Technical Debt: Your Hidden DevOps Nightmare - Part 2
January 17, 2019

Brandon Carroll
TEKsystems Global Services

To better align business and IT objectives, enterprise organizations should focus on the core "problems" that individual business units face today in driving out real consumer value. Until the roadblocks and inhibitors — and, ultimately, the resultant technical debt — are removed from the equation, large enterprise organizations will continue struggling to succeed in real transformation initiatives.

Three components to the problem — business, development, IT — were outlined in Part 1 of this blog, and a 3-pronged plan is required to strategically align business goals with IT solutions. To effectively eliminate process inefficiencies and technical debt, internal stakeholders need to collaborate on an IT solution that meets the business goal of releasing quality enhancements for applications that directly impact customers. To meet this strategic need, IT must adopt a plan to modernize applications using stateless microservices, adoption of a CICD pipeline (incorporating a code-based approach to QA and security), and a hybrid cloud infrastructure model to meet the flexible, scalable demands of the business.

Start with Technical Debt: Your Hidden DevOps Nightmare - Part 1

1. Microservices

The easiest way to kick-start application modernization is through stateless microservices. Stateless means that microservices and underlying processes have no underlying dependencies, eliminating the need for shared data repositories and resource sharing across services. By moving to a microservices model, changing an aspect of a single service or application function will not impact other services or functions, which is a major inhibitor to DevOps. It also allows for more rapid change and a higher release frequency, giving developers the ability to realistically keep up with business needs.

2. Pipeline Automation and Containerized Deployments

Automating the code pipeline, containerizing deployments, and building security and QA early into the software development life cycle and deployment processes will eliminate the need for time-consuming manual testing and security intervention. Automating the code commit and delivery processes through a CI pipeline gets development and product teams on board as their new code navigates lower-level environments in an automated fashion without delay.

If configured properly before software releases can be promoted from standard development, test and staging environments, the automated pipeline assures that required vulnerability checks, regression and load testing, and code quality checks have been completed successfully. If the checks fail, the change fails. Properly placing these checks at all levels of the promotion process should meet any controls that enterprise QA and security requires for production applications.

Similarly, leveraging CD packaging through containerization allows incremental code changes to be deployed with requisite controls attached, again without manual intervention. Packaging services like encryption, logging and monitoring into the container architecture takes those items off the developers' to-do list — they're already embedded into every release.

3. Cloud

Adopting cloud deployment targets solves the configuration management, autoscale and capacity management conundrum without the need to procure costly hardware and licensing for lower-level and production environments. More common advanced testing patterns, such as blue/green deployment, require like-for-like lower-level and production environments. This can result in problems like large infrastructure expenditures and often mismatched configuration. Ultimately these issues cause test failures and poor code quality.

In a cloud deployment, IT teams can quickly spin up multiple environments, which saves time and money as long as appropriate controls are in place to ensure idle standby environments are spun down. Leveraging cloud native services also allows for limited third-party integration needs, and data aggregation and visualization offer a holistic view of the pipeline process, quality and security gates.

While this solution seems obvious in theory, in practice, major enterprises often correctly identify the problem yet remain unable to break down company silos and work to eliminate technical debt. Executive teams can come up with a seemingly infallible solution and agree upon an implementation plan, but they remain unable to get any of their team members to adopt and participate in the solution strategy. The reasons are similar in every instance: a lack of funding, a lack of talent, a lack of accountability, little job security.

It is critical to make business, development and IT teams aware that they must own the change in their organization. Resistance needs to be met with the reality that if they don't change, the business will suffer. Creating a feeling of ownership and celebrating victories along the way can help teams more readily adopt a solution strategy, which is integral to its success. Technical debt may be an issue that looms on the horizon for many large enterprises, but with the right approach, it can be eliminated.

Brandon Carroll is Director, Transformation, DevOps and Cloud Services, for TEKsystems Global Services
Share this

Industry News

June 01, 2020

IT Revolution announced a full conference agenda for DevOps Enterprise Summit London, June 23-25, 2020.

June 01, 2020

Caltech CTME announced that Simplilearn, a global provider of digital skills training, will collaborate with CTME (Caltech's Center for Technology and Management Education) to offer a specialized Post Graduate Program in DevOps software engineering.

June 01, 2020

DevOps Institute, a global member-based association for advancing the human elements of DevOps, announced the introduction of its SKILup Playbook Library, a dynamic collective body of knowledge (cBok) that aligns thought leadership from industry experts with a set of dynamic, orchestrated artifacts, research and assets.

May 28, 2020

Docker has extended its strategic collaboration with Microsoft to simplify code to cloud application development for developers and development teams by more closely integrating with Azure Container Instances (ACI).

May 28, 2020

Eggplant announced updates to its Digital Automation Intelligence (DAI) platform.

May 28, 2020

Aptum launched its Managed DevOps Service in partnership with CloudOps, a cloud consulting and professional services company specializing in DevOps.

May 27, 2020

Red Hat announced an expansion of its application services portfolio with the addition of Quarkus as a fully supported framework in Red Hat Runtimes.

May 27, 2020

Couchbase has completed a $105 million all-equity Series G round of fundraising.

May 27, 2020

Aqua Security closed a Series D round of $30M led by Greenspring Associates.

May 26, 2020

GitLab is releasing 13.0 of its DevSecOps platform to enable organizations to efficiently adapt and respond to new and dynamic business challenges.

May 26, 2020 announced the availability of the Istio Developer Portal to streamline the developer onboarding process for improved developer experience and increased productivity with added security features.

May 26, 2020

WhiteHat Security will offer free application scanning services to any education institution to support secure online learning.

May 21, 2020

Exadel announced the Grand Prize winner of the “ COVID-19 Virtual Hackathon.”

May 21, 2020

CloudBees announced significant advances for its Software Delivery Management (SDM) platform – integrations with additional continuous integration and continuous delivery (CI/CD) engines, including Google Cloud Build and Tekton, and extension of the availability of CloudBees’ SDM Preview Program.

May 21, 2020

OutSystems is announcing over 70 development accelerators that ensure web and mobile applications created on the OutSystems low-code development platform can comply with the highest accessibility standards and regulations.