DevOps didn’t exist when I started as a developer

DevOps absolutely existed when the author started as a developer. It was just called systems administration back then. There&#x27;s been a focus on developer-specific systems administration over the past decade, and a particular developer-focused role has been carved out and labeled &quot;DevOps&quot;, but make no mistake: it is systems administration. Just a niche within it.<p>When I mention &quot;systems administration&quot; to younger coworkers, they look at me like I&#x27;m a crusty old relic out of touch with modern engineering. People have no sense of history and little understanding of where the devops role came from and what it really means. I had a CTO tell me he hadn&#x27;t heard the term &quot;system administration&quot; in ten years.<p>What were our devops people doing? Running web servers, managing networks, configuring DNS, managing backups, configuring cloud services. Absolutely none of it in support of the dev team I was on. The developers were responsible for managing their own CI&#x2F;CD pipeline and deployments. The people called the &quot;DevOps Team&quot; were responsible for managing production. In this case, they were systems administrators and were not in any way a devops team, but the terminology is so skewed now that they were labeled as such, and I was labeled an out of touch old greybeard.<p>This isn&#x27;t to demean devops in any way; it&#x27;s a valuable role, an evolutionary step in software team organization, but by no means is it new and by no means is systems administration a dead role.

DevOps is the intersection of three things.<p>1. Developers learning that running code is not the same thing as reliable code. Certain things must be put in at design time to allow for operations.<p>2. Operations people supporting development by formalizing&#x2F;streamlining the deployment process to have changes occur faster, safer, and more often.<p>3. Aligning goals and attitudes in such a way that prevents conflict between teams. Development doesn&#x27;t get to shift the costs of outage prone unmaintainable code onto an ops team. Or that ops doesn&#x27;t roadblock&#x2F;veto all changes.<p>In the bad old days, it was common for developers to act with little care for operational outcomes. The responsibility was far removed, and bugfixes didn&#x27;t win many accolades. Managers want wish fulfillment and pushed developers to toss new features into the mix as fast as possible, resulting in tremendous pressure against ops teams to deploy despite increasingly crufty and debt laden code bases causing unpredictable problems. Ergo, ops teams who blocked all changes for trivial issues because they were judged only based on outages, not feature delivery.

This article was frustrating to me. When it started out in the mid-90s (which is when I started my career also), I thought our experiences would be more aligned. However, I&#x27;ve never worked with an operations team.<p>In all the places I&#x27;ve worked I&#x27;ve been expected to do everything from setting up servers (originally physical servers, later cloud servers), hardening them, installing software, optimizing the software, installing and optimizing the database, creating database schemas and related objects, writing untold number of sql queries, writing server side code, writing front end code, etc.<p>I was hoping that the article would explain what devops really means today and how I can jump on the devops wagon to hopefully make my job of doing all of the above easier.

Personally I think DevOps is like religion. It means whatever someone wants it to mean. Some companies think DevOps means having an automated pipeline for building, testing, and shipping code. Other companies think it means micro-services. Others think it means making developers do DBA &#x2F; SysAdmin work.<p>All of these things are fine for companies to do. How you run your org is on you. But I wish companies would go deeper than &quot;DevOps&quot; when putting up job posting requirements.<p>That&#x27;s like saying they do &quot;security&quot;. There&#x27;s a lot of different ways that can be interpreted. I (as an applicant) only know a handful of those interpretations really well, so it&#x27;s important that companies clarify these terms in their job descriptions. This way they have the right candidates applying.

Nailed it.<p>I also got a chance to work in such an organization in the 00&#x27;s, where dev and ops closely aligned with each other&#x27;s work to produce truly reliable, repeatable, fast, quality products, often. It was fantastic. Nobody would say &quot;oh but you can&#x27;t do that, that&#x27;s not Infrastructure as Code!&quot; They would say, &quot;what can we all do to make this better?&quot;

I found this line interesting, everything else considered:<p><i>DevOps is NOT…easily achieved nor implemented</i><p>Debatable, at least IMO. DevOps isn&#x27;t easily achieved nor implemented if you&#x27;re trying to implement ALL THE THINGS to say you did and check-off a series of &quot;We did DevOps thing x&quot; boxes as so many companies appear to want-at least from reading various DevOps-y job descriptions lately.<p>It is easier implemented if, like Gene Kim tells us in &quot;The DevOps Handbook&quot;-we start our DevOps transformations with a small, sympathetic team and iterate outward.

In 1997, when my first code I wrote went live, they gave me a pager and said &quot;Welcome to Ops.&quot; Each time the code in production had an abnormal end, I got an email. I was expected to fix it. Managers and directors discussed these metrics.

The change in job description from just &quot;operations&quot; to &quot;developer operations&quot; over the past decade is best captured by the growing number of systems that must be managed per person, often larger by a factor of 10 times or more (e.g. going from 10 systems per person to 100+).<p>I appreciate the self-reflective views on this &quot;new&quot; job role, but they often seem to miss the rather basic market forces at work. More systems, more automation, new skills and demands.

