Welcome!

DevOps Journal Authors: Sandi Mappic, Lori MacVittie, Trevor Parsons, Carmen Gonzalez, JP Morgenthal

Related Topics: DevOps Journal, Java, SOA & WOA, .NET, Linux, Web 2.0

DevOps Journal: Blog Post

Time to Invest in Deployment By @Itransition | @DevOpsSummit [#DevOps]

You can’t be sure that every one of your app deployments will be smooth sailing

Why Now Is the Right Time to Invest in Deployment Automation

Isn't it great to treat your girlfriend by cooking her favorite omelet every morning? In theory, sure, but in reality, chances are most of the time you end up with darn scrambled eggs instead. Let's face it: you're a great boyfriend but a terrible cook. Believe it or not, this is quite analogous to app deployment. You can't be sure that every one of your app deployments will be smooth sailing; every now and then you will mess up a thing or two (or a dozen) along the way.

Be it a critical urge to rapidly roll back to a previous release or the inability to find the phone number of that one guy responsible for deployment, the opportunities for things to go terribly wrong are endless. As a rule, there are two reasons behind your worst nightmares coming true:

  • You're good at development but operations isn't your strong suit.
  • You're not using deployment automation.

In this article, we'll focus on the second point - deployment automation.

The automating software deployment process for .NET has pretty much become a ‘no-brainer' during the past few years. New tools have made it extremely easy to make deployments faster and less risky at costs tending to zero. Not using automatic deployment in 2014 is like not using source control; it's possible to live without it but having it in place keeps you safe while requiring such little effort. Yet, many still resist given their perception of the hassle around the creation, configuration and maintenance of automated deployment. And they‘re really missing out.

There are many reasons to start investing in deployment automation for .NET, including a drastic increase in deployment success rates and frequencies, but most important, it is good for business. Here's why:

Stable Manual Deployment Is a Utopia
Let's have a brief look at what it usually takes to deploy an ordinary application:

  1. Checking out the version of the source code that you want to deploy (e.g. the latest commit of the /Release_01 branch);
  2. Building solution with appropriate settings applied;
  3. Transforming configuration appropriately;
  4. Publishing/packaging new version;
  5. Stopping the application/tuning load balancer so that users don't hit the app in the middle of deployment;
  6. Backing up the database;
  7. Updating the database structure/data;
  8. Removing old files (but keeping some, e.g. /Uploads folder);
  9. Copying new version to production server;
  10. Setting appropriate ACL permissions/other environment settings;
  11. Deploying dependencies recursively;
  12. Starting the application;
  13. Executing health-checks.

That's only the basic list; of course, every application is unique and has a slightly different process (so your app may have additional steps or not require some of the aforementioned ones, but most deployments are similar).

All those steps may seem easy enough to perform manually without anything going wrong. Well, day-to-day experience says that deployments always go wrong from time to time if executed manually, mainly due to our nature. Humans (particularly creative people like developers) are not very good at performing routine repetitive tasks; that's why we have computers. Here are a few examples of some of the most avoidable manual deployment errors I've seen:

  • Checking out the version of the source code that you want to deploy:
  • Ever had /Dev branch deployed to Production environment just because the guy who executed deployment was sure he switched to /Dev branch when, in actuality, he didn't?
  • Or even worse: getting /Production branch deployed with local intermediate changes never checked in the source control (it's so easy to forget about your local changes when you are to deploy a hotfix). So no one actually understands why the application misbehaves (I've seen people decompiling production .dll with reflector to understand what is in there, because production code is different than any version in the repository).
  • Building solution with appropriate setting applied:
  • It's so easy to forget to switch Visual Studio to Release configuration before you build the source code. And it's so sad to find out that your app is too slow in production because of DEBUG compilation.
  • Transforming configuration appropriately:
  • There's not much joy in discovering that your production application uses a development database after a new release when "data loss" is reported by end users (somebody forgot to replace connection string in web.config). In general, manual configuration transformation is a bad idea, because usually it is not versioned (meaning developers have to figure out how production configuration files differ from the dev version and "merge" them manually every time. As a result nobody is actually sure what the production configuration is and when/why it was changed); "What's the requestTimeOut in production? - hmm, I see it's 300 seconds now, but it was around 100 last week - who changed it?"
  • Backing up the database:
  • Discovering you forgot to back up the production database just at the moment your migration script fails corrupting the data.

