Continuous integration for better security

One of the big advantages to smaller deploys and continuous integration is that it can make it easier to provide more proactive security. In short, continuous integration (and the associated automated testing it enables) makes it easier to focus your security team on analyzing areas where the security risk is higher. If the notion of rapid development, rapid deployment, and continuous integration make your security team nervous you may be able to get them engaged by sharing proven ideas from companies who’ve made this approach work well in the real world.   For example, I was recently flipping through a presentation from Etsy on SlideShare, and discovered a clear explanation of how continuous integration enables better security. At right, you see slide 34 from this (very long but clear) deck. this is the first in a series of slides that talks about how you can identify high-risk areas of code, ...

Read More →

DevOps Needs a Tsunami To Jump The Chasm

All start up business endeavors must go through the phase of crossing the chasm.  Most of those business endeavors usually fall prey to the chasm. The chasm is this black hole that everyone claims to understand but no one truly does. We have all seen businesses cross the chasm or fail to cross the chasm and fall into the black hole. But no one seems to understand why and how that crossing happens. The bestselling book by Geoffrey A. Moore titled “Crossing the Chasm,” is all about the heart and soul required to get early stage technology across the chasm, from early adopters to mainstream customers. There is a big difference between people who are enthusiastic to try leading edge technologies and the rest of the inhabitants, who tend to be much more conservative. The reasons that people spend time trying to figure out how to cross or jump, if ...

Read More →

My DevOps Bookshelf

Aside from the many technical manuals on our bookshelves, I bet everyone has a few that are more process or philosophically oriented which hold a special place in our hearts.   To me, these are the ones we continue to go back to and that have helped develop us as engineers, software, operations, quality assurance or otherwise.  In no particular order, the following are the top four, not strictly technical, books in my library. Web Operations by John Allspaw and Jesse Robbins Allspaw and Robbins cover many topics in this text ranging from monitoring and metrics to databases and operations development relations.  I appreciate this one so much it is required reading material for anyone who joins my operations teams.  In my opinion, it illustrates many best practices for an operations organization. Continuous Delivery by Dave Farley and Jez Humble This book bridges the gap between good software development practices and ...

Read More →

Don’t Fear, Testing Team! DevOps is here!

I love Gene Kim’s analogy about how all unicorns used to be horses; its  a great visual that I use all the time when encouraging IT organizations to change from thinking “why not” to “why not us” when it comes to starting their DevOps transformation.  If culture is really one of the greatest enemies to faster adoption, then you have to start with where the horses live. One of the biggest herd of horses in every organization is the team of people dedicated to testing and validating applications.  Even though these teams are not being included in the conversation, they are in fact the most pivotal part in the transformation. A Dangerous Love Triangle DevOps is touted as the marriage of development and operations; a match made in heaven.  One small problem though:  in most traditional organizations there is a love triangle between operations, development, and testing, as the flow ...

Read More →

DevOps Lessons Learned – The “DevOps Engineer”

Back in 2008 I was part of a startup that had success and sold to large company three years later. During the startup years, there was three of us in IT plus an offshore team that did our web development. The three core resources owned everything from the API down while the offshore team owned the front end. Since we were small, we each owned our own part of the architecture and managed the deployments and operations of the system with few issues. Once we were purchased, our world changed drastically. Our team quickly ramped up to over 20 people while my original two architects soon left for greener pastures. Now we had a lot more people involved in the process and none were domain experts. Things quickly started spiraling out of control as server sprawl started creeping in and deployments were becoming increasing challenging and error prone. We hired ...

Read More →

Chuck Norris doesn’t need DevOps, but have we beat “What is DevOps” to death yet?

Some interesting and lots of the usual around the DeOps blog beat last week and over the weekend. An interesting piece by Daniel Bryant on his Tai-Dev Blog on why “Chuck Norris doesn’t do DevOps”. It is actually a video of a presentation he gave at the recent London Java Community event and is the subject of a talk that Bryant has been working on for some time.  You can also see the slides from the show on slideshare here. Chuck Norris doesn’t do DevOps because he doesn’t have to. Chuck can do everything and he can do it by himself. He has no need to work with Dev or Ops, he does it all. But for the rest of us, to get something done we have to work as part of a team. As such we need DevOps to help us work better, faster deeper. So until we are ...

Read More →

Perforce: The biggest little secret in DevOps

Quick can you name a company that is 15 years old, never took a dime of venture money, has over 250 employees, over 10,000 customers and was widely profitable from day one? Until last week me neither. That was when I  was briefed by Dhruv Gupta, Director, Product Marketing and Bob Dever, Director, Corporate Marketing for Perforce. Perforce is a DevOps powerhouse. Take a look at the customer cloud to the right to get an idea of who some of the 10,000+ customers they have are. Perforce is all about version control. They do that and do it well. Whether you are talking about version control of your code, documents or analytics, Perforce has a solution for you. When you think about it, you can see why Perforce is such a DevOps play.  DevOps is all about continuous delivery or at least rapid release.  How can you accelerate your releases ...

Read More →

DEVOPS AND CONTINUIOUS DELIVERY; THE NEED FOR SPEED

Some good stuff around the DevOps scene this week on DevOps and Continuous Delivery, which the pundits are saying will be a major spend area in 2014. First up is the Devopsguys who with a little commentary reposted this infographic from Zend Technologies. It demonstrates the real value in DevOps and continuous delivery. One thing that jumped out at me was that according to the data, ninety- nine percent of the Companies surveyed are now recognizing a greater need for DevOps strategies than before. Zend built the graphic utilizing data from various credible industry sources. Of course you can’t talk about Continuous Delivery without at least mentioning Jez Humble, after all he literally wrote the book on it. He recently posted on his blog four visualizations by Nhan Ngo, a QA Engineer at Spotify. The four visualizations were created while reading Jez’ book, Continuous Delivery. Some pretty intense stuff. Nhan Ngo made it ...

Read More →

Always-on: The New Normal

One of the many challenges of DevOps is finding great team members that can handle the always-on nature of the job. Nearly everyone at VictorOps has been “that person” and has done the weeklong stint of carrying the virtual pager. What we noticed in our years of doing that job is that team member behavior tends to be polarized. If it’s your week to be on-call, then you are “all in”. You don’t venture far from home, you can’t attend special events and you have to apologize to your significant other a lot. When you are not on-call, you tend to unplug from the company. These are normal behaviors and completely understandable given the difficulty of the job. The problem is that this on-call way of life is not conducive to actually fixing problems faster. In a perfect, company-centric world, everyone would get paged for every problem with the logic ...

Read More →

Step One Of DevOps Ignores Technology

I’ve spent a bunch of time talking with Adrian Cockcroft, former cloud tzar at Neflix, and listening to his various talks and presentations. I’ve also spent a bunch of time looking around the various rooms within which he presents and seen the dazed look of attendees who have rightly assumed that just seen a picture of the way organizations should be. Netflix is unquestionably an exemplar for IT reinvented – where innovation, agility and developer enablement are natural parts of what they do. But then I’ve seen these new disciples of the “Netflix way” write a list of the technologies that Cockcroft detailed and attempt to shoehorn those same approaches into their own organization. All to often the result is disappointment, failed projects and a swing back to the traditional rigid ways of doing things. These thoughts struck me then I hear about this new masthead and its aim of ...

Read More →
Directory powered by Business Directory Plugin