DevOps job tasks (the work of DevOps)

Get DevOps done using job tasks and projects based on job tasks defined by professional certification

                       

Overview

• Amazon’s DevOps Professional Exam
• Testing and other habits (values)
• DevOps practices
• DevOps Courses
• Categories for technology management
• Design a DevOps strategy
  • Recommend a migration and consolidation strategy for DevOps tools
  • Design and implement an Agile work management approach
  • Design a quality strategy
  • Design a secure development process
  • Design a tool integration strategy
• Implement DevOps development processes
  • Design a version control strategy
  • Implement and integrate source control
  • Implement and manage build infrastructure
  • Implement code flow
  • Implement a mobile DevOps strategy
  • Managing application configuration and secrets
• Implement continuous integration
  • Manage code quality and security policies
  • Implement a container build strategy
  • Implement a build strategy
• Implement continuous delivery
  • Design a release strategy
  • Set up a release management workflow
  • Implement an appropriate deployment pattern
• Implement dependency management
  • Design a dependency management strategy
  • Manage security and compliance
• Implement application infrastructure
  • Design an infrastructure and configuration management strategy
  • Implement infrastructure as code (IaC)
  • Manage Azure Kubernetes Service infrastructure
  • Implement infrastructure compliance and security
• Implement continuous feedback
  • Recommend and design system feedback mechanisms
  • Implement process for routing system feedback to development teams
  • Optimize feedback mechanisms
• Resources
• More on DevOps

Most job descriptons for DevOps roles focus on vendor product offerings (GitHub, Jenkins, etc.).

NOTE: Content here are my personal opinions, and not intended to represent any employer (past or present). “PROTIP:” here highlight information I haven’t seen elsewhere on the internet because it is hard-won, little-know but significant facts based on my personal research and experience.

However, this page lists the contributions, achievements, and outcomes from working DevOps (DevTestSecOps or DevXOps), based on Job Task Analysis done for the Implementing Azure DevOps Solutions exam AZ-400 which fuilfills requirements to be designated a Microsoft Certified: Azure DevOps Engineer Expert. Expand all (click on) these high-level statements of contributions:

1. Design a DevOps strategy
2. Implement DevOps development processes
3. Implement continuous integration
4. Implement continuous delivery
5. Implement dependency management
6. Implement application infrastructure
7. Implement continuous feedback
   
   (Click on each link for its job tasks, detailed below.)

Amazon’s DevOps Professional Exam

Compare against the “domains” in Amazon’s AWS Certified DevOps Engineer – Professional Complete Exam: DOP-C00 (since December 2018):

1. SDLC Automation : CodeCommit, CodeBuild, CodeDeploy, CodePipeline ((22%)
2. Configuration Management and Infrastructure as Code : CloudFormation, Elastic Beanstalk, AWS Config, ECS, Lambda, OpsWorks (19%)
3. Monitoring and Logging “ CloudWatch, X-Ray (15%)
4. Policies and Standards Automation : Service Catalog, Trusted Advisor, Secrets Manager, Organizations, Macie, Cert Manager (10%)
5. Incident and Event Response : Guard Duty, Inspector Kinesis (18%)
6. High Availability, Fault Tolerance, and Disaster Recovery : SSO, CloudFront, AutoScaling, Route53, RDS, Aurora, DynamoDB (10%)
   
   

The above I also call “processes” addressed by products.

Testing and other habits (values)

The word “testing” is not among the above, perhaps because testing is pervasive, along with other “habits”:

1. Team Autonomy and Enterprise Alignment
2. Rigorous Management of Technical Debt
3. Focus on Flow of Customer Value
4. Hypothesis Driven Development
5. Evidence Gathered in Production
6. Live Site Culture (remediate immediately and drive to root cause)
7. Manage infrastructure as flexible resources
   
   

DevOps practices

But testing is a separate item among VIDEO: 7 DevOps practices as defined by Microsoft’s Sam Guckenheimer:

1. Configuration management [Course 4]
2. Release management
3. Continuous integration [Course 3]
4. Continuous deployment [Course 3]
5. Infrastructure as Code [Course 2]
6. Test automation [Course 5]
7. Application performance monitoring [Course 7]
   
   

All but “release management” track with Microsoft’s curriculum (below).

