Adoption of DevSecOps is growing across IT organizations in all industries. As we know, these aren’t new concepts. For years, organizations have been adopting new processes like Agile, governance and automation to improve collaboration between traditionally siloed functional groups to improve time to market and reduce issues. This push has helped many organizations reduce total cost of ownership and assure a smoother path from ideation to deployment.
However, in many organizations, DevSecOps is mainly being adopted more as a role and less as a culture over the years. This approach, often, tends to be implemented as yet another silo for build and release management within the organization.
Leveraging the core principles of DevSecOps, companies can implement Agile ways of working and open source practices to make continuous improvement to the complete product development lifecycle. Effective collaboration across DevOps teams can help remove traditional silo mentality, allowing for constant communication between development, operations, and quality assurance (QA). The understanding of overlapping responsibilities and continuous collaboration improves employees’ productivity and promotes creativity and innovation.
DevOps success with open source
The key issues organizations traditionally faced with building and deploying applications have been long and manual processes that required dedicated resources. This often caused organizations to deal with frequent issues and rollbacks, making it difficult to meet customer expectations. As continuous delivery or continuous deployment (CICD) became a more focused process for managing application deployment the need to remove manual processes and providing tooling that is more flexible at reduced cost has been the push across the industry. Open source has risen out of necessity over the years to provide majority of the tooling used by organizations for DevOps. Tools like Jenkins, Nexus, Artifactory, Git, Maven, Gradle, Jacoco, Terraform, Ansible and many others have become more mainstream in providing a means to deliver automated provisioning and end to end CICD pipelines to reduce time to market and total cost of ownership.
As organizations begin to migrate from manual to full automation, it is critical for them to be proactive in their approach to monitoring. While organizations monitor the infrastructure, logs and applications that are running in production, many neglect to monitor the pipelines beyond the internal logging or minimal status codes that each tool provides. Sometimes, monitoring can spread across as few as 2 to 5 or more separate dashboards requiring resources to jump between tools to get a broader picture of performance. Here too, open source has provided an answer in the form of near real-time and end-to- end observability using Hygieia.
Hygieia – Delivering end-to-end DevOps observability
Hygieia provides a next generation approach to DevOps monitoring by providing a fully customizable visualization of the end-to-end code to delivery process. Built completely as an open source and maintained by a growing community it allows companies to use a “single pane of glass” to monitor performance and efficiency through the entire development and delivery lifecycle (See Figure 1).
As a data aggregator, Hygieia collects data from different DevOps tools, exposing the data via APIs and presenting the data through configurable dashboards allowing you to choose the layout that works for the organization. These targeted dashboards give focused metrics to both Developers and Executives.
The Developer Dashboard is focused on providing operations staff and developers relevant near real time metrics. It provides essential information on the status of each step in the pipeline to reduce time gathering information from multiple sources. Operations staff can more proactively manage the trends in system uptime and stability to define future scalability requirements in one comprehensive view.
