Infrastructure as Code

DevOps is not about the tools

That’s true, in the same way that agile is not about the tools either, it’s a set of ideas, concepts, best practices,…

Nice, but… how can I successfully implement it?

Tools can enable change in behavior and eventually change culture [Patrick Debois]

Printer in 1568

The same way the Guttemberg printer was a tool that enabled a cultural change, or that Agile development wouldn’t be possible without Continuous Integration servers, DevOps relies on some tools to implement its principles.

Unfortunately, the same way everyone thinks of themselves as being intelligent enough, and every tool out there is magically cloud enabled, now every tool claims to be DevOps.

However, there is agreement that tools that allow us to deal with infrastructure as code are key on implementing DevOps concepts.

It’s all been invented already, now it’s standardized with tools like Chef or Puppet. Before, you could write your own scripts to automate server installation, configuration,… but everyone would do it their very own way.

Now there’s some common language used by Puppet or by Chef, that allows to share and reuse configuration as modules or recipes.

Infrastructure as Code, a key concept

The concept that infrastructure should be treated as code is really powerful. Server configuration, packages installed, relationships with other servers,… should be modeled with code to be automated and have a predictable outcome, removing manual steps prone to errors. Doesn’t sound bad, does it?

But new solutions bring new challenges, and when infrastructure is code we face the same problems faced by developers.

  • What version of the infrastructure are we using in production?
  • how can we ensure that when an issue is found it gets fixed and redeployed?
  • how can we test the infrastructure as we develop it?

That’s why when dealing with infrastructure as code we should follow development best practices.

For instance we can (and should!)

  • tag, branch and release the code that define our servers.
  • have a lifecycle that covers different stages through the infrastructure code, ie. dev, QA, production.
  • continuously test our infrastructure as we make changes.

Is DevOps killing the Operations team?

To make error is human. To propagate error to all server in automatic way is DevOpsHearing everywhere about DevOps and how it is all about automation, and how manual steps should be removed from Operations. Starting to worry about your OPs job?

On one hand, yes, you should worry.

My job is to make other people’s jobs unnecessary.

While I was working on Maven the goal was to automate and standardize all the build steps so there’s no more need to have a magician build master that is the only one that knows how to build the software. All Maven projects are built in the same way and there’s no need to do any manual step. That ended the build master job in many companies as they knew it. Those that were interested enough moved on to do more useful tasks, like setting up continuous integration servers, integrating new quality assurance tools, adding metrics,…

So, on the other hand, no, you shouldn’t worry as long as you want to explore new areas, because there’s still plenty to improve. Stop doing tedious manual tasks and focus on what’s really important.

You should just worry about the NOOPS guys 😉

DevOps: how we got here

Developer toolset

From the developer point of view, there are some tools involved in the source-to-deploy process

  • Source control management tools: Subversion, Git, Mercurial, Perforce,…
  • Build tools: Maven, Ant, Ivy, Buildr, Graddle, Rake,…
  • Continuous Integration tools: Continuum, Jenkins, Hudson, Bamboo,…
  • Repository (Artifact) management tools: Archiva, Nexus, Artifactory,…

The #1 programmer excuse for legitimately slacking off: My code is compiling

When everything is set together, we can have a CI schedule that is building automatically the changes from the SCM as they are committed, deploying to an artifact repository the result of the build or sending a notification if there is any error. Everything fully automated. A change is made to SCM, the CI server kicks in, builds and runs all sort of tests (unit, functional, integration,…) while you go off for a sword fight with your coworkers.

Now what? somebody sends by email the tarball, zipfile,… to the operations team? oh, no that would be too bad. Just send them the url to download it… And even better send some instructions, a changelog, upgrade task list,…

What developers do today to specify deployments and target environments is not enough. 

The simplest solutions are often the cleverest. They are also usually wrong.

Using tools like Maven in the Java world or Bundle in Rubyland you can explicitly list all the dependencies and versions you need. But there are some critical dependencies that are never set.

It is just too simple.

Packages installed, C libraries, databases, all sort of OS and service level configuration,… That’s the next level of dependencies that should be explicitly listed and automated.

