This page is not created by, affiliated with, or supported by Slack Technologies, Inc.
2022-05-12
Channels
- # ask-the-speaker-track-1 (136)
- # ask-the-speaker-track-2 (192)
- # ask-the-speaker-track-3 (82)
- # ask-the-speaker-track-4 (89)
- # bof-arch-engineering-ops (1)
- # bof-leadership-culture-learning (2)
- # bof-sec-audit-compliance-grc (3)
- # demos (1)
- # discussion-main (675)
- # discussion-more (9)
- # games (4)
- # games-self-tracker (1)
- # gather (1)
- # help (4)
- # hiring (5)
- # networking (2)
- # summit-info (41)
- # xpo-bmc-ami-devops (1)
- # xpo-cloudbees (4)
- # xpo-github-for-enterprises (1)
- # xpo-gitlab-the-one-devops-platform (7)
- # xpo-itrevolution (3)
- # xpo-launchdarkly (3)
- # xpo-lightstep-observability-incidentresponse (1)
- # xpo-linearb-automate-dev-team-improvement (4)
- # xpo-planview-tasktop (2)
- # xpo-snyk (3)
- # xpo-sonatype (1)
- # xpo-split (1)
- # xpo-synopsys-sig (3)
- # xpo-tricentis-continuous-testing (1)
Reminder: Get yourself in front of your browser and into #ask-the-speaker-plenary for the opening remarks. We’re kicking off the final day of the DevOps Enterprise Summit in 15 minutes at 10am BST! https://devopsenterprise.slack.com/files/UATE4LJ94/F01D34MC2KS/image.png
Reminder: The final day is starting now – opening remarks and then plenary talks! Join the conversation in #ask-the-speaker-plenary.
Reminder: Remember all those talks you attended the first two days of the Summit? Please submit your feedback for those! It’s so valuable for us and the speakers. And after all, feedback is a gift and sharing is caring! Enter your feedback for those talks here: https://members.itrevolution.com/live/schedule https://devopsenterprise.slack.com/files/UATE4LJ94/F03E48CJRF1/image.png
Reminder: The breakout sessions are starting in 5 minutes. Get in front of your browser and start navigating your way to whichever session you’re attending. https://devopsenterprise.slack.com/files/UATE4LJ94/F01D34MC2KS/image.png
Hi all getting ready for the talk! Questions will be welcome @adarsh12in…
✨ Let's welcome, @phillipgadzinski, Group Global Head of Enablement, BUPA and @adarsh12in, DevOps CoE Head, Infosys Quality Consulting Unit, Infosys, here to present: No Flow No Devops! ✨
@phillipgadzinski @adarsh12in I was so delighted that you submitted — we have too few experience reports from the healthcare space. Such an important industry!
Its a pleasure to be able to… and yes! I know Alistair quit well . we have had him at bupa actually.. also using heart of agile principles
Healthcare has moved real fast in last 2-3 years on Digital - telemedicine, patient engagement online, smart health etc
It’s been fascinating to learn how poorly information flows in hospitals, as the number of specialties has grown in the last 50 years — and how much room for improvement there is!
Indeed @adarsh12in and our global strategy is really about accelerating how we can create those compelling digital solutions
Have you been measuring any improvements in patient outcomes, especially safety? (was NPS for patients? or for fellow BUPA colleagues?). thank you!
some hospitals are amazing - they adopt lean principles. the key there is whats the Flow Unit - the patient or the service? if its the patient, then lean works…
our nps is across all services - we have multiple op models in healthcare. so yes it covers things such as patient experience. more about the real customer experience.
and a great Deming quote @adarsh12in! “IN god we trust, others need data…”
@phillipgadzinski always startling when someone talks to you via a recorded video! 🙂
With 5 Market units and 16 countries it’s a journey. The advantage is the metrics are relatively simple to define and adopt.
@lester2 - metrics across Velocity like Deployment cadence & success with most teams being on ADO and metrics like MTTR from tools like ServiceNow are pretty much in place. the challenge comes in collating from 16 different countries & consistent view. as devOps CoE, we reach out to teams to gather data on our 'monitor of monitors'
Using the Four Keys Project at all? https://github.com/GoogleCloudPlatform/fourkeys
100%. the ones shown below is exactly what DORA advocates. We use Deployment cadence & success which is what ur deployment frequency & Change fail rate combined is, Lead time..which is what we get from JIRA & Azure Boards..most countries are on Azure boards..few on JIRA..time to restore service from ServiceNow. Hope that helps
deployment frequency (DF), lead time for changes (LT), mean time to recovery (MTTR), and change failure rate (CFR).
fascinating; 16 geographies, decentralized traditions; how does one more rapidly spread great practices, across federated countries. “we do things 16 different ways”
whats working for us is an idea of understanding complexity. emergence of novel and good practices can come from anywhere. so we cant take a centralised command driven mode and be succesful . so instead we spread feedback loops - broad open channels of information flow and try and pick up weak signals - and where we see things that could be taken then federated globally we do that. much of our recommended patterns and practices and and enablers have bene drawn from existing things within our business. so we curate before we create…
⭐ Here to present The DevOps Transformation Toolbox -10 Tools that Drive RBI's Transformation to Modern SW Engineering is @robert.ruzitschka, DevOps Guild Lead and @matthias.fleischmann Group Product Leader of Fraud Transaction Monitoring from RBI ⭐
Thanks! Excited to be here and looking forward to your questions!
