Planning for the Future of DevOps: Competencies Hold the Key
February 18, 2021

Jon Collins
Gigaom

Simulated annealing is an algorithmic model based on enabling (e.g. geometric) artefacts to expand, then slowly bringing them back together as though they had been heated and cooled. I first learned of this technique when I was programming CAD systems for silicon chip design: I was working with a super-clever chap called Tim, who had written the compaction code I had been asked to document (cf my Twitter handle "Translating for geeks since 1987…").

Vis-a-vis both, I have had the good fortune to speak to a number of super-clever people over the past few weeks, and I have found my mind drawn back to notions of simulated annealing. In the spirit of the latter, I shall try to give space to a few of the things I have learned, and see what form they settle into as they cool.

To kick off, the main prompt for this blog was a conversation with Jayne Groll, CEO of the DevOps Institute, an organization founded on the idea of looking at the people issues around DevOps. Part of the discussion focused on the idea of competencies, aka how teams small and large can build out platforms of experience and expertise. The dialog wend its way through the pluses and minuses of maturity models, of centers of excellence vs project offices, of standardization vs flexibility.

Linking people to competencies, I was particularly drawn by how the DevOps Institute had been crowdsourcing said definition via the very people it was founded to support (clever, huh), an initiative overseen by Helen Beal. I note that one participant is Polystream's Cheryl Razzell, to whom I spoke late last year about the efforts and initiatives taking place there. I'm not just name-dropping here but making the point that it's all about people. To me, this goes right back to roots of how DevOps came about — folks wanting to improve how stuff is done.

A second conversation was with Jfrog's Avigail Ofer and (ex-Shippable co-Founder) Manisha Sahasrabudhe about CI/CD product roadmaps and all that. Inevitably, the discussion turned to phrases like "where the market is going" before landing on the very real question: how is all this clever tooling going to work?

I had, and have, no agenda on any of this, other than the fact that I've been covering such things for quite a while now, and find myself asking the same questions that I have been asking for ten years or more.

You can get the punchline — we started discussing the people using technology, the developers and security professionals and operations staff and managers and engineering leads and SREs and everyone else. The conversation became less about marketing, and more about enablement, and indeed, growing, building and assisting the competencies necessary for DevOps to scale.

There's more. A few weeks ago, I was genuinely lucky to participate in a panel of experts organized by CloudBees, all of whom were spending time tussling with the same challenges, either directly, or through consulting with their clients. I'm reminded of a point Forrester's Chris Condo made about Value Stream Management (VSM, an outcome-focused visibility/governance layer above DevOps): I paraphrase, but Chris was explaining that now we had the theory and the tools for VSM mapped out, he was turning his attention to making sure it delivered on its promise.

Everywhere I look, it seems, the focus is shifting. DevOps is great in principle, and functions very well on a small scale, and on a larger scale if you are very good at it. While past focus has been on just doing it, the questions, and answers, are moving to addressing the latter, i.e. delivering DevOps at scale, as a norm rather than as an exception. We see this in tooling such as VSM (which is seeing success, but for some, it is becoming yet another thing to manage), and we see it in a move away from simpler metrics such as DORA, and towards more competency-based considerations.

There's a lot going on, across architecture, process and need, and in good simulated annealing fashion, it is worth considering it all in the round. As things cool, I think we can expect to see:

■ increasing standardization of pipeline steps and segments, potentially with a common definition language such that they can be moved between tools

■ better integration of non-core activities (such as security and testing) into the pipeline — a policy-based "be-left" approach rather than force-fitting "shift-left" ideas

■ management visibility onto needs and business outcomes delivered in a way that enables, rather than slowing progress

■ a move away from speed-is-king attitudes and monolithic methodology approaches, towards standardized platforms with embedded guardrails

All in all, the stage we are at reminds me of the early days of ITIL, in which a bunch of people got together and mapped out how things could work much, much better than in the past, and shared their findings. It's worth remembering that the initial ITIL guides did not talk about technical solutions but focused on competencies: it's only later that CMDBs and other clever tech kicked in.

