In Praise of Slow Continuous Delivery

(without introducing more risk)
In Praise of Slow
Continuous Delivery
Puppet
Gareth Rushgrove
On-premise software and continuous delivery

View Slide

@garethr

View Slide

Gareth Rushgrove

View Slide

What we’ll cover
This talk

View Slide

- What do we mean when we say continuous
- The world of Enterprise Software vendors
- Why is this different?
- Examples of evolving stable software
Gareth Rushgrove

View Slide

Note
Most of the examples are infrastructure tools,
because I’m an infrastructure tools geek. The
patterns and practices are more general
Gareth Rushgrove

View Slide

What people think of when you

say continuous delivery
What does good
look like?

View Slide

Gareth Rushgrove

View Slide

Gareth Rushgrove
“Continuous Delivery is the ability to get
changes of all types—including new features,
conﬁguration changes, bug ﬁxes and
experiments—into production, or into the
hands of users, safely and quickly in a
sustainable way.
Jez Humble, Continuous Delivery

View Slide

Gareth Rushgrove

View Slide

Gareth Rushgrove
“10 deploys a day at Flickr
John Allspaw and Paul Hammond, VelocityConf, 2009

View Slide

Gareth Rushgrove
Jon Jenkins, VelocityConf, 2011
“Amazon deploys every 11.6 seconds

View Slide

How fast are you deploying your
software today?
Gareth Rushgrove

View Slide

The land the internet forgot
Enterprise Software

View Slide

Gareth Rushgrove

View Slide

But everyone wants to be an enterprise
software company
Gareth Rushgrove

View Slide

Gareth Rushgrove

View Slide

No really. Everyone wants to be an
enterprise software company
Gareth Rushgrove

View Slide

Gareth Rushgrove
0
50
100
150
200
ORCL IBM SAP VMware
Market cap in billions

View Slide

- Puppet Enterprise ships every 3 months
- Docker EE ships every 3 months
- vSphere ships about every 6 months
- Oracle ship a new major every 3 years
Gareth Rushgrove

View Slide

Can this be continuous delivery?
Gareth Rushgrove

View Slide

Gareth Rushgrove

View Slide

Gareth Rushgrove
HP LaserJet Firmware
Builds
Commits per day
Regression tests
1 per week
1
6 weeks
10 per day
100
24 hours
2008 2011

View Slide

Can this be continuous delivery?
Gareth Rushgrove

View Slide

Non-SaaS delivery models
Why is this diﬀerent?

View Slide

1. Consuming software via pull vs push
Gareth Rushgrove

View Slide

Gareth Rushgrove
A typical web app is pushed
Deployment Running
application
Users

View Slide

Gareth Rushgrove
New versions replace old
Deployment
New version
Users

View Slide

But deployment of on-premise software is
disconnected from it’s consumption by users
Gareth Rushgrove

View Slide

Gareth Rushgrove
Deployment is disconnected
Deployment
Package available
to download

View Slide

Gareth Rushgrove
Deployment is disconnected
Deployment
New package
available
Old packages
still available

View Slide

Gareth Rushgrove
Gareth Rushgrove
Consumers choose when to pull
Download
package
Users
Local copy
per user

View Slide

Problem
Users can choose not to update
Gareth Rushgrove

View Slide

Problem
Other people may choose to package your
software if it’s open source
Gareth Rushgrove

View Slide

2. The environment permutation explosion
Gareth Rushgrove

View Slide

How many platforms does your web
applications need to run on?
Gareth Rushgrove

View Slide

Gareth Rushgrove
15 supported platforms

View Slide

i386 and x86_64. IBM z Systems and Power.
Solaris. RHEL 4 (released 2005). 3 versions
of macOS, 4 versions of AIX, 11 versions of
Windows across server and desktop.
Gareth Rushgrove
80 more platforms!

View Slide

We run about 500 pipelines a day. That’s
about 35,000 individual jobs a week. For a
development team of less than 100 people
Gareth Rushgrove

View Slide

Problem
Your users control the environment not you.
Limiting the environments you support costs
you users
Gareth Rushgrove

View Slide

3. Say semantic versioning one more time
Gareth Rushgrove

View Slide

What version of GitHub did I just use?
Gareth Rushgrove

View Slide

Gareth Rushgrove
What version of GitHub Enterprise did I just use?

View Slide

Gareth Rushgrove
So Windows 8 is really Windows 6.2?

View Slide

Versions numbers are marketing too
Gareth Rushgrove

View Slide

Docker 17.03, Ubuntu 16.04, PE 2017.1,
Ofﬁce 2016, Ofﬁce 365, OpenStack Mitaka,
Newton, Ocata, etc.
Gareth Rushgrove

View Slide

CalVer

View Slide

Gareth Rushgrove
Constantly incrementing values

View Slide

Recommended reading

View Slide

Problem
Versioning packaged software is
a wicked problem
Gareth Rushgrove
A wicked problem is a problem that is difﬁcult or impossible to solve because of
incomplete, contradictory, and changing requirements that are often difﬁcult to recognise.