And this is the obligatory Team Topologies Reference: Enabling Team!
My other personal mission - helping people collaborate. #innersource 👍 https://innersourcecommons.org/
@robert.ruzitschka and @matthias.fleischmann How do you balance CoP and/or Guild membership with value stream related work?
Hi @robert.ruzitschka and @matthias.fleischmann! I had a quick question on the Inner Sourcing. What was your experience getting teams to open up and let others work in their code? That’s been a huge roadblock for our teams. Teams regularly refuse to even let other access each other’s repos.
@ben.squires Good question. Guilds have more formal membership, guild members are nominated and should work around 10% for the community. We expect this to be an average. So sometimes more, sometimes less - depends on urgency in the value stream. No simple thing to balance, quite delicate.
@robert.ruzitschka Thank you. How do Guild members get access to their 10% - something negotiated with their own team? This is something we have struggled with - we have CoPs (as per your Guilds) but getting members time to do this work when faced with large feature backlogs is very difficult for us...
Ben - no silver bullet here, we also struggle with this. It takes a lot of time and convincing on all levels to assure that teams not only optimize locally but also think about overall organizational health. I wrote an article about this a while ago. https://rruzitschka.medium.com/the-challenge-of-internal-communities-in-an-enterprise-it-organization-fbe198b1f0e4
@robert.ruzitschka Thanks! I will take a look at the article... I'm always hoping for a silver bullet :-D
Hi @bernard.voos - my personal experience in our Tribe setup (containing multiple sister product teams) is that we are facing the challenge that some teams are to secure enough to make use of new code, new ideas (which have not been developed by themselves. Ad repos, we run here a pretty liberal strategy, repos are open in Git. (of course with respective limitations, but everyone can access)
@robert.ruzitschka Are you able to share your Agile Engineering Maturity Model??
@ben.squires if I may also add here to your point - I believe (and completely convinced as Product team member) that you need to support this as product leader, recognizing that the team members benefit from that sharing culture and make us all better
@matthias.fleischmann I complete agree - but difficult to convince a PO under pressure - we continue to try 🙂
@ben.squires what helped me as being in the PO shoes are reading literature as the DevOps Handbook, or the Phoenix Project. If you don't show legitimate interest in the team members capabilities and work I am convinced you have a hard time being a great PO. I am certainly NOT prioritizing my whole work day the backlog and upcoming focus areas, but rather spending huge amount of time with the other team members understanding their actual work better (not saying that I understand everything down to deepest code level :D)
@matthias.fleischmann That's good advice - I will try to get the POs to follow it - might be time for mass purchase of The Phoenix Project audiobook 🙂 Thanks again!
security design seems to be an unpopular discipline 😂
@robert.ruzitschka Question to "Agile Egineering Coaches": How strongly the are coupled with the teams and how easy it is to get this coaches out of the team after the coaching work is done (I'm pretty sure the coaching work is never done)?
@bernard.voos We have not experienced this problem as we have been storing code in shared repo already for quite some time. We see a bit of hesitation as teams feel that InnerSource may cause them more work with no immediate benefits. It requires a lot of talking. My personal experience: If teams are reluctant to share their code, there is a bigger underlying problem (psychological safety etc.)
@scott.prugh: We are thinking about it. it is nothing secret or fancy. We just need to put some polishing on it and find a good way how to publish.
Let me know if you want help polishing. My excel skills are strong!!
Thanks, @robert.ruzitschka! Indeed, there’s definitely not enough psychological safety. We are working on that.
InnerSourcing - can be a struggle if participation is voluntary to contribute. How do you "staff" these?
@enrico.walther As discussed a bit above, it is important to define a clear scope and a clear time frame. If teams don't really commit, coaches pull out. We need to prioritize our work so typically work with teams that really want us to help!
Is the definition of the scope a kind of contract which is filled out at the beginning of the engagement together with the product owner or scrum master?
This is how it is done, exactly. There is a more or less formal agreement to set expectations from all sides. Usually the agreement is doe with the business stake holder (PO) but the Scrum Master is of course also involved.
Ok. We have a similare role defined in our organisation but we strugle all the time to get the coaching experts out of the project after there engagement.
