Book review: The DevOps Handbook
Gene Kim, Jez Humble, Patrick Debois and John Willis are the authors of the book The DevOps Handbook. how to create world-class agility, reliability, & security in technology organizations. If you look at the cover you see some similarities with The Phoenix Project. A novel about IT, DevOps, and helping your business win. And that is not a coincidence because Gene Kim is one of the co-authors of this book too.
Where The Phoenix Project is a business novel explaining the journey to set up a DevOps team, this book gives you the theoretical background, and the tools to build and use the DevOps philosophy by integrating product management, development, QA, IT operations, and information security to elevate your company.
The book is divided into four blocks: The first block (part I) introduces the three ways: The principles of flow, feedback and continual learning and experimentation. The second block (part II) explains where to start a DevOps movement in your organization. The third block (parts III-V) describes the technical practices of the three ways. The last block (part VI) discusses the technological practices of integrating information security, change management, and compliance.
In part II we see what it means to select the value streams with the most sympathetic and innovative groups to start with the DevOps transformation, analyse those value streams by creating a value stream map, and design the organization (functional, matrix or market oriented), fund services and products and not projects and create loosely-coupled architecture to dramatically improve the outcomes.
The first way describes the architecture and principles that enable the fast flow of work from left to right, from Dev to Ops to deliver quickly and safely, value to customers. Start with a single repository of truth for the entire system, make infrastructure easier to rebuild than to repair, enable fast and reliable continuous integration and automated testing and start with low-risk releases. Include running in production-like environments in your DoD.
The second way addresses the reciprocal fast and constant feedback from right to left by implementing feedback loops and use shared goals spanning Dev and Ops to improve the health of the entire value stream. The authors provide insights in telemetry from processes, behaviour and production issues, audit issues and security breaches that enables seeing and solving problems. Next we see, how we can integrate user research and feedback, peer reviews and pair programming and what it means when integrating hypothesis-driven development and A/B testing into our daily work?
The third way helps to create a culture of learning and experimentation. What can you learn from incidents, and how others can learn from your own learning by creating repositories and sharing learnings. How can you enable and inject learning into daily work by establishing a learning culture, have post-mortem meetings after accidents occur and communicate them, decreasing incident tolerances and organize game days to rehearse failures? And make sure you capture organizational knowledge by using e.g. chat rooms and chat bots.
In the last part, the three ways are extended by using them to achieve information security goals by making security a part of everyone’s job, by integrating preventive controls into a repository, by integrating security with the deployment pipeline, and integrating deployment activities with the change approval processes and reducing reliance on separating of duty.
If you want to start a DevOps movement, start with The Phoenix Project to make yourself enthusiastic about DevOps and continue with this book to get the real technical practices to make your DevOps a success. When buying this book, you will get a unique one-time access code to the DevOps X-ray individual assessment to benchmark your own performance against industry-wide data.
To buy: The DevOps Handbook