3. Poll
●
●
●
How many have read “The Phoenix Project”?
What is the cycle time in your org from code to
production?
How many of you have Ops represented in Dev
teams?
–
How long has Ops people been embedded in Dev
teams?
4. Who is here today?
●
Why are you here?
–
Name
–
Company
–
Role
–
Interest in book / event / Limited WIP
–
What do you want to get out of tonight?
5. My Objective
●
Get more people to read “The Phoenix Project”
–
●
Provide some thinking tools and references
–
●
Make a difference to more people
Speed up your learning and adoption
Learn from you and your experiences
6. Why is this important?
High Performing DevOps Teams
●
They’re more agile
–
–
●
30x more frequent deployments
8,000x faster cycle time than their peers
They’re more reliable
–
2x the change success rate
–
12x faster MTTR
●
MTTR = Mean time to Restore/Repair/recovery
Source: Puppet Labs 2012 State Of DevOps: http://puppetlabs.com/2013-state-of-devops-infographic
11. What does Gene Kim Say about the
book?
●
http://www.youtube.com/watch?v=FpEd-QKVIrw 5 min
12. The Phoenix Project - The Authors
●
Gene Kim
–
●
George Spafford
–
●
Gene Kim is a multiple award-winning entrepreneur, the founder
and former CTO of Tripwire and a researcher. He is passionate
about IT operations, security and compliance, and how IT
organizations successfully transform from “good to great”.
George is an author and speaker, consulting and conducting
training on strategy, IT management, information security and
overall service improvement in the U.S., Canada, Australia,
New Zealand and China. Co-author of “The Visible Ops
Handbook” and “Visible Ops Security,” George is a certified
ITIL Expert, TOCICO Jonah and a Certified Information
Systems Auditor (CISA).
Kevin Behr
–
Kevin Behr is the founder of the Information Technology
Process Institute (ITPI) and the CTO of Assemblage Pointe.
Kevin has twenty years of IT management experience and is a
mentor and advisor to Chief Executive Officers and Chief
Information Officers.
13. Book Introduction
●
●
●
●
Bill is an IT manager at Parts Unlimited. It’s Tuesday morning and on his drive into
the office, Bill gets a call from the CEO.
The company’s new IT initiative, code named Phoenix Project, is critical to the
future of Parts Unlimited, but the project is massively over budget and very late.
The CEO wants Bill to report directly to him and fix the mess in ninety days or else
Bill’s entire department will be outsourced.
With the help of a prospective board member and his mysterious philosophy of The
Three Ways, Bill starts to see that IT work has more in common with manufacturing
plant work than he ever imagined. With the clock ticking, Bill must organize work
flow streamline interdepartmental communications, and effectively serve the other
business functions at Parts Unlimited.
In a fast-paced and entertaining style, three luminaries of the DevOps movement
deliver a story that anyone who works in IT will recognize. Readers will not only
learn how to improve their own IT organizations, they’ll never view IT the same way
again.
14. Cast at Parts Unlimited
●
Parts Unlimited: Business Executives
–
–
Dick Landry, CFO
–
Sarah Moulton, SVP of Retail Operations
–
Maggie Lee, Senior Director of Retail Program Management
–
Bill Palmer, VP of IT Operations , former Director of Midrange Technology Operations
–
Wes Davis, Director of Distributed Technology Operations
–
Brent Geller, Lead Engineer
–
Patty McKee, Director of IT Service Support
–
John Pesche, Chief Information Security Officer (CISO)
–
●
Steve Masters, CEO, acting CIO
Chris Allers, VP of Application Development
Parts Unlimited: Board
–
Bob Strauss, Lead Director, former Chairman, former CEO
–
Erik Reid, Board Candidate
–
Nancy Mailer, Chief Audit Executive
15. Why a novel?
●
●
●
●
Who has read “The Goal”?
Storytelling
Is The Most Effective Means Of
Creating A Shared Understanding
The pattern is everywhere:
The core of the solution-selling,
good copy-writing and the best TED talks: Describe the problem, show
its significance, describe how the problem is solved and the value it
will creates.
Storytelling becomes very important when the problem we’re trying to
point out is not fully recognized, or when the solution being proposed
flies in the face of common wisdom.
http://itrevolution.com/learn-more-about-concepts-in-phoenix-project/
http://www.youtube.com/watch?v=oP3c1h8v2ZQ
16. C
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
P %
15 4%
25 7%
36 11%
47 14%
62 18%
74 22%
84 25%
94 28%
104 31%
111 33%
119 35%
125 37%
138 41%
146 43%
154 46%
166 49%
177 52%
182 54%
188 56%
203 60%
216 64%
223 66%
233 69%
238 70%
246 73%
255 75%
264 78%
273 81%
282 83%
293 87%
299 88%
307 91%
314 93%
321 95%
328 97%
Story Time
02 Sep
02 Sep
02 Sep
03 Sep
04 Sep
05 Sep
05 Sep
08 Sep
09 Sep
11 Sep
11 Sep
12 Sep
15 Sep
16 Sep
17 Sep
18 Sep
22 Sep
23 Sep
23 Sep
26 Sep
26 Sep
29 Sep
07 Oct
11 Oct
14 Oct
17 Oct
21 Oct
27 Oct
03 Nov
03 Nov
03 Nov
10 Nov
11 Nov
28 Nov
09 Jan
Time Line
Problems
17. How to create a “Problem”?
http://www.coso.org/documents/coso_erm_executivesummary.pdf
http://www.youtube.com/watch?v=b7JldvsY7Ac
The ERM framework by the Commission of Sponsoring Organizations of the Treadway
Commission (COSO) provides a more disciplined and consistent standard against which to
implement and assess a company’s ERM program.