Thank you @robert.ruzitschka and Matthias. I love your toolbox concept. Wonder what the difference really is between general Agile Coaches and Agile Engineering Coaches - I guess they're dedicated to focusing on engineering practices specifically? It's interesting - we have an Engineering Maturity assessment too, but we've got separate content for Agile and separate content for DevOps
@lester2 We are early in the journey here but what we assured from the beginning was top level management (Board Leve) buy in.
thank you for the insights
Thank you @robert.ruzitschka @matthias.fleischmann - very interesting and focussed presentation - ringing many bells and some useful ideas to take forward - much appreciated
@lester2 completely agree and share that this can be a struggle, on the other hand side, if we are not able to make teams see the benefit that we are not there where we wanna be - I guess that is a huge mindset thingy in general where corporations need to work
@robert.ruzitschka and @matthias.fleischmann, your toolkit is very similar to ours how the move to cloud was relevant in your progression?
@moira.cheng Thanks for the kind words. You got that exactly right. We are focusing on Engineering Practices but obviously there is a big overlapping area. Hard to seperate the two things -so we try to work as close together with the Agile coaches as possible.
@gvian Yes, you are right. We see significant correlation between cloud adoption and engineering maturity!
@gvian Robert touched on a similar related topic during the talk - removing certain topics a team needs to take care of to focus the cognitive power and resource to actual value adding outcomes ... cloud (managed) services obviously help here as well tremendously
Reminder: The breakout sessions are starting again in 5 minutes. Get in front of your browser and start navigating your way to whichever session you’re attending. https://devopsenterprise.slack.com/files/UATE4LJ94/F01D34MC2KS/image.png
✨ And now, @steveelsewhere and @abd3721 are here to present, Leading from the Middle ✨
I’m curious what everyone is seeing as methods to foster this ‘Transformational Leadership’
And what obstacles / risks are you seeing as the biggest challenge to having influence in your organization?
1. lack of explicit culture and values 2. lack of alignment in incentives/rewards
This ‘explicit’ gap is massive, I think it also includes repetition and clarity
#2 is something we’ll look back on with disbelief for decades: “How did any of this work when we told everyone to do x and rewarded y?”
@jeff.gallimore thank you for joining us for the session!!
#2 sounds a lot like our conscious values and implied/tacit/unconscious values are different
@abd3721 interesting. :thinking_face: yes. implicit != explicit, and one group’s != another group’s
It was so surprising to me to connect pull-based leadership and pull-based delivery - is pull always the best way?
For us at Telekom IT a big challenge is “who actually is the leader?“: We have people units where we collected people based on skills, and then we work in so called hubs in our day to day life, so there is always a conflict.
Does the tension between those two groups lead to balanced good decisions? Or leave people less confident?
That’s an advantage of stream alignment and the ‘single threaded leader’ Amazon model
At the moment it is not balanced, no. We fuss over things like “on what time do I learn, on the people unit or hub time?” and how much time does the hub or the people unit get…
I think if the individuals understand why we really need both of those sides they can figure out their balance on their own, and I would feel that a 15% vs 85% balance sounds healthy, but at the moment the goals of both sides are not clear.
Reminds me of what @jeff.gallimore said above https://devopsenterprise.slack.com/archives/C015DUDNPLM/p1652363837106469?thread_ts=1652363747.997679&cid=C015DUDNPLM
@sascha.schaerich We see this also many times. Core problem for me is that the organization usually is structured in a way that local optimization is (explicitly or implicitly) encouraged. If any level of hierarchy need to decide to go for local benefit or for overall organizational benefit - local always wins. It hard to design a different structure. I have been thinking a lot about this. Don't wan to spam but have collected my thought on the matter here: https://rruzitschka.medium.com/the-challenge-of-internal-communities-in-an-enterprise-it-organization-fbe198b1f0e4
As a community lead I need to manoevre the space every day and it is not simple. Creating organizational awareness about these topics is hard to achieve precisely because of incentive structure. But potential benefits are huge.
Great and helpful article @robert.ruzitschka thank you!
i love the clarity of this — showing and describing the different kinds of “networks”
“If you want people to do what you want, you need to want what’s in their best interest”
^ this is such an interesting phenomenon! How do we define intrinsic vs systemic? Is there daylight between the two?
There are few classic intrinsic motivations: • Autonomy • Mastery • Purpose • Connection I think that “systemic” factors are what will largely drive behavior (for better or for worse). If the system promotes intrinsic motivators, people will be more naturally engaged.
A lot of this, I think, maps nicely with Eric Lynn's work around cultivating healthy organizations, as described in his book "Dancing with Change". Highly recommended read.
The fact that we omitted/overlooked joy probably implies that we’re under-emphasizing that in our own lives. (Note to self)
Buy-in also influences how outcomes are achieved and spending time on defining the whys will help a lot in promoting harmony for all parties.