DevOps Courses

To obtain skill to make contributions listed above, there is a 10-course Microsoft Professional Program (MPP) in DevOps on Edx.org:

1. Introduction to DevOps Practices
2. Infrastructure as Code
3. Continuous Integration and Continuous Deployment
4. Configuration Management for Containerized Delivery
5. DevOps Testing
6. DevOps for Databases
7. Application Monitoring and Feedback Loops
8. DevOps for Mobile Apps
9. Architecting Distributed Cloud Applications
10. Microsoft Professional Capstone : DevOps

QUESTION: Is AZ-400 the same as exam: Implementing Microsoft Azure DevOps Solutions 70-538 “coming soon”.

Categories for technology management

A dashboard displaying progress toward DevOps implementation would instead be grouped by categories of technology:

A. Security
B. Networks
C. Persistance (storage, databases)
D. Compute (virtual machines)
E. Management (monitoring)
F. DevOps (development to operations)
G. Integration (messaging)
H. Analytics (BI, Visualization, Machine Learning & AI)

The above list is often used to also define organizational boundaries, where technicians report to a manager in charge of each category (such as the department of Networking, etc.). The concern with such an approach is that each category is dependent on others to be setup at the same time. Each of the above needs to be a part of each application.

But traditional enterprise communication tends to be funneled up through category managers rather than directly among workers.

“Agile” teams aim to put skills that address ALL categories into each small team. That’s a tall order considering the staggering number of technologies implemented, especially in companies which have relegated each employee to a very specific role for years and don’t make it easy to hold a job which spans all these categories, even in the course of an entire 40-year career.

Here is where culture, collaboration tools, and automation may help.

PROTIP: The hope is that, eventually, advances in automation would enable small Agile teams to work like a start-up on their own, addressing all aspects of a traditional data center without ceremonies to get permission and clearance through various management ranks. So the futuristic view of the job tasks below would be how to get a computer to do each on its own with minimal human interaction.

But, for now, people are involved in its setup, configuration, and maintenance, so they need to learn the specific skills below, both manually in the GUI and in automation scripts such as Bash, Python, PowerShell, and other scripts.

---

Design a DevOps strategy

Recommend a migration and consolidation strategy for DevOps tools

• analyze existing artifact (e.g. deployment packages, NuGet) and container repositories

• analyze existing test management tools

• analyze existing work management tools

• recommend migration and integration strategies for artifact repositories, source control, test management, and work management

Design and implement an Agile work management approach

• identify and recommend project metrics, KPIs, and DevOps measurements (e.g. cycle time, lead time, Azure Kubernetes Service, WIP limit)

• implement tools and processes to support Agile work management

• mentor team members on Agile techniques and practices

• recommend an organization structure that supports scaling Agile practices

• recommend in-team and cross-team collaboration mechanisms (Skype, Zoom)

Design a quality strategy

• analyze existing quality environment

• identify and recommend quality metrics

• recommend a strategy for feature flag lifecycle

• recommend a strategy for measuring and managing technical debt

• recommend changes to team structure to optimize quality

• recommend performance testing strategy

Design a secure development process

• inspect and validate code base for compliance

• inspect and validate infrastructure for compliance

• recommend a secure development strategy

• recommend tools and practices to integrate code security validation (e.g. static code analysis)

• recommend tools and practices to integrate infrastructure security validation

Design a tool integration strategy

• design a license management strategy (e.g. VSTS users, concurrent pipelines, test environments, open source software licensing, DevOps tools and services, package management licensing)

• design a strategy for end-to-end traceability from work items to working software

