Crossing the CI/CD/DevOps Chasm
Speaker: Miranda LeBlanc (Liberty Mutual)

Goals

• Cloud native enterprise – continuous delivery of valuable software
• Embrace DevOps – culture of trust, safety and confidence
• Agile
• Microservices architecture

Working with services/teams

• Operate in an open source fashion
• Can submit pull requests to other teams
• Liberty CloudForge – internal tooling team to support business facing teams.

Security

• Need to protect medical and financial data
• Build safety, security and compliance into pipeline

Goals vs Reality

• Developers focused on own team/business units.
• Not ready to do open source like development.
• Not ready to look at chasm let alone cross it.

Approach

• Started experimenting with tools and standing up CI.
• Then progressed to static analysis/code review.
• Then DevOps and automated deployments
• Then PaaS
• Then to Prod in 5 minutes

MVP

• Focus on MVP on every feature/story
• Minimal feature is a proof of concept
• Want MVP that will delight customers

Challenges

• Removing features that aren’t delivering value (or not delivering value anymore)
• Growth – going from 10-50 people. Everyone can’t know everything.

Lessons Learned

• CI/CD requires real software engineering skill – learning Maven/Gradle, automated testing, etc.
• Define key metrics up front and use them – ex: released a bug to prod because focused on unit test coverage
• Culture and behaviors matter – ex: get whole team on board with new wait of thinking. Want to avoid asking what date trying to hit. Roadmaps are for conversations not commitments.

• Cyclic – digital transformation yet hardly ends well
• Think about how to program your business
• Start by moving things you do yourself that aren’t your business – ex: hosted email
• When people have ideas, they don’t want to be told to open a ticket

Delivering value

• Doing software well is managing chaos on behalf of users
• Top user stories
  • User would like software to work
  • User would like to accomplish a goal
• Deliver value reliably in small batches – allows to hypothesis/validate quickly/see if worked for user
• When you succeed in solving a problem “merry christmas; here’s another problem to solve”

IRS

• used to have a call center
• problem because people don;t like calling the IRS
• only 37% of calls even got through
• tried feature where could revisit past – people didn’t like either and still called. But fast feedback loop cycle so could move on to next approach
• finally learned all people wanted was to know how much they owe

Agile/teams

• 25 years later, agile practices are still not standard
• Look at which practices each team doing; not how many Certified Scrum Masters you have.
• Waterscrumfall or wagilefall – still doing big upfront analysis before get to team level
• Organization needs to support agile teams
• DevOps team is old name
• Have all roles need on team; fully dedicated to product. Build up expertise and shared knowledge
• Have standardized platform that takes care of basic needs to can focus on delighting users vs needing everyone to be a full stack engineer
• Work closely together whether in person or over video conference. In person probably is better.
• Easy to get stuck doing research when working by self. Easier to stay on task and work 4-6 hours a day.

Operations

• If change nothing, system will stay up and running.
• Developers are the ones who write the bugs.

Scaling

• Don’t be overly ambitious at first. Start with low-risk apps
• Real apps. Not the poor cafeteria app.
• Skunkworks/quarantine yourself. Limit failure.
• Internal marketing – not just email.

Also see booklet: https://cote.io/2016/11/28/cloud2/

• Almost 3K atttendees [someone said about a third of attendees are pivotal employees]
• 50% bigger than last year in Vegas

Onsi Fakhouri – head of R&D

• Philosophy
  • learning is from feedback loops
  • velocity enables learning
  • need to push to production quickly
  • “go fast, forever”
  • emphasized choice
• Announcements/what’s new [I’m not a Spring expert so hard to follow all the details; learned a lot though; also 23 announcements during 12 minutes didn’t help for pace]
  • Spring has been synchronous blocking I/O model
  • Spring 5/Spring Boot 2 – Reactor will bring async non-blocking I/O
  • Spring Tools 4 – IDE agnostic; helps for Spring Boot
  • PCF (Pivotal Cloud Foundry)
    • Pivotal Application Service (PAS) – formerly Elastic, added small footprint PAS (6 VMs vs 20)
    • BOSH – language/tooling for working with deployments and such, enables cloud foundry to work across platforms
    • cf push – command to deploy to cloud foundry
    • Can run polyglot apps
    • Adding .NET support
  • Adding Rabbit MQ support
  • Kubernetes
    • Want to be partner for all workloads
    • kubernetes great container for all workloads
    • Shouldn’t have to choose between Cloud Foundry and Kubernetes
    • Pivotal Container Service (PKS) [yes, “K” is for “container” – Kubernetes powered by BOSH – constant compatibility
  • PFS (pivotal function service)

