Gene Kim on Biggest Obstacles Faced by DevOps in 2021
“Like most organizations, we all entered 2020 with a plan in January, and all those plans were completely upended by a global pandemic and the economic downturn that happened afterward. And yet I think it has been illuminating in showing what technology can do in a time of incredible crisis.”
That’s how famed DevOps influencer Gene Kim kicked off his conversation last week in a Webinar from development tool provider LaunchDarkly, entitled “The State of DevOps with Gene Kim,” hosted by LaunchDarkly’s Vice President of Platform Adam Zimman.
There was a rapid acceleration of business agility in 2020 because crises push for rapid change in a way that nothing else does. But is it sustainable? Kim and Zimman reflected on last year and attempt to make predictions and recommendations for the state of DevOps in 2021.
The Biggest Obstacle Facing the DevOps Enterprise Community
In the beginning, DevOps was all about getting development and operations teams working together. The extension of DevSecOps was about how to get information security and compliance onboard as well.
Now we’ve gotten to the point in DevOps is not stymied by technical bottlenecks nor cultural silos, but rather, about how to get business leadership onboard.
For him, this starts with having engineering leadership present alongside business leadership, with equal stakes in making an organization succeed.
“We want a business leader that says ‘All my goals, dreams and aspirations were made possible only because of the heroic efforts of my engineering counterparts’,” Kim said.
But who’s job is it to transform the business anyway? Kim paraphrased American Airlines CEO Doug Parker who has said that, for too long, large complex organizations have focused on IT leading the transformation, but it’s everyone’s job, especially the business leaders, to lead the charge.
Zimman has been a vocal proponent of progressive delivery, an advanced form of continuous delivery that relies on testing new features with a limited set of users through the use of feature flags, LaunchDarkly’s speciality. He said modern organizations are finally disputing the idea that the software delivery lifecycle is predominantly only centered around technical components and technical roles.
With progressive delivery, he sees a shift in ownership of the change lifecycle, from technical to the business owners.
He continued that more and more people are recognizing the need to separate risk from change, which is enabled by access control. This creates the freedom to enable business owners to have that flexibility too.
“We are seeing the evolution of companies that are trying to bridge this gap between the people who are building and ultimately creating this experience for the user and the people who are actually from a delivery of value and helping on the frontline with customers to be able to consume that value and have access to it.” Zinman added.
Kim said it all comes down to asking how you can motivate change in a successful organization. There is a certain innate motivation during the current crises, but this will be more challenging when tech teams return to the haze of success and “normalcy”. He says we need to plan now to figure out how we can motivate the right kind of change and shared understanding across all enterprise silos.
Kim continued that enterprises can no longer sustain that binary thought process of an initiative being either top-down or a tech-only one. There needs to be a collaboration that overcomes the friction between future-focused technologists and risk-averse traditional business: How can we create this urgency?
In the end, he says that being able to get the right folks engaged, onboard, and aligned is 90% of your ability to be able to move things forward successfully.
2021 DevOps Predictions
In looking forward, Kim started by referencing the 2020 Octoverse Report, GitHub’s annual birds-eye view of the software industry.
Last year being the year when all things were different, the report focused more on how this global workforce shifted to work from home, in three sections: developer productivity in the time of COVID, community and collaboration, and open source security.
As Kim said, technology organizations have proven their employers can work from home — which is better for some and worse for others. The report found, despite many having unprecedented, unrelenting at-home responsibilities, there’s been a 20 percent increase in the average number of hours worked. Adding to this load, managers are also experiencing added stress from coordinating work across distributed teams.
There’s been an increase in open source contributions, especially on the weekends, showing people looking for ways to fill their days. GitHub also found that pull requests are up, signaling an increase in collaboration.
And of course,
after the massive security failures of Solar Winds, Kim pointed to the apparent need for the automation elements within deployment pipelines to be made more secure, as a wave of attacks are exploiting vulnerabilities.
“We have to make sure that we are really achieving the promise that automated deployments are made more secure,” Kim said
Zimman says the SolarWinds attack came with a lot of lessons learned around that the idea of automation is great but if you’re not taking the regular practice of refining that automation, there is a good chance that it is actually introducing something unwanted.
“We need to think about how technology can actually become our superpower instead of our roadblock.” — Adam Zimman, LaunchDarkly
He predicts a continued practice of shifting security (“shift left”) to developers “instead of something that you do on the tail end, post-release or even make it the burden of the operations team.”
Zimman observed, “We see that the companies that are able to ship faster and have this exercise of this muscle of deployment frequency and being able to actually optimize moving their changes into production more quickly are doing better.”
He continued that 2021 will see the full embracing of guardrails and other essential ways to slow down continuous delivery which, when done too willy-nilly, can risk security.
“I think one of the things people are realizing is that it’s not just about moving fast. They’re having to recognize that there also needs to be thought put into their architecture, into their infrastructure, on how to put the appropriate guardrails and safety checks in place so that when they’re moving at speed, they have protection mechanisms in place to course-correct if something goes sideways,” Zimman said.
Pay Down the Debt
Will 2021 be the year we prioritize technical debt? Probably not, but that doesn’t mean folks shouldn’t try. After all, technical debt is the result of taking shortcuts where the consequences are never felt by that team.
How do you motivate teams to pay down technical debt over new features?
Zimman says that developers often know they are encumbered by technical debt but that they don’t know how to quantify it in ways that they can make it visible to leadership. In all things, metrics are often the most persuasive.
He said that developers may be able to point to how long it takes continuous integration to run or to why the canary testing period is so long.
“The reason for that is that there’s code that we don’t know what it does anymore,” Zimman imitated developers saying.
Kim said that there are direct correlations between technical debt and DORA metrics, which are:
- Lead time for changes
- Deployment frequency
- Time to restore service
- Change failure rate
He said there is also a direct correlation with deployment fear. Regularly checking in with staff and even anonymously asking how much fear they have of doing deployments?
Of course, happiness and a sense of value is proven to increase productivity, but if someone is banging their head against a wall of technical debt this can demotivate them and even risk staff retention.
Kim says you have to look at this dilemma as the carrot and the stick, balancing short-term decisions with the lessening of vast technical debt.
The carrot are internal technology platforms to allow engineering teams to safely and securely deliver. The stick will be applied to those who use shortcuts.
Zimman says it demands a culture change. He says that companies need to dedicate as much engineering time to paying down technical debt as to they do to new feature development.
More from Gene Kim here:
Gene Kim – “The Unicorn Project”
LaunchDarkly is a sponsor of The New Stack.