. Work together to find ways to improve the process– that’s the way things get dramatically better. Be part of the DevOps solution, not part of the cultural problem hindering its success.

This article is featured in the new DZone Guide to DevOps. Get your free copy for more insightful articles, industry statistics, and more!