You get the idea. I have no doubt you've encountered some of the aforementioned errors and can easily add a ton of others. The key problem with these errors is the fact that it's very easy to make any of them but very hard to get to the bottom of them. As a rule, it takes a lot of effort and nervous hours to detect and fix them.

Therefore, you are forced to have either a deployment document (checklist) or a special "deployment" guy on your team (or both). Each of these approaches has major drawbacks:

  • Deployment checklists are often outdated (developers are generally bad in maintaining documentation - and they are bad for a reason; maintaining docs is boring). Moreover, new team members still need to undergo deployment training when they join the project (and it takes time).
  • Your team's bus factor is 1. No new version/hotfix can be deployed if your "deployment" guy is on vacation.

These issues will not occur if deployments are done automatically, because computers are good at repetitive tasks (humans are not).

Time Is Money: Gain Both
If you'd rather have a million dollars straight away than a penny doubled every day for one month you should revisit your math, because the latter would result in you becoming over $10M richer. The story is exactly the same when investing in deployment automation. In addition to streamlining release operations, you're gaining profit and saving resources; in other words, you're increasing ROI.

In my experience, carefully going through a deployment process manually takes at least an hour for an average developer for a small project. In an agile environment, you usually want to have frequent deployments to QA/UAT platforms, so features are delivered and validated quickly (i.e., have 3-4 QA deployments per week [meaning manual deployment costs you at least 12-16 hours per month]). On the other hand, configuring automated deployment for a simple project rarely takes more than 16 hours, while deployment itself would then be just a click away. It truly is as simple as that; automation wins even with a tight time frame. Now add up time needed to train new developers to do the deployment plus time spent to troubleshoot deployment errors. It turns out that you can save about 25-40 hours per month with automation, which translates to about $500-800.

Another important aspect is the fact that overall team performance increases, because the QA team does not need developers to be distracted from new features when QA needs a new build to be delivered for validation which; this, in turn, means greater flexibility.

Take a look at this graph from McConnell's "Software project survival guide":

The longer it takes from introducing an error to its detection, the more time (and money) it takes to fix it. Being able to deploy without a developer's involvement means much more frequent deployments, which means much quicker error detection (i.e. allows your team move even faster!).

It's also about making errors less risky, which again means higher deployment frequency. And higher frequency entails faster feedback from testers and end users.

But there's more. If done intelligently, deployment automation also provides for automated reporting into the process, which results in zero efforts and money put into complying with audit requirements, and a significant unlikelihood of audit failure.

Sound too good to be true? Here's a summary of what our team achieved in terms of ROI when we introduced deployment automation in one of our .NET projects:

Overall efforts

90 man-months

Duration

20 months

 

Manual Deployment

Automated Deployment

Deployment time

2 man-hours/deployment

16 man-hours for one-time implementation

Deployment frequency

Twice a week

Once every day

Deployment error rate

10%

2%

Deployment cost

$16h/month

16h (one-time)

Overall benefits

 

$6,400 (320 man-hours) saved

200% increase in deployment frequency

5x decrease in deployment errors

 

And that's just a simple case. For complex projects/projects with high deployment frequencies, teams can save more than a thousand of hours per year.

New Opportunities Made Possible By Deployment Automation
I am a strong advocate of deployment automation for two main reasons:

  • It saves developers from routine error-prone tasks (which saves money).
  • It opens up several new opportunities that can make a great difference to your project's overall success.

