DevOps best practices

1 Embrace Change

2 Leverage modern infrastructure elements

3 Automate all your testing environments

4 Automate deployments and updates

5 Implement observability

6 Implement high availability and scaling

Implementing modern DevOps practices can bring great impact on project lead time, cost, maintenance costs, and failure rates:

– Up to 60% overall cost reduction

– 3x higher developer productivity

– 14x faster feature and UAT sign-off

To get you started on DevOps best practices, here are a couple of steps that you should follow.

1 Embrace Change

Be build-oriented. Use dependency management and configuration management exclusively in your development process.

  • Make every project’s Git repository as lean as possible by only including the project-specific code and configuration.
  • Use NPM or Yarn for your JavaScript dependencies, use webpack to pull in CSS and JS dependencies.
  • Use Gulp, Grunt, or another task runner to compile static assets. Do not commit compiled assets to the repository.

Use Config Management to export configuration to Git.

2 Leverage modern infrastructure elements

Use HTTP/2.0. It’s faster. Use SSL everywhere, and redirect HTTP to HTTPS.

Move caching out of your SQL database to a dedicated caching service such as Redis.

Do not put application logic in the HTTP caching layer. Instead, make sure you are correctly setting cache headers in the application.

Do not rely on MySQL search. Use Apache Solr or Elasticsearch if you need search functionality.

Move any background tasks to a dedicated queue server such as RabbitMQ, with a separate queue worker. 

Do not rely on insecure services or unencrypted services such as FTP, use a VPN if you need access to internal resources. Only allow SSH access to your servers.

Make sure you have backups that contain everything, not just one application or service out of sync with another.

3 Automate all your testing environments

Align your development and testing clusters 100% with production.

  • Same versions of all components (code as well as infrastructure).
  • Do not test on small datasets; test at production scale.

Test deployment and migration processes as well as the features themselves.

Write tests and run them on every Git push.

Make sure all servers are immutable (read-only). Do not allow changes on production other than through a version control system.

Manage developer credentials centrally. Make sure you know who has access to which environment. Restrict access to the production branch.

Use protected Git branches and enforce code review and sign-off before release. The production branch should be stable and deployable to production at any moment.

 

Continue to part 2