View Slide

4. How many versions of your software can
you support at once?
Gareth Rushgrove

View Slide

The ideal of continuous delivery is one
Gareth Rushgrove

View Slide

How long do you support that one version?
Until you ship the next one (maybe later the
same day?)
Gareth Rushgrove

View Slide

RHEL support life-cycle
Gareth Rushgrove

View Slide

RHEL Support dates
Gareth Rushgrove

View Slide

RHEL 4 end of life is this month. It’s been
supported for 12 years
Gareth Rushgrove

View Slide

Gareth Rushgrove
12 years

View Slide

Docker support scheme

View Slide

Release quarterly, each release supported
for a year means 4 supported major versions
Gareth Rushgrove

View Slide

Gareth Rushgrove
“
Docker not supporting a version for longer
than a year is a no-go. This is not
enterprise ready.
Hacker News comment

View Slide

Gareth Rushgrove
“In large enterprise it will take 6 months to
get a version certiﬁed to work with tooling
so need 3 year at the minimum to put any
effort on it.
Hacker News comment

View Slide

Gareth Rushgrove
“Docker initial release was just 4 years ago,
your asking for a support timeframe that's
around the same length as the age of the
project itself.
Hacker News comment

View Slide

Problem
User expectations vary wildly across
organisations, sectors and types of software
Gareth Rushgrove

View Slide

5. Licenses matter
Gareth Rushgrove

View Slide

Who has every had to do a license audit?
Gareth Rushgrove

View Slide

Puppet Enterprise licenses

View Slide

Puppet Server (just one component of Puppet
Enterprise) has 170 different open source
components, each with individual license terms
Gareth Rushgrove

View Slide

In total we ship third-party software with 19
different licenses, from MIT, Apache2 and
BSD to EDL 1.0, EPL 1.0, Artistic 1.0 and 2.0,
Ruby, Boost Software License and more
Gareth Rushgrove

View Slide

Problem
Does this commit break the law? Is this
release legal? Who has legal checks in
their continuous delivery pipeline?
Gareth Rushgrove

View Slide

Adopting continuous delivery patterns
Evolving stable
software

View Slide

1. Feature ﬂags and conducting experiments
Gareth Rushgrove

View Slide

Allow users to opt-in to some functionality
Gareth Rushgrove

View Slide

Docker experimental ﬂag

View Slide

Puppet future parser

View Slide

Dark launch features and test
in the background
Gareth Rushgrove

View Slide

Terraform experiments
Gareth Rushgrove

View Slide

2. Releasing every commit
Gareth Rushgrove

View Slide

Puppet nightly builds

View Slide

Gareth Rushgrove
Puppet docs
“Our automated systems create new
“nightly” repositories for builds that pass
our acceptance testing on the most
popular platforms.

View Slide

gsutil cat gs://kubernetes-release-dev/ci/latest-green.txt

View Slide

The difference between being able to ship
every day vs actually shipping every day
Gareth Rushgrove

View Slide

3. The importance of product analytics
Gareth Rushgrove

View Slide

Part of Continuous Delivery is Continuous
Improvement. And without data about usage
how do you know what to improve?
Gareth Rushgrove

View Slide

Do you expect a web application adopting
continuous delivery to use things like:
- Google Analytics
- Kissmetrics
- New Relic
- AppDynamics
- Dynatrace
Gareth Rushgrove

View Slide

Do you expect an open source CLI based
tool to do the same?
Gareth Rushgrove

View Slide

HashiCorp Checkpoint

View Slide

Gareth Rushgrove
“Consul makes use of a HashiCorp service
called Checkpoint which is used to check
for updates and critical security bulletins.
Only anonymous information, which cannot
be used to identify the user or host, is sent
to Checkpoint
Consul FAQ

View Slide

Gareth Rushgrove
Docker for Mac statistics

View Slide

Puppet Enterprise data

View Slide

Gareth Rushgrove
“Data like this helps us understand how you
use the product, which in turn helps us
improve the product to meet your needs
How does sharing this data beneﬁt PE users?

View Slide

Problem
Not every one is connected to the internet
Gareth Rushgrove

View Slide

Oﬄine data gathering

View Slide

Questions around packaged software,
product analytics, network usage, ﬁrewalls
and user consent can be tricky
Gareth Rushgrove

View Slide

If all you remember is
Conclusions

View Slide

Enterprise user expectations clash with
some of the expected implementations of
the practices of continuous delivery
Gareth Rushgrove

View Slide

But the practices of continuous delivery
are still relevant to enterprise software
Gareth Rushgrove

View Slide

Continuous Delivery is about speed
Gareth Rushgrove

View Slide

But speed is a relative measure that
depends on a frame of reference
Gareth Rushgrove
My Physics degree coming in handy

View Slide

Always remember to put your users
and your context ahead of any
absolute measures
Gareth Rushgrove
Especially those you read on the internet

View Slide

Questions?
And thanks for listening

View Slide

In Praise of Slow Continuous Delivery

In Praise of Slow Continuous Delivery

Gareth Rushgrove

More Decks by Gareth Rushgrove

Other Decks in Technology

Featured

Transcript