James, Karthik, and Ernest did a Webcast on Devops State of the Union 2015 talk for the BrightTalk Cloud Summit. It went well! We had 187 attendees on the live feed. In this blog post we’ll add resources discussed during the talk and we will seed the comments below with all the questions we received during the webcast and answer them here – you’re all welcome to join in the discussion.
The talk was intended to be an overview of DevOps, with a bunch of blurbs on current and developing trends in DevOps – we don’t go super deep into any one of them (this was only 40 minutes long!). If you didn’t understand something, we’ve added resource links (we got some questions like “what is a container” and “what is a 12-factor app,” we didn’t have time to go into that in great detail so check some of the links below for more.
Resources:
- DevOps State of the Union 2015 Slides on SlideShare
- What Is DevOps?
- The 2014 State of DevOps Report (Puppet, Thoughtworks, IT Revolution Press)
- CAMS (John Willis)
- The Three Ways (Gene Kim)
- The Twelve-Factor App
- Docker Questions (Common questions we got during QA at the BrightTalk summit)
- Advanced topic: Factorish and the 12-Fakter App, by Paul Czarkoswki
- Gartner quotes on DevOps – 20% of G2000, 90% fail without culture shift
- Rightscale 2015 State of the Cloud Report
- Donkey and Unicorn graphic by Mireille Rae
- Knit monkey by Su Ami
the agile admin 
Question: What is the impact of ten deploys per day with respect to security? Is there any data that shows faster response to security vulnerabilities?
Question: How cruicial is having the right people in the org to implement Devops? Can an org succeed without the right people?
Question: How can we use slack/hipchat in a devops framework?
Well, I mentioned ChatOps in the presentation. Here’s a blog post I coincidentally wrote just yesterday on the topic: http://copperegg.com/the-power-of-chatops/ My examples were all HipChat because that’s what I’m using, but I know James has some nice deployr/slack integration going that maybe he’ll share.
Question: Why is a 12 factor app called that? What are the 12 factors?
The twelve factors are documented at 12factor.net. The quick list is:
I. Codebase
One codebase tracked in revision control, many deploys
II. Dependencies
Explicitly declare and isolate dependencies
III. Config
Store config in the environment
IV. Backing Services
Treat backing services as attached resources
V. Build, release, run
Strictly separate build and run stages
VI. Processes
Execute the app as one or more stateless processes
VII. Port binding
Export services via port binding
VIII. Concurrency
Scale out via the process model
IX. Disposability
Maximize robustness with fast startup and graceful shutdown
X. Dev/prod parity
Keep development, staging, and production as similar as possible
XI. Logs
Treat logs as event streams
Also, 12 factor is mentioned in a lot of detail here: http://www.12factor.net Also, Paul Czarkowski has a great blog post on more details: http://tech.paulcz.net/2015/01/factorish_and_the_12_fakter_app/
Question: What are some strategies that enterprises can use to avoid Docker from becoming the legacy VMWare stack? How will container sprawl be managed at scale?
I’ve answered this in a blog post on stackengine: http://stackengine.com/common-questions-about-docker/
Question: What are the differences between regression testing and monitoring?
I believe that from a theoretical perspective, there is very little difference between regression testing and monitoring. They use different tooling for historical reasons, but let’s look at the intent. CI testing is about running tests to ensure your system is running correctly pre-deployment. They should be fast, and ideally you get metrics on performance, security, etc. Monitoring is about running monitors to ensure your system is running correctly post-deployment. They should be low impact, and ideally you get metrics on performance, security, etc.
There’s a harmful antipattern where devs write some nice JUnit/JMeter tests and then some ops engineer tries to create a “transactional service monitor” with less understanding of what the app does. In the future, we can and should have monitoring payload delivered along with the app, indistinguishable and perhaps a subset of the testing payload. And then you could run more the testing payload on production if it looks like things are going wrong (Star Trek engineers demanding a “level 3 diagnostic” of the warp core comes to mind…).
Anyway, much of the difference between testing and monitoring is purely historical and pointless – they came from two places and thus were implemented using different tooling – but I think that’s an antipattern in the future.
Question: What do enterprises lose when they lift their legacy applications to containers? Also, are orgs actually doing this?
At StackEngine, we’ve been seeing some companies wanting to do this. Also, in addition, here’s a good blog post on things you want to consider when you want to containerize legacy applications: http://stackengine.com/legacy-applications-choosing-success/
Question: Docker and security- how do you handle this with clients?
I’ve answered this in a blog post on stackengine: http://stackengine.com/common-questions-about-docker/
Question: Is it beneficial to take it even further in the abstraction process by reverse engineering Docker for a specific environment needs? Are there companies with this mindset?
Question: Is anyone doing any DevOps for the Internet of Things, and do you have any advice for how well it works, how to tweak DevOps for this environment, etc.?
Oh, definitely. James, Karthik, and I first worked together at National Instruments where we were doing some Iot/SaaS work and then those two worked at Mentor Graphics for a while doing some more in that arena. That’s a pretty big area for a comment thread, but here’s some leads.
1. DevOps.com has a whole set of IoT articles: http://devops.com/tag/internet-of-things/
2. CFEngine has been coming back out swinging in the IoT realm, the way it works is very conducive to that kind of setup. They were a sponsor at IoT World this May, and Mark Burgess has been doing a lot of speaking on the topic. Check out his “The Future of Configuration Management” talk from DOD SV: http://www.ustream.tv/recorded/49677732
In fact a lot of the discussion has gone from IoT and DevOps to IoT and DevOps and security; finding a higher velocity way to ensure security is critical in the IoT space (several talks at DevOpsDays Austin touched on this).
Question: What is the difference between a microservices architecture and a Service Oriented Architecture?
Karthik has a more technical answer but for me (and I implemented Oracle SOA Suite at a previous gig) I feel like SOA was one attempt at implementing something good, but generally the implementations left something to be desired.
It’s a lot like most ITIL/ITSM implementations pre-DevOps – there’s nothing wrong with the ITSM model and Gene Kim would be the first to tell you that, but most approaches at implementing it were hateful bureaucratic velocity-busters. But you can take the same model and do a DevOps implementation using the same theory and it’s better.
SOA implementations were a step towards microservices but were generally quite hard to administer, inflexible, expensive, et cetera. And it’s not all their own fault; i think the idea on how to architect that was pretty new (actual quote from my past: “Goddamnit did you just deploy a new ESB service as part of your app that is just an IF statement!?!”).
Question: What are your thoughts about Goats and DevOps?
I wasn’t familiar with this, but now I am and you can be too: http://www.slideshare.net/MichaelDucy/the-goat-and-silo is the presentation and http://www.informationweek.com/applications/hire-goats-not-outside-devops-engineers/d/d-id/1111330? is the article.
TL;DR Michael Ducy posits that you can’t/shouldn’t bust silos but instead use full stack engineers to bridge them instead of hiring “DevOps Engineers.”
I feel like that may be two false dichotomies. You can’t bust every silo, and a reorg doesn’t solve your problems. but frankly most organizations that don’t understand the issues with having a hundred mini-teams probably still need some silo busting, and I think it’d be foolish to say ‘we’re adopting a new culture and new means of collaboration between teams and there will probably be *no* organizational realignment coming out of it.” And usually when I look for people to fill any kind of devops role I look for generalists with some kind of specialty (t-shaped individuals). So, I feel like in general that’s a reaction against something he’s seen, but not sure how common it is.