Well it was busy week last week – James, Karthik, and I were all in lovely Carpenteria, CA at the lynda.com/LinkedIn Learning HQ to film some new DevOps Foundations courses!
We have two out already – James and I did DevOps Foundations, which lays out the basics of DevOps from culture to containers. It’s a three hour course, and should suffice to orient someone in all the ways of DevOps and defines Continuous Delivery, Infrastructure Automation, and Reliability Engineering as its three practice areas. (There’s a course handout under the Exercise Files that has links and bibliography, as well.) It’s DevOps 101 if you could use that!
And then we started to flesh out the major DevOps practice areas we defined in that course as 200-level courses. These focus on concepts but illustrate with tool demos. So we filmed DevOps Foundations: Infrastructure Automation in March, which released the end of April. It’s two hours, and covers infrastructure as code concepts and the basics of creating infrastructure from specs with e.g. CloudFormation, provisioning systems with e.g. Chef, and going immutable with Docker.
But now we have an irresistible urge to do more, so in a double shot that took about a year off my life, last week James and I recorded DevOps Foundations: Continuous Delivery, which goes over continuous integration and delivery and shows you how to build a delivery pipeline – we used Jenkins/Nexus/Chef/go/abao/Robot Framework but again we focused on concepts and did just enough implementation to illustrate it.
James went home mid-week and Karthik came out, and we also recorded DevOps Foundations: Lean and Agile! Lean and Agile are integrally related to DevOps and especially to being successful at DevOps. Our content manager actually asked us to do this one; we were kinda bulling ahead on our three main practice areas, but we said sure! We cover some Agile and Lean basics, and then we take a tip from The Goal and The Phoenix Project, and the bulk of the course is a fictional implementation stitched together from real experiences we’ve both had doing these at various companies. It was fun! Here’s a look at behind the scenes.
Both of these should drop in about 5 weeks, so keep an eye out.
The first scientific survey I’ve seen of the benefits of Lean in software is an ACM-IEEE paper done in the Finnish software industry summarized in this presentation. Enjoy!
Here’s my LASCON 2016 presentation on Lean Security, explaining how and why to apply Lean Software principles to information security!
James and I have been talking lately about the conjunction of Lean and Security. The InfoSec world is changing rapidly, and just as DevOps has incorporated Lean techniques into the systems world, we feel that security has a lot to gain from doing the same.
We did a 20 minute talk on the subject at RSA, you can check out the slides and/or watch the video:
While we were there we were interviewed by Derek Weeks. Read his blog post with a transcript of the interview, and/or watch the interview video!
Back here in Austin, I did an hour-long extended version of the talk for the local OWASP chapter. Here’s a blog writeup from Kate Brew, and the slides and video:
We’ll be writing more about it here, but we wanted to get a content dump out to those who want it!
Filed under DevOps, Security
So given the problem of DevOps being somewhat vague on prescriptions at the moment, let’s look at some options.
One is to simply fit operations into an existing agile process used by the development team. I read a couple things lately about DevOps using XP (eXtreme Programming) – @mmarschall tweeted this example of someone doing that back in 2001, and recently I saw a great webcast by @LordCope on a large XP/DevOps implementation at a British government agency.
To a degree, that’s what we’ve done here – our shop doesn’t use XP or really even Scrum, more of a custom (sometimes loosely) defined agile process. We decided for ops we’ll use the same processes and tools – follow their iterations, Greenhopper for agile task management, same bug tracker (based off HP), same spec and testing formats and databases. Although we do have vestiges of our old “Systems Development Framework,” a more waterfally approach to collaboration and incorporation of systems/ops requirements into development projects. And should DevOps be tied to agile only, or should it also address what collaboration and automation are possible in a trad/waterfall shop? Or do we let those folks eat ITIL?
Others have made a blended process, often Scrum + Lean/kanban hybrids with the Lean/kanban part being brought in from the ops side and merged with more of a love for Scrum from the dev side. Though some folks say Scrum and kanban are more in opposition, others posit a combined “Scrumban.”
Or, there’s “create a brand new approach,” but that doesn’t seem like a happy approach to me.
What have people done that works? What should be one of the first proposed roadmaps for people who want to do DevOps but want more of something to follow than handwaving about hugs?