As I have written about before, back in October I attended a DevOps conference sponsored by SoftLayer/IBM and JumpCloud. Just the other day, JumpCloud released the results of a survey taken of the 200+ attendees. While not a shocker to anyone in IT, the results show that because of the ever-increasing need to do more faster, we are turning to automation to handle routine tasks. This frees up time to focus on higher-impact jobs.
Over 82% of the survey respondents cited a need to automate more as one of their goals. When asked if they considered their organization a "DevOps organization," 79% indicated yes, and another 12% thought they were on their way. So maybe the fact that the overwhelming majority of the respondents were already DevOps organization skewed the results toward automation. Perhaps, but my gut tells me that many organizations, whether they identify themselves as DevOps orgs or not, want to automate more in order to do more.
Another thing to note were what kinds of tasks they were automating. As I said earlier, most people want to automate routine, repetitive tasks. According to the survey, the leading tasks automated were: configuration and deployment, user management and log management. While patching was further down the list, I would add my own personal opinion that I think patching is something that screams for automation (but maybe that is the security guy in me).
On another note, I found it very insightful that more respondents hosted their cloud infrastructure on AWS than all of the other providers combined! AWS is still the 800-pound gorilla in cloud and IaaS hosting, especially when you consider that SoftLayer was a prime sponsor of this event. I am looking forward to future surveys to see if this trend holds. Clearly, companies like IBM/SoftLayer and Rackspace have AWS dead in their sites now.
Another survey area of note was what tools people are using to automate. The hands-down winners were scripting tools for automating deployment, such as Chef or Puppet. Half of all the respondents use pre-built images when deploying server instances. Only one-third of those responding use an automated patch management solution.
Of course, underlying all of this is near-ubiquitous use of the cloud from a variety of vendors. Less than 3% of those in attendance kept their infrastructure in-house. In spite of a SendGrid presentation at the show that showed that if you spend more than $50k a month on cloud servers, it is more economical to house your own infrastructure.
Besides the cloud, we should of course mention virtualization, which is even more ubiquitous than the cloud and enables the rapid deployment, redeployment, taking down and standing up of new server instances in moments. None of all the above would really be possible if we were still racking servers using hardware. This is a software thing for sure.
Clearly, there are opportunities for new tool development to help automation and save DevOp folks time. While this survey seemed to concentrate on the Ops in DevOps, there are also tools that automate mundane tasks on the Dev side of things as well.
I look forward to attending more DevOps conferences, as well as seeing more data on what is driving the burgeoning DevOps movement. By all measurements, the area is on fire and is rapidly replacing traditional IT roles and functions in both enterprises and startups.
As co-founder and Managing Partner at The CISO Group, Alan Shimel is responsible for driving the vision and mission of the company. The CISO Group offers security consulting and PCI compliance management for the payment card industry. Prior to The CISO Group, Alan was the Chief Strategy Officer at StillSecure. Shimel was the public persona of StillSecure as it grew from start up to helping defend some of the largest and most sensitive networks in the world.
Shimel is an often-cited personality in the technology community and is a sought-after speaker at industry and government conferences and events. His commentary about the state of security, open source and life is followed closely by many industry insiders via his blog and podcast, "Ashimmy, After All These Years" (www.ashimmy.com). Alan is now also a regular contributor to The CISO Group’s security.exe blog and podcast. Follow him on Google.
Alan has helped build several successful technology companies by combining a strong business background with a deep knowledge of technology. His legal background, long experience in the field, and New York street smarts combine to form a unique personality.
Disclosure: The CISO Group sells a software-as-a-service PCI compliance application called SAQPro. The company is independent and does not represent any other vendor's products as a reseller.
Policy on comments: Respectful discussion is welcomed! However comments that use inappropriate language, consist of name calling or personal attacks, or include accusations of wrongdoing are not appropriate. Those comments will be deleted or edited.