This article by Gopinath Rebala, OpsMx CTO, was previously published in RT Insights on December 27, 2022
Open-source continuous delivery solutions offer the fastest path to DevOps maturity and software development agility.
“Adapt or die” has been a business mantra for generations, but it’s no longer a strong enough warning. Businesses must now adapt with extraordinary speed or die. This has been the impetus behind digital transformation and the move to the cloud – a transformation that the global pandemic made tangible for business decision makers everywhere. The cloud accelerates adaptation and innovation because it enables new forms of communication and collaboration, supports new business models, facilitates automating end-to-end business processes, and broadens the applicability of new technologies, such as artificial intelligence, machine learning, and IoT.
Behind every one of these innovations is the need for rapidly updated software applications to enable and support new and evolving capabilities. This constant update cycle requires companies to develop a culture of rapid innovation and experimentation in their software delivery process, and this has, in turn, made a mature DevOps organization critical for success.
For several years, Continuous Integration (CI) has served as the foundation for enabling DevOps organizations to rapidly update software, but CI tools were not designed to deliver the speed and agility necessary for rapidly moving the updated software into hybrid multi-cloud production environments at scale – with the new security requirements demanded by these environments. This has led to the rise of Continuous Delivery (CD) solutions.
Understanding the need for CD – DevOps maturity
The goal of DevOps is to deploy and deliver software in a fast, safe, reliable, and repeatable way. To meet these requirements at cloud scale, with multiple deployments per day, the DevOps team must understand its current strengths and weaknesses and the steps required to reach the end goal.
An important tool for this is the DevOps Research and Assessment (DORA), which has established the following KPIs and benchmarks to assess DevOps maturity.
Other important elements of DevOps maturity include:
- What is the level of coordination between operations teams and development teams? Are you encountering workflow challenges or bottlenecks?
- Are you missing deadlines because testing is not automated?
- Are you struggling to deliver continuous integration builds at the frequency you require?
- Are there multiple manual approvals or reviews in the process of delivery to production?
- Are there manual handovers of the bits for promotion to higher environments (e.g., integration to staging)?
- With this information in hand, the DevOps team can now focus its attention on improving weak areas.
Continuous integration alone is not enough to increase maturity
Existing CI tools, like Jenkins, are great for development and can even be used for some non-production deployment scenarios. However, significant problems arise when they are used for large-scale environments and production deployments.
CI challenges include:
- Plugin complexity: Developers often use multiple plugins to accomplish daily deployment tasks (e.g., pulling code from GitHub and deploying an application into Kubernetes or AWS ECS). Constantly maintaining a variety of plugins for hundreds of pipelines is extremely challenging, including the need to address dependencies among the plugins.
- Heavy script maintenance requirements: In the past, when a delivery pipeline was custom-coded for one or a small set of software systems, it was acceptable for a central team to write and maintain a Jenkins workflow with custom scripts. Today, with the increasing number of developers involved in delivery, a central team can become a bottleneck or lose all control of security, compliance, and standards requirements. However, providing self-service for customizing workflows requires Jenkins DSL knowledge by all dev teams, who can then make any kind of script changes to the delivery workflow. Without this ability, the central team will become a bottleneck that slows any changes to the delivery workflow. Further, release strategies, such as canary and blue-green, are not readily available and need to be coded in. As a result, self-service can cause major problems if developers don’t have the required skill level to do this. With the faster pace of today’s deployments, writing and maintaining scripts simply doesn’t work.
- Limited visibility into deployment status: CI tools provide limited visibility into only the build stage – no real-time insight into whether the deployment is successful or if newly created pods are healthy, and so on. No visibility for managers and other stakeholders into the deployment pipeline. This limits the ability of the IT organization to collaborate on and improve the CI/CD process.
- Limited knowledge of the impact of a new release: CI tools do not enable developers to identify potential risks prior to deployment, so engineering managers are forced to become gatekeepers and go through the software manually to verify associated risks before allowing a deployment pipeline. In addition to being labor-intensive and time-consuming, this process is error-prone and not scalable. It does not support rollback on failure, increasing the risk of production downtime.
