Technical Debt: Your Hidden DevOps Nightmare - Part 2
January 17, 2019

Brandon Carroll
TEKsystems Global Services

To better align business and IT objectives, enterprise organizations should focus on the core "problems" that individual business units face today in driving out real consumer value. Until the roadblocks and inhibitors — and, ultimately, the resultant technical debt — are removed from the equation, large enterprise organizations will continue struggling to succeed in real transformation initiatives.

Three components to the problem — business, development, IT — were outlined in Part 1 of this blog, and a 3-pronged plan is required to strategically align business goals with IT solutions. To effectively eliminate process inefficiencies and technical debt, internal stakeholders need to collaborate on an IT solution that meets the business goal of releasing quality enhancements for applications that directly impact customers. To meet this strategic need, IT must adopt a plan to modernize applications using stateless microservices, adoption of a CICD pipeline (incorporating a code-based approach to QA and security), and a hybrid cloud infrastructure model to meet the flexible, scalable demands of the business.

Start with Technical Debt: Your Hidden DevOps Nightmare - Part 1

1. Microservices

The easiest way to kick-start application modernization is through stateless microservices. Stateless means that microservices and underlying processes have no underlying dependencies, eliminating the need for shared data repositories and resource sharing across services. By moving to a microservices model, changing an aspect of a single service or application function will not impact other services or functions, which is a major inhibitor to DevOps. It also allows for more rapid change and a higher release frequency, giving developers the ability to realistically keep up with business needs.

2. Pipeline Automation and Containerized Deployments

Automating the code pipeline, containerizing deployments, and building security and QA early into the software development life cycle and deployment processes will eliminate the need for time-consuming manual testing and security intervention. Automating the code commit and delivery processes through a CI pipeline gets development and product teams on board as their new code navigates lower-level environments in an automated fashion without delay.

If configured properly before software releases can be promoted from standard development, test and staging environments, the automated pipeline assures that required vulnerability checks, regression and load testing, and code quality checks have been completed successfully. If the checks fail, the change fails. Properly placing these checks at all levels of the promotion process should meet any controls that enterprise QA and security requires for production applications.

Similarly, leveraging CD packaging through containerization allows incremental code changes to be deployed with requisite controls attached, again without manual intervention. Packaging services like encryption, logging and monitoring into the container architecture takes those items off the developers' to-do list — they're already embedded into every release.

3. Cloud

Adopting cloud deployment targets solves the configuration management, autoscale and capacity management conundrum without the need to procure costly hardware and licensing for lower-level and production environments. More common advanced testing patterns, such as blue/green deployment, require like-for-like lower-level and production environments. This can result in problems like large infrastructure expenditures and often mismatched configuration. Ultimately these issues cause test failures and poor code quality.

In a cloud deployment, IT teams can quickly spin up multiple environments, which saves time and money as long as appropriate controls are in place to ensure idle standby environments are spun down. Leveraging cloud native services also allows for limited third-party integration needs, and data aggregation and visualization offer a holistic view of the pipeline process, quality and security gates.

While this solution seems obvious in theory, in practice, major enterprises often correctly identify the problem yet remain unable to break down company silos and work to eliminate technical debt. Executive teams can come up with a seemingly infallible solution and agree upon an implementation plan, but they remain unable to get any of their team members to adopt and participate in the solution strategy. The reasons are similar in every instance: a lack of funding, a lack of talent, a lack of accountability, little job security.

It is critical to make business, development and IT teams aware that they must own the change in their organization. Resistance needs to be met with the reality that if they don't change, the business will suffer. Creating a feeling of ownership and celebrating victories along the way can help teams more readily adopt a solution strategy, which is integral to its success. Technical debt may be an issue that looms on the horizon for many large enterprises, but with the right approach, it can be eliminated.

Brandon Carroll is Director, Transformation, DevOps and Cloud Services, for TEKsystems Global Services
Share this

Industry News

October 29, 2020

Cisco announced new software-delivered solutions designed to simplify IT operations across on-premise data centers and multicloud environments.

October 29, 2020

Bugsnag announced availability of user stability analytics, which will help developers gain a clearer understanding of how application errors are impacting the user experience and other key performance indicators (KPIs) for the business, as well as offer insights on whether to fix bugs or build new features.

October 29, 2020

HAProxy Technologies announced an open-source release of a VMware Open Virtual Appliance (OVA) virtual machine image of the HAProxy load balancer for vSphere, which HAProxy Technologies will maintain on GitHub.

October 28, 2020

Progress announced a number of new innovations designed to facilitate adoption and at-scale deployment of Chef offerings for both new and experienced users of the DevSecOps portfolio.

October 28, 2020

StackRox announced the release of KubeLinter, its new open source static analysis tool to identify misconfigurations in Kubernetes deployments.

October 28, 2020

Vercel announced Next.js 10 featuring a number of new capabilities that accelerate frontend developers’ ability to enrich end users’ web experiences globally.

October 27, 2020

ThinkTank has released a suite of applications designed to keep distributed agile teams aligned and engaged, regardless of physical location.

October 27, 2020

Cloudify, a Service Orchestration and Automation Platform, announced its latest 5.1 product release which aims to take one step further to permanently remove silos and roadblocks that are consistently associated with migration to the public cloud.

October 27, 2020

WhiteSource announced its new native integration for Microsoft Azure DevOps services.

October 26, 2020

NetApp unveiled a new serverless and storageless solution for containers from Spot by NetApp, a new autonomous hybrid cloud volume platform, and cloud-based virtual desktop solutions.

October 26, 2020

GeneXus released GeneXus 17, a new version of its platform that empowers enterprises to create and evolve new applications at unprecedented speed.

October 26, 2020

Alcide announced the company’s security solutions are now integrated with AWS Security Hub, sending real-time threat intelligence and compliance information to Amazon Web Services (AWS) for easy consumption by Security and DevSecOps teams.

October 22, 2020

Puppet announced Puppet Comply, a new product built to work with Puppet Enterprise aimed at assessing, remediating, and enforcing infrastructure configuration compliance policies at scale across traditional and cloud environments.

October 22, 2020

Harness announced two new modules: Continuous Integration Enterprise and Continuous Features.

October 22, 2020

Render announced automatic preview environments which are essential for rapid and collaborative development of modern applications.