• design a strategy for integrating monitoring and feedback to development teams

• design an authentication and access strategy

• design a strategy for integrating on-premises and cloud resources

---

Implement DevOps development processes

Design a version control strategy

• recommend branching models

• recommend version control systems

• recommend code flow strategy

Implement and integrate source control

• integrate external source control

• integrate source control into third-party continuous integration and continuous deployment (CI/CD) systems

Implement and manage build infrastructure

• implement private and hosted agents

• integrate third party build systems

• recommend strategy for concurrent pipelines

• manage Azure pipeline configuration (e.g. agent queues, service endpoints, pools, webhooks)

Implement code flow

• implement pull request strategies

• implement branch and fork strategies

• configure branch policies

Implement a mobile DevOps strategy

• manage mobile target device sets and distribution groups

• manage target UI test device sets

• provision tester devices for deployment

• create public and private distribution groups

Managing application configuration and secrets

• implement a secure and compliant development process

• implement general (non-secret) configuration data

• manage secrets, tokens, and certificates

• implement applications configurations (e.g. Web App, Azure Kubernetes Service, containers)

• implement secrets management (e.g. Web App, Azure Kubernetes Service, containers, Azure Key Vault)

• implement tools for managing security and compliance in the pipeline

---

Implement continuous integration

Manage code quality and security policies

• monitor code quality

• configure build to report on code coverage

• manage automated test quality

• manage test suites and categories

• monitor quality of tests

• integrate security analysis tools (e.g. SonarQube, WhiteSource Bolt, Open Web Application Security Project)

Implement a container build strategy

• create deployable images (e.g. Docker, Azure Container Registry)

• analyze and integrate Docker multi-stage builds

Implement a build strategy

• design build triggers, tools, integrations, and workflow

• implement a hybrid build process

• implement multi-agent builds

• recommend build tools and configuration (e.g. Azure Pipelines, Jenkins)

• set up an automated build workflow

---

Implement continuous delivery

Design a release strategy

• recommend release tools

• identify and recommend release approvals and gates

• recommend strategy for measuring quality of release and release process

• recommend strategy for release notes and documentation

• select appropriate deployment pattern

Set up a release management workflow

• automate inspection of health signals for release approvals by using release gates

• configure automated integration and functional test execution

• create a release pipeline (e.g. Azure Kubernetes Service, Service Fabric, WebApp)

• create multi-phase release pipelines

• integrate secrets with release pipeline

• provision and configure environments

• manage and modularize tasks and templates (e.g. task and variable groups)

Implement an appropriate deployment pattern

• implement blue-green deployments

• implement canary deployments

• implement progressive exposure deployments

• scale a release pipeline to deploy to multiple endpoints (e.g. deployment groups, Azure Kubernetes Service, Service Fabric)

---

Implement dependency management

Design a dependency management strategy

• recommend artifact management tools and practices (Azure Artifacts, npm, maven, Nuget)

• abstract common packages to enable sharing and reuse

• inspect codebase to identify code dependencies that can be converted to packages

• identify and recommend standardized package types and versions across the solution

• refactor existing build pipelines to implement version strategy that publishes packages

Manage security and compliance

• inspect open source software packages for security and license compliance to align with corporate standards (e.g. GPLv3)

• configure build pipeline to access package security and license rating (e.g. Black Duck, White Source)

• configure secure access to package feeds

---

Implement application infrastructure

Design an infrastructure and configuration management strategy

• analyze existing and future hosting infrastructure

• analyze existing Infrastructure as Code (IaC) technologies

• design a strategy for managing technical debt on templates

• design a strategy for using transient infrastructure for parts of a delivery lifecycle

• design a strategy to mitigate infrastructure state drift

Implement infrastructure as code (IaC)

• create nested resource templates

• manage secrets in resource templates

• provision Azure resources

• recommend an Infrastructure as Code (IaC) strategy

• recommend appropriate technologies for configuration management (ARM Templates, Terraform, Chef, Puppet, Ansible)

