DevOps initiatives can’t be missed in every IT-minded organization. There’s virtually no organization that ignores this latest trend in Software Development. Some organizations score very well when filling in a DevOps Maturity Model while others still struggle to get rid of old lengthy processes and manual handovers. They lack the so-called engineering culture that other companies already adopted. For those companies that run far ahead of the masses, they might adopt new technologies or ways of working. Without a doubt, they already experimented with it. To answer what this is, we’ll do a deeper dive into what’s more to explore besides DevOps.
Baseline and structure
There is no need to explain DevOps and write down the concepts, benefits, and drawbacks. A lot of other articles on the web have already done it. However, it’s good to understand the common definition we use throughout this article. I’ve picked the following:
DevOps is an intersection of Development and Operations
from the website of Dev.to. This is a great source to explain the definition and goes very deep to explain what it means to both DEV and OPS guys. It also includes the pros and cons of it as well as exploring the opposite forces of the professional fields in charge.
This article aims to explore variants of DevOps that have gained more popularity in the last couple of years. Every variant is explained and it focuses on the extra benefits of it besides DevOps. It also explores common challenges many companies face.
Perhaps the most important variant of DevOps which became very popular last year is DevSecOps. The adoption of DevSecOps reflects a growing recognition of the importance of integrating security practices seamlessly throughout the entire software development lifecycle (SDLC).
Key aspects and benefits include:
- Increased awareness and security adoption. Adopt security trends early on in the development process since many companies become more aware of security risks that tend to occur in traditional development and operations practices.
- Shift left of automation and security practices. This speaks for itself: incorporate security-related activities early on into the development life cycle. Don’t wait until a new version is in production.
- Security teams work closely with DevOps teams to break down individual silos and to integrate their security best practices much better compared to previous situations.
Common challenges include the following: learning and educating new security skills by developers, and cultural change to think and act securely from the very start of the SDLC. New tools and technologies are needed to fully benefit from all of the advancements.
Another popular variant of DevOps is GitOps. This is a set of practices that use Git as the single source of truth for both infrastructure and application code. It aims to automate the deployment and management of infrastructure and applications using Git workflows. Essentially it is an operating model for managing applications and it uses Git as the single source of truth.
Companies use GitOps practices to enhance the collaboration of developers by advocating pull requests and code reviews. Changes to applications as well as infrastructure go through the same code review process. Thus also embracing immutable infrastructure while enabling rollback to a previous version and roll-forward capabilities. Portability thrives making GitOps a good candidate for multiple cloud providers and infrastructure platforms. Last but not least, GitOps helps maintain consistency across environments and reduces the likelihood of environment-specific issues.
While all of the above are nice new advantages, they also pose challenges for many individuals as well as organizations as a whole. Some of them include the following:
- Teams need to strictly follow the “best practices” of GitOps otherwise they break the proposed advantages. No room for skipped steps or a lean-back approach here.
- Network and connectivity-related dependencies pose challenges in case they are complex. This is especially true compared to simple stateless applications without those dependencies in mind.
- Having a broad mix of modern and legacy applications makes things also complicated since legacy systems were not designed with GitOps principles in mind.
In addition to the list above, GitOps also demands a resource-intensive approach, so be prepared for unexpected costs and careful planning of resources. All in all, teams have a rather steep learning curve to adopt all of the best practices.
One step beyond GitOps comes NoOps. The primary goal of NoOps is to enhance developer productivity by eliminating the need for developers to be directly involved in operational activities.
This is a concept that heavily focuses on the extreme automation of operational activities in such a way that it requires little to no human intervention. NoOps encourages self-service infrastructure, where developers can provision and manage resources independently of each other. Event-driven architecture, where applications respond to events and triggers is a key characteristic here.
Challenges can be found in large-scale, legacy, and complex systems. Since these systems are not designed with NoOps in mind. The degree to which an organization can achieve a NoOps model depends on factors such as its technology stack, application architecture, and overall operational requirements.
