How Cloud Companies Can Move from Agile to DevOps
To move from agile to DevOps methodology requires new consideration of deployment and hosting infrastructure. How can cloud companies best address these concerns? Best practices and key advice for progressive IT teams at managed service providers (MSPs) can help the move from agile to DevOps. To transition the move from agile to DevOps, the structure should be adapted for developers who have been using agile for a while. Fortunately, agile and DevOps are not necessarily methodologies at odds, according to operational experts.
“Agile practices and DevOps are not mutually exclusive practices, and they are frequently used together to achieve continuous deployment of features to users,” says David Lee, chief operating officer, Kastling Group, design and innovation IT consulting firm. “The key is using feature branching that is only merged in after a successful completion of comprehensive automated tests. These new practices must be incorporated into the developer onboarding process with regular discussions with the team to improve the agile process.”
Cloud companies and MSPs can facilitate their move from agile to DevOps with infrastructure migration best practices for popular servers to meet enterprise compliance, according to Lee. The chief issues with a move from agile to DevOps in a cloud environment is with security and compliance. But by providing compliance levels achievable by cloud environments, metrics of how long the move should take and integration guidelines, more teams will transition with confidence, according to Lee.
Differences Between Agile and DevOps
As in a lot of organizations, groups with different responsibilities can have different approaches to get their work done. In cloud companies, developers have tended to use agile development as part of their concentration on continuous delivery of code.
“Agile is related to getting teams to develop software efficiently,” says Marty Puranik, CEO, Atlantic.Net, provider of custom cloud, dedicated and HIPAA-compliant hosting solutions. “Agile is more about creating software that was traditionally sold as packaged.”
On the other hand, operations has been emphasizing taking code from the development environment and maintaining it in production using a DevOps methodology.
“Whereas DevOps is unifying developers plus the folks in production keeping the application running,” Puranik says. “DevOps is about SaaS and not only producing software, but keeping it running in production, which is more tedious.”
To Move From Agile to DevOps Requires Cultural Change
To bring the two sides of the codebase together requires a cultural change to move from agile to DevOps, according to industry veterans.
“Culture is another aspect of DevOps where all practitioners have common values when it comes to ownership and accountability and utilize effective team structures,” says Lindsey Havens, senior marketing manager, PhishLabs, provider of managed enterprise phishing protection. “Organizations that used to separate development and operations, will now ask that the teams share the responsibility across the entire application process.”
So in that way, developers will be responsible not only for providing the code but also for following the code to completion, according to Havens. “The same is true for operations,” she says.
1. MSPs: Start Small and Iterate to Move from Agile to DevOps
In the cultural change that is necessary to move from agile to DevOps, the process needs to take little steps supported by a working group dedicated to the task, perhaps with a pilot program. After that has been accomplished then the move can be scaled up and taken to the entire MSP organization.
“For MSPs, a progressive IT motto should be: start small and iterate,” says Jason McDonald, president, Contino, a global transformational technical consultancy for enterprise DevOps and cloud computing. “DevOps comes with a fundamental shift in culture, process, skill sets and technologies. Using a small, core team to introduce the new working paradigm is essential. By focusing on delivering something of business value small in scope and within the team’s control, it will empower the team to make decisions in real time.”
If the team understands what they are working on and focuses their activities on fundamental capabilities, then they can provide the correct “building blocks” to grow and mature the solution, according to McDonald.
“For a solid foundation that is scalable, a good underlying IT architecture is paramount,” McDonald says. “By starting small, the team focuses on that foundation and mitigates the tendency to tackle all problems up front. If done correctly, the benefits are real.”
For example, Barclays, a Contino client, claims that for every British pound invested in DevOps, it has unlocked almost two and a half British pounds in business value.
2. Toolsets and Processes for Agile and DevOps
There are multiple toolsets available to accomplish both agile and DevOps practices, but some practitioners would say that it is less about the tools and more about the process. And the tools themselves do not necessarily need to be an overly technical technique.
“A favorite tool of agile is the Kanban board, which is literally made of notecards and tape,” says Ned Bellavance, director of cloud solutions, Anexinet, a specialist in enterprise architecture both on-premises and in the cloud. “Talk about a high-tech solution! But it accomplishes the goal of visualizing work-in-progress, a key component of an efficient agile process.”
However, at Anexinet they do have preferred toolsets but also accommodate the tools already in use at a particular clients. “If we have our choice, we tend to use Jira, Visual Studio Team Services, TeamCity, Octopus Deploy and PowerShell DSC,” Bellavance says.
Of course, DevOps has a more defined usage of automated tools and processes than agile. And it can be built upon to include security, which is also known as DevSecOps. For example, security scanners for cloud computing instances can help verify that the infrastructure is protected before a cloud company deploys on it, according to security experts.
“Choose effective tools and automate their use,” says Josh Rosenthal, co-founder, CloudSploit, open source security and compliance monitoring for AWS, “Include security to earn the moniker DevSecOps. For example, include a security check to make sure that your infrastructure as code is secure.”
Security as Part of the Move from Agile to DevOps
As cloud companies move from purely agile development methods to a continuous DevOps deployment model, it would be a mistake to employ their previous security habits and controls, according to development experts. For example, in agile environments, security can be treated like another product requirement and addressed according to its appropriate place in the development timeline, whereas the DevOps approach is all about speed, and security tends to get bolted on at the end.
“Hackers also use DevOps methods in their attacks, so organizations must develop and implement approaches that act with the same rapidity of DevOps,” says John Martinez, vice president of customer solutions at Evident.io, provider of cloud security and compliance solutions, “while also integrating security throughout each stage of the development and deployment lifecycle.”
Security has to be part of the fabric of the product so it is always included and accounted for in every aspect of the DevOps lifecycle, according to Martinez.