DevOps in 2017

What is DevOps? DevOps is about culture. Yes, you have probably heard this before and just about every business these days attribute culture as the biggest focus for applying DevOps principals.

The important question is, what do we mean when we say DevOps is about culture? The focus on culture is about removing the traditional separation of duties where developers develop and operations operate. Their two business functions have inherently conflicting objectives. Developers introduce as much change as possible and operations try to minimise change in order to deliver stability and reliability. DevOps is about turning this paradigm on its head and changing the cultural mindset so that everyone work towards common goals and objectives.

That said, tools and process also plays a significant role in a DevOps environment. DevOps is about a journey towards continuous delivery while maintaining quality. Continuous Delivery is only possible if the right tools are selected to support relevant people and processes. Tools and application used to develop, test, deploy and monitor business applications all need to work together just like the people using these tools and processes need to work together and break down silos.

There are lots of excellent resources on the web to further the understanding of foundational DevOps principals but what I want to focus on today is to peek into the future and make a few predictions of where I see DevOps heading in 2017.

My prediction is that we will see three DevOps growth areas in 2017:

1.  Modern Infrastructure
2. Automated Security, DevSecOps
3.   Continuous Everything - Enabler for Digital Transformation

1. Modern Infrastructure

We are witnessing a massive transformation in the way organisations manage IT infrastructure. More companies are looking for improved agility and flexibility and moving away from traditional server stacks to modern cloud infrastructure for supporting new applications and services that must be delivered at "breakneck" speed to remain competitive. However, as we move into 2017, it is not enough to just “shift and lift” your IT infrastructure from on-premise to the cloud. 

Organisations need to adopt the innovation, novel architectures and approaches for modern infrastructure for building out software and services. Standard methods will still exist, but the way Infrastructure will be constructed in the next 3-5 years will drastically change. We will see mainstream adoption of technologies like:

1.1 Serverless 

Serverless Computing is an event-driven application design and deployment approach, where computing resources are provided as scalable cloud services. Doing "traditional" application deployments, required fixed computing resources that had fix associated costs with no computing and cost elasticity. In a serverless computing realm, the cloud customer only pays for computing services that are used. The customer is never charged for idle or downtime.

Serverless computing does not eliminate servers but instead seeks to emphasise the paradigm that computing resource can be moved into the background during the design process and often associated with the NoOps movement.

Examples of Serverless computing technologies includes:

• AWS Lambda
• Azure Functions 
• IBM OpenWhisk

1.2 Container Orchestration

As the use of containers increases and organisations deploy container technologies to production more widely, the need for tools to manage containers across the infrastructure also increases. Orchestrating a cluster of containers is a competitive and rapidly evolving area, and many tools exist offering numerous features.

Container orchestration tools can be broadly defined as providing an enterprise-level framework for integrating and managing containers at scale. Such tools aim to simplify container management and provide a framework not only for defining initial container deployment but also for managing multiple containers as one entity -- for purposes of availability, scaling, and networking.

Some known container orchestration tools include:

• Rancher
• Amazon ECS
• Azure Container Service
• Docker Swarm
• Kubernetes
• Google Container Engine
• CoreOS Fleet

1.3 Application Centric Approaches

Application centric approaches are also described as automating applications, minus platform and infrastructure hassles. Application centric automation doesn't replace the existing container-based application deployment systems like Docker, Kubernetes, and the like. Instead, it addresses the issues they typically don’t, taking the application’s perspective. Automation must travel with the application, rather than be provided by the platform. Everything the application needs, from build dependencies, run-time dependencies, configuration, dynamic topologies, deployment strategies, secrets management, security auditing, and so on belongs with the application. It is still very early days for application centric approaches but we will see further growth in this approach and tools like:

• Chef Habitat 
• Terraform by Hashicorp

1.4 Microservices

Many engineering teams have identified Microservices as an important component of this architectural approach to designing more flexible systems that can meet the needs of their fast-changing businesses. Applying this approach and doing it properly is hard. We will see further growth and evolution around Microservices architectures and practices in 2017. Especially if we consider the rise of Serverless computing and application centric approaches.

2. Automated Security & DevSecOps

Information security, compliance and application security are critical to businesses across the globe, especially given past examples of data breaches and looming cyber security threats. Traditionally, DevOps has been viewed as a risk by delivery teams, with its increased velocity of software releases seen as a threat to governance and security and regulatory controls. Despite some initial pushback, organisations that have taken the DevOps plunge have shown consistently that DevOps practices actually mitigate potential security problems, discover issues faster, and address threats more quickly. We now see DevOps evolving to DevSecOps, that align DevOps principals with security requirements. 

Looking towards 2017, further focus will be given to tools and techniques to build successful automated security into the delivery of business features and we will see DevSecOps become more desirable for delivery teams in general.

Areas to look at include:

? Security Tools in the CI/Delivery Pipeline

? Security in the Supply Chain

? Security Open Source Innovations

? DevSecOps 

? SSDLC - Secure Software Development Lifecycle

3. Continuous Everything enabler for Digital Transformation

Continuous Everything is relevant in this day and age, where every organisation is trying to transform itself into a digital enterprise, to be more agile yet very reliable. This vision is just going to increase as we move into 2017. 

But just what does Continuous Everything means? Continuous Everything provides Continuous Delivery for DevOps teams, Continuous Testing for QA teams, Continuous Security for DevSecOps teams, Continuous Service for the business and Continuous Operations for IT. There has never been a more important time for business automation than the time we are facing now.

Conclusion 

The increasing adoption of DevOps in 2017 will continue to drive business innovation through the core principals of DevOps and tooling will continue to evolve. It is important for organisations to embrace bi-modal agility in business delivery as the need for more sophisticated automation increases. The future of DevOps is vibrant, bring on DevOps in 2017!