I personally think the second reason is the most important for business, because of the following:

  • Integration tests as part of your daily workflow:

Everybody knows it is cost-effective to automate regression checks. Nowadays, we have plenty of cool tools to help implement integration tests. A good suite of UI regression tests is crucial for long-running projects' sustainable development; otherwise, in a year or two, you get to a point when you can't add new features because you are in a constant rush fixing the old ones. Automatic deployment is required in order to run these tests frequently and in an automated fashion. I recommend running them throughout the day (ideally - for every check in) - this saves money and helps you keep up with the schedule as you detect errors in under an hour from introducing them (see graph above).

  • Provide visibility with nightly builds:

Everybody wants visibility in agile development. The sooner you get something done and give it to product owners/target users, the sooner you understand what they actually need from the software (so you eliminate "you built exactly what I asked you, but it is not what I need" situation). A great way to provide visibility at no cost is to set up a nightly build, which deploys the current development version to a test environment just for reference. That way, everybody who is interested (stakeholders, managers, beta users, etc.) can see what has been built on a daily basis.

  • DevOps:

If you want your team to get into the DevOps world, be ready to invest in deployment automation. Developers tend to not like ops tasks, but they love automating stuff (that's why we automate email replies and program our coffee maker to run every morning). So a boring task to configure a new UAT platform becomes a challenging, exciting thing when you want to automate it.

  • Continuous deployment:

Continuous deployment, where every change that passes automated testing is deployed to production automatically, has been gaining traction over the last few years with most major tech companies adopting it (WordPress, Google, Facebook, Amazon).

Standard workflow with automated acceptance (integration tests) employed.

The bottom line is there is no excuse these days to not to do automatic deployment on .NET web projects. Technology is mature and easy to use, it saves time and money, it eliminates hard-to-troubleshoot errors because the process is reproducible and versioned, and it allows your team to be more flexible and move significantly faster.

