This document discusses DevOps, continuous delivery, and multi-speed IT in regulated environments. It addresses how organizations can drive competitive advantage through faster delivery while still maintaining stability, security, and compliance. DevOps aims to align development and operations goals, continuous delivery ensures software is always production-ready, and multi-speed IT understands different approaches and speeds for different applications and contexts. The document outlines challenges in regulated industries and provides recommendations around people, process, and technology to support DevOps adoption.
3. 3
Need to drive competitive
advantage and respond to market
needs
Adoption of Agile practices have
increased the speed of engineering
delivery
Still ruled by a SLA’s, stability and
an inherent resistance to change
BUSINESS DEVELOPMENT OPERATIONS
Move Fast Without Breaking Things
COMPLIANCE (CONTROL)AGILITY (SPEED)
4. 4
“Who has an Agile
Transformation Project /
Program in place
currently?”
Define
Develop
Construct
Deploy
Verify
5. 5
“Who has a DevOps
Transformation Project /
Program in place
currently?”Development Teams “Shift Right”
Dev Test UAT Prod
Operations Teams “Shift Left”
6. 6
“Who has a defined goal / objective for these programs
in place?”
10. 10
DevOps, Continuous Delivery and Multi-Speed IT
DevOps tries to align goals between Development and Operations
Continuous Delivery ensures software is always production ready and releases are tied
to business needs and not operational constraints
Multi-Speed IT understands that there isn’t a simple ‘CD or non-CD’ approach but a
collection of approaches and speeds that IT can use to release software
11. 11
DevOps…
Automation?
Infrastructure as code?
Continuous Delivery (CD)?
Infrastructure Automation?
Continuous Integration (CI)?
“A movement to address the gap between
Dev and Ops”
What is DevOps?
“82% of high performing companies
automate their code deployments”
12. 12
DevOps / CD Benefits for Regulated Industries
Reduced risk by implementing frequent, smaller
changes
Developers have better understanding of
development, test and production infrastructure
Operations gain application-centric
understanding
Simplified end to end IT processes inclusive of
Audit and Compliance requirements
Supportive of Application Automation
= Increased collaboration between Dev and Ops /
Lower Risk / Faster Time to Value
Ops
QADev
DevOps
13. 13
End to End Domain Interaction – The Sum of the Parts
Continuous Delivery
Source Code
Management
BUILD / CI Deployment / Test Automation Formal Release
Containers
Virtual
Infrastructure
Physical
Infrastructure
Cloud
Infrastructure
Enterprise Change Management
Dev Test UAT Prod
APM
IT Service
Management &
DML
Agile
Planning
Requirements
Management
Project Portfolio Management
Enterprise Release Management
Is this DevOps?
Is this DevOps?Is THIS DevOps?
14. 14
Identifying the Challenges in Federal / Regulated Industries
One size fits all approach won’t work for traditional Federal organizations
Legacy, Transitional and Innovative Applications must co-exist
Organizational Framework based approach with multiple ”Flavors” of implementation
Multiple Contract teams own areas of the End to End process, adding complexity
SPOC and ownership is difficult to find – what is the sponsor trying to achieve
Startup “Application is the Business” doesn’t apply
15. 15
“More than 95% of IT operations organizations lack a
centralized release management process”
“Through 2016, a lack of effective release management
will contribute up to 80% of production incidents in large
organizations with complex IT services”
“82% of high performing companies
automate their code deployments”
16. 16
Bi-Modal vs Multi-Modal IT
“By 2017, 75% of IT organizations will have a bimodal capability”*
“95% of Large Enterprises require multi-modal capabilities. Type 1 &
Type 2 becomes Type 1 - 5”
17. 17
“By 2017, 75% of IT organizations will have a bimodal capability”*
Systems of
Innovation
Systems of
Differentiation
Systems of
Record
Mode 1
Reliability
Waterfall, V-Model
IT-centric
Release in
Months/Years
Mode 2
Agility
Agile, Kanban
Business-centric
Release in
Days/Weeks
Dependencies
Governance
Change
*Gartner predictions, 2014
18. 18
Systems of
Innovation
Systems of
Differentiation
Systems of
Record
App 1
Traditional
Waterfall, V-Model
IT-centric
Release in
Months/Years
App 2
Agile
Agile, Kanban
Business-centric
Release in
Days/Weeks
Governance
Change
App 3
Transitional
Scrum fall
Product-centric
Release in
Weeks/Months
Serena Provides Multi-Modal IT Support
Dependencies
Application Deployment speed determined by Application Architecture, Application Type and Compliance requirements
19. 19
Shift Left vs. Shift Right
Development Teams “Shift Right”
Dev Test UAT Prod
Operations Teams “Shift Left”
Measured Functional Competence (High – Low)Key:
20. 20
20
Where to Start?
