Continuous delivery Model
Most organizations have started understanding the importance of the principles and methods of Continuous Delivery. For most organizations the question is no longer “why?”, but rather “how?” How to start with Continuous Delivery, and how do your processes to ensure sustainable results.
A structured approach:
The purpose of this maturity model is to highlight five essential categories and to give you an understanding of how mature your company/organization is. Your assessment will give you a good base when planning the implementation of Continuous Delivery. It will help you identify initial actions that will give you the best and quickest effect from your efforts. The model will indicate which practices are essential, which should be considered advanced or expert, and what is required to move from one level to the next.
Culture and Process
When aiming to create a sustainable Continuous Delivery environment, the organization and it’s culture are probably the most important aspects to consider.
Level 0 - Initial
Started to prioritize work in backlogs,
Have some process defined which is rudimentarily documented and
Developers are practicing frequent commits into version control.
Level 1 - Managed
Teams stabilize over projects and the organization has typically begun to remove boundaries by including test with development.
Multiple backlogs are naturally consolidated into one per team.
Basic agile methods are adopted which gives stronger teams that share the pain when bad things happen.
Level 2 - Defined
More extended team collaboration when e.g. DBA, CM and Operations are beginning to be a part of the team or at least frequently consulted by the team.
Multiple processes are consolidated and all changes, bugs, new features, emergency fixes, etc, follow the same path to production.
Decisions are decentralized to the team and component ownership is defined which gives teams the ability to build in quality and to plan for sustainable product and process improvements.
Level 3 Measured
The team will have the competence and confidence it needs to be responsible for changes all the way to production.
Continuous improvement mechanisms are in place and e.g. a dedicated tools team is set up to serve other teams by improving tools and automation.
Releases of functionality can be disconnected from the actual deployment, which gives the projects a somewhat different role.
A project can focus on producing requirements for one or multiple teams and when all or enough of those have been verified and deployed to production the project can plan and organize the actual release to users separately.
This separation of concerns will optimize the project's flexibility of packaging and releasing functionality and at the same time give the development teams better flow and speed since they don’t have to stack up changes and wait for coordinated project releases.
Level 4 Optimized
Organizations choose to make a bigger effort and form complete cross-functional teams that can be completely autonomous.
With extremely short cycle time and a mature delivery pipeline, such organizations have the confidence to adopt a strict roll-forward only strategy to production failures.
Collaboration and Sharing
Level 0 - Initial
Ad Hoc Coordination is present with in teams and is not very reliable
Seprate Processess are there for each of the teams
Seprate Tools are and no centralization of tech stack is present.
Level 1 - Managed
Managed Communication is happening at this stage of the maturity model
Separate processes are still existing which needs to be eliminated
Limited knowledge Sharing is there with in teams leading to reinventing of the wheel
Level 2 - Defined
Extended team collaboration is now happening at the defined stage of the maturity model.
Some tools are re used and some tools are still being centralized.
Teams are stable and are now more connected.
Moderate Knowledge sharing is present which needs to be imporved.
Level 3 - Measured
Collaboration based tools are now embedded in the proiect .
Single Unified set of Practices are present which leads to efficiency.
Centralized tools and practices are present at this stage making the process smooth.
Level 4 - Optimized
Effective Knowledge sharing happens at the optimized level of the maturity model.
Automated tool chain is present and is properly used.
Knowledge database’ and Repositories are present and proper documnetation is present for each process.
Automation :
Build and deployment is of course core to Continuous Delivery and this is where a lot of tools and automation come into the pipeline. This is what is most is commonly perceived when Continuous Delivery is discussed. At first glance a typical mature delivery pipeline can be very overwhelming; depending on how mature the current build and deployment process is in the organization, the delivery pipeline can be more or less complex.
Level 0 - Initial
You will have a code base that is version controlled and scripted builds are run regularly on a dedicated build server.
The deployment process is manual or semi-manual with some parts scripted and rudimentarily documented in some way.
Level 1 - Managed
This level introduces frequent polling builds for faster feedback and build artifacts are archived for easier dependency management.
Tagging and versioning of builds is structured but manual and the deployment process is gradually beginning to be more standardized with documentation, scripts and tools.
Level 2 - Defined
Builds are typically triggered from the source control system on each commit, tying a specific commit to a specific build.
Tagging and versioning of builds is automated and the deployment process is standardized over all environments.
Built artifacts or release packages are built only once and are designed to be able to be deployed in any environment.
The standardized deployment process will also include a base for automated database deploys (migrations) of the bulk of database changes, and scripted runtime configuration changes.
A basic delivery pipeline is in place covering all the stages from source control to production.
Level 3 - Measured
At this stage it might also become necessary to scale out the build to multiple machines for parallel processing and for specific target environments.
Techniques for zero downtime deploys can be important to include in the automated process to gain better flexibility and to reduce risk and cost when releasing.
At this level you might also explore techniques to automate the trailing part of more complex database changes and database migrations to completely avoid manual routines for database updates.
Level 4 - Optimized
Expert practices will include zero-touch continuous deployment to production where every commit can potentially make it all the way to production automatically.
Another expert practice is taking the infrastructure as code and virtualization even further and making the build process produce not only deployment artifacts but complete virtual machines which are promoted down the pipeline all the way to production replacing the existing ones.
Monitoring and Logging
This is one of the strong pillars which completes the infinite loop of the DevOps maturity model, When combined with visualization, this works wonders for any implementation project
Level 0 - Initial
No Monitoring is setup in this stage at the peoject level
No Alerts are setup and the debugging is manual in process
Level 1 - Managed
Basic Monitoring Setup is present at the managed stage and the things are progressing .
Level 2 - Defined
In-Depth Log Analysis setup is present in the defined stage and automation is happening.
Visualization has started and people have started using proper tooling.
Level 3 - Measured
Automated Monitoring process has been setup at this stage of the maturity level.
Incident Management has been setup and the process is setup to automate the overall strategy
Level 4 - Optimized
Send Alerts Before Failure type of set up in present in the expert stage .
Self Heal and alert mechanism is present in the optimized level
DR strategy is present and proper networking process is setup
Security
This is a very important aspect of the DevOps Maturity model wherein the audit in any project following any set of frameworks needs maturity on
Level 0 - Initial
Low Security is there and the teams donot have the knowldge about security setp.
Default VPC and n/w setup is present.
Level 1 - Managed
Improved Networking is happening and teams are growing to understand the security concept
Access Limited roles are implemented in the processes and tools.
Level 2 - Defined
RBAC and IAM strategy is present at this level and is controilled via a admin.
Data Encryption is enabled at all levels of the code.
HA and Zero Downtime is achieved by the architect of the project.
Level 3 - Measured
Automated Security Assessment is present at regular levels so that the forecast can be provided.
Level 4 - Optimized
Enabled security and Governance for resource inventory is set up at the optimed level
CM history is preserved and utilized for forcasting and planinng purposes.
CM Notifications are sent out for any change in security and asset setup.