DevOps Best Practices for Kubernetes

Role and Responsibilities of a DevOps engineer

1. Test Automation

Through test automation we can safely release changes into production without the need for manual testing. many organizations use descriptions of tests that an engineer has to follow, this is slow, low quality, expensive , unreliable and error prone. It also results in hard to understand test cases. Therefore we must have an automated testing strategy. Automated test enables to test every behavior of the system that is important in a much faster, reliable and error free manner.

2. Deployment Automation

Deployment Automation means being able to deploy the software for testing in a single click/single step. Through this we want to be able to get our software deployed and available for use quickly. To adopt this practice in the DevOps workflow, we must control the variables. In order to be able to reliably and repeatably deploy the software wherever we want, we need to be able to understand the state and the environment that we are going to put these things into.

3. Trunk based development

Trunk based development is basically using of a single code branch or “Trunk” for all development work. Trunk is just the main branch where all the code is being merged. Trunk based development means merging changes to Trunk or Origin or Master or Head it at least once per day. You must be wondering why? What difference it makes? It makes a significant difference. State of DevOps report 2015 states that “Trunk based development predicts higher throughput and better stability”. Having branches or forks with very short lifetimes (this means less than a day) before being merged into Trunk are important aspects of continuous delivery. It contributes to higher performance.

4. Security testing as a part of deployment pipeline

Having security testing and validation as a part of the deployment pipeline helps in getting quicker feedback and reducing the time of feedback loop. Though this we want to bring the security testing earlier in the process so that we can work on it early, take feedback and iterate. Bringing the limelight to security in the development and deployment cycle is also referred as DevSecOps by many startups and companies.

5. Only testing the part where we made changes

This refers to making changes in one part of the system and not testing the whole system for a change in one part before releasing into production. This can be achieved by dividing the application into independently deployable modules that are each easier to to build, test and evaluate because they are smaller and simpler. Now we can build, test and deploy the pieces independently of one another hence saving time and resources.

6. Infrastructure as code (IaC)

Before Infrastructure as code and automation, in order to deploy an application on servers, we need to buy servers, configure them, install required software and basically prepare servers for deploying. This had few problems like

High human resources cost
More effort and time
More human possible

That is what Infrastructure as code (IaC) solves for us. Infrastructure as code is a way of automating all the test end to end instead of doing it manually. With Infrastructure as code all the work of testing application manually by System admins and operations team is now done by set of programs like Ansible, Terraform, puppet etc.

7. Monitoring and observability

Monitoring is basically tooling that allows operations team to monitor and understand the state of their systems. It is based on gathering predefined sets of logs or metrics. Monitoring provides a comprehensive picture of the application’s behavior and performance with metrics such as network traffic, resource utilization and trends.

While observability is a technical solution or tooling that allows operations team to actively debug the system. It provides us the visibility and awareness about what is happening within an application. Both Monitoring and Observability are essential practices for DevOps.