Shout-out to @dominica and Making Work Visible!! Huge inspiration for collaborative mapping
Our article in the latest DevOps Enterprise Journal (free to attendees!) outlines a lot of what we’ll be detailing in the book!
https://myresources.itrevolution.com/id006657137/The-DevOps-Enterprise-Journal-Spring-2022
Book details Name: still TBD Publisher: IT Revolution!! Date: Galley copies at the Fall DOES, Published next spring
https://myresources.itrevolution.com/id006657137/The-DevOps-Enterprise-Journal-Spring-2022
Just had an aha moment watching that talk by Andy and Steve - thank you for a great session
I’d love to connect with anyone leading from the middle! https://linkedin.com/in/devopsto
🌟 Here to talk about Creating A Secure Software Supply Chain In A Large Engineering Organization is the team from IBM — @rradclif, IBM Distinguished Engineer, DevSecOPS CTO for the CIO and @tglawles, IBM STSM, CIO Developer Experience 🌟
I still remember the huge difference in the IBM e-commerce site, trying to buy SPSS license. One year, I actually gave up after 20m, because I couldn't understand how to buy single user license. So much better now!
We are continuing to work this space to make it easier to get capabilities and make sure we have the right security around it.
Yes, significantly different now, but there is always space for continuous improvement.
Gene - I know you like good stories. Around 2015 our VP got up on stage in front of 100 developers and attempted to buy a $10,000 server on his credit card. The phone sales rep was very professional but he literally couldn’t buy it without engaging with a Sales rep onsite. That was step 1. 🙂
“Yes, I have my credit card here, and I know exactly what I want to buy, can I buy it please?”
SPSS Statistics became the #1 product that we were able to sell direct-to-customers, once we got that on the new platform we built, which was probably around the end of 2015.
I participated in the Design Thinking (AoT Study) and as an early case study before I went to Red Hat.
We’re trying to make Tekton better for supply chain security. SLSA, NIST, etc.
Red Hat is building a Tekton CI/CD certification pipeline for its products too, so we’re sharing implementation details and also trying to herd cats around new Tekton features so it does what we need it to do.
What are others experiencing in building a secure software supply chain across your organization?
We had some success in making everything as painless as possible. Pre integrate everything (SAST, DAST) in a standard CI/CD platform. Keep the entry barrier as low as possible. Creates quite a strong pull.
@robert.ruzitschka How did you approach shifting your engineering culture away from distributed CI / CD to centralized CI / CD?
quite often i see organizations adopting security processes failing due to mistakenly thinking that its only picking a few tools and you are done. Not fully grasping that you are dealing with people 🙂 Training, evangelism, knowledge sharing, inhouse documentation are all things that play into successful adoption of any new process.
@jbaveras We are really focused on making sure we improve the experience of our developers with this initiative, not just meeting the needs of our organization.
One of our challenges is delivering clear and concise messaging to thousands of globally distributed developers.
agreed, processes that are cumbersome will be circumvented. I believe there is a bit of a situation where "security needs to be invisible" (to developers) and "security needs to be visible" (to leadership).
feel free to DM me and we can exchange emails if you want to discuss if Synopsys might be able to assist 🙂
@tglawles Long story: We have 13 (quite independent) subsidiaries across CEE with many different cultures. First we did a survey with the teams if we find a common ground regarding CI/CD tooling. We didn't but what we found was a general unhappiness with functionality, availability and maintenance of pipeline tooling. So we did a longer vendor selection process and ended up with Github. Most developers are just familiar with it so entry barrier is low. We then started to provide tools for migration of repos and build systems to GitHub. In parallel, Security tightened requirements regarding to SAST scanning (we are a bank, so heavily regulated) - nobody was forced to move their pipeline to central GitHub any new code needed to go to the central repo (as this is also used for our InnerSource initiative). So either manage all the regulatory stuff by yourself or use top class tooling provided centrally. So a bit of pull and push. It was and is even a bit more complicated but we see good uptake. Centrally provided tool chains that are working well and reliably are good. It does not make sense that each team manages it's own tooling. It takes a LOT of effort that is often really underestimated. And there usually is not a lot of business value. Sorry that this is so long 😀. Happy to discuss!
Reminder: The final plenary sessions are starting in 5 minutes. Start making your way back to your browser and join us in #ask-the-speaker-plenary to interact live with the speakers and other attendees. https://devopsenterprise.slack.com/files/UATE4LJ94/F01D34MC2KS/image.png
Reminder: Please submit your feedback for the talks you attended. It’s so valuable for us and the speakers. And after all, feedback is a gift and sharing is caring! Enter your feedback for those talks here: https://members.itrevolution.com/live/schedule https://devopsenterprise.slack.com/files/UATE4LJ94/F03E48CJRF1/image.png