DevOps is a culture, as much as it is a philosophy, as much as it is a method of continuous improvement in software applications. It may be the first manifestation in the government IT world of the impact of millennials’ views of the world – fast, repetitive, automated, collaborative, less risky, small-scale – but with a collective big impact – and a permanent change to how organizations think about infrastructure investment.
That may explain why the government speakers at the Advanced Technology Academic Research Center’s (ATARC) first DevOps Summit in Washington, D.C. last week were less formal and more irreverent about the mainstays of government contracting, such as defining requirements and Firm Fixed Price.
First, an explanation: DevOps, from Development and Operations, is based on the idea that bringing together employees who develop solutions with employees who perform the mission will encourage collaboration on ideas that actually improve how people do their day-to-day jobs. A big part of making DevOps work is automating as much testing as possible, whether it’s for functionality, security, Section 508 compliance, load balancing, and so on. Automated testing is a crucial part of DevOps because software updates for improved or new functionality are released often – in many cases, once a day – so testing the software has to happen just as quickly.
“I like to think of DevOps as today’s best practice,” said Mark Schwartz, CIO for U.S. Customs and Immigration Services. “We’re using DevOps everywhere we can … We have a number of new systems that we were able to greenfield with the DevOps approach. [Then] we have legacy systems where we’re using the strangler approach.”
“CIO Schwartz is becoming well known for his advocacy of the strangler approach; it’s a strange reference, yet apt,” said Yogesh Khanna, Chief Technology Officer at CSRA. “It’s an analogy to the way in which a vine, like Kudzu, can slowly overcome a much larger tree, by isolating one branch, or section, at a time, and then using it to sustain the vine, rather than the tree.”
“In the context of DevOps, it means finding a small part of a system that can be redeveloped and then integrated with the legacy system, Khanna continued. Once critical functions have been identified, it’s time to turn it over to the DevOps team for re-creation, automation, and finally rigorous testing. This is the primary way that legacy and proprietary systems, which make up a significant part of the federal government’s IT infrastructure, can be modernized.”
Ann Dunkin, CIO at the Environmental Protection Agency, supported Schwartz’s approach. She pointed out that not only are big modernization programs inherently more risky than taking the DevOps one-limb-at-a-time approach, waiting so long to impose big transformation means technological developments are diverging further and further away from the legacy system, which is stuck in one place like a fly in amber. That means opportunity costs, both for the mission of the agencies and for the employees.
“We have to stop doing that. We have to keep modernizing constantly,” Dunkin said.