Category Archives: DevOps

Why aren’t more women in tech jobs?

Androgyny Edited

Last month we asked some questions about gender quotas in the workplace and whether or not that was the way to encourage more women into the world of IT professionals.

Our poll indicated that 86% of our Blog readers think that gender quotas are NOT the most effective way to equalise the IT gender gap, as one comment on our post stated:

To me, quotas seem like the well-intentioned, but ill-conceived path to diversity by avoiding cultural change and avoiding the problem of biases and institutions that create monoculture- Jyee

But what is the answer? Or perhaps we need to reconsider the question; instead of exploring how to encourage more women to embark on an IT-based career, maybe we first need to find out why they don’t already consider it an option.

  • In a traditionally male-dominated industry fully equipped with its own negative stereotypes it’s difficult for young women embarking on their careers to find role models in IT: ‘you can’t be what you can’t see’. Often women report hostility, or lack of opportunity in the workplace, finding themselves overlooked in favour of male counterparts:

The top two reasons why women leave are the hostile macho cultures — the hard hat culture of engineering, the geek culture of technology or the lab culture of science … and extreme work pressures – Laura Sherbin, a director at the Center for Work-Life Policy

  • It isn’t obvious what sort of tech roles are available until you start in the industry. A tech knowledge is a major part of almost all professional roles in contemporary society – it’s not just coding. The sector is developing rapidly, but a huge amount of this is not visible externally – girls in school may never consider that they could be in tech jobs creating robots, designing games, running start-ups, because this side of the industry is rarely touched upon as a career choice in schools. If young women in secondary education were aware of the potential of developing tech skills they might be more inclined to engage with tech-related subjects at school.
  • Women in tech have not had the best time of it. In the public eye women can see things like GamerGate and the ruthless persecution that can follow women who actively become involved in tech or web-based activities. Although this is far from the norm it’s what is predominantly shown in the media.

Clearly a culture shift is required, rather than short-term measures. Actively encouraging school-aged girls to take up an interested in technology is a way of opening up routes into the industry early on. Eliminate the notion of ‘gendered subjects’ and highlight the opportunities that a tech role brings both to individuals and to the future: it’s an ever-developing, changing exciting industry to be a part of and that’s something that will inspire boys and girls alike.

Technology pervades almost every element of contemporary culture and at least a basic knowledge of technology is becoming standard for the majority of professional roles. Using this as a way to destroy the trope that tech jobs are done by geeky men in a basement with no social skills and a penchant for online gaming.

But what are industries currently doing to tackle the problem of gender imbalance?

Companies like Google have introduced training schemes which aim to fight cultural biases and make the workplace a more positive and neutral environment. Participants take part in word association games and are often surprised at how often women are habitually associated with less technical roles. Hackathon are running a series of women-only events in India, Microsoft are running ‘DigiGirlz’ days all over the world and the Welsh Government’s WAVE scheme aims to help women improve their career prospects though training opportunities, networking opportunities and career development.

But what can smaller businesses do to help?

Companies need to research the biases that prevent women from getting ahead and then devise ‘interrupts’. Instead of single training sessions companies need to make systematic changes. – Joan C Williams.

This, to us, sounds like a DevOps approach. Like optimising your cloud-computing potential, gender equality in the tech industry is not something you can ‘do’ once; it’s an ongoing series of cultural and attitude changes that will deliver the best results for companies and employees. And remember: change takes time

We’d love to hear the strategies companies in the UK are undertaking to address this gender imbalance in the workplace. If you have any thoughts, suggestions or news you’d like to share, please get in touch.

 

How Do Databases Fit Into DevOps?

 

red-gate

Towards the end of 2014, we started getting to know the folks over at Redgate, and learning about what they’re doing around Database Lifecycle Management. It’s prompted some interesting conversations.

Redgate have been spending a lot of their time thinking about continuous delivery for databases. One thing we’ve discussed recently is how it’s not uncommon to see tensions mount when databases are added to the mix of a Continuous Delivery process. Particularly relational databases, and especially transactional relational databases. As Redgate thinks about the opinions among the DevOps community on how to manage and deploy databases, it’s prompted a few interesting questions – for example:

 

Why do the tensions around databases seem less pronounced in the DevOps community?

 

It’s About Perspective

Now I’m not 100% convinced that there are fewer tensions – I suspect they may just be different tensions. That said, there are plenty of good explanations – both cultural and technical – for why the CD & DevOps communities perceive databases differently. Perhaps some of it comes down to what they’re respectively is focused on.

 

 

DBDevOps?

