Key takeaways from the conference

DevOpsCon 2018 takeaways: Question everything & focus-forward thinking

© Shutterstock / Nitikorn Poonsiri

As DevOpsCon 2018 winds to a close, we take a look at some of the important things that we’ve learned during the sessions, keynotes, and workshops. We learned how to become more mature in our DevOps, how to do metrics the safe way, and to always question everything. Let’s take a look at our notes!

DevOpsCon 2018’s welcome keynote opened up with some poll taking. Sebastian Meyen asked the audience some questions by a show of hands: if they are devs or ops, newbies or masters, and if their respective companies are doing “full” DevOps or just starting implementation. By a scan of the crowd it seemed that there were not a lot of newbies at the conference, but there were a lot of people who practice DevOps. There was a near even split of devs and ops. Many of these people are not going “full” DevOps, however there were a lot of people attending from the management side of their company who can put DevOps into practice.

Charity Majors: Say yes to observability

In her keynote “Observability for emerging Infra: what got you here won’t get you there” Charity Majors, founder and CEO of, laid down some wisdom about how monitoring has not changed significantly in 20 years. She stated that observability is the thing to do because it is different from monitoring – the best practices are different. Majors discussed that the best practices are events, not metrics. There is importance in rich instrumentation, few dashboards, test in production, very few paging alerts, sampling, and not write-time aggregation.

Dashboards, according to Major, are the devil because you want to slice-and-dice in real-time. No users care what the system health is, they only care about the experience. Services need owners, not operators, and software engineers need to focus on observability-driven development!

Julia Wester: All about metrics

Founder of Lagom Solutions, Julia Wester discussed how sometimes too much information is as bad as not enough information in her session “Winning at DevOps with Kanban”. There are no one-size-fits-all metrics, although there may be some common, good baseline metrics. Wester spoke about how to do metrics the safe way, how to know when to discard metrics, and what missteps might be taken.

Some key points on how to do metrics the safe way:

  • Start with a clear outcome in mind
  • Walk the path to discover your metrics: ODIM (outcome, decision, insight, measure)
  • Know what each metric really tells you and evaluate your metrics with a “so what” test: Does this matter to my customer?
  • Choose metrics that compete with each other. We don’t always see the consequence of our actions, but this helps us see the negative consequences.
  • A balanced dashboard should include: quality, responsiveness, productivity, and sustainability

To avoid missteps, Julia Wester cautioned that it’s easy to over-optimize things and that superstars aren’t always the best team members. She stressed that using shame as an incentive is a misstep and that teams should care more about trends than numbers. Wester left her audience with the takeaway that you don’t need perfect data, you just need more info than you have right now.

SEE ALSO: Ask me anything: JAX London 2018 community questions

Terry Shea: Kubernetes all the way

Terry Shea is a member of the senior management team at Kublr, the developer of a leading enterprise Kubernetes management platform. In his keynote with Radu Immenroth, “The Kubernetes Evolution and a Use Case with Questback”, he assessed that Kubernetes has won the orchestration war. Kubernetes is also in data science and machine learning (e.g. Apache Spark 2.3 with native Kubernetes integration). Meanwhile, the relationship between the cloud and Kubernetes continues to evolve.

What is next for Kubernetes? We will just have to wait and see.

Greg Bledsoe: DevOps maturity – Are we there yet?

Writer and speaker Greg Bledsoe had a lot to say in his session and keynote about DevOps maturity titled “DevOps Maturity: What does ‘Good’ look like?”. Firstly, he discussed what DevOps is not. It is not: a new software or technology, a new tool stack, new teams, or organizational changes. DevOps is relevant for all companies, whether they are start-ups or not, and is relevant outside of customer developer. It still changes daily and should be thought of as an open-source collaborative methodology.

Bledsoe defined DevOps as the realignment of IT around delivering business value. There are many factors that can inhibit DevOps, such as blame-shifting between groups, thinking all problems can be solved by tools, hierarchical silos and handoffs, demanding that they are never any problems, and making large, sporadic changes rather than continually making consecutive changes.

SEE ALSO: Dependency hell, monorepos and beyond

According to Bledsoe, more mature teams measure outcomes, results, and work items that have been completed. They assess trends, provide feedback frequently and use metrics to inform program choices. Less mature teams measure outputs, activity, and time spent per task. They provide infrequent feedback and do not understand the value of what they are measuring. Bledsoe cautioned that psychological trust and safety is the number one difference between high and low performing teams.

Bledsoe concluded by stating that previously, IT was the bottleneck that prevented the business from moving forward, but now the opposite is true. The business must catch up to what DevOps can deliver. DevOps is the tip of the spear that moves the business.

Chad Arimura: CI/CD in a serverless world

Oracle’s Chad Arimura talked all about serverless in his keynote. According to Arimura, serverless is not NoOps and is not dramatically changing DevOps. Serverless is less code, delegates responsibility across APIs, but it is not where it needs to be today.

Arimura’s first principles of serverless are: drive business value, increase efficiency, and improve team happiness. Serverless for DevOps allows for auditing proper roles, applying tags for ownership, and using functions as chaos tools.

Tim Mackey: Question everything and continually evaluate trust

Tim Mackey from Black Duck by Synopsys discussed containers in his session “AppSec at the Speed of DevOps in the Age of Open Source”. Mackey reported that containers are immutable (they are created once and run many instances) and ephemeral (a container’s life should only be as long as necessary). Containers must be sacrificed and a system may terminate a container if needed; there is no guarantee of a container’s lifespan.

Mackey predicted that the rate of security disclosures will increase. He told the audience that web services APIs introduce new risk profiles (disruption or discontinuity of usage, loss of intellectual property, data breaching, unintended use of unreliable services) and that not every service is reliable and should be trusted. The final takeaway of Tim Mackey’s session is that we are all researchers and when you find a security issue, you should report it. This way we all increase vulnerability awareness together.

Thanks to everyone who came to DevOpsCon 2018 and a very special thanks to all our speakers!

Inline Feedbacks
View all comments