RubeGoldberg.jpg

The umbrella term “DevOps” has grown so much over the last few years that the word now strains to mean the same thing for all people. This is less a semantic issue and more a reflection of the growing scope of software delivery automation. At the helm of this growth are the operators who manage the tooling and practices that enable today’s software delivery methods. Their role has morphed and grown immensely, even over just the last two years that CircleCI has been running behind their firewalls. These operators’ responsibilities are myriad: they are responsible for keeping the tool chains that developers use every day humming along while answering to the business for security, cost control, and compliance. Behind the scenes, they are keeping inevitable technical fires at bay while facing increasing pressure from senior management to deliver on Digital Transformation.

From within CircleCI, we are fortunate to have a front-row seat to the changes in patterns, practices, and tooling of thousands of teams across the world. These shifts are allowing operators and DevOps practitioners to continue innovating, moving faster, and creating repeatable processes that allow them to stay ahead of the curve and avert disaster.

When we look at our customers leading the pack in software innovation, we’ve seen these six patterns:

1. Process is King. The best teams are always pushing to standardize and automate as much of their software delivery pipeline as possible. Everyone now accepts that software is a strategic investment. But to the developers within those organizations, actual code is often seen as a liability, or at least a quickly depreciating asset. The appreciating asset are the repeatable and scalable processes that a company creates to turn code into running software, driving higher throughput and quality in their software delivery pipelines. These processes include: automating how teams deliver their working software, how they manage their operational efficiencies, and their ability to cost-effectively spin up fresh projects.

2. Decentralization in Pipelines: We’ve seen a trend away from centralized pipelines and towards pushing power to the edges. Companies are looking to empower developers to control their own pipeline logic by giving them automatically provisioned resources in which to execute those pipelines. To industry leaders, it’s no longer tolerable to maintain stand-alone build systems that require one-off provisioning and separate security controls. As operators seek to remove themselves as bottlenecks, teams are moving towards systems they can operate centrally, but that provide distributed power to teams to self-provision and auto-scale on their own.

3. Abstractions Abound: Many of the thorniest problems in DevOps land are increasingly being abstracted. Common challenges like virtualization of environments, orchestration of infrastructure, and scheduling execution over complex sets of processes used to require manual intervention or were glued together with fragile scripts. Today, we have tools like Docker, Kubernetes, Terraform, and scores of others that model and reliably automate such problems. The best IT teams are always looking to shrink the surface area of esoteric risk. This is why they opt for industry-standard and/or vendor-supported abstractions for common problems over attempting to create, maintain, and innovate on bespoke systems. High-performing software organizations focus as much energy as possible on proprietary value creation rather than the supporting systems that are common problems among their peers. They favor open standards that provide expressive codifications into common syntax and tooling.

4. Continuous Compliance: As automation in software delivery pipelines has grown, compliance efforts have struggled to keep pace. Companies investing in software delivery throughput as a strategic asset don’t want that investment stymied by business process bottlenecks. Operators are looking to assure their various stakeholders that they have strong practices like segregation of duties, prudent security key management, high availability, disaster readiness, and the like. Systems that bake such concerns into their core operating model without compromising team throughput succeed because they protect operators’ most precious asset: the stability and accountability of their systems.

5. Automation of Automation: The trend away from monolithic architectures leaves operators with an increasing number of active software projects to support. Even those who maintain monoliths tend to have a growing set of other ancillary systems. This explosion in complexity necessitates new abstractions to avoid a quagmire of administrative and operations overheads. We are seeing an increasing use of scripts and other tooling that spin up repos, inject various common dependencies, generate CI scripts, register various integration points, and other formerly manual tasks. By reducing the tax of creating new initiatives and maintaining existing ones, teams start to see big improvements in software innovation throughput. Reproducibility of DevOps practices becomes a key factor in team success.

6. Availability and Recovery: We increasingly see companies treating their CI/CD systems with production-quality service levels. These are companies that know that successful DevOps practices, in effect, turn software delivery pipelines into production systems, so they are combing their systems to remove all single points of failure. We see demand for providing automated backup and recovery, globally federated infrastructure, and frictionless scaling to meet peaks in demand. These investments are driven by both acute scale concerns and ambitious corporate goals of resiliency and recoverability.

The demands on software teams will continue to grow. We know that the operators who manage the systems these teams rely on will need to rise to meet the challenges that lie ahead: managing increasing automation and the overhead it brings, enabling innovation by allowing teams to move faster and more autonomously, all the while keeping their systems secure and compliant.