Naturally, Redgate are coming to this from their established position in the RDBMS space (predominantly SQL Server, but with a twist of Oracle and MySQL as well), and so the second question that comes to light is:

 

How do DBAs fit into a DevOps world?

If we look at how the roles and responsibilities break down, it looks like DBAs are simply Ops specialists. Does that mean that database developers and DBAs should be blended in a single DBDevOps team? Having two flavours of DevOps team running side-by-side on the same overall application feels like a poor compromise, but are databases special enough to warrant it?

Alternatively, does this mean that the DBA dissolves into just another Ops facet of the overall team? Given the amount of specialist training and knowledge we so often see invested in DBAs, it’s hard to imagine how a team could be high-performing without some degree of specialization when it comes to managing data. This could be the straw that breaks the Full-Stack Engineers back, or it could be that you can actually get a very long way before you have to dip into the skills of a true specialist. I’m sure that, like so many questions, the answer is “It depends”

Either way, the fact that we’re even talking about Database Lifecycle Management (and uttering sentences which include both “database” and “DevOps”) suggests that software engineering as a whole is maturing at the pace of Moore’s Law, and starting to embrace the ideas that were obvious to W. Deming. Not only are we tackling these questions thoughtfully, but we’re also being more aware of the practices that have emerged in software engineering. As a result of that maturity, we’re also starting to see tools emerging which are actually fit to be used in a DevOps environment. In the case of databases, part of that is about treating them as stateful artifacts, and I particularly like Redgate’s SQL Lighthouse in this regard – a free little tool currently in beta for monitoring when database states drift.

So Many Questions

The sharp-eyed among you will have noticed that I’ve suggested several possible ideas, but avoided stating which one is the Right One™. That’s mostly because a) I don’t know yet, and b) it really does depend. And c) it’s hard to put together a solid case in a relatively short blog post!

We’ve seen a few different approaches to the problem, but what kinds of practices are you forming around your databases (and how are your DBAs being involved)?

And given that databases are tricky and stateful, what kinds of tools and processes are you using to monitor and deploy them? Open source libraries sanctified by Etsy, Netflix et al, something home-grown (and quite possibly a bit of a snowflake), or something off-the-shelf?

Moving with the times: roll with the punches

Everything is changing! It’s 2015 and the digital landscape already looks radically different compared to this time last year. 2014 brought a lot of changes to IT and the way we work online, so let’s look back on some of the things we learned and use them to make 2015 a year of change and innovation.

Tech Republic’s 10 IT lessons learned in 2014 article tells us that:

At the end of 2014, application maintenance was no different than it was at the end of 1984. IT application staffs are still spending more than half their time maintaining existing application code bases. This leaves less time for development when the demand for new apps is at unparalleled levels 

But what if CEOs stopped spending time and money firefighting growing issues within software and web applications and implemented a crucial cultural change in the way the business is run as a whole? Adopting a DevOps approach could be the way to move managing application maintenance issues into the 21st century.

Here are 3 DevOps services that could transform the way you run your business in 2015:

Application Performance Management (APM)

Customers today expect instant response times, a simple, stress-free online experience and 100% availability. Implementing APM tools and processes will help to repair root causes of application performance issues before your customers encounter them and can reduce the cost of fixing the problems later on down the line, when they’ve impacted on your other processes and services.

DevOpsGuys operate along the CALMS principals. APM tools can help to automate processes that would usually require human interaction and allows you to monitor your Metrics and your customers’ online behaviour. This means you can speed up your response time and tailor your software and strategies to meet the exact needs and expectations of your audience

Continuous Delivery

Adopting continuous delivery will streamline your software delivery process, so that you can get new features and software to market faster and more reliably. It can reduce your deployment costs, pick up problems quickly and ship code up to 50% faster – seriously it could change your life…read more

Understanding your DevOps Maturity

If you’ve decided that a DevOps approach is the way to go it’s important to understand how far along the way your business currently is. Are your testing, building and management processes carried out manually? Are you constantly battling just to keep your website running as usual? There’s a lot we can do to help you. Take our maturity assessment to find out exactly where you stand and how we can help you optimise your business in 2015

#AnsibleFest2015

“Last week we hosted the first AnsibleFest conference outside of the US – and I’m pleased to say it was a roaring success. With 320 attendees on the day, it was our largest attendance, despite the rather grey and wintery London weather! 

