DevOps, the development approach that merges the development and operations teams to overcome deployment bottlenecks, is seeing a rapid uptick in interest and adoption as companies become comfortable with agile development and look for additional ways to improve release schedules. A recent RightScale survey found that 54 percent of companies were using DevOps, and interest in the method appears to be growing, as many say can it cut costs and improve software security.
According to Forrester’s Glenn O’Donnell, a string of recent product announcements in the DevOps space is a sign that interest in the model is heating up. He explained in a recent blog post that Forrester clients have been increasingly inquisitive about DevOps in the last year or so, a marked departure from before 2012, when interest was almost nonexistent. Announcements in the DevOps space seem likely to prompt further interest.
“While Dev and Ops have distinct perspectives and historical trajectories, the need to drive rapid innovation and creation of business value going forward is bringing these two historical adversaries together,” O’Donnell wrote. “With Agile being largely mainstream in leading development organizations now, the focus is shifting toward the bottleneck that occurs when agile delivery hits the production change management process.”
The DevOps advantages
In a recent keynote speech at Source Boston 2013, operations expert and consultant Gene Kim explained that DevOps is an approach that protects companies against failures, ThreatPost reported. By Kim’s estimate, IT failures collectively cost companies $2.6 trillion each year in downtime, data loss and other problems. Eliminating these failures could be a major boost to the economy and the success of the IT sector.
The trick to managing costs, he explained, is to avoid passing defects “downstream,” but rather addressing problems as code is written with tools such as static analysis. At Twitter, for instance, a static analysis check is run on new code every time a developer saves it. If an issue arises, the developer gets an email explaining the vulnerability.
“Security is done not at the end of a project when you add costs, but they do it inline,” Kim said, according to ThreatPost. “In my opinion, this is the way all information security is going to be done 10 years from now. Not in batches and not at the end of a project.”
This change is key because software security is often treated as an afterthought, Kim noted. DevOps moves security to the forefront, and, in the process, can avert failure in a way that has a dramatic effect on end users. Furthermore, the process can be adopted in a wide variety of organizations, not just high-profile companies with massive software budgets and leading engineers. The trick to success is to experiment with failure and become comfortable with fixing malfunctions. Kim gave the example of Netflix, which uses an internal tool to create disruptions and practice handling problems.
“They got really good at having code and an environment that survives failure,” he said. “The goal is to break things before they get into productions. Find misconfigurations, enforce HTTPs, add static code analysis to their automated integration and testing; they did all these things.”
The outcome of this type of approach is that flaws are fixed more quickly, and communication and cooperation increase, Kim noted. By implementing static analysis checks whenever code is added or saved, development teams are receiving constant feedback and continually working toward the same goals as operations teams – rather than waiting for a report that makes them resent their colleagues. As a result, development is faster, security is prioritized and teams are happier with their final products – making DevOps adoption a popular decision.
“In many respects it is a logical evolution of the agile movement,” Forrester’s Kurt Bittner wrote in a recent blog post, “but practices like continuous deployment are deeply transformative of the way that organizations think about customer engagement, business engagement, testing, development and requirements – in fact, nearly every aspect of agile development is subtly but powerfully affected.”
Software news brought to you by Klocwork Inc., dedicated to helping software developers create better code with every keystroke.