WHAT IS DEVOPS
DevOps?is a methodology in the software development and IT industry. Used as a set of practices and tools, DevOps integrates and automates the work of?software development ?(Dev) and?IT operations ?(Ops) as a means for improving and shortening the?systems development life cycle .[1]
History[edit ]
Proposals to combine software development methodologies with deployment and operations concepts began to appear in the late 80s and early 90s.[2]
Around 2007 and 2008, concerns were raised by those within the software development and IT communities that the separation between the two industries, where one wrote and created software entirely separate from those that deploy and support the software was creating a fatal level of dysfunction within the industry.[3]
In 2009, the first conference named DevOps Days was held in?Ghent ,?Belgium . The conference was founded by Belgian consultant, project manager and agile practitioner Patrick Debois.[4] [5] ?The conference has now spread to other countries.[6]
In 2012, a report called “State of DevOps” was first published by Alanna Brown at?Puppet Labs .[7] [8]
As of 2014, the annual State of DevOps report was published by?Nicole Forsgren , Gene Kim, Jez Humble and others. They stated that the adoption of DevOps was accelerating.[9] [10] ?Also in 2014, Lisa Crispin and Janet Gregory wrote the book More Agile Testing, containing a chapter on testing and DevOps.[11] [12]
In 2016, the DORA metrics for throughput (deployment frequency, lead time for changes), and stability (mean time to recover, change failure rate) were published in the State of DevOps report.[7]
See Also[edit ]
Many of the ideas fundamental to DevOps practices are inspired by, or mirror, other well known practices such as?Lean ?and?Deming's ?Plan-Do-Check-Act ?cycle, through to?The Toyota Way ?and the?Agile ?approach of breaking down components and batch sizes.[13] ?Contrary to the "top-down" proscriptive approach and rigid framework of?ITIL ?in the 1990s, DevOps is "bottom-up" and a flexible practice, created by software engineers, with software engineer needs in mind.[14]
Agile[edit ]
Main article:?Agile software development
The motivations for what has become modern DevOps and several standard DevOps practices such as automated build and test,?continuous integration , and?continuous delivery ?originated in the Agile world, which dates (informally) to the 1990s, and formally to 2001. Agile development teams using methods such as?extreme programming ?couldn't "satisfy the customer through early and continuous delivery of valuable software"[15] ?unless they subsumed the operations / infrastructure responsibilities associated with their applications, many of which they automated. Because?Scrum ?emerged as the dominant Agile framework in the early 2000s and it omitted the engineering practices that were part of many Agile teams, the movement to automate operations / infrastructure functions splintered from Agile and expanded into what has become modern DevOps. Today, DevOps focuses on the deployment of developed software, whether it is developed using Agile oriented methodologies or other methodologies.
ArchOps[edit ]
ArchOps presents an extension for DevOps practice, starting from?software architecture ?artifacts, instead of source code, for operation deployment.[16] ?ArchOps states that architectural models are first-class entities in software development, deployment, and operations.
CI/CD[edit ]
Main article:?CI/CD
Automation is a core principle for achieving DevOps success and CI/CD is a critical component.[17] ?Plus, improved collaboration and communication between and within teams helps achieve faster?time to market , with reduced risks.[18]
Site-reliability engineering[edit ]
Main article:?Site reliability engineering
In 2003,?Google ?developed?site reliability engineering ?(SRE), an approach for releasing new features continuously into large-scale high-availability systems while maintaining high-quality end-user experience.[19] ?While SRE predates the development of DevOps, they are generally viewed as being related to each other.
Toyota production system, lean thinking, kaizen[edit ]
Main article:?Toyota Production System
Toyota production system, also known under the acronym TPS, was the inspiration for?lean thinking ?with its focus on?continuous improvement ,?kaizen , flow and small batches. The?andon cord principle ?to create fast feedback, swarm and solve problems stems from TPS.[20] [21]
DevSecOps, shifting security left[edit ]
DevSecOps is an augmentation of DevOps to allow for security practices to be integrated into the DevOps approach. Contrary to a traditional centralized security team model, each delivery team is empowered to factor in the correct security controls into their software delivery. Security practices and testing are performed earlier in the development lifecycle, hence the term?"shift left" . Security is tested in three main areas: static, software composition, and dynamic.
In dynamic testing, also called?black-box testing , software is tested without knowing its inner functions. In DevSecOps this practice may be referred to as?dynamic application security testing ?(DAST) or penetration testing. The goal is early detection of defects including?cross-site scripting ?and?SQL injection ?vulnerabilities. Threat types are published by the?open web application security project , e.g. its TOP10,[22] ?and by other bodies. In some cases, especially with?microservices ,?interactive application security testing ?(IAST) is helpful to check which code is executed when running automated functional tests. The focus here is to detect vulnerabilities within the applications. In contrast to SAST and DAST, IAST works inside the application.
DevSecOps has also been described as a cultural shift involving a holistic approach to producing secure software by integrating security education, security by design, and security automation.[23]
Additional Links[edit ]