The crowd made it for us – fielding great questions, and even interacting with one another during the Q&As. One person’s attendance particularly stood out – for anybody watching Twitter there was an amazingly detailed and informative stream of the day’s events being tweeted. If you didn’t catch Matt Macdonald-Wallace’s stream on the day, here’s a super summary…” -Mark Phillips, EMEA Director of Business Development, Ansible, Inc

No time to read through? Check out these direct links to the festival’s talks:

“Ansible 2 is coming, and it’s going to be awesome!” was the message at AnsibleFest London last week. Talks covered the latest Ansible 2.0 news (scheduled to be released at the end of March); using Ansible Tower to give developers the ability to stand up their development environment at the push of a button; using Ansible to manage Windows and why Rackspace – one of our partner companies – moved from Chef to Ansible for standing up OpenStack (Spoiler Alert: it’s quicker and simpler).

We did our best to share the event online by live-tweeting the whole thing from the front row and here’s our summary of what went down

The day opened with a welcome and “state of the nation” address from Saïd Ziouani, Ansible’s CEO, covering everything from the news that the London AnsibleFest was the biggest one they had ever done with 325 attendees to the impressive stat that “1 out 3 forks of the Ansible code-base results in a contribution back to the community”.

Saïd also stated that the goals for the coming year all focused around compliance, hyper-scale computing, Microsoft Windows support, container technologies such as Docker and Google Kubernetes and the ability to configure your network from Ansible plays.

The first tech-talk was by Marius Boeru from BigStep and covered the ways in which Bigstep are using Ansible to provision large-scale, big-data solutions for multiple customers.

Marius and quite a few other speakers mentioned Vagrant as a good option for standing up development environments (something that we use heavily here at DevOpsGuys) and ensuring that your Ansible plays work as expected.

One of the points that Marius made, and one that was repeated throughout the day, was that Ansible is simple, easy to extend and easy to integrate with, so it’s a very good choice to get developers up and running, as well as providing the operations teams with a flexible tool to reduce their technical debt.

The next talk was by Sebastian Göttschkes.  Titled “Vagrant and Ansible, a love story”, the talk covered the point made by Marius about using Vagrant to test things and ensure your development and operations teams can iterate quickly through the development cycle.

The key topic that most people seemed to take away from Sebastian’s talk was that “Works on my machine” is no longer an acceptable response to broken/undeployable code.

Tools such as Vagrant and Ansible allow your teams to recreate production on their local workstation and model how changes to code and configuration would affect your running environment; simply writing code and claiming it’s ready for production without full testing is not an option anymore!

Another point that Sebastian was keen to emphasise was that if you are doing any part of your configuration/installation manually then you have effectively failed at DevOps.  Everything should be automated, and, with the various Vagrant providers available for RackSpace and other cloud providers, there really isn’t an excuse: you really should “Automate All TheThings!”.

The third talk was from Ali Asad Lotia and surrounded his work with the NFL on analysis of in-game statistics picked up from individual players on the pitch. Even before he had started talking about the challenges of intermittent connectivity, changing start times and developers who had never deployed code to production, Ali had everyone engaged with the statistic that they were tracking every player on the pitch to within 6 inches of their position with a latency of less than half a second!

Ali talked about a pattern familiar to most organisations when deploying a manual process in a README becomes a shell script and then the shell script gets out of control – and why this led them to decide on using Configuration Management tooling.  The next step was to decide where to focus their efforts and (in common with a number of other speakers) they settled on Ansible because they were looking for something with a low operational cost combined with simplicity.  Complex solutions were not an option here.

A large part of the reason for focusing on Ansible for Ali and his team was that NFL stadiums have incredibly bad internet connections, meaning that running an agent-based configuration management system such as Puppet or Chef was out of the question because they couldn’t guarantee that the system would call home and update the configuration at the right time. Ansible’s “push” model gave them the ability to control the connection as best they could and only push changes when they needed to.

As with Sebastian’s talk, one of the key points of Ali’s speech was that with Ansible you can start at a simple level.  The first playbook that Ali wrote effectively copied the README file so you could read it just as easily.  The team were then able to iterate and improve the Ansible plays so quickly that it actually freed them up to spend time looking at other tasks!

Lunch followed this talk, with all the usual free T-Shirts, stickers, cuddly toys and USB keys that accompany conferences such as this as well as a good opportunity to talk to some of the sponsors about what they are up to.

After lunch Jon Hawkesworth from M Modal opened the afternoon session with a talk on managing Microsoft Windows with Ansible. Whilst the talk was good it became apparent that there was more work to do on Ansible to get it working well.  The good news was that a lot of this work is being done as part of both a major refactor in the Windows modules and the on-going development of Ansible 2.

Some of the more useful modules highlighted by Jon included the ability to install packages via win_msi, download files or packages to a box via win_get_url and the fact that you can use PowerShell to write modules for Ansible, meaning that Windows developers and operations teams won’t have to learn Python.