For example, think about versions of libc, postgresql, number of connections allowed, ports opened, opened file descriptors limit,…

Operations

Requirements

From the point of view of the operations team the number of requirements is complex: operating system, kernel version, config files, packages installed,…

And then multiply that for several stage configurations that most likely won’t have the exact same configurations.

  • dev
  • QA
  • pre-production
  • production

Deployment

Deployment of the artifacts produced by the development team is always a challenge

  • How do I deploy this?
  • Reading the documentation provided by the development team?
  • Executing some manual steps?

That is obviously prone to errors

Cloud

It’s nothing new but it has increased with the proliferation of Cloud based environments, making it easier and easier to run dozens or hundreds of servers at any point in time. Even knowing how to deploy to one server, how is it deployed to all those servers? what connections need to be established between servers? how is it going to affect the network?

FOSDEM

The slides from my From Dev to DevOps talk at FOSDEM 2012 Brussels are up in Slideshare. The material is also in the Lanyrd page.

The conference was huge, I’ve heard that over 4000 people showed up this year, for this free (as in both software and beer) event, organized on several tracks. Not bad considering that the temperature was between -15 and -6C (5 and 23 Fahrenheit) and got a lot of snow.

I spoke on the main auditorium with capacity for 1400 people, there was plenty of space. Unfortunately (for me, but great for the other speakers and the organization) some other devrooms got filled quickly, and couldn’t get into the Configuration and Systems Management Devroom, which should have been really good as nobody left as I was waiting outside between talks 😦

A lot of care by the organization, including a note with a 24/7 phone number in case I got “lost/confused/arrested” (which makes me think it must have happened before), and a full commitment to promote belgian beer 😉

And thanks to the people that attended my talk and engaged through twitter, got great feedback and hints for improvements on the future of development and infrastructure automation!

Grand Place 360 panorama

“From Dev to DevOps” at the Paris JUG next week, FOSDEM Brussels in February

The year starts with two speaking engagements, about development and DevOps

Soirée Devops @ Paris JUG

Next week, Tuesday January 10th at the I.S.E.P. Paris

An afternoon about DevOps, with Henri Gomez also speaking, where I’ll be finally able to put faces to some long time online friends and collaborators on different open source projects.

FOSDEM

Sunday February 5th at the ULB Campus Solbosch in Brussels.

the biggest free and non-commercial event organized by and for the community

Interesting conference concept with no registration necessary, around 4000 attendees in 4-6 tracks, completely free, including a Friday Belgium beer event, as they say don’t miss this great opportunity to taste some of the finest beer in Belgium (and, hence, in the world). And they even include spouse/partner tours!

Are you going to any of them? say hi!

About: DevOps

This is the start of a (hopefully) series of posts about DevOps, based on my presentation From Dev to DevOps.

The Agile movement stablished a series of development practices quite common nowadays, or at least highly desired:

  • planning
  • iterative development
  • continuous integration
  • release soon, release often

But what happens after the development cycle? The process of building software or products does not stop there. Even if you are an agile shop, you may hit a wall when trying to move between Development, QA and Operations.

DevOps is a door in that wall.

DevOps is the intersection between Development, QA and Operations. You can also think of it as DevQAOps.

Old issues fixed, new issues come up

As some issues were solved by Agile methodologies, new issues arose. Agile development generates a higher number of releases (release early/release often) than waterfall methodologies, and that pushes the problem from development teams to operations, that have to deal with more frequent deliveries to production.

DevOps addresses

Fear of change

Once a product is working, changes are seen as a risk by business, developers, QA, operations,… Reducing the time to make (and revert!) changes increases the assurance to do more frequent changes.

Risky deployments

Automation, automation, automation! Not only the development needs to be automated. No more docs with instructions, manual steps, individual knowledge, “deployment master” or hacks. All the steps up to production need to be automated too, including deployments, to reduce risk of manual mistakes.

It works on my machine!

With the proliferation of virtualization, cloud, PaaS, stacks,… is absolutely necessary to be able to replicate environments for development, QA, pre-production,… Ensuring that proper level of testing is conducted as the product (software + environment) progresses through the lifecycle.

