independent of developers 2. Segregated processes so we know the dependencies – eliminates “worked on my machine” 3. Package the application to enable repeatable installation and configuration into an environment introduced iv. Integration tests – ensure correct interaction with other production applications and services g. CATCH ERRORS AS EARLY IN OUR AUTOMATED TESTING AS POSSIBLE i. A test suite’s goal is to find to production in development) 2. Smoke testing our deployments – test connections to supporting services and systems, run sample data/transaction tests, fail deployment if needed 3. Ensure we maintain

representation of the abstract entities in programming languages and the mapping of these onto machine languages within space and speed constraints.”Abstract “Most of the big gains in software productivity inordinately hard, such as severe hardware constraints, awkward programming languages, lack of machine time. How much of what software engineers now do is still devoted to the accidental, as opposed survives beyond the normal life of the machine for which it is first written • Software is embedded in a cultural matrix of applications, users, laws, and machine vehiclesInvisibility • Software is invisible

scope and/or Capability Drop (CD) documents for smaller items such as applications (see Figure 13). Services and requirements oversight organizations have the flexibility to identify alternative names for enterprise platforms, IT programs will deliver capabilities via a series of applications or web services. IT systems must therefore be designed, developed, and maintained in concert with enterprise architectures requirements managed and tracked in the product backlog. For example, the contract requirements for a services contract may refer to the expertise required for the development team (e.g., 6 full-time-equivalent

TO START 47 7. Ch. 5 Selecting Which Value Stream to Start With 51 a. GREENFIELD vs BROWNFIELD SERVICES i. DevOps is not just for Greenfield ii. Important Predictor – Is the application architected TECHNICAL DEBT i. Don’t just make the interest payments, pay down the principle ii. If not managed, services become so fragile, delivery grinds to a halt g. INCREASE THE VISIBILITY OF WORK i. Keep the current i. I-shaped – specialist ii. T-shaped – generalists iii. E-shaped h. FUND NOT PROJECTS, BUT SERVICES AND PRODUCTS i. Create stable service teams ii. Enable them to execute strategy and roadmap.

capacity of the plant is to increase the capacity of only the bottleneck. Story - NCX-10 n/c machine idle on lunch break, pile of inventory in front of heat treat Jonah: “Whatever is available, the world’. What is the process? STEP 1 IDENTIFY the systems’ constraint (bottleneck at the NCX10 machine) STEP 2 Decide how to EXPLOIT the constraint (Machines should not take lunch breaks) STEP

INITIALLY SELF-MANAGE THEIR PRODUCTION SERVICE i. Google has development groups self-manage their services in production before they become eligible for Ops group to manage. 1. Define launch requirements to help make production-ready services (Hand-Off Readiness Review, HRR) ii. Operations has a service handback mechanism to the development team when production services become fragile 5. Ch. 17 – Integrate

responsible for unsupported platforms ii. Systematically review production infrastructure and services for items that are causing disproportionate amounts of failure and unplanned work; plan for elimination CODE REPOSITORIES AND SHARED SERVICES i. Add mechanisms & tools ii. Add security’s pre-blessed libraries, implementations, etc. iii. Collaborate with any shared services to provide prebuilt, secured

developer incorporates open source frameworks, uses standardized design patterns, and orchestrates services that are already available.  There are “cookbooks” available with templates for deploying systems adapt the system over time as the business changes versus buying an undefined stream of future services from a vendor who doesn’t know your business and doesn’t have financial incentives to supportyou meant to be, really. About the Author Mark Schwartz is an Enterprise Strategist at Amazon Web Services and the author of The Art of Business Value and A Seat at the Table: IT Leadership in the Age of

Design.pdfContainerized Software Factory Reference DesignSoftware Factory using Cloud DevSecOps Services Sidecar Container Security Stack Sidecar Container Security Stack enables: correlated and centralized containers, strong identities per Pod using certificates, and whitelisting rather than blacklisting. Services that support the security sidecar include: 1. Program-specific Log Storage and Retrieval Service

issues.  Maintenance window changed from once a week to everyday  Expanded Sphere of Influence  Machine Imaging  DEG and 3rd Party Application Installations  Route Adds – requires heightened security