More Stories By Ivan Antsipau

Ivan Antsipau is a senior .NET developer at Itransition specializing in architecting and implementation of business-specific web applications. With a specialist degree in Radiophysics and Computer Science, a knack for team leading, and years of hands-on programming experience under his belt, he sees the key to sustainable and accelerated delivery of software projects in elimination of stressful manual efforts with the help of continuous integration and automated testing.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@DevOpsSummit Stories
When you set off to build an app that will change the world, designing your system architecture to be reliable and scalable is important but the stark reality is that, for your MVP, you probably had a “need for speed” (of development). You didn’t know what all the axes were to scale your application, where your stress points would be, and what weird and wonderful ways your customers would use it down the road. In a world of zero-downtime services, landing the plane to figure it out is not an option. In his session at DevOps Summit, Andrew Miklas, CTO of PagerDuty, will share lessons learned ...
Founded in 1997, ActiveState is a global leader providing software application development and management solutions. The Company's products include: Stackato, a commercially supported Platform-as-a-Service (PaaS) that harnesses open source technologies such as Cloud Foundry and Docker; dynamic language distributions ActivePerl, ActivePython and ActiveTcl; and developer tools such as the popular Komodo Edit and Komodo IDE. Headquartered in Vancouver, Canada, ActiveState is trusted by customers and partners worldwide, across many industries including telecommunications, aerospace, software, fina...
SYS-CON Events announced today that ElasticBox is holding a Hackathon at DevOps Summit, November 6 from 12 pm -4 pm at the Santa Clara Convention Center in Santa Clara, CA. You can enter as an individual or team of up to 10 developers. A New Star Is Born Every Month! All completed ElasticBoxes will then be sent to a judging panel - 12 winners will be featured on the ElasticBox website in 2015. All entrants will receive five full enterprise licenses for one year + ElasticBox headphones + ElasticBox T-shirt. Winners can also choose to interview with ElasticBox to join one of the fastest growi...
SYS-CON Events announced today that Calm.io has been named “Bronze Sponsor” of DevOps Summit Silicon Valley, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Calm.io is a cloud orchestration platform for AWS, vCenter, OpenStack, or bare metal, that runs your CL tools puppet, Chef, shell, git, Jenkins, nagios, and will soon support New Relic and Docker. It can run hosted, or on premise and provides VM automation / expiry, self-service portals, audit, approvals, and budgeting.
Blue Box has closed a $10 million Series B financing. The round was led by a strategic investor and included participation from prior investors including Voyager Capital and Founders Collective, as well as the Blue Box executive team. This round follows a $4.3 million Series A closed in December of 2012 and led by Voyager Capital. In May of this year, the company announced general availability of its private cloud as a service offering, Blue Box Cloud. Since that release, the company has demonstrated market validation through customer adoption, positive reviews from industry analysts and k...
The speed of product development has increased massively in the past 10 years. At the same time our formal secure development and SDL methodologies have fallen behind. This forces product developers to choose between rapid release times and security. In his session at DevOps Summit, Michael Murray, Director of Cyber Security Consulting and Assessment at GE Healthcare, will examine the problems and present some solutions for moving security in to the DevOps lifecycle to ensure that we get fast AND secure.
SYS-CON Events announced today that Zentera Systems, an industry visionary delivering hybrid-cloud management solutions, will exhibit at DevOps Summit Silicon Valley, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Zentera Systems, Inc.™ is a Silicon Valley based private company, providing a Cloud Federation Platform (CFP) built on a virtualization architecture with patent-pending technology to address virtual network, cloud firewall, data protection and transport automation within and across cloud domains. Zentera is solving the security ...
Software development, like manufacturing, is a craft that requires the application of creative approaches to solve problems given a wide range of constraints. However, while engineering design may be craftwork, the production of most designed objects relies on a standardized and automated manufacturing process. By contrast, much of moving an application from prototype to production and, indeed, maintaining the application through its lifecycle has often remained craftwork. In his session at DevOps Summit, Gordon Haff, senior cloud strategy marketing and evangelism manager at Red Hat, will di...
High performing enterprise Software Quality Assurance (SQA) teams validate systems are ready for use – getting most actively involved as components integrate and form complete systems. These teams catch and report on defects, making sure the customer gets the best software possible. SQA teams have leveraged automation and virtualization to execute more thorough testing in less time – bringing Dev and Ops together, ensuring production readiness. Does the emergence of DevOps mean the end of Enterprise SQA? Does the SQA function become redundant?
In his keynote at DevOps Summit, David Tesar, Microsoft Technical Evangelist on Microsoft Azure and DevOps, will discuss how Microsoft teams who have made huge progress with a DevOps transformation effectively utilize operations staff and how challenges were overcome. Regardless of whether you are a startup or a mature enterprise, whether you are using PaaS, Micro Services, or Containerization, walk away with some practical tips where Ops can make a significant impact working with the development teams. Operational teams and functions are increasingly more important as the industry delivers so...
Cloudwick, the leading big data DevOps service and solution provider to the Fortune 1000, announced Big Loop, its multi-vendor operations platform. Cloudwick Big Loop creates greater collaboration between Fortune 1000 IT staff, developers and their database management systems as well as big data vendors. This allows customers to comprehensively manage and oversee their entire infrastructure, which leads to more successful production cluster operations, and scale-out. Cloudwick Big Loop supports DataStax, the leading distributed database technology company, and big data vendors -- Cloudera, Hor...

POMPTON LAKES, N.J., Oct. 17, 2014 /PRNewswire/ -- Kubisys announced today its namesake CID Platform, which automatically captures production environments and orchestrates the provisioning and deployment of replicas for development, testing and QA. The Kubisys CID Platform makes it easy for developers of mission critical multi-tier applications, such as Microsoft Dynamics AX, to follow DevOps practices for continuous delivery. The Kubisys platform delivers greater accuracy and agility than existing processes that rely on v...

