Introductionto
DevOps
DevOps Bootcamp - Session 01

AboutMe
RavinduFernando
Associate Tech Lead @ Emojot Inc.
Cloud Computing Enthusiast

Understanding DevOps - What? Why? How?
DevOps Practices
DevOps Tools and Technologies
Carrier as a DevOps Engineer
Future Trends in DevOps
Agenda

TheEraBefore
DevOps

Developers
FocusedonAgility
Operators
FocusedonStability

Act01-Operationsteams
maintaininglargefragile
applications
Doesn't have any visibility on the
application, whether or not its working
as expected
Act03-TheDevelopers
Developers taking shortcuts and putting
more and more fragile code on top of
existing ones
Act02-Theproduct
managers
Larger, unrealistic commitments made
to the outside world (client/ investors)
without understanding the complexities
behind development and operations
Act04-DevandOpsatwar
It worked on my machine
phenomenon
Destructive downward spiral in IT - Gene Kim

Howcanwe
overcome
theseissues?

DevOps
Principles
TheThreeWays

The First Way: Systems Thinking (Left to Right)
Dev Ops
Identify flow of work from left to right and make it visible
Single repository for code and environments and make production
like environments available to developers, QA teams as early as
possible in the SDLC
Since work is planned visible you can expect what work going out
in each release. Determinism in release
Consistent Dev, QA, and staging environments, all built before
deployment begins
Lead the way to decreased cycle times and gradual changes
At the end of each sprint, we must have working code and
environment that it runs in!! - DevOps CookBook

The Second Way: Amplify Feedback Loops (Right to Left)
Dev Ops
Include Devs onto the incident escalation process
Invite Devs to post-mortems/ RCA meetings
Reusable Ops and Sec user stories are made a part of agile process,
so everyone has an understanding of the resources, duration
required for each process
Ensure application monitoring/ metrics are embedded to
applications and aid in Ops and security work
Lead to better communication and coordination among groups
Improving daily work is more important than doing daily work. -
Gene Kim, The Phoenix Project

The Third Way: Culture of Continual Experimentation and Learning
Dev Ops
Create a culture that does experimentations (taking risks) and
learning from failure and sharing the story of failures with
everyone. So it want happen again.
Deliberate practice will lead you to the mastery. A culture which
always pushing the danger zone will enable you to survive well in
danger zones
Injecting failures more and often will allow you to design systems,
infrastructure, applications keeping in mind that they are bound to
fail at any time.
Identify failures more early and break things early before
production -
Consistency in code/ environments
Enforcing HTTPS/ TLS
Static code analysis and vulnerability checking in packages
integrated to CI and testing processes)
Allocate time to reduce technical dept.

ReduceOrganizationalSilos
Everyones shares the ownership of
production and information is shared
among everyone
MeasureEverything
Application, systems monitoring and
metrics etc...
ImplementGradualChanges
Frequent deployments, frequent
deterministic releases in small chunks
which can be rolled back
AcceptFailureasNormal
Blameless PMs/ RCA. Risk taking
mindset.
LeverageToolingand
Automation
Automate and reduce manual work as
much as possible
Key Areas in DevOps

“DevOps is the combination of cultural philosophies, practices, and tools that
increases an organization’s ability to deliver applications and services at high velocity”
- What is DevOps? [AWS] -
“A compound of development (Dev) and operations (Ops), DevOps is the union of
people, process, and technology to continually provide value to customers.”
- What is DevOps? [Azure] -
DevOps allows evolving and improving products at a faster pace than businesses using
traditional software development and infrastructure management processes. This speed
allows businesses to serve their customers better and compete effectively.

DevOps
Practices

Continuous Integration (CI) - Software development practice where developers regularly merge
their code changes into a central repository, after which automated builds and tests are run.
Continuous Delivery (CD) - Software development practice where code changes are automatically
built, tested, and prepared for a release to production (automated code change deployment to
staging/ pre-production system).
Continuous Deployment (CD) - Every change that passes all stages of the pipeline will be deployed
into production (released to customers). This practice fully automates the whole release flow
without human intervention and only a failed test will prevent a new change being deployed.
Microservices - The microservices architecture is a design approach to build a single application as
a set of small services with each focusing on SRP. Each service can be created, deployed and run
independently.

Infrastructure as Code - A practice in which infrastructure is provisioned and managed using code
and software development techniques, such as version control and continuous integration.
Configuration Management
Policy as Code
Cloud Infrastructure - Cloud provides more flexibility, scalability and toolsets for organizations to
implement DevOps culture and practices. Serverless architecture in cloud brings down the efforts
of DevOps teams as it eliminates server management operations.
Continuous Monitoring, Logging and Alerting - Organizations monitor metrics and logs to see how
application and infrastructure performance impacts the experience of their product’s end user.
Combined with real time alerts organizations can do a real time analysis on the application status.

DevOpsTools
and
Technologies

Carrierasa
DevOps
Engineer

CI/CDManagement
Automation
WritingSpecificationsand
Documentation
InfrastructureManagement
CloudDeploymentand
Management
PerformanceAssessmentand
Monitoring
DevOps Engineer Role
AssistingwithDevOps
cultureapdotion

Futuretrends
ofDevOps

DevSecOps - Integrating Security into the DevOps cycle
Leaning in over Always Saying “No”
Data Security Science over Fear, Uncertainty and Doubt
Open Contribution Collaboration over Security-Only Requirements
Consumable Security Services with APIs over Mandated Security Controls Paperwork
Business Driven Security Scores over Rubber Stamp Security
Red Blue Team Exploit Testing over Relying on Scans Theoretical Vulnerabilities
24x7 Proactive Security Monitoring over Reacting after being Informed of an Incident
Shared Threat Intelligence over Keeping Info to Ourselves
Compliance Operations over Clipboards Checklists
BizDevOps - Integrates feedback from the business side into the DevOps cycles to serve business
objectives. Focused on eliminating the silos between developers, operations teams, and business
staff so companies can provide value to the customers.

QA

The Phoenix Project - https://www.goodreads.com/book/show/17255186-the-phoenix-project
The Unicorn Project - https://www.goodreads.com/en/book/show/44333183-the-unicorn-project
The DevOps CookBook - http://www.realgenekim.me/devops-cookbook/
Keynote: Why We need DevOps - Gene Kim - https://www.youtube.com/watch?v=877OCQA_xzE
What's the Difference between DevOps and SRE - https://www.youtube.com/watch?
v=uTEL8Ff1Zvk
References

ThankYou!
Reachout
ravindu.fernando@cse.mrt.ac.lk
https://www.linkedin.com/in/ra
vindufernando/