Could web developers please stop using floating top bars? It breaks the UX of the &quot;Page Down&quot; button. It&#x27;s annoying beyond imagination. Thank you.

Sidebar: does anyone else get the feeling that infrastructure as code is just cloud vendor lock-in by another name? Especially since the output of the code ends up being wild unstructured JSON&#x2F;YAML files with no spec or discernible schema.<p>My favorite is how in the Microsoft toolchain you can build a CI pipeline in a visual UI on the right that automatically updates the YAML file on the left. “We know you don’t want YAML, but we also know your boss says you need infra-as-code...”

cant believe so many people still get it wrong.<p>devops means Developer&#x2F;Operations.<p>means, the sysadmin&#x2F;sysops&#x2F;ops guy now has to know things about development to center his daily-doing around code (ideally the code dictates what is going on [Infrastructure as Code]).<p>a very simple example to this: back then the ops guy or sysadmin did everything by hand. today, he uses code to get things done. bash vs. a HTTP JSON API. manually by hand vs. ansible [markup language yaml], etc.<p>so many people just dont know or understand what devops means. but it is so easy.<p>it is the fusion of development and operations.<p>thus, while you need two people back then, now you only need one person to do the same job.<p>a devops is a sysadmin who ideally knows how to code.<p>a devops is a developer who evolved into a sysadmin or is doing both because he learned it.<p>devops is development&#x2F;operations.<p>it has nothing to do with agile, waterfall or a &quot;mindset&quot;.

CircleCI trusts 8 analytics companies with your source code and API tokens<p><a href="https:&#x2F;&#x2F;kevin.burke.dev&#x2F;kevin&#x2F;circleci-is-hopelessly-insecure&#x2F;" rel="nofollow">https:&#x2F;&#x2F;kevin.burke.dev&#x2F;kevin&#x2F;circleci-is-hopelessly-insecur...</a>

It certainly did exist when I started my career a decade earlier than this guy. It was called the integration team, which was responsible for coordination of the release. In the 80ies.<p>It was also responsible for the build servers, the SCM, and checking and prioritizing all the different parts and fixes of the various dev teams, and checking back with the PM and testers. Only hackers did cowboy coding, companies preferred processes and best practices. That&#x27;s it was called &quot;Software Engineering&quot; and not hacking. I heard Margaret Hamilton coined that term in the 60ies for the Apollo project, which she managed.

I think the evolution is Waterfall to Agile to DevOps.<p>1. Waterfall is a cycle time of weeks<p>2. Agile is a cycle time of days<p>3. DevOps is the same cycle time as agile but delivering the the user instead of just showing a demo at the end of a sprint.

[The (or any) Internet didn&#x27;t exist when I started as a developer]<p>DevOps is about how CTO organizes engineering.<p>Is there an Infra team that supports everyone, maybe a separate Ops&#x2F;security&#x2F;etc teams that supports everyone. Then a bunch of App&#x2F;Service dev teams. This is not devops.<p>Or is there only* a bunch App&#x2F;Service teams, each wholly self-supporting and independent. Each doing their own infra, dev, ops. Maybe some teams&#x27; &quot;Service&quot; is used by only other internal teams (point being you can break up scope as fine grained as you want). The key is teams are self-supporting, taking care of the entire life-cycle of an App&#x2F;Service.<p>Most &quot;devops&quot; sort of isn&#x27;t or fails cause it&#x27;s not &quot;deployed as an organizational system, top-down (from CTO) across the whole organization.<p>All the things people typically bike shed over re: devops don&#x27;t matter. Are you independent and self-contained? Are you responsible for entire life-cycle of Product&#x2F;Service&#x2F;App&#x2F;Etc? Does the buck stop with you? Then you are devops.

&gt; DevOps is NOT… a job title or role<p>In which case DevOps as it exists in the real world is roughly on a par with &#x27;agile&#x27; practices in the real world. Nothing like they were originally conceived, and nothing like the wildly optimistic descriptions of them that are shared amongst practitioners.

Generally Ive found tight feedback loops to be incredibly productive. Whether its for product, release, design, development. Having the ability to make modifications with feedback from customers, systems, business partners and colleagues changes everything.

One could argue that it still doesn&#x27;t exist today at most companies. I think whatever most people call DevOps is an evolution of Sys Admin role in the era of Cloud Computing.

Lots of things people think of as crucial today didn&#x27;t exist when I started. And the overall ratio of successful work to unsuccessful work was just as high then as it is now.

The goal of DevOps is to get code as developed to testing, staging, production. The deeper objective should be transfer of context- what is being deployed? do we know how? does it work as tested? and the who. As much DRY to reduce surprises and increase precision all through dev to deploy cycle.<p>Some of the best open source projects have CI included- thats the right approach to DevOps -- its not an alien, bolt-on after the fact practice, its code that takes care of code.

IMHO DevOps has been around for many years. Is has just evolved as tooling became better and eventually tooling to connect tooling became better. It became META. When I started doing database work we developed and implemented. We learned to produce reports on what we&#x27;d implemented by querying system tables. We learned to use those reports to produce scripts that could recreate the database on the same or a different platform.