The recent trends like cloud computing, social, mobile and Internet of Things are forcing enterprises to modernize in order to compete in the competitive globalized markets. However, enterprises are approaching newer technologies with a more silo-ed way, gaining only sub optimal benefits. The Modern Enterprise model is presented as a newer way to think of enterprise IT, which takes a more holistic approach to embracing modern technologies. This model makes use of Composable Enterprise framework put forward by Jonathan Murray of WMG.
This is part of the ever-expanding "Microservices and PaaS" blog series covering the rapidly evolving use of microservices in modern cloud software projects. Parts I and II introduced microservices concepts and discussed patterns and practices being spearheaded by microservices pioneers, notably Netflix, who were represented at a recent microservices meetup that was the genesis of this series. Part III presented a list of challenges and pitfalls that adopters of microservices face. This list is formidable and somewhat daunting; pointing out the significant changes in mindset, organizational s...
In their session at DevOps Summit, Stan Klimoff, CTO of Qubell, and Mike Becker, Senior Data Engineer for RingCentral, will share the lessons learned from implementing CI/CD pipeline on AWS for a customer analytics project powered by Cloudera Hadoop, HP Vertica and Tableau. Stan Klimoff is CTO of Qubell, the enterprise DevOps platform. Stan has more than a decade of experience building distributed systems for companies such as eBay, Cisco and Seagate. Qubell is helping enterprises to become more agile by providing a policy-driven platform for DevOps automation that provides self-service for d...
The impact of DevOps in the cloud era is potentially profound. DevOps helps businesses deliver new features continuously, reduce cycle time and achieve sustained innovation by applying agile and lean principles to assist all stakeholders in an organization that develop, operate, or benefit from the business’ lifecycle. In his session at DevOps Summit, Prashanth Chandrasekar, General Manager at Rackspace, will exam whether / how companies can work with external DevOps specialists to achieve "DevOps elasticity" and DevOps expertise at scale while internally focusing on writing code / developme...
I just recently wrote a blog about BOTs causing unwanted traffic on our servers. Right after I wrote this blog I was notified about yet another “interesting” and unusual load behavior on our download page which is used by customers to download latest product versions and updates. If you see such a load behavior you typically assume that you just released a new product version or maybe an update to our agents and many people are downloading it like crazy. Unfortunately that was not the case. The spike in traffic was caused by an implementation issue between our authentication service and our d...
SYS-CON Events announced today that O'Reilly Media has been named “Media Sponsor” of SYS-CON's 15th International Cloud Expo®, which will take place on November 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. O'Reilly Media spreads the knowledge of innovators through its books, online services, magazines, and conferences. Since 1978, O'Reilly Media has been a chronicler and catalyst of cutting-edge development, homing in on the technology trends that really matter and spurring their adoption by amplifying "faint signals" from the alpha geeks who are creating the future. An...
SYS-CON Events announced today that Gigaom Research has been named "Media Sponsor" of SYS-CON's 15th International Cloud Expo®, which will take place on November 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA. Ashar Baig, Research Director, Cloud, at Gigaom Research, will also lead a Power Panel on the topic "Choosing the Right Cloud Option." Gigaom Research provides timely, in-depth analysis of emerging technologies for individual and corporate subscribers. Gigaom Research's network of 200+ independent analysts provides new content daily that bridges the gap between break...
Today, almost every company has a directory that needs to be managed. Spending valuable company time monitoring servers, provisioning and deprovisioning users, auditing, and assessing security concerns takes away from the core competency of the team – building product and delivering to customers quickly. DaaS takes on the burden of those tasks, and allows the team to focus on what they do best. In his session at DevOps Summit, Rajat Bahargava, Co-Founder, Chairman, and President & CEO of JumpCloud, will talk about what DaaS is, how it eases the pain caused by AD and LDAP, and why cloud-based d...