DevOps Remix

Written by: Saskia Webster-Zazzi
6 min read
Stay connected

The DevOps World 2022 Keynote established the remix theme with strong presentations about how we need to work together to build DevOps 3.0. CloudBees Senior Director Hope Lynch kicked off the session by explaining where we are and why we need a remix.

Release IQ Connects Islands of Automation

One of the most exciting announcements at DevOps World was the integration of ReleaseIQ as CloudBees Release Orchestration SaaS by Shawn Ahmed, CPO of CloudBees. A big part of DevOps 3.0 will be better connections between disparate processes and better visibility up and down your tech stacks. CloudBees' acquisition of ReleaseIQ makes that happen.

Shawn introduced Seetharam Param, former ReleaseIQ CEO and current VP at CloudBees, who then showed us a quick preview of the product. Seetharam explained how, with this addition to the CloudBees toolbox, you can stitch together your existing tools and build a cohesive whole from your islands of automation.

For an in-depth look at CloudBees Release Orchestration SaaS, Seetharam takes you through a deep dive in his CloudBees and ReleaseIQ Deep Dive.

Shift Left Done Right Now

Shift Left has been with us for a long time, and testing software early so we catch errors sooner is a valid approach to making continuous delivery safer and more robust. In theory, catching errors earlier in the process saves time and money and increases your ability to quickly deliver value to your customers. But is there a buried cost?

CloudBees did a study of C-level executives around the world, looking at how Shift Left has impacted security and compliance. Tim Johnson, a senior product marketing manager at CloudBees, presented those study results during the keynote and explained why Shift Left has become a DevOps antipattern.

In The Compliance Tax and How It Is Slowing Down Innovation, Tim takes a deeper dive into this phenomenon and what we can do to change it.

Remix Culture

What can a DevOps engineer learn from Shepard Fairey? Do your pipelines need new patterns and brighter colors?

James Governor, co-founder of RedMonk, wrapped up the keynote session with a talk about remix culture. Remixing ideas and content is a common concept in the arts, and he showed you how you can look at it for cues on how to take your DevOps practice to the next level. He explained how DevOps is founded on the very idea of bringing two cultures together, and the notion of remixes should already come naturally to us.

James points the way to Matthew Skelton's presentation, Business and Technical Agility With Team Topologies. Team Topologies show you how to integrate your teams for optimized collaboration and flow, and can serve as a linchpin in your cultural remix. Matthew is a head of consulting at Conflux, on Team Topologies, and co-authored “Team Topologies” with Manuel Pais.

Remixing DevOps Security

As we remix and improve DevOps, security is one of our most important considerations. We already touched on how Shift Left has compromised our posture. But there's always a bigger picture with security; the threats of supply-chain attacks, breaches, and social engineering are still with us, too.

Learning From Other Industries

What can we learn from auto manufacturing? What can we learn from looking at bad lettuce, burning airplane batteries, and compromised jar files?

In his talk on the Open Source Supply Chain Threat Landscape, Brian Fox, co-founder and CTO of Sonatype, explained how we can remix ideas and solutions from the manufacturing and food industries to help protect our supply chains. These industries have similarly large and diverse supply chains, and used techniques like narrowing their suppliers and tracking where items came from to reduce their risk. Brian explained how we can do the same.

Mixing Stories to Improve Security

You've probably heard of Joseph Campbell's Hero's Journey. Its influenced countless stories, including Star Wars, Harry Potter, The Hunger Games, and the Hobbit. In other words: it's the cornerstone for many popular remixes. Joseph Campbell's framework lays out how a hero is called to adventure, defeats their enemy, and returns home changed.

In NIST Standards and the DevOps Journey: How to Jump-Start Software Security, Josh Bressers shows you how to apply the Hero's Journey to the latest NIST security guidance and how to use it to help you put together a cross-culture team.

Applying Remix Culture

In Tackling Supply Chain Security by Modernizing Jenkins, Minyi Chen, Tom Handy, and Jeff Cobble show us how Fidelity took on supply chain issues in their CI/CD pipelines. A big part of their effort was reaching out to individual development teams, learning their requirements and how they already got things done, and creating standardized tools that kept everyone safe. 

DevOps and Value Stream Mapping

One of the most important steps DevOps 3.0 needs to make is alignment with value stream mapping (VSM). DevOps delivers software, and that software must be aligned with the business and the value it promises its customers.

In DevOps & VSM: The Secret of Many Organizations, Julia Hall, principal product manager at Appfire, asserts that companies have no choice but to adopt value stream mapping in their DevOps efforts. Then, she backs her theory up with a history of VSM and a compelling use case. If you have any doubts about how VSM can help you improve your pipelines and customer outcomes, start here.

For a view from the other side of the VSM equation, Matthew Skelton returns with 5 Reasons  Why CI/CD Is Vital to Your Organization’s Value Stream and explains how CI/CD is a core organizational capability that is critical to delivering value to your customers.

Come See Where DevOps 3.0 Will Take Us

This is only a brief look into what DevOps World 2022 has to offer. Even though we had to pivot from an in-person event to a virtual one, we were able to assemble great speakers and cover a lot of ground. It would have been wonderful to meet in person, but we adapted. We remixed.

DevOps encompasses a variety of people and practices, and so does this year's conference. In addition to the talks we discussed above, you can find sessions covering how CloudBees has automated their software release process, how to use Dagger to keep you CI local, how Broadcom lowered their rate of Jenkins failures, the CloudBees Innovation Awards, and much more.

Sign up to view the DevOps World sessions today, and start your own DevOps remix!

Stay up to date

We'll never share your email address and you can opt out at any time, we promise.