2 DevOps Approaches to Configuration Changes

Posted on April 16, 2013 by Eric Minick

We’ve all seen it. The application breaks on a developer’s laptop. It’s fixed by a configuration change such as adding a data source or changing a threshold or toggling something. A day later, the issue is breaking across the earlier test environments and the fix is communicated. A week later, QA files a bug. It is rejected as “mis-configured”and testers are told how to fix the configuration. Later, the application fails in the pre-prod environment. Operations moan about poor deployment documentation, and will (hopefully) add a line-item to their release plan for production.

What a colossal waste of everyone’s time.

: Classic Facepalm

This is a DevOps problem. We see communication issues, exacerbated by silos, which lead to changes being more expensive and riskier than they should be. There are at least two solid approaches to addressing this pattern.

Approach 1: Configuration as Code

Cool-kid DevOps suggests that infrastructure and configuration should be code. The developer who makes the code change that requires a configuration change is made responsible for encoding that change in deployment automation, scripts or configuration files pushed with each change. The code change is not “done” until the configuration automation change is done.

“Code” does not necessarily mean actual scripts. It means that the rules about what configuration should be applied exist in a versioned and executable state. This could be a script in a Git repo or as CI in a CMDB that some software reads from.

Strengths: The responsibility for the configuration is clearly owned by the developer. It limits unpredictable new tasks for other people based on your ‘done’ work. There is little room for miscommunication or errors in manual steps.

Weaknesses: It can take considerable engineering shifts to learn how to automate configuration changes, and some tools are scriptable than others. Also, there may be required knowledge the developer is not allowed to have. For example, if a new datasource is required the developer likely won’t know production passwords, only how to access the development copy.

Approach 2: Easy Capture & Communication of Config Changes

If fully automating this approach is not feasible, it is important to lower the barriers to communicating the change. This is where DevOps stops being about cool automation and really focuses in on tearing down the barriers between silos. In many organizations, the Developer is asked to fill out a ticket with dozens of required fields for each change made to each environment. That is a pretty strong incentive to “forget” about it.

Instead there needs to be a low-ceremony, easy strategy for capturing changes that need to be made, and recording which environments the change is captured on and which will need it when they get the code change. Options vary from release planning tools; to cards on middleware team’s white-board; to wikis. The key is for operations and release management to find something that meets their needs to protect production while being friendly enough to development that it is actually used.

Strengths: This approach can accommodate a wider variety of changes with less pressure on the development organization to take on new tasks. Instead, it should reduce the pressure to write long deployment docs that developers hate writing and often lack the quality release engineering needs.

Weaknesses: This approach is still prone to misunderstanding instructions and manual errors when executed.

Hybrid approaches work

Hybrid approaches are also doable. An approach my customers may follow would be to update uDeploy with the new configuration task and have it run with each deployment. The environment specific information which the deployment automation guys might not have access to would need to be configured by the environment owners. uRelease makes it easy to capture this kind of task and track which environments it has been completed in. When all the environments are configured properly (along with an environment provisioning automation to cover future environments) the task drops off the release plans.

Notice that in any of these approaches, the QA team is 100% correct that there is an unacceptable bug from Development if using the standard deployment processes does not result in successfully running applications. The configuration required by the application is part of the application. Various stakeholders in the organization can nudge their colleagues towards these techniques by standing up for these types of bugs and not closing them until the configuration change is incorporated in the deployment process as either an automated step or clearly documented step in a release plan.

uChat 2: Continuous Delivery & DevOps

Posted on March 14, 2013 by Eric Minick

UrbanCode CEO and Co-Founder Maciej Zawadzki on the interplay between DevOps and Continuous Delivery.

C-Suite signals towards DevOps

Posted on March 4, 2013 by Eric Minick

CIO.com (and the print edtion) is reporting that CIOs are increasingly looking to embed IT staff in the business units they serve rather than centralize them all directly under the CIO.

With a major theme in both agile development and DevOps being better collaboration of IT teams with the business (“alignment” in C*O speak) these are the kinds of reports we should expect to see more of as Agile and DevOps gain traction. If you notice this happening in your organization, it is a good time to try to nudge the reorg towards aligning dev / qa / ops teams along application boundaries. While the system is in flux, push hard to get closer to an arrangement that will support better collaboration across the application delivery chain.

Q&A from Building a DevOps Team that Isn’t Evil

Posted on February 26, 2013 by Eric Minick

We had more questions in our live (and now available on-demand) webinar ”Building a DevOps Team that Isn’t Evil” than I could get to. What follows are answers to the questions we received.

