“YOU BUILD IT, YOU RUN IT” –Werner Vogels, Amazon @kmugrage

“…IT ALSO BRINGS THEM INTO DAY-TODAY CONTACT WITH THE CUSTOMER. THIS CUSTOMER FEEDBACK LOOP IS ESSENTIAL FOR IMPROVING THE QUALITY OF THE SERVICE.” –Werner Vogels, Amazon @kmugrage https://queue.acm.org/detail.cfm?id=1142065

WE KNEW EVERYTHING ▸ Defined Continuous Integration ▸ Created the first (or second) CI server ▸ Created Selenium @kmugrage

JAVA – WRITE ONCE, RUN ANYWHERE ▸ Developed a system on Windows laptops to be deployed to a Solaris cluster ▸ Did all of the right Continuous Integration things ▸ One small issue… @kmugrage

HOMEWORK @kmugrage

YOU ONLY HAVE TO CHANGE ONE THING TO DO THE DEVOPS

YOU ONLY HAVE TO CHANGE ONE THING TO DO THE DEVOPS EVERYTHING

THE CHANGES ▸ (Re)define words for your organization ▸ Change your organization to enable DevOps ▸ Use modern architectures and technologies ▸ Use Continuous Delivery to safely deploy on demand @kmugrage

REDEFINE WORDS FOR YOUR ORGANIZATION

WHAT ISN’T DEVOPS ▸ A Toolset ▸ A Role ▸ A Team @kmugrage

IT’S VERBS, NOT NOUNS developING and operatING @kmugrage

CAMS ▸ Culture ▸ Automation ▸ Measurement ▸ Sharing https://blog.chef.io/2010/07/16/what-devops-means-to-me/ @kmugrage

CALMS ▸ Culture ▸ Automation ▸ Lean ▸ Measurement ▸ Sharing https://blog.chef.io/2010/07/16/what-devops-means-to-me/ @kmugrage

“DEVOPS: A CULTURE WHERE PEOPLE, REGARDLESS OF TITLE OR BACKGROUND, WORK TOGETHER TO IMAGINE, DEVELOP, DEPLOY AND OPERATE A SYSTEM.” –Me @kmugrage https://kenmugrage.com/2017/05/05/my-new-definition-of-devops/

CHANGE YOUR ORG TO ENABLE DEVOPS

TRADITIONAL MODEL Development Teams @kmugrage Testing Team Operations Team

“ANY ORGANIZATION THAT DESIGNS A SYSTEM (DEFINED BROADLY) WILL PRODUCE A DESIGN WHOSE STRUCTURE IS A COPY OF THE ORGANIZATION’S COMMUNICATION STRUCTURE.” –Mel Conway @kmugrage http://www.melconway.com/Home/Conways_Law.html

TRADITIONAL MODEL Development Teams @kmugrage QA Team Operations Team

RENAMING OPS WON’T SOLVE THE ISSUE Development Teams @kmugrage QA Team DevOps Team

CREATING ANOTHER SILO DOESN’T SOLVE SILOS Development Teams QA Team DevOps Team @kmugrage Operations Team

PRODUCT TEAMS @kmugrage

USE MODERN ARCHITECTURES AND TECHNOLOGIES

THERE’S A PHRASE THAT DEFINES LEGACY SOFTWARE. “THE STUFF THAT RUNS OUR BUSINESS” Me, and a lot of other people @kmugrage

MONOLITHS CAN BE HARD ▸ All functionality is in one process ▸ Scale by replicating the monolith on multiple servers @kmugrage https://www.thoughtworks.com/insights/blog/microservices-nutshell

DEVELOP SMALLER PIECES MICROSERVICE ARCHITECTURE ▸ Each element of functionality is in a separate service ▸ Scale by distributing these services across servers, replicating as needed @kmugrage https://www.thoughtworks.com/insights/blog/microservices-nutshell

DEFINITIONS MATTER ▸ Need to deploy specific versions at the same time? Not a microservice. ▸ Have a shared data source? Not a microservice. @kmugrage

DON’T REBUILD THE WHOLE THING! ▸ Build services only when you understand the boundaries ▸ Build services where you need to react faster ▸ Build services where you need scalability @kmugrage

DON’T REBUILD THE WHOLE THING! @kmugrage

PRODUCT TEAMS Car Rental Consumer Business to Business Tax Payments Hotels @kmugrage Airlines

FINANCIAL SERVICES PLATFORM Edge Load Balancer Product Domain Apply Domain Service Service Repository Command Handlers Event Handlers Event Store Repository E V E N T Account Domain Service Repository Command Handlers Event Handlers @kmugrage Event Store Command Handlers Event Handlers Event Store Customer Domain B U S Service Repository Command Handlers Event Handlers Event Store