Siloisation

Teams split in Dev, QA, Ops,… cause walls to stand between them, and unnecessary friction, with each team pushing for its own benefit and requiring escalation of issues to account for the overall business good. Getting all the teams on the same table more often the friction is reduced.

Dev Change vs. Ops stability

Developers are usually measured by the number of features implemented, while operation teams are measured by the performance and stability on production. Two different goals that make both teams clash in many occasions. Bring issues early on and involve all the teams in the decisions.

Read more at What Is This Devops Thing, Anyway?

DevOps is a extension of Agile

Does this sound familiar?

Individuals and interactions over processes and tools

Working software over comprehensive documentation

Customer collaboration over contract negotiation

Responding to change over following a plan

Exactly, that’s the Agile manifesto, which is still perfectly valid, with some clarifications, if we get into detail:

  • Our highest priority is to satisfy the customer through early and continuous delivery of valuable software products.
  • Welcome changing requirements, even late in development any part of the DEV/QA/OPs cycle.  Agile processes harness change for the customer’s competitive advantage.
  • Deliver working software products frequently, from a couple of weeks to a couple of months, with a preference to the shorter timescale.
  • Business people and developers development/QA/Operations teams must work together daily throughout the project.
  • The most efficient and effective method of conveying information to and within a development DEV/QA/OPs team is face-to-face conversation.
  • Agile processes promote sustainable development. The sponsors, developers, QA and OPs teams, and users should be able to maintain a constant pace indefinitely.

What does that exactly mean

  • software/working software. The concept of product, meaning software running, in production
  • late in development. Late in the development, QA or operations phases, not just development
  • developers. Don’t consider only developers, QA and operations teams need to be involved too

The key part is the involvement of not just the development team but the QA and Operations teams.

Game theory

Game theory is defined as the method for analyzing calculated circumstances, such as in games, where a person’s success is based upon the choices of others. If you have watched A beautiful mind, you’ll remember the scene where he tries to pick up a girl at a bar.

What does it have to do with DevOps? The success of the Dev team greatly depends on actions done by the Ops team, good software deployed incorrectly will transmit the wrong impression. Likewise, the success of the Ops team definitely depends on the work of the Dev team, as poorly developed software will cause all sort of performance issues.

If all teams try to achieve their own benefit, it’s not necessarily a good thing for the overall business. Imagine the Ops team not pushing new features because they don’t want to risk the production stability. Or the Dev team pushing new features to production without proper testing because it’s a QA problem, not theirs, and are only measured on the amount of features pushed.

From Dev to DevOps slides from ApacheCON NA Vancouver 2011

ApacheCON NA 2011The slides from my From Dev to DevOps talk at ApacheCON NA 2011 Vancouver. Thanks to all the attendees for coming!

The audio recording seems that it’s going to be uploaded to FeatherCast.

UPDATE: the Lanyrd official page is up too

The code for the Maven-Puppet module is avalable in GitHub, and I’ll write some posts about it in the coming weeks.

The DevOps movement aims to improve communication between developers and operations teams to solve critical issues such as fear of change and risky deployments. But the same way that Agile development would likely fail without continuous integration tools, the DevOps principles need tools to make them real, and provide the automation required to actually be implemented. Most of the so called DevOps tools focus on the operations side, and there should be more than that, the automation must cover the full process, Dev to QA to Ops and be as automated and agile as possible. Tools in each part of the workflow have evolved in their own silos, and with the support of their own target teams. But a true DevOps mentality requires a seamless process from the start of development to the end in production deployments and maintenance, and for a process to be successful there must be tools that take the burden out of humans.

Apache Maven has arguably been the most successful tool for development, project standardization and automation introduced in the last years. On the operations side we have open source tools like Puppet or Chef that are becoming increasingly popular to automate infrastructure maintenance and server provisioning.

In this presentation we will introduce an end-to-end development-to-production process that will take advantage of Maven and Puppet, each of them at their strong points, and open source tools to automate the handover between them, automating continuous build and deployment, continuous delivery, from source code to any number of application servers managed with Puppet, running either in physical hardware or the cloud, handling new continuous integration builds and releases automatically through several stages and environments such as development, QA, and production.

Vancouver harbour panorama