18. Strategy
●
Strategy: as embodied by the Phoenix Project,
which the entire future of the company depends
upon. It requires that IT be a core competency.
19. Reporting
●
Accurate financial reporting: as embodied by
the third year repeat audit findings around the
IT general controls, but also the loss of
accounts payable and inventory management
systems which prevents the closing the
financial books at the end of quarter. Even the
payroll failure resulted in inaccurate payroll
numbers, which led to financial reporting errors.
20. Compliance
●
Compliance with laws and regulations (e.g.,
SOX-404, PCI DSS): failing the SOX-404 audit
results in an adverse footnotes by the external
auditor in the SEC 10-K statement, and there
are grave implications for failing the PCI DSS
assessment.
21. Operations
●
●
Operations (e.g., IT application and project
delivery, IT operations, information security)
The Project Phoenix was $20 million overbudget and three years late, and when it finally
was deployed into production, everyone would
have been better off it hadn’t. Furthermore,
virtually all of the critical business systems that
run daily operations require that IT services be
running correctly, which they often weren’t.
22. Generic problems – Downward Spirals
●
Fragile artefacts become more fragile
●
Technical debt grows
●
●
●
●
Date-driven application projects focus only on features, sacrificing
non-functional requirements, which results in more fragile artifacts in
production
Application deployment take longer, more difficult, getting gets worse
IT Ops is stuck fire fighting and therefore cannot do preventive work
or new projects
Long feature delivery cycle times result in more political decision
making, meaning more focus on features (vs. non-functional
requirements)
24. Breakthrough 1 - 3
●
●
●
Breakthrough 1: discovering too much WIP in IT
Operations and gob-smacking amounts of reliance
on Brent for both project and recovery work
Breakthrough 2: elevating preventive work to
prevent unplanned work (especially for Brent) and
making work visible
Breakthrough 3: throttling the flow of work into IT
Operations by the project freeze (subordinate)
25. Breakthrough 4 - 6
●
●
●
Breakthrough 4: identifying and limiting the flows of work to
Brent (it was genuinely surprising to find out after the fact at
how much this resembles the green/red tag pattern used in
“The Goal”) Kanban Board
Breakthrough 5: documenting and defining standardized work,
and managing handoffs to reduce time spent in queue
(through use of kanbans), and further reducing reliance on
Brent
Breakthrough 6: correctly identifying reliance on IT systems to
hit Dick’s corporate objectives (via Gartner RVM model) and
correctly scoping audit and infosec (via GAIT and GAIT-R)
26. Breakthrough 7 & 8
●
●
Breakthrough 7: building DevOps flow of work to better
design in non-functional requirements in Dev, reduce batch
sizes and enable single-piece flow through Development and
IT Operations and better enable operational resilience
(replicating the work described by Jez Humble, David Farley,
Paul Hammond and John Allspaw)
Breakthrough 8: when they discover the constraint moves
outside the organization, they bring back those resources inhouse (replicating one of my favourite Theory of Constraints
plays: when there’s idle plant capacity, it’s often cheaper to
fabricate parts in-house than to pay a supplier. Lovely.)
27. 4 types of work
●
Business project work,
●
IT project work,
●
changes and
●
unplanned work.
28. Thee Three Ways
●
Way No. 1: The flow
●
Way No. 2: Consistent feedback
●
Way No. 3: Continual learning
Page 99 – Erik Introduces the concept.
Page 297 – Bill learns how important The Three Ways are.
“But I learned that the practices that Allspaw and Hammond
espoused are the inevitable outcome of applying the Three
Ways to the IT value stream. It totally changed how we managed
IT and it saved our company. “How did they do it?” I ask,
dumbfounded.”
29. Way No. 1: The flow
1. Understand the flow of work.
●
Without understanding, any changes will have random
effects.
2. Always increase the flow
3. Never pass on defects downstream
4. Never allow local optimization to cause global
degradation
5. Achieve profound understanding of the entire system
30. Way No 2: Consistent Feedback
●
●
Understand and respond to the needs of all customers,
both internal and external.
Shorten and amplify all feedback loops.
–
●
Create quality at the source.
–
●
Kim said this rule is modelled after the Toyota Lean
manufacturing line, where any employee can stop the line
immediately if they see any defect.
This means pro-actively building quality into everything. There's
no need for developers to rely on QA to find their errors.
Create and embed knowledge where we need it.
31. Way No. 3: Continual learning
●
●
●
Create a culture that encourages
experimentation
Learns from failure
Recognizes repetition as the prerequisite to
mastery
32. Thanks
●
Thanks Barclays Bank for providing the venue
●
Thanks to the authors of “The Phoenix Project”
●
Thanks for your participation