Which side of the wall of confusion are your governance gates on?
Whenever people discuss DevOps they always speak of a "Wall of Confusion" between development and operations, and while there is certainly a barrier to understanding it's more than just a "wall." I see it more as a "canyon of distrust" or a "gulf of miscommunication."
The Canyon of Distrust
These are all just creative ways of identifying that there is misalignment between development-focused and operation-focused parts of the IT department. On a very simple level development tends to focus on revenue growth while operations focuses on revenue protection. One side is resistant to change and risk and the other exists only to introduce change and risk - bridging these two worldviews is the constant promise of DevOps.Here's how I model this disconnect: as a series of roles distributed along a spectrum of development and operations. The farther apart two job roles are on this spectrum the more difficult it is for individuals to communicate about software risk management and releases.
A DevOps architect might work closely with a release engineer. The two might be in completely different departments, yet they are both responsible for supporting similar processes. A DevOps architect and a release engineer are in agreement about release management and risk.On the other hand getting a software developer on the phone with a infrastructure support engineer focused on disk arrays is to get two people on the phone who likely won't be able to understand each other's work at all. If there's an issue during a release that involves these two individuals collaborating it will likely involve miscommunication.
The majority of interactions between these two groups tend to happen in the middle of these two areas and they often happen around a release with senior developers interacting operations support and site operations. If an organization doesn't provide the proper support from the proper roles you have a recipe for misalignment. If you expect your network engineers to hop on the phone with your senior architects every time something goes wrong then you'll have inefficient, unpredictable releases. The goal of release management is to make sure that interactions and governance gates are happening at the right point in the spectrum at different times during the process.
Where to place your release governance gates?
I recently saw an announcement from a popular cloud infrastructure provider about a Continuous Integration system that is able to double as a deployment tool providing the ability to add "governance gates" to a release process. This sounds great until you start to think about what this means for an organization.The idea of putting a release governance gate so strongly on the development side of this equation might be compelling for an organization that is driven by development, but for larger organizations with more prominent operations departments the idea of placing governance gates right next to your continuous integration system is far too simplistic.
When you are evaluating the risk of a release and approving a release it is important that you include both development and operations roles into the decision making process. Release governance isn't just about putting everything into an ITSM tool like BMC Remedy and filling out forms and it certainly isn't something that can be wholly automated in a DevOps-focused Jenkins CI server.Release governance is a shared responsibility and if you do it right you are including roles across the spectrum of IT bridging differences and making sure that incompatible views of software risk are aligned to achieve larger goals.
Your release governance process should act as a bridge over this "Canyon of Distrust" and it should assure both development and operations that the right people have assessed a project's risk and have agreed that a release has met a series of conditions.Release governance, when done right, is a shared responsibility. So, the right answer to "Which side of the wall of confusion are your governance gates on?" is "both."
With Plutora we offer the tool that gives you the ability to bridge this gap and provide the right information to the right roles to assess Go/No-Go decisions across a broad section of the IT department.