The second talk of the afternoon was by Walter Bentley from Rackspace and centred on why he chose to take Rackspace away from Chef and towards Ansible for their OpenStack deployments.

Walter focused on the simplicity and ease that Ansible provides, as well as the fact that it is written in Python; they have a large team who can develop it further if required. Once again, not requiring an agent to run on each host also came up as a positive thing, because all you need is Python and an SSH connection – something that almost all modern Linux distributions have.

One of the key reasons that Walter wanted to automate the installation of Rackspace Private Cloud was to ensure that when he did a demonstration for a client, it took less than five hours reading 62 pages of documentation. Using Ansible and Vagrant, he and his team have managed to get the deploy fully automated and far more quickly: they now deploy at least ten Rackspace Private Cloud installations using this method each week

Walter pointed out that: “the great thing about Ansible is that you can run it over and over again and it only changes things that are different to their desired state”.  This is a vital part of any configuration management tooling as it avoids unnecessary service restarts or re-configuration of correct system settings.

After a short break, we were back with James Cammarata from Ansible talking about Ansible V2 and what we could expect to see there.  It was interesting to learn that the primary reason behind version 2 was to clear up a lot of technical debt in the code base, and also to see some of the new features.

The features that stood out in Ansible 2 were the ability to have “try/except” blocks in your plays, allowing for recovery from failures in plays and better error messages.

The final two talks of the day were about Ansible Internals and Ansible Tower. Ansible Internals deserves a blog post of its own and we hope to bring that to you in the next couple of weeks so we’ll leave that for now apart from to say that if you’re not looking at extending Ansible then you should – modules, plugins and filters are incredibly powerful and will help you.

Ansible Tower is the commercial offering from Ansible that provides auditing and role-based access control (RBAC) for your infrastructure. Mark Phillips explained how you can point Ansible Tower at your existing Git repositories and then assign permissions to various users to allow them to interact with your infrastructure in different ways.

One example given was that the Operations Team might need to be able to stand up any type of system, whereas QA might only require the ability to standup a dev/qa environment instead

Ansible Tower also provides dashboards that can be used as part of a compliance program and give you an overview of what has failed and where, however the main part of Mark’s message was that Ansible Tower allows you to let “non-technical” people provision environments for their own use without the need for support tickets!

All in all the conference was a great day out.  We learned loads, met up with friends and we will definitely be back!

Ghostbusters! Using monitoring to drive system vulnerability patching

Our GHOSTbusting DevOps Engineer Matt Macdonald-Wallace  (@ProfFalken) on the recent Linux security scare. He talks us through how an innovative approach to DevOps can solve these problems and prevent them from happening in the future.

The recent GHOST vulnerability struck fear into the heart of a lot of Linux systems administrators recently when it was revealed that for a couple of years one of the core libraries in the Linux operating system (libc) had been vulnerable to attack.

The vulnerability revealed that you could easily take control of a Linux system attached to the internet if you could send a well-crafted message to a webserver or email server running on that host.

At DevOpsGuys we’re big fans of test-driven development (TDD) and we’re always looking for ways to share knowledge between Dev and Ops so when this gave us an opportunity to try out a new way of managing system upgrades across a large number of customer we leapt at the chance!

The plan was to follow TDD methods to create a monitoring check that would fail (the test) and then patch systems until it passed (the “development”).

The monitoring scripts were written as a “minimum-viable” check for those Linux distributions that we use in house and then added to our monitoring system.

GHOST-before

We use Dataloop.io for monitoring and this meant that rolling out our scripts to all our hosts was easy – write the script, add it as a dataloop plugin, add that plugin to the relevant tag and wait for Dataloop to deploy the check.  In total it took less than three minutes to roll out our check to all of our systems and have it reporting back.

The next step was to create a custom dashboard to see all the hosts that had the plugin enabled.  Again, this was trivial to do using Dataloop’s drag and drop dashboard creation tool and within minutes we had a complete overview of all the servers under our control that were being monitored for GHOST – many of which were showing as “critical”, meaning that they needed the update applying.

GHOST-during

The great thing about approaching the problem this way was that we were able to see if any hosts were already secure (anything running Ubuntu 14.10 or later was not affected by this patch) and that the check worked correctly.

We then ran our update procedures as normal, however we were able to prove that all of our servers had received the update by watching the dashboard turn green as each server updated and the check was executed again.

GHOST-after

We’re going to keep the checks in place so that we know in future if any of our servers for some reason revert to a “bad” version and from now on, any major vulnerability like this will be dealt with in the same way.

