Whether you are DevOps, SRE (Site Reliability Engineering) or ITOps (or some combination), then service continuity is your shared responsibility. To keep the lights on in your business and your SLAs and SLOs in check, you need to ensure reliability and resilience across multiple applications - your enterprise systems, transactional and configuration data, monoliths and microservices, probably across a mix of platforms and technologies. And while application deployment has always been the most critical phase in the software lifecycle – DevOps and the move to cloud only increase the criticality of the deployment process. A faulty transfer to a SaaS environment can simultaneously impact all users of that service - and with a high rate of application change, the stability of your system is constantly at risk.
Why CI/CD is not enough?
In today’s hybrid environments, automated CI/CD is only part of the answer. Ensuring the resilience of your applications is even more important than ‘failing less often’. Time constraints mean that ‘rolling forward’ is not always an option, and frequent deployments need an automated rollback mechanism that replaces n-1 of your software and data in all target systems.
Add to this, most DevOps implementations are customized with specific tooling and tailored to a single task – specific to a single team, a single application. Now, release management tools must work by ‘macro-release’, automatically constructing a pipeline for each CI/CD - driven by data (and not by any specific team).
Security is everyone’s business
It goes without saying, security is a paramount concern and needs attention throughout the DevSecOps cycle. While SAST (Static Application Security Testing) tools scan static source code to ‘shift security left’, then any open source vulnerabilities must be detected in binaries before any import into the artifact repository. Release management tools must therefore be supplemented with policy engines to have access to the most up-to-date intelligence on open source components.
DROPS Application Release Orchestration – one for all
In answer to all these challenges, DROPS is a simple to use Application Release Orchestration (ARO) solution - one single console to secure, deploy, track, and rollback applications across your entire ecosystem. DROPS manages software, data, upgrades in database structure, and configuration data or settings. One tool to deploy securely across open systems, heritage IBM i or mainframe System z, Docker containers, Kubernetes clusters, and any cloud platforms like AWS, Azure and GCP. DROPS works at the application and application group level, sequencing individual deployments in dependency order to ensure the completeness and integrity of the overall system.
‘Breaking barriers’ between DevOps and SRE
While both DevOps and SREs seek to break down traditional silos in the IT organization and improve collaboration between development, production and security teams, they can still be seen as having somewhat conflicting objectives. DevOps focus on speed of development and deployment, while SREs concentrate on enhancing system availability and reliability. It is only by automating resiliency within the deployment process that both objectives can be simultaneously met. With its unique built-in rollback – independent of any external tool – DROPS breaks down barriers between DevOps and SRE, reconciling the dual (and largely contradictory) goals of continuous deployment and service continuity.