Industrializing Code — An Alternate Definition of DevOps

When DevOps was a buzzword

In an article (DevOps Defined) that I published on my LinkedIn profile more than 5 years ago in which I tried to define “DevOps” by calling out the related operational areas, I mentioned that the real driving force of DevOps movement is the need to attain operational scalability. But that point was not really elaborated well then as I was eager to discuss the areas that are usually covered by DevOps practice in an organization.

In the years ensued all of us had been bombarded with a plethora of definitions and narratives about DevOps put together by various gurus while the real practitioners of DevOps have been busy rolling out tools and processes that pushed operations to become more like an engineering discipline from its classic comfort zone of support and administration roles.

Some gurus created one unnecessary entanglement of DevOps with Agile that seems to confuse a lot of people especially those who are mandated with rolling out DevOps best practices. Sometimes that is a drag in adopting real DevOps as automation projects can be sliced and diced to stories to fit on the sprint board but their collective purpose would be long lost. While Agile is an effective project management methodology for code development, trying to use it for managing the operational aspects of running a software system is a stretch mainly because there are lots of unknowns with DevOps projects and with such uncertainty, creating stories, estimating completion time etc. are not reliable. It’s a topic for a future article for sure.

Lesson from on-prem

“Industrialize” in the context of software building is a term I borrowed from a colleague from my on-prem days. He was an account manager for multiple clients of a CRM vendor that we used to work for. I was in-charge of delivering hot-fixes for issues that these clients would discover in their production environments. The account manager would be under tremendous pressure once such issues were reported by the clients because he was directly interfacing with them and at times the business itself would depend on our collective ability to fix the code and patch their environment before things would get out of our hands.

Though there was pressure to deliver the patch at the earliest, during our calls, my colleague would insist on “industrializing” the fix. By that he actually meant making the fix robust. While there is ongoing production issue there is no room for going back-and-forth — the first patch delivered should fix the problem. Remember, the on-prem deployments were highly customized and there was no opportunity to test the patch against a corresponding, customized environment. So, the account manager wanted to make sure that the patch was tested thoroughly so it would withstand any vagaries of running our code at the customer location. These customers were big telecom operators in Europe and our software ran their call centers.

So much for beating around the bush and the story of how I got fascinated with the word “industrializing”. I started to drop that that word in conversations whenever I have to stress the importance of testing software before it would be put to actual use. I started attaching scalability to its meaning as well when the delivery model moved to SaaS.

Basically, the application code should be highly reliable and robust to deal with all the nuances of the business problem it tries to solve, and, it should also withstand the heavy load that is brought in by large scale usage typical of a SaaS software platform. For that the software has to scale up, and so the infrastructure it runs on.

In an industrialized scale of running a software system that is exposed to the Internet, hardening it for security and protection of customer privacy is also equally important. The application code must be purged off potential vulnerabilities. But it doesn’t stop at software level, the infrastructure must be hardened too as the first line of defence is at the infrastructure level.

Industrializing the code involves operationalizing a software system to run reliably and securely with scale. In a SaaS environment DevOps is the way to get there. Let’s look at each of these areas in detail.

Reliability

The code must address the business problem it tries to solve fully. Any slip in addressing or implementing features that would result in software defects. While it is impossible to write software with no defect it is possible to minimize the defects and runtime failures by various types of testing, beginning with unit testing.

A Continuous Integration (CI) pipeline facilitates running of more number of tests more frequently if they are automated and integrated with CI pipeline.

The infrastructure on which the software system runs needs to be reliable too. With the wide availability of public cloud platforms and virtualization technologies the infrastructure can be provisioned and maintained as code. Infrastructure as code is no more a buzzword now, it is a DevOps best practice. Any infrastructure change can be tested and verified like a software change is verified.

Reliability also requires a software system to be highly available (HA). This aspect is mainly infrastructure related. The DevOps best practices related to Business Continuity Plan (BCP) ensure that nonavailability of a specific instance of runtime environment has very minimal or no impact on the availability of the software service.

Scalability

The scalability was not an issue during on-prem era due to these reasons:

  • The user base was relatively low
  • The capacity requirements were highly predictable and there was plenty of time to do upgrades if any ramp up in usage was needed.
  • New users were granted access to a software system only after enough capacity was added to it.

In a SaaS model, usage can be unpredictable and the related software system should be designed to scale up or down. For that to be implemented, the software must be architected to work in tandem with the infrastructure options available to implement elasticity. Again, there are time-tested DevOps patterns available to rollout software systems that can be scaled.

DevOps brings in operational scalability also to an organization. With the routine tasks being automated, the manual operations will be minimal and the overall velocity of the operations team would increase. Such an efficiency would help to respond to requirements initiated by business quicker. For example, the company will be able to onboard more customers in a year as the related capacity upgrades could be done on short notice. Also they are performed with fewer mistakes which usually occur when changes are done manually.

Security

Usually security is not an area directly addressed by DevOps. DevSecOps has been filling that gap thus far. However, efforts in securing your environments would translate into either changes in application or some DevOps work. Mostly the latter.

A casual look at the 5 trust service principles that SOC 2 audit regime is built on or the security pillar of AWS Well-Architected Framework would make it very clear that any gap discovered in an audit is remediated by following some DevOps best practice.

Concluding notes

Industrializing the code refers to all the tasks related to running application software in a highly reliable and secured environment where the demand for the software service can be highly dynamic and round the clock. The DevOps best practices and patterns would help to reach there operationally, and in many instances, DevOps would also enforce best practices in application development such as writing more unit tests, developing code that would withstand the stretches of scaling, adding resiliency to the code to gracefully deal with failures of infrastructure components etc.

These are the points that stand out obviously from this discussion with regards to the industrializing the code:

  • Reliability of a software system is derived from all aspects of the quality of the code and the resilience of infrastructure where the code runs.
  • Scalability must be implemented at multiple levels — the code, infrastructure and operations.
  • The hardening of runtime environments to prevent cyber attacks is needed for protecting the business and privacy of customers. To run security initiatives to find, prevent and fix vulnerabilities automations are needed and they are usually integrated with the DevOps infrastructure, such as periodic vulnerability scans of code and artifacts.

This approach of defining DevOps helps to understand what a DevOps practice usually delivers. It would be a good exercise for you to look at the DevOps toolchain and patterns and check how those would help to industrialize your code for the showtime.

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

C Language: Complete Beginners Guide

An Experiment with CSS Variables

Announcing Azure Synapse Analytics pre-purchase plans, now generally available

Advanced CSS: Get Going with Grid

Messaging Application Telegram Is Planning To Launch Paid Services In Year 2021

What Is It and How To Become A Front End Web Developer?

Using an Open-Source Workflow-Automation Server to Get Power Cut Push Notifications

Install the CUDA Driver and Toolkit on Linux

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Thomas Theakanath

Thomas Theakanath

More from Medium

DevOps Explained

DevOps VS. Site Reliability Engineering

DevOps: All You Need to Know

Su-do command: how to avoid the disastrous pitfalls of going root!