DevOps terms: 10 essential concepts, explained
Here’s a primer on 10 key terms you need to know – whether you are new to DevOps or you want to bring a colleague up to speed quickly. We also contrast commonly confused DevOps terms
If you are new to DevOps, the lingo can get confusing pretty quickly. Terms like DevOps and agile are sometimes used interchangeably. Some concepts, like continuous delivery and continuous deployment, are often referred to in acronym form, which, unhelpfully, are both “CD.” Terms like automation can have a fairly simple or complex definition, depending on who you are speaking to.
As DevOps plays a bigger role in your organization, it’s helpful for teams to be on the same page regarding how people define its basic concepts.
10 DevOps terms to know, in plain English
Here’s a primer on 10 essential terms you’ll need to know – whether you are new to DevOps or you want to bring a new team member up to speed quickly. We’ve also highlighted some sticky spots for newbies – terms that are often confused, and alternative names for the same concept.
“DevOps is not about a single role or position, but about how you approach and control the development process. DevOps practices describe and systematize the development process in order to build, test, and deliver with better speed and reliability.” – Maksym Kunytsia, chief product officer, Chanty
If you need a quick sound bite or way to help you explain DevOps, you can borrow one of these plain-English analogies.
“Agile is a set of four value statements and 12 principles that originally described a better way of developing software. The Agile Manifesto was conceived in 2001 by 17 leading practitioners of new methodologies. Agile is not a methodology but a mindset. It represents a way of working that incorporates the principles of collaboration, systems thinking, and empowerment.” – Alan Zucker, founding principal, Project Management Essentials
DevOps vs. Agile:
Sometimes the terms DevOps and agile are used interchangeably. While they do have a shared past, there are fundamental differences between the two. You can think of the two in racing terms, suggests Eran Kinsbruner, chief evangelist for Perfecto.
“Agile can be the racing car driver aiming to drive as fast as possible, while DevOps is the entire team that supports the driver to reach his goal, including the mechanic guys, operations, coach, etc.,” says Kinsbruner. “Agile is about releasing fast while getting customer feedback, DevOps is about getting internal feedback while delivering fast through cross-team collaboration, best practices, and alignment toward meeting business goals.”
[ Want help explaining this to others? Read also: Agile vs. DevOps: What’s the difference? ]
3. Continuous Delivery/Continuous Deployment (CD)
“CD has two different meanings, which can be confusing. It refers to continuous delivery and continuous deployment. Continuous delivery refers to continuous delivery of value; it is a foundational agile and DevOps principle. Continuous deployment is using automation tools to allow organizations to quickly deploy software into production. By automating the software development value stream, organizations can significantly reduce the amount of time it takes to develop, test, and deploy into production, which enables continuous delivery of value.” –Alan Zucker, founding principal, Project Management Essentials
4. Continuous Integration (CI)
“This technique continuously merges source code updates into one mainline to prevent merge conflicts by integrating code from different developers as soon as it’s available. It creates a real-time window into the current state of the software system and quality measurements, enabling constant engagement of all DevOps team members. For security teams, CI creates an opportunity to enforce secure coding practices and vulnerability assessment early in the software development lifecycle.” – Rani Osnat, VP strategy, Aqua Security
5. Automation/Automated Builds
“Automated builds enable DevOps to compile source files, package compiled files into compressed formats, and produce installers. Repeatable build steps can be done with no information other than stored source code that is then automated.” – Rani Osnat, VP strategy, Aqua Security
Taking it further:
“Automation is not just about using tools to do repeated tasks. The science of doing automation right is all about ensuring that the right processes are being executed the right way. Automation of the wrong processes or processes being executed the wrong way only creates more problems. The science of automation can also be applied to business processes. Automation must be done in increments across logical subsets of process steps that are part of a continuous engine.” – E.G. Nadhan, chief architect and strategist, North America commercial,
“DevSecOps is about creating a ‘security as code’ culture, with continuous fluid collaboration between development, security, and operations teams. The DevSecOps movement, like DevOps itself, is focused on creating automated solutions for complex software development processes within an agile framework. It builds on the cultural changes of DevOps to integrate security earlier in the development phase.” – Dmitry Sotnikov, vice president, Cloud Platform, 42Crunch
[ Dive deeper on this topic: Why DevSecOps matters to IT leaders ]
7. Software Development Lifecycle (SDLC)
“Organizations developing applications have in place a process by which each application is designed, developed, tested, and deployed. This sequence of stages that define these processes is called the software development lifecycle. An organization’s SDLC helps shape the way their apps are built and defines the exact processes each application should go through, as well as the milestones an application needs to hit before going to the next stage of the SDLC.” – Matt Rose, global director application security, Checkmarx
8. Shift Left
“A shift-left approach to application security argues that security needs to be handled from the early phases of application design and coding – by enabling a DevSecOps process. This can prevent security defects early on and help ensure that security standards stay high throughout code iterations. Unfortunately, security is hard. Applications are only as secure as their weakest links.” – Dmitry Sotnikov, vice president, Cloud Platform, 42Crunch
9. User Acceptance Testing
“User acceptance testing injects the end-user community into the testing process. This will usually take the form of a pilot release where certain users have access to the new features. They will operate the software in the production environment to identify any problems or potential improvements before the features are released to the broader community as a whole.” – Mark Runyon, principal consultant, Improving
Also known as …
Canary Rollout: “Drawing inspiration from coal miners who used to bring canaries with them into the mines to detect deadly gas, canary rollouts reduce risk when introducing a new software version in production by first rolling out a new version to only a small group of users. Canary releases are a best practice for agile development organizations practicing continuous delivery to move faster, and security teams can leverage this technique to monitor applications in a low-risk environment. – Rani Osnat, VP strategy, Aqua Security
10. Value Stream Map
MORE ON DEVOPS
- How to explain DevOps in plain English
- DevSecOps: 7 habits of strong security organizations
- DevOps success: 5 flow metrics to get you there
“Value is an important concept in lean and agile practices. The focus is on delivering value to our customers. Value stream mapping is a way of understanding the process steps for creating value. A value stream map starts at the right side of a page and goes to the left, tracing the steps that create the finished product. After completing the value stream map, teams should identify which steps provide value and those that don’t. Steps that don’t provide value should be eliminated or streamlined.” – Alan Zucker, founding principal, Project Management Essentials