David LeadbeaterMar 12
mhoye

The core insight of DevOps, at the very beginning, was that when people need to carry the pager for the code they write, they write code that won’t wake them up at Oh My God, What The Fuck O’Clock after it falls over in production again. Everything since - DORA, all of it - has been in service of this one idea that aligning software discipline with quality of life consequences makes better software.

It’s an idea that should be everywhere and in everything.

Mar 11 at 2:48pmWeb
Show threadBenjamin GeerMar 11
@mhoye I think you’re right, but in practice, at least in my experience, the problem has been that when developers said, “To make the software reliable so we don’t get woken up in the middle of the night, we need to be able to choose what technologies we use, we need to deal with the technical debt, and we need time and resources”, management said no. I’m willing to be accountable if I have enough autonomy to be able to do things properly.
Show thread"Musty Bits" McGeeMar 11
@benjamingeer @mhoye IME there's a limit also. Developers themselves get tired of wrangling other technologies and systems that are now three degrees removed from even *starting* to solve the business problem they are actually tasked with or interested in solving.
Show thread"Musty Bits" McGeeMar 11
@benjamingeer @mhoye cf. AWS IAM
Show threadkouhai, of the health issuesMar 12

@arichtman @benjamingeer @mhoye unfortunately AWS IAM is genuinely the only thing which solves the very hard problem, of “I want near-Turing-complete permissions management schemes to enforce almost any possible rule set”

GCP tags are a joke, for example

Show thread"Musty Bits" McGeeMar 12
@kouhai @benjamingeer @mhoye oh it's an impressive achievement to be sure! It's just the last thing developers want to be blocked by when they're already knee deep in security groups and subnets for their database instance and all they wanted was a connection string
Show threadkouhai, of the health issuesMar 12
@arichtman let she who has not bricked a resource by creating a “oops all deny” policy (and make the walk of shame to the root credentials) cast the first stone
Show threadSasha AkhaviMar 11
@mhoye what if devops but for execs
Show threadjon rMar 11
@sakhavi
@thomasfricke has a special management workshop to explain the Software factory to leadership people and it makes total sense. Everyone knows DevOps is, should be a culture of the whole organisation. Nobody knows the values or any specifics and it is again often left to the technicians "to do DevOps". In return they often cannot inspire needed, sometimes drastic change, because management levels will feel they step on their toes and make demands and decisions out of their role.
@mhoye
Show threadThomas Fricke (he/his)Mar 11

@yala @sakhavi @mhoye

Yes, you need to explain it to the management why it's a good idea to pass the responsibility to the team

Show threadAnn HMar 11
@mhoye @Unlikelylass And yet so many unquestioning implementations of DevOps undermine this very thing. Dude who presses go on a pipeline he didn’t write for software he didn’t write either is now called DevOps. So much of SAFe abused to isolate people who make decisions from carrying consequences and vice versa(obligatory insert to say yes I know that isn’t SAFe but a thing is how people use it). Agile understood to mean fast and acquiescing to power rather than responding to need.
Show threadChris SiebenmannMar 11
@mhoye My core cynical view from the trajectory of 'DevOps' since then is that developers don't want to be on the hook that way. I actually can't blame them because I'm not sure management rewarded them for it. If management demands shipped features you get shipped features and damn the torpedoes, full speed ahead.
Show threadmhoyeMar 12

@cks My slightly adjacent cynical view is that as soon as the realization that code had consequences really took root, it basically served as an incentive marketing campaign for SAAS based solutions that let you offload those risks to companies and "devops" rapidly became "contract management in a terminal window".

@owen had some related thoughts about this but a quick search didn't find them.

Show threadOwenMar 12

@mhoye @cks I do wish I remembered where I picked up that framing; it's not mine, but it rung so loudly through me I've had trouble shutting up about it.

However, I might disagree that, as practiced, modern devops has a damned thing to do with what _developers_ (or, for that matter, the few remaining ops folk) want. Most devops implementations I've seen are firmly top-down exercises, facilitated by a few true believers but largely funded by the host organization.

Show threadOwenMar 12

@mhoye @cks The mean "devops transformation" reallocates work without removing any, and reduces headcount. _Devops teams_, where they exist, are almost universally in a lower total team comp band than the ops team whose work they inherited, and given how underpaid a lot of ops teams were to start with, that's saying something.

That's not to say that individual devops engineers are necessarily underpaid; I've known some very well compensated folks in that space.

Who work, functionally, alone.

Show threadNikMar 12
@owen @mhoye @cks if you have a "DevOps team" then you've already lost.
Show threadAshley Rolfmore (leymoo)Mar 12

@mhoye
Some thoughts:
Heston Blumenthal said he could always tell if a chef had eaten at his own restaurant by the butter - if it was cold, and didn't spread, they clearly had never experienced being at the table themselves.