• What matters to the business?
• How do we Define and
measure success
• Look to Eliminate waste
• Incremental changes/quick
wins
• Focus on continuous
improvement
• Implement Process and
Technology Simultaneously
• Automate Everything
21. 21
How Responsive are you to the Business?
• How do you measure success?
• Average cycle time for moving a
business request from
Development to Production?
• Number of business requests
implements this week, month,
year?
• Cost of moving a unit of change
through your application lifecycle?
• Percentage of a release focused on
technical debt?
• Develop metrics to support what
matters to the business
23. 23
23
Automate Almost Everything
• People should not move the “bits”
• Automate code and configuration deployments with a single set of
deployment processes across all environments
• All pre-prod deployments should be rehearsals for the final deploy into prod
• Quick incremental wins with big impact
25. 25
25
Standardize the Release Process
Streamline and accelerate the release lifecycle
• Single system of record for
release planning and
execution
– Schedules
– Milestones
– Gates and Approvals
• Automatic cycle-time capture
• Ensure audit trails for
compliance and learning
26. 26
Process and Technology work together
Release Control
Release Train
Release Package
Tasks
Integration Framework / Service Layer / Widgets
SDA DIM CM ZMF EROOTHER
RELEASE
PROCESS
ARTIFACT
MANAGEMENT
27. 27
Identify Teams for Continuous Delivery vs. Release Management
Continuous Delivery Enterprise Release Management
Dev
Source Code
Management
BUILD / CI
Deployment / Test
Automation
Test UAT Prod
Formal Release
Containers Virtual Infrastructure Physical InfrastructureCloud Infrastructure Infrastructure as Code
Enterprise Change Management
APM
IT Service
Management
28. 28
Release Control Object Overview
Release Package
Dev Test UAT Prod
Request
Release Train
Deployment Path
Release Package
Release Package Release Package
Deploy UnitDeploy Task
Dev Test UAT Prod
Request
Deployment Path
Deploy
Unit
Deploy Task
Dev Test UAT Prod
Request
Deployment Path
Deploy
Unit
Deploy Task
Integration Framework
Integration Framework
29. 29
Package level control and visibility
Dev Test UAT Prod
Request
Deployment Path
Deploy UnitDeploy Task
Release Package
Integration to Serena and 3rd party artifact
management / source code solutions
(Dimensions CM, ChangeMan ZMF, Serena
Deployment Automation, Artifactory, TFS,
Jenkins, IBM, CA etc.)
Integration to Serena and 3rd party request /
ticketing systems (Dimensions CM, SBM,
Rally, Jira, Version One, Bugzilla etc.)
Defines the activities to deploy / implement
the Package via integrations to Serena and
3rd party tools (Dimensions CM, ChangeMan
ZMF, Serena Deployment Automation, CA
Nolio, IBM uDeploy, XebiaLabs, Manual
Steps etc.)
Integration Framework
Package Deployed via configurable
deployment paths
30. 30
Enterprise Deployment Pipelines
Key Capabilities
• Create, manage and automate deployment pipelines
• Enforce environment sequencing and auto promote
• Full stack automation with new plug-ins:
• Chef, Puppet, Jenkins workflow
• Docker, Bamboo, Openstack and more
Benefits
• Supports Dev / Test Churn with Managed Stage &
Production Releases
• Improves quality with a single repeatable deployment
process
• Reduces cycle time
• Provides end-to-end traceability for compliance and audit
31. 31
Continuous Delivery Maturity Model for Enterprises
REPEATABLE
BUILD
CONTINUOUS
INTEGRATION
AUTOMATED
APPLICATION AND
INFRASTRUCTURE
DEPLOYMENTS
TEST
AUTOMATION
ENTERPRISE
CONTINUOUS
DELIVERY
Standard Build
processes across all
development and SCM
tools. Daily / nightly
builds exist utilizing
secured SDLC
CI Build processes
build deliverables upon
code commit and
invoke automated unit
tests
Target integrated
Application and
Infrastructure
Deployments
(provisioning on
demand – Cloud, Virtual
or Physical for app
deployments)
Fully Automated Test
Suites allowing entire
application to be Tested
without user
intervention
End to End Build, Test
and Deployment
Capabilities
32. 32
“Full Stack” Provisioning
APPLICATION CONFIGURATION
APPLICATION DEPLOYMENT
CONFIGURED
APPLICATION
STACK
VM VM VM
OS PROVISIONINGPROVISIOINGORDER
OS CONFIGURATION
BARE METAL / CLOUD STORAGE
• Infrastructure / Cloud / Virtual
Provisioning
• Application Architecture
Deployment
• Application Configuration
• Build Up &Tear Down
Capabilities
Essential Steps for Enterprise Continuous Delivery