Technical Debt: Your Hidden DevOps Nightmare - Part 2
January 17, 2019

Brandon Carroll
TEKsystems Global Services

To better align business and IT objectives, enterprise organizations should focus on the core "problems" that individual business units face today in driving out real consumer value. Until the roadblocks and inhibitors — and, ultimately, the resultant technical debt — are removed from the equation, large enterprise organizations will continue struggling to succeed in real transformation initiatives.

Three components to the problem — business, development, IT — were outlined in Part 1 of this blog, and a 3-pronged plan is required to strategically align business goals with IT solutions. To effectively eliminate process inefficiencies and technical debt, internal stakeholders need to collaborate on an IT solution that meets the business goal of releasing quality enhancements for applications that directly impact customers. To meet this strategic need, IT must adopt a plan to modernize applications using stateless microservices, adoption of a CICD pipeline (incorporating a code-based approach to QA and security), and a hybrid cloud infrastructure model to meet the flexible, scalable demands of the business.

Start with Technical Debt: Your Hidden DevOps Nightmare - Part 1

1. Microservices

The easiest way to kick-start application modernization is through stateless microservices. Stateless means that microservices and underlying processes have no underlying dependencies, eliminating the need for shared data repositories and resource sharing across services. By moving to a microservices model, changing an aspect of a single service or application function will not impact other services or functions, which is a major inhibitor to DevOps. It also allows for more rapid change and a higher release frequency, giving developers the ability to realistically keep up with business needs.

2. Pipeline Automation and Containerized Deployments

Automating the code pipeline, containerizing deployments, and building security and QA early into the software development life cycle and deployment processes will eliminate the need for time-consuming manual testing and security intervention. Automating the code commit and delivery processes through a CI pipeline gets development and product teams on board as their new code navigates lower-level environments in an automated fashion without delay.

If configured properly before software releases can be promoted from standard development, test and staging environments, the automated pipeline assures that required vulnerability checks, regression and load testing, and code quality checks have been completed successfully. If the checks fail, the change fails. Properly placing these checks at all levels of the promotion process should meet any controls that enterprise QA and security requires for production applications.

Similarly, leveraging CD packaging through containerization allows incremental code changes to be deployed with requisite controls attached, again without manual intervention. Packaging services like encryption, logging and monitoring into the container architecture takes those items off the developers' to-do list — they're already embedded into every release.

3. Cloud

Adopting cloud deployment targets solves the configuration management, autoscale and capacity management conundrum without the need to procure costly hardware and licensing for lower-level and production environments. More common advanced testing patterns, such as blue/green deployment, require like-for-like lower-level and production environments. This can result in problems like large infrastructure expenditures and often mismatched configuration. Ultimately these issues cause test failures and poor code quality.

In a cloud deployment, IT teams can quickly spin up multiple environments, which saves time and money as long as appropriate controls are in place to ensure idle standby environments are spun down. Leveraging cloud native services also allows for limited third-party integration needs, and data aggregation and visualization offer a holistic view of the pipeline process, quality and security gates.

While this solution seems obvious in theory, in practice, major enterprises often correctly identify the problem yet remain unable to break down company silos and work to eliminate technical debt. Executive teams can come up with a seemingly infallible solution and agree upon an implementation plan, but they remain unable to get any of their team members to adopt and participate in the solution strategy. The reasons are similar in every instance: a lack of funding, a lack of talent, a lack of accountability, little job security.

It is critical to make business, development and IT teams aware that they must own the change in their organization. Resistance needs to be met with the reality that if they don't change, the business will suffer. Creating a feeling of ownership and celebrating victories along the way can help teams more readily adopt a solution strategy, which is integral to its success. Technical debt may be an issue that looms on the horizon for many large enterprises, but with the right approach, it can be eliminated.

Brandon Carroll is Director, Transformation, DevOps and Cloud Services, for TEKsystems Global Services
Share this

Industry News

March 18, 2024

Kubiya.ai announces the launch of its DevOps Digital Agents.

March 18, 2024

Aviatrix® introduced Aviatrix Distributed Cloud Firewall for Kubernetes, a distributed cloud networking and network security solution for containerized enterprise applications and workloads.

March 18, 2024

Stride announces the general availability of Stride Conductor, its new autonomous coding product that transforms the software development landscape.

March 14, 2024

CircleCI unveiled CircleCI releases, which enables developers to automate the release orchestration process directly from the CircleCI UI.

March 13, 2024

Fermyon™ Technologies announces Fermyon Platform for Kubernetes, a WebAssembly platform for Kubernetes.

March 13, 2024

Akuity announced a new offer targeted at Enterprises and businesses where security and compliance are key.

March 13, 2024

New Relic launched new capabilities for New Relic IAST (Interactive Application Security Testing), including proof-of-exploit reporting for application security testing.

March 12, 2024

OutSystems announced AI Agent Builder, a new solution in the OutSystems Developer Cloud platform that makes it easy for IT leaders to incorporate generative AI (GenAI) powered applications into their digital transformation strategy, as well as govern the use of AI to ensure standardization and security.

March 12, 2024

Mirantis announced significant updates to Lens Desktop that makes working with Kubernetes easier by simplifying operations, improving efficiency, and increasing productivity. Lens 2024 Early Access is now available to Lens users.

March 12, 2024

Codezero announced a $3.5 million seed-funding round led by Ballistic Ventures, the venture capital firm dedicated exclusively to funding entrepreneurs and innovations in cybersecurity.

March 11, 2024

Prismatic launched a code-native integration building experience.

March 07, 2024

Check Point® Software Technologies Ltd. announced its Check Point Infinity Platform has been ranked as the #1 Zero Trust Platform in the latest Miercom Zero Trust Platform Assessment.

March 07, 2024

Tricentis announced the launch and availability of SAP Test Automation by Tricentis as an SAP Solution Extension.

March 07, 2024

Netlify announced the general availability of the AI-enabled deploy assist.

March 07, 2024

DataStax announced a new integration with Airbyte that simplifies the process of building production-ready GenAI applications with structured and unstructured data.