IT Modernization and DevOps News Week in Review
Kicking off our review of IT Modernization news this week, is a new report by DORA, the DevOps Research and Assessment group, illustrating how DevOps practices pay off for organizations in terms of performance and quality outcomes. In its annual report, DORA adds a new measure, SDO, software delivery and operational performance that measures availability, finding that SDO performance helps organizations achieve competitive advantages like increased profitability, productivity, market share, customer satisfaction, and the ability to achieve organization and mission goals.
Other key findings from the research include these about high performers:
- Organizations that use cloud computing’s essential characteristics are 23 times more likely to be high performers.
- They are 1.75 times more likely to extensively use open source technologies and are 1.5 times more likely to expand its use in the future.
- Outsourcing by function is rarely adopted by elite performers and hurts performance. Low-performing teams are almost 4 times as likely to outsource whole functions. (For our take on this, please read our blog on why you should never outsource your core IP.)
- Key technical practices like monitoring and integrating security early — what we call Security by Design — drive high performance.
- Industry doesn’t matter when it comes to achieving high performance for software delivery. DORA found high performers across industries.
- HashiCorp announced this week several new features to more deeply integrate HashiCorp Consul with Kubernetes. The features include an official Helm Chart for installing Consul on Kubernetes, automatic syncing of Kubernetes services with Consul (and vice versa), auto-join for external Consul agents to join a cluster in Kubernetes, injectors so pods are automatically secured with Connect, and support for Envoy. According to the announcement, these features help solve important cross-cluster challenges between multiple Kubernetes clusters as well as non-Kubernetes services interacting with Kubernetes services.
- CA unveiled research illustrating seven trends in Docker container monitoring, finding that application development and testing are still the most popular Docker use cases, with containers providing the most value when it comes to continuous delivery, scalability and resource efficiency. And, according to the report, the business impact of Docker container performance is largely unmeasured today with 56% of respondents saying they are not monitoring Docker container performance problems for business impact yet.
- Our DevOps team was interested to see the news that AWS is extending AWS CloudFormation with AWS Lambda powered macros. This new feature will allow developers to extend the native syntax of AWS CloudFormation templates by calling out to AWS Lambda powered transformations. (The same technology that powers the AWS Serverless Application Model functionality but the transforms run in your own accounts, on your own lambda functions, and they’re completely customizable.) The real power here is that you can extend your existing infrastructure as code with code.
- AWS has announced that the AWS Web Application Firewall, WAF, now supports full logging of all web requests inspected by the service. Operators can store the logs in Amazon S3 for compliance and auditing needs and use them for debugging and additional forensics. The logs will help operators understand why certain rules are triggered and why certain web requests are blocked. Operators can also integrate the logs with their SIEM and log analysis tools.
- AWS Config has seven new managed rules. AWS Config rules allow operators to assess, audit, and evaluate the configurations of AWS resources and it now has seven new managed rules to help evaluate whether AWS resource configurations comply with common best practices, thereby simplifying compliance auditing, security analysis, change management, and operational troubleshooting. Our AWS consulting group is particularly excited to see that a new rule for reporting non-compliant patches in your managed instances using ec2-managedinstance-patch-compliance-status-check is among them.
- If your plans have you in Austin, TX on Thursday, September 20th join us as Flux7 hosts a discussion about HashiCorp Consul Connect with HashiCorp Solutions Engineer Sean Carolan. Sean will share how to use HashiCorp Consult to create an easy service mesh. Get more information and RSVP here: https://www.meetup.com/Austin-HashiCorp-User-Group/events/251720578/