Is DevOps implementation easy? The likes of Netflix and Facebook have shown continuous improvement reiterating the technical and business benefits of DevOps — shorter development cycles, increased deployment frequency, and faster time to market. On the other hand, a high percentage of enterprises are still figuring it out — oscillating between short and quick successes and failing to make the big jump to mainstream.
With DevOps moving into mainstream implementation, it is imperative to address the elephant in the room — DevOps is easier said than done, and implementations can — and do — go wrong. In earlier posts, we looked at some important lessons to learn from DevOps and tips and tricks to be successful in a DevOps strategy.
For teams looking to make the DevOps transition or those that have plateaued out without a solid road to more improvements — here are some of the biggest pitfalls that you need to tackle:
#1: Not knowing what to automate first
This is a common trap that companies using a mix of legacy and new systems must avoid. Many large enterprises, with their myriad departments and silos, tend to emulate how Netflix or Facebook are doing DevOps, without taking into account all the legacy technology and processes they are burdened with.
Agile, digital native companies are capable of implementing CI/CD from scratch using cutting-edge automation solutions. But, traditional companies have to transition gradually from manual to automated development, keeping in mind their existing processes and limitations. If your processes are flawed, then with automation you're simply making those flawed processes repeat at a greater speed.
It is important to first assess and take stock of all your existing development processes, applications and data store. You may choose to fix or nix certain bottlenecks before you identify the candidates for automation.
A good starting point for automation could be the areas of rapid and dynamic change that have the most to benefit from DevOps. Areas where growth is relatively slow and new features are rare can continue following the traditional development and operations practices. You can also start by focusing on a project that is relatively isolated and can be managed with the help a single vendor in order to minimize the impact of change at the beginning. Once the initial hurdles are crossed, you can gradually start a journey towards full-blown DevOps, while applying the lessons learned, to the larger organization.
#2: Running DevOps without metrics
You can’t manage what you can't measure. It is essential to keep track of the progress that DevOps has brought to your delivery processes and tools, so you can make informed decisions and tweak those processes for more optimal results.
Measurement might always look a bit different depending on what your goals are. Since various members of an IT organization, and even members within a scrum team, have different priorities, it is indeed quite tricky to design a useful CI/CD dashboard that can make everyone happy.
For instance, a traffic light dashboard for CI/CD (green: on track; yellow: off track but have a plan to address issues; red: totally off track and need to revisit objectives) might be really useful for a scrum master. But, the CTO might be keener to access insights on the burnout rate (work left to do vs timeline) in order to get a sense of whether the team is improving over time or predict when all of the work will be completed.
A good way to navigate this difficulty is to assess what insights various stakeholders want and come up with a standard narrative for what that data means in the bigger picture instead of diving head first into designing a dashboard. The most solid metrics are always the ones the organization defines for itself based on the objectives of its unique business model.
#3: Overlooking security and governance
Only 50% of CI/CD workflows incorporate application security testing, according to a recent study. The days of erecting walls around applications and data are long gone.
In the world of “Born in the Cloud” applications, security and governance must be systemic and embedded into every step of DevOps processes, by making them a part of early phases of development and automated testing. It can be a huge sigh of relief when you discover, at the design or development phase, something that could have turned into a catastrophic security vulnerability at the eleventh hour. That’s what shift left security practices and secure DevOps tooling strategies ensure.
#4: Focusing on tools, while forgetting people and processes
DevOps is a cult. Succeeding at DevOps involves much more than being a CI/CD ninja or a master of everything cloud. While tools and technology are important, it’s only the proverbial “tip of the iceberg” when it comes to DevOps. There’s so much else going on below the surface, which if neglected can be disastrous.
No team can achieve DevOps success until they strive for true synergy between various teams and processes that make up the invisible, intangible bottom of the DevOps iceberg.
It’s a lot about effective communication, collaboration and cooperation. Yet, many large companies silo their personnel in a corporate structure that is, for the most past, rigid and encapsulated. This makes collaboration and knowledge-sharing beyond the silo a challenging endeavor. But things must change when implementing DevOps, because it touches everything, from product management and development to QA, infrastructure, operations and customers.
Achieving this requires a major culture shift that questions the existing way of developing, testing, deploying and monitoring applications. It calls for redefining of set roles so that everyone becomes a part of a bigger ideal in a culture that promotes cross-departmental responsibility and development.
#5: Losing sight of the big picture
Finally, implement DevOps with the knowledge that it is still a work in progress. Like the Japanese concept of Kaizen, the core purpose of DevOps is continuous improvement in terms of both the processes and the final product. There will certainly be failures along the way. The key to success is to embrace failure, learn from the past and not to repeat the same mistake twice.
We hope these ideas will help you get started or pick up where you left off. If you've tackled some of these challenges already, tell us your story.