Application Security

7 devops practices to improve application performance

7 devops practices to improve application performance
Written by ga_dahmani
7 devops practices to improve application performance

Devops is primarily associated with collaboration between developers and operations to improve the delivery and reliability of applications in production. The most common best practices aim to replace error-prone manual procedures managed at the boundaries between development and operations teams with stronger automations. These include automating the delivery pipeline with CI/CD (continuous integration and continuous delivery), standardizing configurations with containers, and configuring infrastructure as code. On the operations side, development best practices to improve application reliability include improving application observability, increasing monitoring, and automating cloud and infrastructure operations.

But what about improving the performance of applications, databases, data pipelines, and cloud infrastructure? In this post, I consulted with experts and identified seven opportunities where Devops practices and methodologies can affect performance and user experience.

1. Build application security practices from day one

The last thing development teams need is to deploy new capabilities with security vulnerabilities. A security outage or degradation affects user experiences and creates significant business problems. A devops best practice is to shift security to the left by collaborating with infosec on requirements, testing code for vulnerabilities within CI/CD pipelines, and implementing other security practices in software development.

Mike Elissen, Senior Developer Advocate at Akamai, says, “A critical component of application reliability is availability, and taking the appropriate steps to adequately protect an application against web application attacks, DDoS attacks, and more can make all the difference. between staying online and offline. .”

Elissen says that shifting to the left is part of the transformation from devops to devsecops. He continues: “We’re seeing the ‘shift to the left’ in adding security to developers become more and more pronounced, ultimately creating a stronger devsec culture and making more developers aware of and responsible for the security of your applications.

2. Standardize architecture and infrastructure plans

Amir Rozenberg, vice president of product management at Quali, points out an issue that affects the performance of the computer. He says, “Many development teams find themselves organizing the chaos of organically grown application infrastructure definitions, which were developed in good faith from the ground up to enable team efficiency across the software development lifecycle.”

Rozenberg asks if development teams should take a do-it-yourself approach to creating environments or if the organization should create standards. He says: “The recommended approach is to establish a core team to model environments in the form of blueprints so that they are reliable, reusable, and compatible. They then need the ability to distribute those infrastructure definitions so that they are available for business members to consume through rapid self-service, either built into the automated pipeline or manually.”

3. Institute observability and continuous testing in the CI/CD pipeline

Matt Sollie, director of DevOps at 66degrees, believes that CI/CD can do more than just package and ship code. He says, “Not all Devops principles are as glamorous or visible as continuous delivery or building everything as code, but they are just as important. Continuous integration is a component of a mature Devops posture that can add a lot to the reliability of an application, but it takes purpose, vision, and time to build meaningfully.”

Sollie recognizes that achieving reliability and performance goals requires investing in best practices and architectures rather than having a vision. “Observability is a critical and costly principle because reliability is not an on or off state and requires nuanced data collection. With all cloud computing services, selecting the right tool or service for the job can provide inherent reliability and performance benefits.”

What should agile development teams implement in their processes to improve performance? Here are some recommendations:

4. Control deployments with feature flags and controlled releases

Deployments don’t have to be absolute transitions where all users get all the changes at once. Feature flags in code help configure and control the availability of a feature, while controlled release strategies allow development teams to slowly and methodically roll out new capabilities.

John Kodumal, CTO and co-founder of LaunchDarkly adds: “Feature management, specifically feature flags, are rapidly becoming devOps practices that improve overall application reliability and performance while allowing developers to innovate. continually. By employing feature flags, developers can test feature updates before production to fix issues before release.”

The controls improve reliability and performance, but also help development teams minimize disruption. Kodumal says, “Feature flags improve performance while giving development teams the controls they need to update applications without interruption or downtime.”

5. Establish rigorous observability and monitoring standards

Focusing now on the operational side of Devops responsibilities, teams need to consider several best practices to improve application performance, including developing observability standards and improving monitoring.

Frédéric Harper, director of developer relations at Mindee, says: “Developers must implement rigorous monitoring and observability processes to ensure that every part of the application is working properly and that the server processes are running smoothly. By securing this element, development teams can gather valuable information to understand how users are using applications, potentially preventing future problems, making it easier to support customers, and improving business or architecture decisions based on real data.”

6. Extend monitoring with AIops and automations

In the days of web 2.0, operations only had a handful of log files and monitoring tools to review when there was an outage or performance issue. Today, running microservices, serverless applications, and multi-cloud databases means significantly more data and tools to query when troubleshooting incidents and identifying root causes of problems. AI trading platforms that centralize monitoring data, use machine learning to correlate alerts, and help operations automate response and recovery across multiple platforms, which can help minimize performance impacts.

Mohan Kompella, Vice President of Product Marketing at BigPanda, agrees: “AIops platforms can help development teams preserve tool autonomy and flexibility, while giving centralized incident responders the visibility they need.” they need to be the first line of defense in case of outages.

7. Define SLO and error budgets

Devops teams must balance which practices yield the most benefit and address risks. That requires teams to measure, learn, and collaborate on Devops priorities, which isn’t easy when benefits may not be achievable for months or years after practices and tools are implemented.

One method of prioritizing is to adopt site reliability engineering practices, definition of service level objectives (SLO) and use of error budgets. When an application or microservice exceeds its bug budget, it tells the development team to identify causes and focus on solutions.

Kit Merker, COO at Nobl9 says, “Service level objectives set clear targets for engineering teams to make better decisions about how to prioritize their work. Devs and ITops can not only focus on technology, they can also focus on service.”

Devops teams have a lot on their plate, and Devops best practices help teams balance their focus between accelerating development and improving reliability and performance. The key to success may lie in defining problem statements, discussing approaches, iterating solutions, and measuring impact.

Copyright © 2022 IDG Communications, Inc.

About the author

ga_dahmani

Leave a Comment