While DevOps needs particular champions, excellence can be achieved only if the entire organization is on board.[1]
—DevOps Institute
DevOps Practice Domains
This is the third article in the SAFe DevOps series. It introduces the technical skills and tools that power the Continuous Delivery Pipeline. See also the DevOps home page and CALMR articles.
Enabling continuous flow through the end-to-end value stream in today’s enterprises can be complex. Practitioners across multiple teams and functions must collaborate effectively. Quality and security must be built in at every step. Solutions must be architected for rapid change. Governance and compliance controls must be streamlined and automated. A slew of metrics must be managed from all layers of the solutions stack. And the right automation must be in place to enable lightning-fast flow and on-demand processing.
Managing all this complexity, let alone optimizing it for continuous flow, requires specialized knowledge by everyone in the value stream who influences product delivery. To succeed with DevOps, this knowledge must be applied at the right times by the right people and with the right tools at all stages of the process.
SAFe groups this required knowledge into DevOps practice domains, which comprise the inner rings of Figure 1 and together enable the Continuous Delivery Pipeline. Each domain contains a set of specific practices and tools that perform critical DevOps functions in the value stream. Note that CALMR, at the center of the figure, is not a practice domain; rather, it is the mindset that guides DevOps behavior and decision making throughout the entire value stream. For details, please see the CALMR article.
Some domains, such as Continuous Quality and Continuous Security, span the entire CDP. This indicates that there is always work to be done in those areas. Others, such as Deployment Pipeline and Infrastructure Management, apply to smaller segments of the CDP. Work in those domains enables a subset of activities in the value stream. At any given time, though, knowledge from multiple domains is combined to support the current activity in the continuous delivery pipeline, as is explained in the next section.
The outer ring of practice domains, composed of Agile Planning and Design, Deployment Pipeline, and Continuous Monitoring, represents a solution’s path through the system. It is where cross-functional DevOps practices converge with the evolving solution and is the ‘conveyor belt’ that moves the solution through its delivery life cycle.
Details
DevOps implies close collaboration across team and department boundaries. Figure 2 illustrates how this is accomplished. Skills across domains are combined to produce specific outcomes in the CDP. For example, to ensure features are developed in a way that fosters continuous delivery, knowledge from six domains (in this case Deployment Pipeline, Configuration Management, Version Control, Continuous Security, Continuous Quality, and Value Stream Management) must be applied. This ensures that solutions are developed with speed, quality, security, version control, adaptability, and maintainability in mind.
Using this model, it is clear where knowledge must ‘shift left’ and which individuals may need to collaborate at each stage of delivery.
McKinsey states, “Transformation success requires thoughtful mastery of multiple domains and coordination of many moving parts.” [2] This DevOps model is meant to guide enterprises through that complexity on their way to transformation success. The result is a continuous delivery pipeline driven by a cross-functional DevOps culture that can deliver valuable digital solutions on demand.
Achieving that result begins with an understanding of the technical practices that power this new way of building. Following is an introduction to each DevOps practice domain along with the specific technical practices and tools it encompasses.
Value Stream Management
Value stream management (VSM) is a business practice that focuses on increasing the flow of business value from customer request to customer delivery.[3] VSM provides lightweight, end-to-end governance of the continuous delivery pipeline and optimizes it for maximum value delivery as opposed to maximum adherence to fixed delivery plans.
VSM includes specific practices such as value stream mapping, analyzing flow efficiency through the end-to-end delivery pipeline, and setting targets for delivery speed, quality, and value. VSM also involves specialized software platforms that integrate with other tools throughout the pipeline to collect and surface real time data about the health of the value stream.
Continuous Quality
In DevOps, practices that ensure high solution quality do not simply shift left, they extend to all activities in the value stream. Continuous Quality is a domain that ensures that quality is built in early in the pipeline and continually managed throughout a solution’s life cycle.
Continuous Quality includes specific practices like hypothesis-driven development, behavior-driven design (BDD), test-driven development (TDD), A/B testing, and exploratory testing. Automation is used to enhance the speed and accuracy of testing throughout the value stream.
Continuous Security
Like quality, security is everyone’s responsibility. This domain spans the entire continuous delivery pipeline and ensures that sound information security practices—both preventive and detective—are always active throughout the life cycle of a solution.
Continuous Security emphasizes practices such as security by design, threat modeling, security-as-code, as well as automation in the areas of vulnerability scanning, penetration testing, and intrusion detection.
Version Control
To achieve quantum leaps in pipeline acceleration and quality control, DevOps requires all solution assets to be under version control. Application code; server, network, and firewall configurations; database scripts; even requirements and test scripts need to be stored in a common repository to ensure solutions and environments can be built, deployed, repaired, and decommissioned on demand.
