Testing starts with the first line of code!   It is NOT a downstream activity. DevOps testing has a critical role to play in a Continuous Delivery Pipeline. Without integrated testing DevOps simply will not work!   With the advent of DevOps and the movement to breakdown silos between developers, QA, security, and operations, it becomes critically important that all members of an IT team - regardless of what tools they use, or role they play - understand the essentials of testing. Every member of your development team should also integrate to ensure Compliance and Audit outcomes!   It is a new world.   In this new world, we can leverage from existing but must be open to walking through new doors of opportunity. Understanding traditional test strategies is helpful but when and where, and most importantly how we proceed with our test strategy must shift.   Knowing how to code is not enough, Quality Assurance in and of itself is not enough.   We cannot afford to have our products

Testing starts with the first line of code!   It is NOT a downstream activity. DevOps testing has a critical role to play in a Continuous Delivery Pipeline. Without integrated testing, DevOps simply will not work!   With the advent of DevOps and the movement to break down  silos between developers, QA, security, and operations, it becomes critically important that all members of an IT team - regardless of what tools they use, or what role they play - understand the essentials of testing. Every member of your development team should also integrate to ensure Compliance and Audit outcomes!   It is a new world.   In this new world, we can leverage from existing but must be open to walking through new doors of opportunity. Understanding traditional test strategies is helpful but when and where, and most importantly how we proceed with our test strategy must shift.   Knowing how to code is not enough, Quality Assurance in and of itself is not enough.   We cannot afford to have our

The “Best of the Professor” blogs will focus on one unique individual topic and will be followed by links to papers with more in depth information.  DevOps initiatives are supported by three basic principles. In his book “ The Phoenix Project “, Gene Kim  leverages the Theory of Constraints and the knowledge learned in production environments to describe the underlying principles of the DevOps movement in three ways. These principals are referred to as The First Way, The Second Way and The Third Way.    This segment of “Best of the Professor” will focus on  “The First Way”. The First Way Workflow.   "The First Way" is all about workflow or the flow of work from left to right. Generally referring to that flow of work between the business and the customer.  Work that is flowing from development to test and then test to operation teams is really only work in process.  Work in process really does not equate to anything until value is realized on the other

Most of us are aware that Agile can be used to improve the effectiveness and efficiency needed for software development.  Agile core values and principles are defined in the Agile Manifesto . But wait!  There is more! While there are many techniques, methods and frameworks that can be utilized to ensure agility within your organization, what is important to note is that they can and should be expanded beyond software development.   Agile Values are realized via many different techniques and methods including: Continuous integration - A software development practice where: Members of a team code separately but integrate their work at least daily Each integration goes through an automated build and test to detect errors and defects The team collectively builds the software faster with less risk Continuous delivery - Continuous delivery does not infer that you are deploying every day or every hour. It means that you COULD release when needed.  It is a softwar

In the early days of DevOps, there was a lot of debate about the ongoing relevancy of ITIL and IT service management (ITSM) in a faster-paced agile and DevOps world. Thankfully, that debate is coming to an end. ITSM processes are still essential, but, like all aspects of IT, they too must transform. Recent updates to ITIL  (ITIL 4), as well as increased interest in site reliability engineering (SRE), are providing new insights into how to manage services in a digital world. Here's a look at ITIL 4 and SRE and how each underpins the "Three Ways of DevOps," as defined in The Phoenix Project, by Gene Kim, Kevin Behr, and George Spafford.‎ What is ITIL 4?  ITIL 4 is the next evolution of the well-known service management framework from Axelos. It introduces a new Service Value System (SVS) that's supported by the guiding principles from the ITIL Practitioner Guidance publication. The framework eases into its alignment with DevOps and agile through a bi-mo

The “Best of the Professor” blogs focus on one unique individual topic and will be followed by links to papers with more in depth information. DevOps initiatives are supported by three basic principles. In his book “ The Phoenix Project “, Gene Kim  leverages the Theory of Constraints and the knowledge learned in production environments to describe the underlying principles of the DevOps movement in three ways. These principals are referred to as The First Way, The Second Way and the Third Way.    In earlier papers from the “Best of the Professor” we discussed  the “First Way” and how this DevOps principle was all about the flow of work from Left to Right.  We then discussed the “Second Way which was all about the flow of work from right to left and how critical that is for measuring DevOps value.  In this iteration from “The Best of the Professor“, the focus will be on the last of these three DevOps Principles known as “The Third Way”. The Third Way – Continual Experimentati