I miss Devops Borat.<p><a href="https:&#x2F;&#x2F;twitter.com&#x2F;devops_borat" rel="nofollow">https:&#x2F;&#x2F;twitter.com&#x2F;devops_borat</a>

DevOps didn&#x27;t exist... fella, let me tell you something, when I started, color screens were not the norm and you kept your homemade double-sided 5 1&#x2F;4&quot; floppy disks ( thank-you paper hole-punch ) in a plastic flip-top container with the contents written on the label in black sharpie.

it wasn&#x27;t his own thing and there wasn&#x27;t the scale yet to have it was a proper position, but when you were moving connection strings in a config file and linking it in etc you were doing devops. when you were building a shell script to fetch pinned dependencies so that the environment was repeatable, you were doing devops. weekend you were automating the package build&#x2F;install and putting these files in CVS, you were doing devops.<p>heck we had versioned openpkg scripts in 200something to quickly rotate servers during upgrades, that wasn&#x27;t called with fancy names and wasn&#x27;t a standalone role but the seed was there.

Well, I wouldn&#x27;t exactly call Dev Ops a productive career path. Most senior engineers I know seem to think it&#x27;s a surefire way to drive your career into a dead end.

Devops has been standard practice at every financial firm i ever went to. Back then it meant devs where a pager. Ops also wore a pager and would support us.

&gt; “a developer with operational tendencies”<p>Hmmm, I like the ring to that, might put it on my linkedin profile.<p>On the article itself, can&#x27;t say I disagree.

I like to comment DevOps from a security perspective, a trend I noticed in my day job.<p>Windows is&#x2F;was often bashed for being insecure. Lots of that stems from the decades of development related to centralized management solutions. A default windows workstation in a domain setting will open a bunch of ports, a bunch of which can be used for command execution. The attack surface for this system includes, but is not limited to:<p>- Remote access with local admin users via tools such as SMBExec, wmiExec, DCOM, Psexec, Powershell remoting<p>- Remote access domain admin users access via the same<p>- Local&#x2F;domain admin access via RDP<p>- Remote domain admin access via group policy<p>All these have had their own associated vulnerabilities over the years. Examples are SMB relay attacks, which enabled an attacker to abuse flaws in NetNTLM and obtain access to machines by relaying other people&#x27;s credentials. And then we&#x27;re not even talking about the &#x27;real&#x27; exploits, Eternal Blue, Eternal Romance, Blue Keep, MS14-068, MS08-067, and on and on.<p>Pentesters, researchers and Microsoft have been hammering away the kinks for years now. The &#x27;fixes&#x27; and root causes for each individual issue are well understood and each new domain functional level increases the security of a default windows Domain by leaps and bounds.<p>When you look at the Unix&#x2F;Linux side you&#x27;d see that no such attack surface ever existed. You manage your systems over SSH, and this can still be bad, an easily guessable root password shared between Dev, testing and production is still a death sentence. But by default there were no tier0 systems in your network, apart from those of sysadmins.<p>But now with DevOps things are changing on that side. With Ansible, Puppet, Terraform, your various container management systems, the CI pipeline, jenkins and numerous development teams able to push both to infra repositories and your actual products this has changed:<p>You use an automated CI pipeline? Any system in the chain is a tier0 system.<p>Your developers are maintainer status or higher in your source repositories? Then they are domain admin or equivalent. They can disable protected branches, push a backdoor, and watch their attack propagate through the pipeline.<p>Did you make it inconvenient for your developers to access various build systems? Then they are sharing credentials to these systems over your company chat.<p>It seems, from what I&#x27;ve seen so far, that while the &#x27;architecture&#x27; of modern mass centralized IT management and development is more secure. You can&#x27;t relay an SSH key for example, like you can in NetNTLM. But the institutional knowledge isn&#x27;t there yet. New attack surface has opened up, and infosec people have not yet completely caught up with the new &#x27;eggs&#x27; in the basket, even if they are aware.

I thought that DevOps means: &quot;doing operations with a development mindset.&quot;<p>That captures the gist of it imho.

It didn&#x27;t exist when I started either, but talk about a let-down of an article conclusion!

DevOps is pretty much not a technology but a mindset

It&#x27;s a critical skill now

All that’s really happened is that developers have learned or taken on the responsibility to build and deploy to production, and also be knowledgeable and responsible for the development stack, hence “full stack developer”.<p>Unfortunately, it’s incredibly dangerous if everyone involved doesn’t know what they’re doing.<p>Then kubernites and docker turn up. To make things easy?<p>No. They’re making the infrastructure more difficult to manage so that the developers can deploy things easier.<p>Developers should not be deploying. Large businesses should not be doing very regular deploys to live - it’s simply too risky without a shitload of testing.<p>Everyone praises startups with a few million customers that are open about their fuckups&#x2F;downtime, but they are almost always because of their shitty modern deployments and lack of testing.<p>Crikey, look at Monzo. “We use a shit database and fucked up scaling it, but sorry your transactions failed and you looked like a twat buying your coffee”.<p>Try and revolutionise industries, fine. But ....