Version Control stresses minimizing the amount and duration of open branches and ensuring that the code base always remains in a deployable state. Automation in this category is directed toward optimizing branching and merging strategies, facilitating distributed version control, and managing file types of all kinds.
Configuration Management
Configuration Management is a large part of the ‘what’ to Version Control’s ‘how.’ The things that are stored in version control are configurations, such as application, database, infrastructure, and security configurations. Since these configurations collectively represent all design time and runtime aspects of a solution, they must be carefully managed.
Colloquially, the related practices in this domain are expressed ‘as code’—infrastructure-as-code, security-as-code, and compliance-as-code for instance. The Configuration Management practice domain represents an ‘everything as code’ approach to defining solutions, their runtime environments, and the systems that usher them through the continuous delivery pipeline.
Infrastructure Management
Infrastructure Management is a domain that focuses on the ‘care and feeding’ of production systems, many of which may be defined as code. Whereas configuration management is a set of design-time practices, infrastructure management is a set of runtime practices.
This domain is primarily concerned with ensuring the stability and resiliency of deployed solutions so that maximum value can be realized. Key technical practices include chaos engineering, selective releases, and site reliability engineering (SRE). Automation is applied to enable immutable infrastructure, release on demand, rapid recovery, and auto-scaling.
Agile Planning and Design
DevOps begins well before development work starts. This is to ensure that the inputs to development, such as desired business outcomes, solution scope, architecture, and design, are performed in a way that fosters continuous delivery.
The Agile Planning and Design domain assures that a CALMR approach to DevOps is followed from the onset of the delivery life cycle. This domain includes practices such as Lean UX, Agile architecture, backlog management, and emergent design. Tools focus primarily on streamlining Agile practices, making work visible, and accelerating the productivity of individuals and teams.
Deployment Pipeline
Arguably the most popular area of concentration in DevOps is what is popularly known as the ‘CI/CD pipeline.’ This is the segment of the value stream that begins with code committed to version control and ends with that code being successfully deployed in production. Because the goal is to deploy finished code to production as quickly and safely as possible, SAFe’s term for this subset of the value stream is the Deployment Pipeline.
Ultimately, the entire deployment pipeline should be automated from end to end using a carefully selected tool chain. Doing so greatly accelerates build, integration, testing, break fix, and deployment cycles. Often the only manual activities in a mature deployment pipeline are peer reviews and responding to system-generated pipeline events and notifications.
Continuous Monitoring
Continuous Monitoring involves capturing, logging, surfacing, and analyzing production events. These events describe both system behavior and end user behavior and directly support the Measurement and Recovery elements of CALMR.
This domain calls for significant harmony between the systems doing the monitoring and the humans interpreting and acting on the results. Through full stack telemetry, observability, proactive issue detection, visualization, AIOps, and analytics, this set of practices is tailored to measure and maintain business value with a high degree of precision.
Agile Product Management
Remembering that DevOps enables a continuous learning loop, which in turn drives rapid innovation, it is imperative that what is to be learned is well defined and what was learned is captured and quantifiable. Agile Product Management accomplishes this.
Through customer centricity, hypothesis-driven development, design thinking, Lean Startup, and market research practices, this domain ensures that the continuous delivery pipeline is always calibrated to deliver specific, measurable business outcomes. Moreover, it ensures that the enterprise collects validated learning from every release and directs those learnings toward relentless improvement.
For more detail, please see the Product Management article.
Value Metrics
The ultimate goal of DevOps is to enable enterprises to deliver continuous value to their customers. Of course, value is in the eye of the beholder, so there must be a method in place for defining and measuring value from the customer’s point of view. The Value Metrics domain provides this capability.
Value metrics are precisely tuned to how customers derive value from deployed solutions. They are outcome-oriented measurements that provide objective evidence that solutions are (or are not) performing well in the market. This practice domain contains techniques such as innovation accounting, objectives and key results (OKRs), key performance indicators (KPIs), and service level agreements (SLAs). Using these methods, desired outcomes are forecast and actual outcomes evaluated to determine a solution’s true value to the business.
More in the DevOps Series
Article 1: DevOps Main Page
Article 2: A CALMR Approach to DevOps
Article 3: SAFe’s DevOps Practice Domains
Learn More
[1] Upskilling: Enterprise DevOps Skills Report 2019. https://devopsinstitute.com/wp-content/uploads/2019/03/UpskillingReport-Final.pdf [2] Agile’s Next Level: ABM AMRO’s Hybrid Cloud-DevSecOps Transformation. https://www.mckinsey.com/business-functions/mckinsey-digital/our-insights/agiles-next-level-abn-amros-hybrid-cloud-devsecops-transformation# [3] The Rise of Value Stream Management (VSM). https://www.linkedin.com/pulse/rise-value-stream-management-vsm-mik-kersten/
Last update: 10 February 2021