Quality: The ability of a service or product to meet customer requirements and create value for that customer.  Perceived quality affects customer support more than any other element.  Products and services must attain a certain minimum level of quality.  No other components can make up for a significant shortfall on this one and the perceived loss of value this can create. In business today, “Time to Value” has increasingly become one of the most significant measures an organization reviews and reports on.  Today’s ever more progressively shorter time scales for this cannot be met without being able to incorporate such practices as continuous delivery (CD), continuous integration (CI) and continuous deployment (CD), which all are dependent on our ability to do continuous testing. As many of you have certainly experienced, this need for speed continues to be a clear and present danger in our ability to create a high trust culture where testing and learning from failure is allowed

DevOps is a culture, movement or practice that emphasizes the collaboration and communication of both   software developers   and other   information-technology   (IT) professionals while automating the process of software delivery and infrastructure changes.   It aims at establishing a culture and environment where building,   testing , and releasing software can happen rapidly, frequently, and more reliably. It’s about improving, communicating and collaboration.  From a Service Operation perspective we are already part of the way there, so maybe it won’t take as long or require as much organizational change as we think. Application management is responsible for managing applications throughout their lifecycle.  Application management covers the entire ongoing lifecycle of an application, including requirements, design, build, deploy, operate and optimize.   The application management function is performed by any department, group or team involved in managing and supporting opera

 Success in modern technical endeavors absolutely requires multiple perspectives and expertise to collaborate. (1)  When I ask managers attending my classes if their organizations practice ‘agile’ they hesitate and say something like we kind of do but not in all areas of the organization. Further questioning usually uncovers that most of this agility starts and ends with the software development teams. When asked if these practices have been introduced to the business units there is a long uncomfortable pause, and then I hear 'we don’t usually talk to those groups'. Over the last couple of decades, a new set of major management philosophies have been developed and are now being adopted to ITSM. These new ways of thinking enabled manufacturing, software development and others to analytically realize both disciplined execution and continuous innovation, something that was thought to be mutually exclusive and impossible to accomplish with traditional management methods. Over

As the pace of technological innovation increases and digital disruption becomes the norm, the need to adapt and accelerate IT service management (ITSM) processes is more critical than ever. It’s no longer a debate about whether ITSM and DevOps should interface; it’s time now for ITSM professionals to understand how the practices they use to co-create value can underpin (or undermine) the flow of work and pervasive use of automation in a DevOps environment. It’s easy to understand why ITSM professionals are skeptical about DevOps. ITSM performance metrics and service level agreements (SLAs) often revolve around the IT organization’s ability to mitigate risks, minimize impact, and “guarantee” availability. On the surface, these measures aren’t bad. It’s when we sacrifice speed, agility, and innovation in the process that the business starts to suffer. Even with the evolution to ITIL 4 , the what and why of ITSM haven’t changed. A customer-focused culture in which everyone understands

Service Management Best Practice is as relevant today as it was a decade ago.  Some would argue that it is even more relevant.   Increase in demand, dynamic requirements and varied silo’s and cultures within an organization demand some semblance of management control.  Failure to do so results in just that …..“Failure”.   Following ITIL Best Practice allows service providers to align IT with the changing business requirements.  Sounds Great!  What does that mean exactly? Business requirements are consistently evolving and changing.  This creates a DEMAND that generates a workload for capacity.   The service provider must anticipate this demand and gear their service assets accordingly or consumers will not receive the value that they have paid for and expect.   We can anticipate demand by monitoring and measuring specified patterns of business activity and then adjust accordingly.  Think of a NEST thermostat.  A NEST thermostat learns what temperature you like by learning