The benefits of continuous delivery
CD solutions offer a simpler, faster, and safer path to DevOps maturity and delivering higher quality software. Three of the most popular CD solutions are open-source tools: Spinnaker, Argo CD, and Tekton.
Spinnaker: Very briefly, Spinnaker, developed by Netflix, offers application management and automation for application deployments to a variety of cloud services and more, including Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, Kubernetes and virtual machines (VMs). It offers both declarative and imperative pipeline delivery models and enables DevOps to develop pipelines, establish deployment stages, and create deployment strategies like canary, blue-green, etc.
Argo CD: Argo CD was developed specifically for Kubernetes environments and is meant to be used only with Kubernetes applications and services. Argo CD focuses on automating deployments and rollouts/rollbacks. It monitors the application configuration defined in a Git repository and compares it with the live state in the cluster. When a developer makes a change to the app definition in Git, Argo CD detects and notifies application operators. If an operator approves the change, Argo CD creates the required resources in the Kubernetes clusters with the new configuration. There is also an auto-sync option, which deploys changes immediately and optionally notifies the application operator. Another important feature of Argo CD is drift detection. If there is a change to an application in a Kubernetes cluster without a change to the Git configuration, Argo CD detects the difference and resyncs the target deployment with the Git configuration.
Tekton: Backed by Google, Tekton focuses on standardizing tooling, processes, and workflows across vendors, languages, and deployment environments. It works well with Jenkins, Jenkins X, Skaffold, Knative, and many other popular CI/CD tools. It provides scalable, serverless, cloud-native execution out of the box, and because it abstracts the underlying implementation, DevOps can create a build, test, and deploy workflow based on the team’s existing requirements.
Each solution has its unique feature set and benefits, so DevOps teams that want to implement CD need to do their homework to select the best solution for their specific infrastructure and requirements. It’s worth noting that because these are open-source projects, each has a vibrant community that enables new features to be added, tested, and rolled out quickly. The community ensures that best practices are coded into the software, and development teams that are new to the solution can access the community and a wealth of specific resources to help with implementation and get questions answered.
How organizations can begin implementing CD
If your organization is ready to improve DevOps maturity with a CD solution, here are the top three steps you need to take to ensure success.
1. Identify requirements to find the right solution
Depending on your DevOps maturity, determine your workflow and deployment challenges and goals. What are all the steps that need to be automated? Will the solution work with all your most important development tools? Will you be deploying into production, so do you need a rollback capability? Is the solution sufficiently secure for your needs? Do you require multitenancy?
Be sure to consider the company’s mission and product roadmap, so you don’t select a solution that will become a limitation as your company evolves. Because of the number of solutions available and the complexity of evolving cloud-scale deployments, consider hiring a third-party consultant to help you navigate your options.
2. Start small and grow
Start with one or two applications and go through the entire code-to-deploy-to-production process. What are the key onboarding requirements? What are the key integration points for your processes? What is the right balance between developer needs – such as their favorite tools, languages, code analysis tools, etc. – and a set of requirements that DevOps can reasonably support in an integrated development environment? Are there deployment steps that have not yet been automated? Are all the required security, process guardrails, and approvals in place? Are there workflow elements you can simplify to speed the delivery of code from development to deployment and production?
If the processes are slow or create chokepoints, they will undermine the benefits of the automation. In extreme cases, developers may even look for ways around using the solution to avoid dealing with cumbersome processes.
3. Roll out at scale
Once you are satisfied with the end-to-end workflow and processes of the initial applications, roll out the CD solution to the rest of your applications. At this point, you can expect that your CD solution will now support 70 to 80% of your needs. However, there will be minor issues, new policies, and evolving requirements to deal with. In the cloud, new services, strategies, and capabilities constantly appear, so there will always be a certain level of continuous iteration moving forward.
If the last few years have taught us anything, it’s that speed and agility are the foundation of success for digitally transformed organizations. Enterprises must recognize that speed and agility are impossible to attain without a mature DevOps workflow that enables new features and capabilities to move into production as rapidly as possible. Open-source CD solutions offer the fastest path to DevOps maturity and software development agility.