App deployment typically occurs after app delivery. While delivery is the purview of developers and DevOps practitioners, deployment falls squarely on the shoulders of IT Ops, NetOps, and SecOps. These teams are responsible for the deployment of the myriad app services that make up the data path responsible for scaling and securing the app.
Taken together, these two processes are responsible for taking an app from conception to completion, from code to the customer.
And while we see a rise in continuous deployment, 27% of developers still report that either code review or deploying to production is the biggest source of delay in delivering apps (2019 Global Software Engineering Report from Gitlab).
How can ops - who our research shows remain primarily responsible for deploying and operating app services in production - help address this delay without compromising on security?
We see in the rise of containers and open source one solution: standardization of infrastructure across development and deployment. There have been a plethora of studies that call out the discovery of issues when an app takes its first steps into production. This is often because the app has been developed in an environment that is not replicated in production. Differences in networking, app services, and infrastructure can introduce variables that were unaccounted for and lead to delays while issues are resolved.
This is frustrating for both ops and dev, who must put aside time to troubleshoot, test, and redeploy. This time takes away from innovation and from the development of apps that drive the business forward.
By standardizing infrastructure and app services across production and development, developers will be coding and DevOps building and testing in a consistent environment. This helps to discover quirks and issues earlier and ensure a smoother transition to the production environment.
This is especially critical for addressing security concerns, as all too often, it is security services that are eliminated or delayed in order to meet deadlines. Access control and app security are extremely app-centric and require configuration and policies designed for a single app. Those policies and configurations should be available to developers as early in the process as possible to ensure applications work seamlessly with the app services providing security and scale.
In the past, standardizing these components was expensive and difficult due to the nature of app services that were tethered to network appliances. But the rise of containers and open source have provided affordable, container-native options for app services that make it possible to ensure a consistent environment across production and development.
The rise of open-source, cloud-based repositories and toolsets for automation and orchestration, too, provide perfect platforms for enabling a seamless transition from delivery to deployment. We see tools such as GitLab, GitHub, and Jenkins increasingly making inroads into production environments as the means by which network and application services are deployed and operated.
This sharing of standardized infrastructure, app services, and toolsets is the best way for organizations to address the speed and frequency desired for delivery by developers without compromising on the security and stability demanded by the business to ensure the customer experience.