Devops predictions for 2019
Devops thinking is arguably mainstream today, and there were plenty of developments afoot in 2018 that suggest 2019 will be an intriguing year to follow the space.
Loosely defined, devops is the combination of developer and operations teams through an organisational culture change, assisted by automation tooling with the goal of releasing software as quickly as possible.
Naturally this makes it an enticing proposition to enterprises, especially those who may be at the start of their “digital transformation”, even though they may currently be working a devops project at the micro level and aren’t yet fully scaled out. There is also some allure in “streamlining” (or “downsizing”) existing team numbers here too.
As the executive director of the Cloud Foundry Foundation Abby Kearns notes, acquisitions in the open source space such as IBM-Red Hat and VMware-Heptio suggest further consolidation of the cloud-native market.
“Today the landscape is big, fragmented and frothy,” she writes. “In short, there is a lot going on. This is how new markets evolve – new technology is created, there’s a rush of new startups, a new ecosystem is created around the new technology – lots of activity to see what works and what doesn’t.
“As the market and the technology mature, we’ll see alignment around a key technology. The leaders in the ecosystem will prevail, either through significant exits or acquisitions by incumbent technology companies. The rest of the market solidifies around the prevailing solutions, and it moves at scale.”
Death to devops, long live devops?
Puppet’s Nigel Kersten believes that an increasing number of voices will proclaim devops to be “dead”. That isn’t to say the practices will disappear, but as the “lessons from the devops movement become increasingly internalised in new companies and projects, we’ll stop seeing the cool kids talk about it at all”.
“The real remaining work will continue to be enterprises working out how to scale devops from small teams to huge organisations, and many pundits will misread the situation and declare that devops is dead in 2019,” Kersten says.
This could mean, according to digital transformation director of emerging technologies at CGI UK Mark Madden, an evolution in the types of organisations that are considering deploying it.
“In 2019, people’s reaction to the devops approach will continue to change at pace, moving from curiosity through to acceptance,” Madden says. “Already, a few leading organisations across the utilities, public sector, and financial services industries who were at the vanguard of devops adoption have spoken of the cost savings and increased productivity through the automation derived from devops.
“Their competitors are using those success stories to fuel demand within their organisations. Those types of industries who were formerly dismissive of this advancement are now actively approaching us to discuss how devops can solve some of their business problems.”
Red Hat’s director for developer experience Edson Yanaga believes that microservices might be “entering the trough of disillusionment”, to use Gartner’s turn of phrase.
“I expect that in the next year we’ll start to see the testimonies of teams and organisations that failed when adopting microservices. We’ll realise that microservices is not a silver bullet – nothing is – but it’s very useful in some particular situations,” he says, adding that he expects “some consolidation” on best practices.
Developers will also start to realise that message-driven architectures are a “better fit for most enterprise use cases” than HTTP/REST. Apache Kafka will continue to increase in popularity, and the Google-IBM-launched Istio service mesh will also grow.
Kunal Agarwal, CEO of Unravel Data, agrees that Kafka will continue to gain in popularity along with Spark, but that TensorFlow and H2O will be the breakout technologies for 2019. “In fact, the ecosystem of tools the devops team needs to draw on will only continue to expand,” he says.
“I’m particularly interested in how people will handle Istio’s configuration on their distributed architecture,” says Yanaga. “My guess is that it’s going to be integrated on a separate deployment pipeline, using a separate Git repo.”
Containers and Kubernetes
One of Docker’s key pitches is that using its enterprise products mean customers have access to the benefits of containers but through a simplified interface that means users don’t need to know the precise ins and outs of every aspect of tooling to reap the rewards.
Red Hat’s Yanaga’s believes that tooling around containers will improve. “Areas like debugging, packaging, code editors and others are still years behind the non-container ones,” he adds. “We won’t reach maturity in the next year, but I expect things to improve around the container development experience.”
He adds that 2018 saw the creation of “many Kubernetes-based Function-as-a-Service (FaaS) platforms this year” and that in 2019 we can “expect to see some efforts to standardise the FaaS programming model on top of Kubernetes”.
“The CNCF or the Eclipse Foundation may have some projects focused on this subject,” he adds. “This standardisation will lead to platform consolidation in the long run.”
SkyTap’s Chris Griggs, VP and GM for EMEA, says that there will be a “widespread acknowledgement that you cannot master containers without first fully embracing the cultural shift toward shared responsibility for delivering great software”.
“As such, many more IT teams will actively encourage developers to take more responsibility for their code working in the real world, and operations to take part in this evolution by treating their infrastructure as code,” he says. “As these teams continue to outperform, their success patterns will spread.”
Security is still a burning issue, and that’s not going to stop. If the trend is towards operations teams and developers teams merging, then security best practices will have to be embedded in the team too.
The good news is that automation tools are available for security in devops teams, and although you’ll still need security-savvy staff on board, automating much of the work can take the most painful tasks away from the team.
Gary McGraw, VP of security technology at Synopsys says that although his company has been automating security analysis at the code level and pen testing at the application level for “over a decade”, the “same cannot be said for design analysis or threat modelling”.
“The lack of automation for architectural risk analysis will mean that in many cases it is conveniently left out – oops, we’ll just sweep that under the rug,” says McGraw. “This is becoming a more tangible problem as devops adoption progresses.”
CGI’s Mark Madden agrees that there needs to be a “greater focus on collaboration between security and devops” next year.
“With devsecops embedded correctly, this can help speed up and add process-optimised security into the CI/CD position for releases,” he says. “It also helps to mitigate threats caused by the number of security flaws within the development application cycle, as these can be identified and attacked as necessary, rather than at the end as an afterthought.”