In a business climate where “every company is becoming a software company,” it’s no surprise that enterprises are searching for best practices to accelerate their software development processes. Primary among these is DevOps, one of the leading methodologies for speeding up the delivery and performance of applications. Closely akin to the “agile” methodology, DevOps strives to align application development (the Dev) and IT operations (the Ops) to improve the entire application-management lifecycle.
DevOps practices achieve their goals largely by utilising virtualisation and automation. By creating a virtual environment that closely mimics real-world conditions, developers can properly test every line of code before it is released. And automation ensures that such environments can be quickly and safely put into and pulled out of use.
Sounds great, doesn’t it? And it is great—so great, in fact, that there is now a strong push to extend virtualisation and automation out of their traditional place in the data centre and into the network.
What’s missing from DevOps?
In the fast-paced world of DevOps, two areas—servers and storage in the data centre—are generally well served by virtualisation and automation. But two other key pieces—network and security—have been slower to realise the benefits of a software-defined approach. This lag comes as no surprise: servers are singular endpoints, but networks are complex, distributed entities with little or no homogeneity, where changes to one element can significantly impact the entire infrastructure.
In addition, configuration and provisioning of the various aspects of the network have traditionally been managed in a siloed manner, with inefficient communication and poor collaboration among the network, security, development, and operations teams. In such environments, manual configuration and provisioning can take days or weeks. And clearly, such a slow pace undermines the agility that the DevOps methodology strives to deliver.
The most-heralded benefits of DevOps come from being able to adopt a Continuous Integration, Delivery, and Deployment (CI-CD) approach. CI-CD simplifies, automates, and accelerates application and services lifecycle management. For applications, this happens first by merging all in-development copies to a shared code base throughout the day (continuous integration); and second by automating the process (tools, techniques, workflow) that deliver a software package out to an environment (continuous deployment).
While this approach works well for application developers, until recently it did not accommodate network and security teams, which have lacked the tools that would enable them to move with the same speed as the development and operations teams. As a result, network and security teams are often blamed for slowing time-to-market of new applications and for an inability to keep pace with the agile DevOps process across the entire application lifecycle.
Continuous integration/continuous deployment
Enterprises that embrace the CI-CD model of application development are now looking to sustain rapid planning and deployment across network and security teams. Accordingly, testing of the network and application services infrastructure must take place concurrent with the application development and testing processes. The old, sequential approach of developing network configurations after the dev and test phases simply cannot support an agile CI-CD process.
The better solution is to take advantage of virtualisation and programmability within the network and application services infrastructure, just as DevOps has traditionally utilised these capabilities in the data centre. Granted, such solutions were not previously available, but new and rapidly evolving network orchestration and automation functionalities now enable network and security teams to test policies and configurations before production. Even in very complex environments.
Automation of network services—enabled by templates and APIs—helps ensure that when an application rolls out, the supporting infrastructure is ready to perform at the expected level. Automation and orchestration of network and application services also enables organisations to address performance issues quickly and accurately. Applications can be fine-tuned with minor adjustments to policies, without completely reconfiguring the underlying infrastructure.
Innovations that help network and security teams operate with speed and agility in a DevOps environment generally fall into two categories: network orchestration and application services automation.
Network orchestration leverages a software-defined infrastructure (SDI) approach to provision networks quickly and with minimal human error (similar to how software-defined components like servers and storage are provisioned). This approach supports flexible application provisioning across physical and virtual environments. In the CI-CD model, network orchestrators ensure that all production-critical application and network elements—including availability, core network services, security services, and performance—are accounted for and are rolled out in proper sequence.
Application automation focuses on availability, performance, and security. It used to be that automation of this sort only affected simple load balancing—which is still vital —but it now also includes a wider range of functions. For example, OpenStack distributions that provide template-based programmability and APIs help network teams configure and automate application services during the test phase.
Benefits of applying DevOps principles to the network
The ability to program, test, and continuously deploy network and application services infrastructure concurrently with the rest of the application development process helps deliver on the promise of DevOps in two important ways.
First is speed. In the development and test phases, automation enables faster configuration and deployment of network settings and policies. In the production phase, application performance can be tuned by making small adjustments to existing policies without requiring wholesale changes to the underlying architecture. And all this can be completed in a fraction of the time deep configuration changes would require, transforming the process so tickets that may have taken weeks to resolve can now be closed in minutes.
Next is stability and consistency. Automation ensures infrastructure stability across every application rollout and update. Validated templates preserve provisioning and configuration policies, making them readily available and easy to manage. There is no need to re-architect the entire network infrastructure during (or, heaven-forbid, after) launch. In all these ways, you significantly improve the efficiency, security, and availability of infrastructure resources throughout the application lifecycle.
If you’re looking to increase the agility with which your business responds to changes in marketplace demands or entirely new business opportunities, consider extending the power and benefits of DevOps methodology to your network and security operations. You’ll find your application development process operating both faster and safer, significantly improving the entire application-management lifecycle.