WITHOUT EVENTS User Service Quote Service Quote Service Quote Service Quote Service @kmugrage

EVENT NOTIFICATION User Service Quote Service @kmugrage Service Service Service

EVENT SOURCING ▸ You don’t write to the data store, you create an event which writes to the store ▸ The test: You could completely blow away the store and recreate it from the event stream ▸ You use this model every day (I hope) @kmugrage

HOMEWORK @kmugrage http://nealford.com/books/ http://samnewman.io/books/building_microservices/

WE STILL HAVE TO DEPLOY SOMEWHERE

AN EXAMPLE OF PLATFORM AS A SERVICE CLOUD.GOV ▸ Official service of the US Government ▸ 325 required security controls ▸ 269 handled by cloud.gov ▸ 41 shared ▸ 15 handled by customer @kmugrage https://cloud.gov/overview/technology/responsibilities/

THE CLOUD IS JUST SOMEBODY ELSE’S COMPUTER Someone at every conference @kmugrage

PRODUCT TEAMS @kmugrage

PRODUCT TEAMS Platform Team @kmugrage Compliance Team Security Team

https://commons.wikimedia.org/wiki/File:Continous_Delivery_by_Jez_Humble _and_David_Farley.jpg USE CONTINUOUS DELIVERY TO SAFELY DEPLOY MORE OFTEN

A PREREQUISITE TO CD CONTINUOUS INTEGRATION

CI THEATRE The ThoughtWorks tech radar recently recommended putting a hold on the tech team anti-pattern, CI Theatre. CI Theatre describes the illusion of practicing continuous integration (CI) while not really practicing it. @kmugrage https://www.gocd.org/2017/05/16/its-not-CI-its-CI-theatre/

CI THEATRE In another ThoughtWorks study only 10% of participants acknowledged that having a CI server was not the same as practicing CI. @kmugrage https://www.gocd.org/2017/05/16/its-not-CI-its-CI-theatre/

ARE YOU PRACTICING CI? @kmugrage

CONTINUOUS DELIVERY

CONTINUOUS DELIVERY IS THE ABILITY TO GET CHANGES OF ALL TYPES—INCLUDING NEW FEATURES, CONFIGURATION CHANGES, BUG FIXES AND EXPERIMENTS—INTO PRODUCTION, OR INTO THE HANDS OF USERS, SAFELY AND QUICKLY IN A SUSTAINABLE WAY. Jez Humble @kmugrage https://continuousdelivery.com/

CONTINUOUS DELIVERY IS WHAT YOU “DO” AS PART OF A DEVOPS CULTURE Me @kmugrage

CONTINUOUS DELIVERY PIPELINE @kmugrage

CONTINUOUS DELIVERY VS CONTINUOUS DEPLOYMENT @kmugrage http://gofor.cd/cd_vs_cd

CONTINUOUS DELIVERY VS CONTINUOUS DEPLOYMENT @kmugrage http://gofor.cd/cd_vs_cd

OUR TEAMS Product Team @kmugrage Security Team Compliance Team

OUR CONTINUOUS DELIVERY PIPELINE UNIT TESTS @kmugrage FUNCTIONAL TESTS DEPLOY STAGING DEPLOY PRODUCTION

CONTINUOUS DELIVERY IS NOT JUST CONTINUOUS INTEGRATION WITH A PLUGIN AND A COUPLE EXTRA STEPS Me @kmugrage

EXAMPLES OF THINGS WHICH ARE BAD ▸ Deploying insecure software ▸ Deploying non-performant software ▸ Deploying non-complying software ▸ Deploying ineffective software @kmugrage

THE PURPOSE OF A CONTINUOUS DELIVERY PIPELINE IS TO KILL A RELEASE CANDIDATE Me, and a lot of other people @kmugrage

OUR CONTINUOUS DELIVERY PIPELINE UNIT TESTS FUNCTIONAL TESTS DEPLOY STAGING SECURITY TESTS (OWASP, OTHERS) COMPLIANCE TESTS (SERVERSPEC, INSPEC) @kmugrage DEPLOY PRODUCTION

SORRY, THERE’S NO SILVER BULLET BUT THESE ARE SOLVED PROBLEMS AND THERE IS A LOT OF HELP

SUMMARY ▸ Redefine words for your organization ▸ Change your organization to enable DevOps ▸ Use modern architectures and technologies ▸ Use Continuous Delivery to safely deploy more often @kmugrage

@kmugrage @goforcd https://www.gocd.org/