Planning for the Future of DevOps: Competencies Hold the Key
February 18, 2021

Jon Collins
Gigaom

Simulated annealing is an algorithmic model based on enabling (e.g. geometric) artefacts to expand, then slowly bringing them back together as though they had been heated and cooled. I first learned of this technique when I was programming CAD systems for silicon chip design: I was working with a super-clever chap called Tim, who had written the compaction code I had been asked to document (cf my Twitter handle "Translating for geeks since 1987…").

Vis-a-vis both, I have had the good fortune to speak to a number of super-clever people over the past few weeks, and I have found my mind drawn back to notions of simulated annealing. In the spirit of the latter, I shall try to give space to a few of the things I have learned, and see what form they settle into as they cool.

To kick off, the main prompt for this blog was a conversation with Jayne Groll, CEO of the DevOps Institute, an organization founded on the idea of looking at the people issues around DevOps. Part of the discussion focused on the idea of competencies, aka how teams small and large can build out platforms of experience and expertise. The dialog wend its way through the pluses and minuses of maturity models, of centers of excellence vs project offices, of standardization vs flexibility.

Linking people to competencies, I was particularly drawn by how the DevOps Institute had been crowdsourcing said definition via the very people it was founded to support (clever, huh), an initiative overseen by Helen Beal. I note that one participant is Polystream's Cheryl Razzell, to whom I spoke late last year about the efforts and initiatives taking place there. I'm not just name-dropping here but making the point that it's all about people. To me, this goes right back to roots of how DevOps came about — folks wanting to improve how stuff is done.

A second conversation was with Jfrog's Avigail Ofer and (ex-Shippable co-Founder) Manisha Sahasrabudhe about CI/CD product roadmaps and all that. Inevitably, the discussion turned to phrases like "where the market is going" before landing on the very real question: how is all this clever tooling going to work?

I had, and have, no agenda on any of this, other than the fact that I've been covering such things for quite a while now, and find myself asking the same questions that I have been asking for ten years or more.

You can get the punchline — we started discussing the people using technology, the developers and security professionals and operations staff and managers and engineering leads and SREs and everyone else. The conversation became less about marketing, and more about enablement, and indeed, growing, building and assisting the competencies necessary for DevOps to scale.

There's more. A few weeks ago, I was genuinely lucky to participate in a panel of experts organized by CloudBees, all of whom were spending time tussling with the same challenges, either directly, or through consulting with their clients. I'm reminded of a point Forrester's Chris Condo made about Value Stream Management (VSM, an outcome-focused visibility/governance layer above DevOps): I paraphrase, but Chris was explaining that now we had the theory and the tools for VSM mapped out, he was turning his attention to making sure it delivered on its promise.

Everywhere I look, it seems, the focus is shifting. DevOps is great in principle, and functions very well on a small scale, and on a larger scale if you are very good at it. While past focus has been on just doing it, the questions, and answers, are moving to addressing the latter, i.e. delivering DevOps at scale, as a norm rather than as an exception. We see this in tooling such as VSM (which is seeing success, but for some, it is becoming yet another thing to manage), and we see it in a move away from simpler metrics such as DORA, and towards more competency-based considerations.

There's a lot going on, across architecture, process and need, and in good simulated annealing fashion, it is worth considering it all in the round. As things cool, I think we can expect to see:

■ increasing standardization of pipeline steps and segments, potentially with a common definition language such that they can be moved between tools

■ better integration of non-core activities (such as security and testing) into the pipeline — a policy-based "be-left" approach rather than force-fitting "shift-left" ideas

■ management visibility onto needs and business outcomes delivered in a way that enables, rather than slowing progress

■ a move away from speed-is-king attitudes and monolithic methodology approaches, towards standardized platforms with embedded guardrails

All in all, the stage we are at reminds me of the early days of ITIL, in which a bunch of people got together and mapped out how things could work much, much better than in the past, and shared their findings. It's worth remembering that the initial ITIL guides did not talk about technical solutions but focused on competencies: it's only later that CMDBs and other clever tech kicked in.

ITIL's issue, if it had one, was that, with all its associated tools and frameworks, it became too complex and distant from those original themes: it became part of the very problem it set out to solve (complexity will always kill innovation, if given the chance).

Through the efforts of people across the board, DevOps is on the brink of a similar breakthrough, so, how can organizations get themselves ready for a future, (at least initially) less chaotic version of DevOps?

While centers of excellence may be a bit of a stretch (though the name has a ring to it), companies and public bodies can start to think in terms of centers of competence, documenting what they are currently good at and where they can improve based on a common baseline (the DevOps institute's work on this is a good place to start).

At the same time, it is worth considering that (as we found with ITIL) complexity was never, and never should be the goal for DevOps. Tech is complex enough without adding to the burden through fragmented, inefficient pipelines, siloed teams and practices, pockets of configuration management, reinvention and fire-fighting. We should all be looking at what we do and asking, how can I make this simpler, for myself, for my team and for others?

And as long as we can answer this question, we will be heading in the right direction.

Jon Collins is VP of Research for Gigaom
Share this

Industry News

July 29, 2021

Couchbase announced the general availability of Couchbase Server 7.

July 29, 2021

Cycloid has unveiled Infra Import, a tool that automatically reverse engineers Terraform Infra-as-Code (IaC) from manually deployed infrastructure.

July 29, 2021

Launchable closed a $9.5 million Series A investment.

July 29, 2021

Rafay Systems announced automation and monitoring enhancements to its flagship Kubernetes Management Cloud (KMC).

July 28, 2021

Progress announced the R2 2021 release of Progress Telerik Test Studio, the enterprise UI test automation platform.

July 28, 2021

Synopsys announced the availability of new Rapid Scan capabilities within the company's Coverity static application security testing (SAST) and Black Duck software composition analysis (SCA) solutions.

July 28, 2021

Bitdefender announced GravityZone Security for Containers, expanding its cloud workload security (CWS) offering with run-time support for containers and Linux kernel independence.

July 28, 2021

Armory announced Armory Enterprise on AWS Quick Starts, automated reference deployments built by Amazon Web Services (AWS) solutions architects and AWS Partners.

July 27, 2021

Katalon introduced Katalon TestOps, an open and comprehensive test orchestration platform designed to help enterprises scale test automation and streamline DevOps pipelines.

July 27, 2021

Digital.ai achieved Federal Risk and Authorization Management Program (FedRAMP) “In Process” status for an Enterprise Agile Planning (EAP) tool.

July 27, 2021

Aqua Security rolls out the availability of its new Aqua Platform, with a unified console to ease the journey from scanning and visibility to workload protection in cloud native environments.

July 26, 2021

Parallel Agile announced a new version of CodeBot, a low-code MERN stack application generator.

July 26, 2021

Appian unveiled its new Appian Japan regional office.

July 26, 2021

CloudTruth raised $5.25 million in seed funding led by Glasswing Ventures and Gutbrain Ventures, with additional funding from Stage 1 Ventures and York IE.

July 22, 2021

Postman successfully obtained the System and Organization Controls (SOC) 2 Type 2 and SOC 3 Type 2 reports for the Postman API platform, meeting critical industry standards relative to the Trust Services Criteria for security, availability, and confidentiality.