Special thanks to Steven Acreman of Dataloop.io for helping us with assisting in modifications to the scripts and ensuring the data showed up on the dashboards in the way we required it

If you want to follow our example and check your systems in the same way, then we’ve open-sourced the checks and you can download them from our Public Checks Git repository.

 

Gender quota: the best way to bring more women into IT?

5997001123_a3bee2035c_n

With various incidents in the media drawing public attention to gender gaps not only in pay, but in traditionally male-dominated industries, women’s role in IT is continually coming under scrutiny.

But is obliging companies to employ a certain number of women the way to tackle this issue? Gillian Arnold believes it is. In the recent Tech Republic article Time for IT jobs to be set aside for women Arnold states that other initiatives have been slow to work:

“Think about the collective hours of effort that have gone into trying to encourage women to join these professions. That’s an enormous amount. We haven’t issued any quotas but maybe it’s time.”

The number of women taking on IT related qualifications is on the up, but it is slow progress. Cultural attitudes take time to change and there are a lack of technical female role models in contemporary media; the enduring image of an IT specialist being the archetypal male ‘nerd’– an image damaging to professionals of any gender.

And could colleagues respect a co-worker that they knew or suspected had been employed to fulfil an imposed quota system? In the long run, could this not be more damaging?

If more is done in the media, in education and employment to alter public preconceptions and shift attitudes about traditionally gender-specific roles diversity is sure to follow.  And it’s already taking place: take Lego as a case-in-point; the popular toy received considerable criticism about their ‘girls’ branded range featuring princesses, hairdressers and an overwhelming amount of pink. Subsequently, Lego have released a Professional Girls range, where female figurines are scientists, astronomers and palaeontologists. Is this something that would have happened twenty years ago? Ten, even?

This clearly reflects a change in public attitudes towards the representation of women in the media and in the professional sector, but it takes time for people to adapt to these attitude shifts and for the changes to manifest themselves. Opening up opportunities culturally and socially and making IT roles a desirable role for everyone will ensue that employers are able to access as wide a cross-section of IT professionals as necessary to ensure that the best person for the role is given the job.

Tell us what you think:

DevOps is for life, not just for techies

DevOps is a philosophy; it’s a way of life that you can use to transform your business methodology, improve your customer communications and revolutionise your results.

We’ve collated some fundamental DevOps principles that you can apply to all your business practises to streamline processes, revolutionise thinking and improve internal and external communications: Keep CALMS and use DevOps.

devopscalms

Culture - Let yourself Fail

“The one who falls and gets up is stronger than the one who never fell.” It may be a cliché, but we really do learn from our mistakes. Don’t be afraid to try things, but learn to fail safely and make sure you learn from things that don’t work out.

Constant testing, re-evaluation and development is the only way to keep up with the modern world and this can be applied to software development, marketing strategies, personal goals – anything!

Automation – Focus on your business

Modern technology allows you to automate loads of areas of your life to free up your time – without it, juggling work, family, friends and the other components of contemporary culture would be impossible.

Automating systems and processes at work not only eliminates the risk of human error, but it frees up time to focus on the running of your business. Without having to spend man-power on monitoring, testing and updating your software you can focus more time into making your business the best it can be. Automation also means that your release processes are consistent, reliable and specific to your needs.

Lean – Cut down on waste

Originally devised and initiated by Toyota ‘Lean’ is a way of working that improves flow and eliminates waste: making obvious what adds value by reducing everything else. Implementing a Lean system in your processes means discarding superfluous, ‘wasteful’ activity and focusing on efficiently achieving your end result. These processes also reduce costs and production time as well as improving productivity.

This is ideal for efficiency in and out of the work environment – whether your new year’s resolution is to be more productive in your spare time, to recycle more or to get fit, try applying Lean principles to your day-to-day goals!

Metrics – Audience analysis

Who are your customers? How well are you able to monitor the way in which they engage/interact with your business/service? It’s important to keep up with the technological demands of an ever-tech savvy client base, but without listening to what they want, how can you know how to meet their need?

Implementing effective audience analysis technologies and responding quickly to their queries will establish you as trustworthy and responsive and will encourage repeat business.

Sharing – Sharing data

Do different departments within your business share work and information freely? Breakdowns of internal communication can result in the duplication of work and ineffective data management: one department may already have the data that another department is spending time collecting.

An integrated staff which shares information and works cohesively can understand each other’s individual roles, challenges and goals and will work more effectively to make your business the best it can be.

 

To learn more about how DevOpsGuys can help you make the changes you need visit our website or get in touch. Our Blog also has loads of fun, helpful articles to help you get an idea of how we work and what we can offer you.