AIOps is another kid on the block. This variant of DevOps leverages artificial intelligence and machine learning to enhance and automate various aspects of IT operations, including monitoring, incident response, and troubleshooting. It is heavily utilized for the following key aspects:
- Predictive analytics: aim to forecast potential issues before they impact a certain system. By analyzing historical data and patterns, the system can predict and prevent potential problems, improving overall system reliability.
- AIOps also integrates with ITSM (IT Service Management) systems to ensure that automated responses align with established service management practices. A bridge between the old and the new world.
- Data-driven insights allow AIOps to make informed decisions. Teams are helped by prioritizing tasks, allocating resources effectively as well as optimizing overall system performance.
- Remediation of workflows to trigger predefined actions to resolve problems. IT can also filter through enormous amounts of data to correlate events and reduce noise. It helps to focus teams on critical issues which at the same time prevents an information overload.
MLOps is closely connected to AIOps. It focuses on machine learning workflows. This topic of interest plays a role in managing and automating the end-to-end machine learning lifecycle, including model training, deployment, and monitoring.
It also includes the automation of end-to-end ML pipelines, covering tasks such as data preprocessing, feature engineering, model training, validation, and deployment. Automated pipelines reduce manual interventions and improve reproducibility.
Furthermore, it emphasizes the importance of model explainability and interpretability. Understanding how models make predictions is crucial for gaining trust, meeting regulatory requirements, and addressing ethical concerns.
With all of the major variants of *Ops in mind, some lesser-known concepts also play a role in different organizations. Since these are less common, we briefly touch on their main concepts.
ChatOps is a concept that integrates development, operations, and automation into a team’s chat platform. It allows teams to collaborate and manage tasks through chat interfaces. This way, teams focus on all software development-related activities without the need to switch to their IDE or other tools. It all happens in the so-called ChatOps environment.
No need to context switching all the time thus an increase in productivity and focus. Operational commands can be executed directly within the chat platform. This boosts a “centralized knowledge base” for all team members.
In DevTesOps, there is a major focus on shifting tests left. Having this in place reduces the time and effort needed to fix tests later on in the SDLC. Test environments are created based on code, and not using manual efforts. This allows for the creation and management of consistent, reproducible test environments, minimizing discrepancies between development, testing, and production environments.
Developers and testers collaborate to align goals, share insights, and collectively own the responsibility for software quality.
Yet another trend in the ever-growing list of *Ops related variants on DevOps is DataOps. Data-driven decisions thrive when the input for them is gathered through the quick result of DataOps processes.
It applies DevOps principles to the management and integration of data engineering, data integration, and data analytics processes. Therefore, it aims to streamline and automate data workflows. This helps to push data models, and data-driven) architectures to support the senior management in making tough decisions.
DataOps is particularly relevant in the context of big data, analytics, and data-driven decision-making, where managing diverse and rapidly evolving datasets is a significant challenge. Besides these subjects, DataOps places a strong emphasis on data quality and governance.
DevOps puts organizations at risk if not implemented correctly and thoughtfully. Some of them include misalignment of multiple dependent projects as well as neglected risk management goals.
Deloitte defines DevRiskOps as:
The implementation of DevRiskOps intends to go beyond security risk only and look at the risk in DevOps holistically, considering compliance, software licensing, and supply chain.
Based on their website, Deloitte aims to support a large-scale roll-out of DevOps practices in organizations with a risk-based approach in mind when embedding controls.
DevOps focuses on the interplay of Developers and Operations, whereas BizOps seeks to align operational activities with the broader business strategy. It involves ensuring that operational decisions and initiatives are in sync with the organization’s overall goals and objectives.
Simply speaking, there should be clear communication and transparency between business departments and operations. In many organizations, there is a huge gap between those departments, thus BizOps helps to narrow it. Here, also data-driven decisions play a key role.
Seen from the huge list of DevOps spin-offs, there are many variants each focusing on a specific nice area. Everyone knows DevSecOps that emphasizes security-related aspects of the interplay of Development and Operations. Fewer people know GitOps, but it’s getting more traction now. Even fewer people have heard of DataOps, DevRiskOps, and ChatOps. There is some overlap of the variants, but each of them has some unique characteristics which make them different from each other. I hope my list is as complete as it can be. Feel free to write a reaction if you think something is missing.