Slides for the event are also available after the jump.

Q: How do you get focus without dedication of DevOps team members? Would like a bit more on incorporating “part-time” members.

Ideally the core of a DevOps enablement team is dedicated to the project. But if some of the experts are borrowed from existing development or operations teams, you do need them to dedicate a clear percentage of their time to the DevOps team and commit to attending set working sessions. The feasibility of this approach is largely dependent on corporate culture.

Q: I have a single Scrum team of 4 people (2 dev, tester, business analyst) with DBA as extended team member. We have to do both development and prod support. How can DevOps idea work with small teams in multiple roles?

Continue reading →

The Many Layers of DevOps

Posted on February 22, 2013 by Steve Boone

For many people, DevOps and infrastructure as code are synonymous. However, I am usually quick to point out the other moving parts that need to be managed. There is more to DevOps than infrastructure as code. Once the infrastructure is in place we need to do something with it. Application deployments, database updates, static content deployments, application configuration, middleware configuration, all of these things come into play after the infrastructure is in place.

There are many excellent applications for managing your infrastructure; tools such as Chef and Puppet obviously come to mind (they are easily the most popular). These types of tools are perfect for making changes across multiple servers, and making sure your infrastructure is in sync. They are also great for taking newly spun up virtual machines and making them identical the other servers in your environment.

Infrastructure is only part of the entire stack, and honestly it is not the most volatile part. New machines requiring infrastructure may be added daily but once the infrastructure is in place it tends to change less often than other components of the stack. For example, the middleware configuration, the applications, and the application configuration all change much more frequently than the infrastructure. Managing these changes is a crucial aspect of DevOps.

In the image above, the lowest layers can be handled by a number of tools. These layers are typically handled by the major IaaS providers (Amazon EC2, Rackspace, and others), which involve provisioning of the servers, as well as the OS and the OS configuration. Another great solution is to use Terraform or uProvision to handle the provisioning. These tools enable companies to build an internal PaaS offering to allow teams to automatically spin up servers and make them available for deployment.

The middleware layers have a handful of solutions for automation. Some companies include this configuration in the base image of their virtual machines. Another popular option is using any of the “infrastructure as code” tools mentioned above. These types of configurations can even be managed as part of your application deployment in an application deployment automation (ADA) tool such as uDeploy.

The application, and the application configuration can change multiple times a day in any continuous delivery environment. Often it may only be the configuration itself (and not the binaries) that need to be deployed. uDeploy is designed to not only automate the deployment of the application but also provide visibility into which versions of changes have been applied and where.

In search of organizational consciousness

Posted on February 4, 2013 by Eric Minick

What does it mean to be conscious? Flying across the country earlier this month, I read a recent issue of the Atlantic and in particular an article on anesthesia: “Awakening“. While general anesthesia is designed to make a surgery patient unconscious, we actually know very little about what consciousness actually is. One of the models of consciousness put forward by Giulio Tononi is that a conscious mind is an integrated mind.

When your nose detects a new smell, your motor cortex might quickly respond by inhaling more deeply. The scent is referenced against what you have smelled before. In an instant, you recognize a perfume your grandmother wore, visualize her, and emotionally respond to the memory. A conscious brain pulls all this together and integrates the experience. An unconcious brain receives the signal from the nose but does little with it. Dr. Tononi is working to measure this by stimulating one area of the brain and measuring the ripples across others. The image below, shows brain activity increasing in different areas in a patient recovering from a coma.

Image Credit: The Atlantic*

A conscious mind integrates an experience, drawing on various regions of the brain to form a coherent understanding and respond accordingly.

Organizational Consciousness

This model of consciousness can be a useful metaphor when choosing how we want to operate as a company or team. Suppose a few software developers are hanging out, playing pool with support guys after work. When asked, “Any cool support questions today?” a support guy responds, “Naw, just the usual people confused by the login screen.” Our friends in development might be surprised to discover a common usability problem, just as most of you readers were surprised by developers hanging out with the support team. Marketing and sales teams that are getting vague feedback about the software not being user friendly would also be able to contribute to this conversation.

At this moment, in a bar around a pool table, a ‘scent’ picked up by one part of the organization is starting to ripple to another area that can respond in the interest of the company. When the login screen is addressed, the company has acted consciously. Continue reading →

Practical DevOps Tools

Category Archives: Devops