Manage Azure Kubernetes Service infrastructure

• provision Azure Kubernetes Service (e.g. using ARM templates, CLI)

• create deployment file for publishing to Azure Kubernetes Service (e.g. kubectl, Helm)

• develop a scaling plan

Implement infrastructure compliance and security

• implement compliance and security scanning

• prevent drift by using configuration management tools

• automate configuration management by using PowerShell Desired State Configuration (DSC)

• automate configuration management by using a VM Agent with custom script extensions

• set up an automated pipeline to inspect security and compliance

---

Implement continuous feedback

Recommend and design system feedback mechanisms

• design practices to measure end-user satisfaction (e.g. Send a Smile, app analytics)

• design processes to capture and analyze user feedback from external sources (e.g. Twitter, Reddit, Help Desk)

• design routing for client application crash report data (e.g. HockeyApp)

• recommend monitoring tools and technologies

• recommend system and feature usage tracking tools

Implement process for routing system feedback to development teams

• configure crash report integration for client applications

• develop monitoring and status dashboards

• implement routing for client application crash report data (e.g. HockeyApp)

• implement tools to track system usage, feature usage, and flow

• integrate and configure ticketing systems with development team’s work management system (e.g. IT Service Management connector, ServiceNow Cloud Management, App Insights work items)

Optimize feedback mechanisms

• analyze alerts to establish a baseline

• analyze telemetry to establish a baseline

• perform live site reviews and capture feedback for system outages

• perform ongoing tuning to reduce meaningless or non-actionable alerts

Resources

Amazon’s Study Guide for AZ-400

• ACoud.guru vidoes

More on DevOps

This is one of a series on DevOps:

1. DevOps_2.0
2. ci-cd (Continuous Integration and Continuous Delivery)
3. User Stories for DevOps

4. Enterprise Software)

5. Git and GitHub vs File Archival
6. Git Commands and Statuses
7. Git Commit, Tag, Push
8. Git Utilities
9. Data Security GitHub
10. GitHub API

11. TFS vs. GitHub

12. Choices for DevOps Technologies
13. Pulumi Infrastructure as Code (IaC)
14. Java DevOps Workflow

15. Okta for SSO & MFA

16. AWS DevOps (CodeCommit, CodePipeline, CodeDeploy)
17. AWS server deployment options

18. AWS Load Balancers

19. Cloud services comparisons (across vendors)
20. Cloud regions (across vendors)

21. AWS Virtual Private Cloud

22. Azure Cloud Onramp (Subscriptions, Portal GUI, CLI)
23. Azure Certifications

24. Azure Cloud

25. Azure Cloud Powershell
26. Bash Windows using Microsoft’s WSL (Windows Subsystem for Linux)

27. Azure KSQL (Kusto Query Language) for Azure Monitor, etc.

28. Azure Networking
29. Azure Storage
30. Azure Compute

31. Azure Monitoring

32. Digital Ocean

33. Cloud Foundry

34. Packer automation to build Vagrant images
35. Terraform multi-cloud provisioning automation

36. Hashicorp Vault and Consul to generate and hold secrets

37. Powershell Ecosystem
38. Powershell on MacOS

39. Powershell Desired System Configuration

40. Jenkins Server Setup
41. Jenkins Plug-ins
42. Jenkins Freestyle jobs

43. Jenkins2 Pipeline jobs using Groovy code in Jenkinsfile

44. Docker (Glossary, Ecosystem, Certification)
45. Make Makefile for Docker
46. Docker Setup and run Bash shell script
47. Bash coding
48. Docker Setup
49. Dockerize apps

50. Docker Registry

51. Maven on MacOSX

52. Ansible
53. Kubernetes Operators

54. OPA (Open Policy Agent) in Rego language

55. MySQL Setup

56. Threat Modeling

57. SonarQube & SonarSource static code scan

58. API Management Microsoft

59. API Management Amazon

60. Scenarios for load
61. Chaos Engineering

---