Railway and civil engineering however is much closer to the large "team effort" of software. They don't need to "live" their own consequences by attending to every derailment, because a sensible proxy has been set up - professional chartering, striking people off, criminal charges, disciplinary action.

Right now, software does not have this concept. But prior to them having this setup, old bridge builders were invited to stand under it to "prove" it worked.

Show threadArthur P. DentMar 12

@mhoye My cynical take is that most enterprise organizations and their managements don’t really feel the pressure needed to justify the effort to move over to real DevOps.

DevOps was meant to solve the issue of delivering fast AND with high quality.

In practice, management seems happy with SAFe running release trains on cloud platform of choice and delivering larger features every half year to a year.

Most teams are 3 levels removed from anything resembling production or user feedback.

Show threadOliMar 12
@mhoye
I hear the trope of "getting up in the middle of the night to fix an incident" quite often.
I wonder how often this actually happens. In my experience, most incidents occur during working hours.
If something really does break at night, the question arises: what is different?
Do the systems have to be actively kept alive during working hours --> not good.
Are there any bulk cron jobs running at night that endanger the system --> also not good, it's better to run these during the day.
Show threadPositivDenken 🤯Mar 12

@mhoye @dymaxion yeah, because I let the petty job I do to pay my landlord and my bills dictate every last bit of my life. God forbid this silly shopping platform isn’t performing at 100% 24/7.

Most things we’re made to do aren’t worth doing to begin with. And especially not worth sacrificing that little free time I’ve got left at my disposal.

It’s just a job!

Show threadEleanor SaittaMar 12

@zeank
@mhoye Or you could do the work properly so it doesn't take that time.

And besides, your employer shouldn't be able to take time without compensating you for it. But when you do shit work, someone else pays for it with their time — and no, it's not your boss.

Show threadPositivDenken 🤯Mar 12
@dymaxion @mhoye First of all, I don’t buy that notion, that I’d be doing „shit work“ unless I’m being made directly responsible like that. For most of my life I haven’t worked in environments where I had to do „on call“ and still I don’t think that all I did was delivering „shit work“.
Show threadPositivDenken 🤯Mar 12

@dymaxion @mhoye

Second, like others have pointed out in this thread, a lot of what results in „shit work“ is out of my control. I don’t get to make the decisions of what is to be implemented nor the timeframe nor the tools or technology to be used to reach that goal.

Nor was it my decision to get rid of the QA department.

Show threadPositivDenken 🤯Mar 12

@dymaxion @mhoye

99% of DevOps is cost savings at the expense of us workers. If you think, you get compensated for being „on call“, the reality looks like this, that you’re only being compensated when there is an actual incident but not for having to be near a computer all around the clock, including weekends. Which includes not being able to get drunk or do drugs, not being able to go hiking or otherwise remote places without internet.

Show threadPositivDenken 🤯Mar 12

@dymaxion @mhoye

So please don’t get me wrong, I share the sentiment there’s a lack of quality and responsibility in IT (just like everywhere else). But framing DevOps as the remedy to this is scapegoating the last in chain. People suffer from bad software in many ways, but blaming me for shipping a bug in an ill-guided feature that had to be squeezed in just before the next round of investor talks, is really not cutting it.

Show threadJón FairbairnMar 12
@mhoye Tony Hoare called this “the sword of Damocles method of ensuring programme correctness” and cited an example of a team of programmers who had to calculate strengths of the chains used to slow a ship during a (sideways) launch. The team knew that they would be in a stand on the other side of the river, so would drown if the ship went in too fast.
Show threadCraig BrozefskyMar 12

@mhoye This is how I ended up doing devops before it was a thing. Small companies with leadership that understood that if I have to be on call, I get a say in how things are built. Respect the people that do the work. I was an admin on call, catching taxi at 2am to go reboot solaris x86 boxes at a colo.

Later, in large companies with an operations team in a different department, as a lead we made sure that we took personal responsibility for any disruption to the operators on call — including exchanging personal phone numbers and betting on call formally or not, depending on circumstance. Focusing on observability and deployment speed needed to respond and fix (live debugging and patching production via a CL REPL in some cases).

Even when we controlled the tech, we had periods where a database or storage system was having chronic problems that took weeks to resolve. This taught us to favor simplicity over everything, and to truly understand our resource and state management. We called it stupid, not simple, because it avoided the common hackers conceit that clever is simple.

I am sure that this personal responsibility is abused in dysfunctional organizations, but that doesn’t reflect on the origins of the practices, only what happens when they become popular and adapted as ritual or control in organizations that skipped the foundation. Similar to extreme or agile development.

Respect the people who do the work.

Keep it stupid, stupid.