ITIL's issue, if it had one, was that, with all its associated tools and frameworks, it became too complex and distant from those original themes: it became part of the very problem it set out to solve (complexity will always kill innovation, if given the chance).

Through the efforts of people across the board, DevOps is on the brink of a similar breakthrough, so, how can organizations get themselves ready for a future, (at least initially) less chaotic version of DevOps?

While centers of excellence may be a bit of a stretch (though the name has a ring to it), companies and public bodies can start to think in terms of centers of competence, documenting what they are currently good at and where they can improve based on a common baseline (the DevOps institute's work on this is a good place to start).

At the same time, it is worth considering that (as we found with ITIL) complexity was never, and never should be the goal for DevOps. Tech is complex enough without adding to the burden through fragmented, inefficient pipelines, siloed teams and practices, pockets of configuration management, reinvention and fire-fighting. We should all be looking at what we do and asking, how can I make this simpler, for myself, for my team and for others?

And as long as we can answer this question, we will be heading in the right direction.

Jon Collins is VP of Research for Gigaom
Share this

Industry News

October 06, 2022

Platform.sh announced it has partnered with MongoDB.

October 06, 2022

Veracode announced the enhancement of its Continuous Software Security Platform to include container security.

This early access program for Veracode Container Security is now underway for existing customers.

The new Veracode Container Security offering, designed to meet the needs of cloud-native software engineering teams, addresses vulnerability scanning, secure configuration, and secrets management requirements for container images.

October 06, 2022

Mirantis announced that Mirantis Container Runtime – latest generation of the Docker Enterprise Engine, the secure container runtime that forms the foundation of Mirantis Container Cloud and Mirantis Kubernetes Engine and is used at the heart of many other Kubernetes deployments – is now available in the Microsoft Azure Marketplace.

October 05, 2022

Perforce Software announced enhanced support for automated testing with the release of Helix ALM 2022.2.

October 05, 2022

Parasoft announced the latest releases of its API and microservices testing tools, including SOAtest, Virtualize, CTP, and Selenic.

October 05, 2022

Vaadin announced the release of four Acceleration Kits designed to make it faster and easier to build and modernize Java applications for enterprise use.

October 04, 2022

Pegasystems announced the latest release of Robot Studio, the robotic process automation (RPA) low-code authoring environment for Pega's intelligent automation platform.

October 04, 2022

EvolveWare announced the Agile Business Rules Extraction (Agile BRE) solution on its Intellisys platform.

October 04, 2022

Mabl announced new features that empower quality professionals to easily validate APIs as part of their integrated end-to-end tests.

October 03, 2022

Spectro Cloud announced a major new release of its Palette Edge platform.

October 03, 2022

Arcion announced agentless change data capture (CDC) for all of its supported databases and applications.

September 29, 2022

CloudBees announced the acquisition of ReleaseIQ to expand the company’s DevSecOps capabilities, empowering customers with a low-code, end-to-end release orchestration and visibility solution.

September 29, 2022

SmartBear continues expanding its commitment to the Atlassian Marketplace, adding Bugsnag for Jira and SwaggerHub Integration for Confluence.

Bugsnag developers monitoring application stability and documenting in Jira no longer need to interrupt their workflow to access the app. Developers working in SwaggerHub can use the macro to push API definitions and changes directly to other teams and business stakeholders that work within Confluence. By increasing the presence of SmartBear tools on the Atlassian Marketplace, the company continues meeting developers where they are.

September 29, 2022

Ox Security exited stealth today with $34M in funding led by Evolution Equity Partners, Team8, and M12, Microsoft's venture fund, with participation from Rain Capital.

September 29, 2022

cnvrg.io announced that the new Intel Developer Cloud is now available via the cnvrg.io Metacloud platform, providing a fully integrated software and hardware solution.