Underlying and supporting the  Agile Manifesto  are the twelve principles that help to bring the Agile philosophy to life. The DevOps movement encourages us to adopt and adapt these principles into the ITIL lifecycle not to reinvent it, but to allow us to make it spin faster.  Let’s take a look at them individually and interpret them from an ITIL, operational and support perspective. Our highest priority is to satisfy the customer.   We do this through early and continuous delivery of the proper utility & warranty. Welcome changes, even late in development, by using well defined and nimble change, release and deployment management, teams and models, allowing our customers to remain competitive in their given market spaces. Deliver updated working services frequently, from a couple of weeks to a couple of months, with a preference to the shorter timescale. OK that one I modified a bit. We’ll   be Agile about it. Business people and IT must work together daily and collaborate

We saw in a recent blog from “The Professor” how cybercriminals could create a network of controlled computers to propagate a “BotNet”.   One of the malicious reasons for these powerful networks of control is so that the hacker can perform “Distributed Network Attacks” (DDA’s). We all have experienced this at some level and the outcome is not good for enterprise, corporations, or businesses of any size.  DDA’s create disruption even to our own home operations.   A DDA is sometimes referred to as a Distributed Denial of Service or DDOS attack.  This virus or network of virus’s attacks behind the scenes to take over system resources.  A DDOS could attack switches, hubs, routers. It sometimes will flood the network backbone with nuisance transactions with the intention of sucking up all the bandwidth that might otherwise be necessary for day to day operations. DDOS can bring to a screeching halt the web sites for processing claims, or even shopping cart interfaces for the purchasing o

The Service Value System (SVS) and Service Value Chain as indicated in ITIL 4 Best Practices give you the big picture macro view that should be the start of every DevOps Pipeline . Without it, you could get swept into the undercurrent and potentially focus too much effort or misdirect resources towards the technical and automation aspects of continuous integration and continuous delivery (CI/CD).  Components of the SVS include:  The ITIL4 Guiding Principles, Governance, The Service Value Chain, Practices, and Continual Improvement. A Service Value Chain and Value Stream Mapping (VSM) exercise provides all stakeholders with a high-level view of the end-to-end steps required for your DevOps Pipeline. Applying the concept of “Systems Thinking” to the overall CI/CD Pipeline is critical but without including the information/data and flow of work we truly miss the mark. This is where Lean  principles and VSM are helpful.  Notice in the above image from our Value Stream

In a recent DevOps Foundation Certification class one IT executive said “You can not automate Chaos”! Another learner spoke up and said “Yes you can… that is what we are doing”!   Although that was meant as a LOL moment, it is true that when it comes to velocity and improving cadence all too often service providers jump the gun and look at automation as the silver bullet.  While recognizing that tools, technology and automation are key elements, process and governance must also be considered. Automating before we get management control of these is likely to lead to bigger and faster CHAOS! Executive buy in and support is rewarded when the business and IT are integrated to the point that IT alignment with the business is a given.  Properly designed and well governed process will enable any automation initiative.  Remember we are talking about “Just enough process” and “Just enough governance”.  If your process is the roadblock then you might have created exactly what you are t

Infrastructure as Code – is a common term among developers, architects, and operational staff and the practice has evolved in response to demand for quality and efficiency in the industry.  Over the last decade many organizations have come to realize that the essence of Infrastructure as Code is to treat the configuration of systems the same way that software source code is treated.  Frequent code integration, automated builds, and integrated testing have resulted in stronger IT performance and therefore business value. Security as Code – An increase in security breaches across all industries has brought forward a similar concept, and that is to look at “Security as Code”.  This concept would include the usage of repeatable algorithms to integrate security checks with each code check.  This expands the scope of traditional “Continuous Integration” and automation.  Organizations realize that security is no longer a second thought and must be addressed at the front of the value s

Integrating Development and Operation teams as well as other functions that have previously been silo’d is key to any development project for all service providers today.   We hear a lot about this in DevOps training and certification classes.   What about security?  You may have heard the term DevSecOps.  This idea and term was coined to ensure that architects and developers include into our requirements and code those things necessary for security. Design architects will also want to ensure that security is integrated throughout the value stream of development, deployment and operations and it is done in such a way so that the complexity is as transparent as possible to the functional teams involved.   How can we do this without impeding our flow of work?    How can we still be able to meet compliance for legislative, legal or regulatory requirements relating to security? This is where Automation comes in.  Collaboration and measurement are key values but automation is also