Many companies stumble on how to put DevOps ideas into practice. DevOps has to be a perfect circle between people, processes and technologies, that’s what we learned at KubeCon 2023.

DevOps has been one of the hypes in the developer world for years. The idea of ​​DevOps is that you bring software development (development) and operation (operations) together. This literally breaks down the walls between the different teams, resulting in a much leaner software cycle. This allows companies to get products to market faster while increasing their quality.

At least that’s what the theory sounds like. In practice, the implementation of a DevOps strategy often goes wrong. “Companies have heard the term somewhere and want to do it. They created what they call a DevOps team, but that’s actually an operations team in disguise.” With these words, Kevin Dubois explains: Lead Developer Attorney At Red Hat, put your finger on the raw sore right away. We catch up with him at KubeCon 2023 to talk about the potential pitfalls of DevOps and how to avoid them. His colleague Natale Vinto sits down at the table during the conversation.

Cultural coverage

“Today’s software landscape has become too complex for many companies,” continues Dubois. “Companies are overwhelmed with the multitude of tools and do not know how to use them. To successfully implement DevOps, you must first understand the concept. DevOps is more than a process, it’s a cultural shift that the entire organization must implement.”

Vinto takes over. “The implementation of a DevOps strategy consists of two parts. First, there is the organizational aspect: putting together the teams and how they coordinate with each other. But the technology aspect is at least as important.” “Automation, observability and monitoring are the key factors in aligning teams and processes,” adds Dubois.

Many branches

A lack of skills and abilities is often cited as the reason why DevOps fails in practice. Vinto sees that too, but organizations shouldn’t hide behind it too much. “A lot of different skills come together in DevOps teams. This can create a skills gap, but you can fill it with training. At our Red Hat Open Innovation Labs, we design a guided path for companies to navigate the DevOps landscape. We implement projects together with the customer to accelerate acceptance.”

The concept of DevOps has been translated into various IT disciplines in recent years. SecOps, NetOps, GitOps, FinOps and AIOps are terms you may have seen in articles on our website. But don’t be put off by all the terminology, Vinto points out: “The implementation of DevOps is still in full swing, which is why these different branches are emerging.” To an outsider, this may seem complex. However, each approach is based on the same core idea: bringing teams together to make them better and use technology more efficiently.”

Companies have heard the term somewhere and want to do it. DevOps is a cultural change that the entire organization must implement.

Kevin Dubois, Red Hat

Don’t forget security

Better collaboration between teams should also have a positive impact on the overall quality of the software. There is still a lot to be gained, especially in the area of ​​security, which is also a topic of discussion again and again during KubeCon. Not entirely coincidentally, Red Hat published its own results State of Kubernetes securityResearch at a time when the fair was in full swing because the research contained some alarming conclusions.

Thirty-eight percent of the 6,000 software developers surveyed said their employer doesn’t take container security seriously enough or don’t allocate enough resources to it. As a result, two out of three companies have already had to postpone projects and product launches due to security issues.

But it can get worse: Ninety percent have experienced one or more incidents in the last 12 months that resulted in lost income or severe reputational damage. And when things go wrong, developers are often blamed: one in five respondents has seen an employee fired after an incident.

If these stats don’t wake you up, Dubois will have no hesitation in doing so: “Security shouldn’t be an afterthought. You need to build security in from the beginning of the software cycle while you write the code.” With this, Dubois underscores the importance of DevSecOps, which brings more security to the sum of development and operations. This approach ensures that a security professional keeps an eye on things throughout the cycle, rather than afterwards when problems arise. In many organizations, DevOps will have to undergo further development to DevSecOps.

perfect circle

This shows that DevOps as a concept itself is still evolving. According to Natale, this is deeply ingrained in the DevOps culture: “The logo of everything Ops-related is the symbol of infinity.” This is what DevOps stands for: Flowing processes into a perfect loop using the tools available. With the ultimate goal of making the developer’s life easier,” he concludes in a symbolic tone.

Safety shouldn’t be a thought. You need to build security in early in the software life cycle while writing the code.

Kevin Dubois, Red Hat