Erich Gamma (Microsoft)

• Acknowledged elephant in the room – MIcrosoft at a Java conference
• Went through history of editors/IDEs – editor is light/fast vs IDE with more features
• VS Code
  • editor with some IDE features like code understanding and debug functionality
  • need extensions to make this happen
  • run extensions in separate process so not vulnerable if poor extension. Communicate back to main process through RPC
  • long tail problem – need deep support for many languages
  • In 2016, announced language server protocol to communicate between editor and language server
  • Eclipse is one of the language servers for Java.
  • Other languages include Go, Python, Microsoft Languages and many more.
  • Pivotal is also a language server
  • Learned Rust is a language – it’s for systems [saw it in the list of languages supported]
  • Did demo of Java development and cf push from VS Studio

Phil Webb (Spring Boot Lead)

• The Only Constant is Change
• Spring is an integration framework, not DI. Spring combines technologies in a way that feels natural. Achieves through dependency injection.
• “Software maintenance is not keeping it working like before. It is keep it being useful in a changing world.” – Nobody uses a cell phone from 20 years ago even if it were to work.
• Spring initializr
  • say what technologies want and it creates a Maven POM or zip file of what need to get started. And keeps track of what people are choosing.
  • Covered limitations – doesn’t show if removed tech or if removed later.
  • ThymeLeaf in first place for view technologies followed by Freemarker
  • Removed Velocity from list if chose most recent version of Spring Boot. Velocity last released in 2010. Continuing support was a liability.
• “A good developer is like a werewolf: Afraid of silver bullets”
• Stagnate if say no to everything; volatile if say yes to everything. Want to be somewhere in between.
• Kotlin
  • new JVM language by JetBrains.
  • Supported by latest version of Spring.
  • Also an Android language
  • Gradle overs DSL
• Reactive – WebFlux
  • Alternative to Spring MVC
  • Doesn’t use Servlet API
  • Netty is default runtime. Can switch to Tomcat if want
  • non-blocking
  • WebClient – alternative to Spring Template.
  • Picture a swimming pool with ducks – they swim end to end. Not reactive. An obstacle in the lane slows down whole thread Can only scale by adding more threads which has cost. With reactive, it’s more like the runway at an airport; only used when take off/landing

Ranji Narine (Scotiabank) 

• Led technology transofmration
• 9K people in technology
• Key goals – time to-market, cost and culture
• Obstacles to velocity
  • Little code reuse
  • Time to do a code release
  • Teams optimized for organizational hierarchy
  • Infrastructure takes too long
  • Time/complexity/cost
• Improvements
  • Created tech shop
  • APIs
  • Daily releases – CI/CD pipeline – 3K deploys per month
  • PCF (Pivotal Cloud Foundry)

Stephan Nicoll and Madhura Bhave (Spring Boot)

• Live demo/live coding
  • Spring Initializr – can do from Bweb or from within Eclipse/IntelliJ
  • Java 9
  • WebTestClient – can mock or test against live server
  • Data repository using MongoDB
  • RestTemplate is a blocking API so WebClient to stream data instead
  • Reactor streaming code
• Spring Boot 2.0
  • Actuators turned off by default because can show sensitive info
• Showed animation of logo. Pixel art is fun.

Simon Wardley (Researcher)

• Humorous – buzzword strategies
• Maps –
  • position matters
  • can’t move San Francisco, but can move items on a “systems maps” or a ‘mind map” because not really a map
  •  need anchor – ex: compass

John Heveran (Liberty Mutual)

• Goals
  • 60% workload in cloud
  • 75% tech staff write code
  • 50% apps have code to prod in a day
• Need to be able to take risks
• Learned
  • Be holistic
  • Think ambitiously
  • Don’t constrain yourself with decisions of the past
  • Did make mistakes but able to correct quickly and share lessons across org
• Accomplished
  • In 10 weeks, converted 10 apps to new model
  • Reduced number of apps
  • Biggest mission critical app was 1.3 million lines of code