DevOps World 2023 Recap And The Best Highlights
What should you know about DevOps World 2023 held in Silicon Valley? If you missed it, don’t worry, our team attended and reported back the best highlights from this year’s event. Check them out below.
Focused On Code: 100%
CloudBees CEO, Anuj Kapur, told attendees the current state of software development in enterprise IT looked like developers spending only 30% of their time writing code. A shocking stat to say the least. We’re now in the 14th year of the term ‘DevOps’. It’s beyond its infancy. And, as the conference focused on developer productivity, it’s also no surprise Kapur reminded attendees we should be focused on driving that statistic towards 100% as much as possible.
DevOps World 2023 Highlights Generative AI
Kapur also mentioned that generative AI is driving the need for more developers due to the growing backlog of features. In his look ahead, he noted we should be on the lookout for autonomous vehicle updates from companies like Uber and United as their software investments will be paying off shortly.
DevOps World 2023 Highlights: The Minotaur Project
One of the main keynotes to grace the stage at DevOps World 2023 in Silicon Valley was co-author of Investments Unlimited, Andres Vega. His presentation was titled ‘The Minotaur Project.
Vega highlighted his learnings while creating the book with DevOps heavyweights including Helen Beal, Bill Bensing, Jason Cox, Michael Edenzon, Topo Pal, Caleb Queern, John Rzezotarski, and John Willis. And, unsurprisingly, it related directly to the minotaur. Essentially, in Greek mythology, the Minotaur was a creature with the head of a bull and the body of a human. Essentially, it was a monstrous and powerful being living in a labyrinth on the island of Crete. The Minotaur was born as a result of a curse and a series of events involving King Minos of Crete. Andres sees security and compliance as the Minotaur of our present-day digital world.
And, because of the growing complexity of applications and sprawl, compliance hasn’t gotten any easier. Additionally, Vega mentioned it’s become even more complex with a slew of new regulations. For example, a recent executive order from the President as a result of the Colonial Pipeline hack.
Vega’s ideas around compliance in software and IT revolve around the notion it shouldn’t be an afterthought. Instead, security and compliance should be part of the system and application requirements that start early in the development process. His examples and history around the subject were on full display. Notably including several memes around how compliance activities are conducted and what tools are used.
Aligning compliance with the organization
To align compliance to the rest of the organization, Vega referenced:
- Removing friction in the service delivery process by moving through approvals faster and safer.
- Taking care of undifferentiated heavy lifting.
- Using simple patterns by finding self service GRC to make hard things easier.
Vega continued to mention there should be a community with heuristics and templates that can be used by those in the organization for:
- A unique set of processes.
- Tools and requirements.
This includes reference implementation, and a creation of pre-audited components to reduce the amount of time it takes to verify compliance. He offered several open source building blocks to start that would address many deficiencies related to security and compliance he’s seen in organizations. Check those out in this picture.
Jenkins Gets Massive Update
Shawn Ahmed, CloudBees Chief Product Officer came on stage to make several announcements. And, he did so with a pair of Ray-Ban Meta glasses worth over $500. He started by capturing the audiences attention – whoever answered it won the glasses. A pretty good way to get attention at a conference if you ask me.
Ahmed’s presentation centered around two main product updates with attendees.
The Jenkins Update
Firstly, Jenkins is getting a huge update this year:
- Jenkins is a core part of critical infrastructure today.
- In conservative estimates, there are 15 million developers using Jenkins, out of roughly 25 million developers in the world.
- Given a few other known indicators as well, Ahmed estimates that 60% of all software goes through a Jenkins pipeline. Not to mention that jobs defined on Jenkins have risen 45% since June 2021 to over 73 million jobs per month.
Ahmed also noted since 2020, there has been an increase in usage of Jenkins of 187% for sites that report data. This doesn’t include Jenkins instances behind the firewall that aren’t reporting. Needless to say, Jenkins is a work horse in the software delivery industry.
Additionally, with over 2,600 repositories in GitHub for JenkinsCI, over 1M lines of code, 130k pull requests, and over 20,000 issues, Jenkins has a lot going on. This includes over 600 active contributors.
But, Ahmed pointed out the main challenges the Jenkins community sees too. For example, the support for large organizations and how disruptions can cause lots of chaos. Not to mention Jenkins didn’t have a fault tolerance, high availability option.
However, his announcement, which was actually released in September 2023, is that Jenkins now has active-active, high availability configurability on Jenkins controllers. And,as Ahmed explained, this is a Quantum Leap for Jenkins. Particularly given it’s one of the last core open source tools to have HA capabilities. You can enable HA mode in the Jenkins interface or via configuration as code.
Jenkins Workspace Caching
The new Jenkins update also includes Workspace Caching. Essentially, this will speed up a significant portion of the build time due to:
- The lack of having to download updates or new files.
- Including a Pipeline Explorer.
In the demo that Runxia Ye, Head of CI Product Management at CloudBees, showed at the conference, it saved roughly ⅔ of the time in the build time. Additionally, the new Pipeline Explorer will speed up the ability to troubleshoot builds too.
Pipeline Explorer has breadcrumbs and stages on the left of the navigation, much like a Windows Explorer interface. This visualization helps organize activities, and where branches are being run in parallel. Plus, the tool also has user preferences. That means users can save the way it helps them troubleshoot most quickly and efficiently. You can learn more about it in this video. Ye also added these features are also available to current CloudBees CI customers at no additional cost.
The real-life Jenkins made an appearance as well.
Upcoming CloudBees Cloud-native Platform
The ideal DevSecOps experience has zero wait time for feedback loops, and 5-10x more code deployments which lowers overall costs. So, Cloudbees wants to focus on streamlining the developer experience so they can write more code efficiently and securely too. At this point Ahmed returned to unveil CloudBees newest product: a brand new platform.
This new Cloudbees platform was built off the ReleaseIQ acquisition back in 2022. This new platform is built on Tekton and boasts:
- Feature flagging.
- Value stream management.
- CI/CD pipeline orchestration.
- GitHub Actions-like DSL workflow automation.
The aim of the platform is to have a unique developer experience, which connects directly via plugins to the developer’s own IDE.
And it gets better. It’s due to be available November 1.
The new CloudBees platform emphasizes the following imperatives:
- A developer-centric experience, by making the DevOps processes nearly invisible.
- Extensibility, leveraging DevOps tools starting with the Jenkins CI/CD system. Teams also can plug preferred technologies into the platform.
- A self-service model, with autonomy for development teams.
- Out-of-the-box workflow templates with built-in security. Sensitive information such as passwords and tokens are abstracted out of the pipeline.
- Best-of-breed security and compliance checks across source code, binaries, cloud environments, data, and identity based on Open Policy Agent.
The platform will contain three offerings:
- Multi-tenant SaaS platform.
- Single tenant Cloudbees hosted.
- Customer hosted options.
Ahmed discussed how a single customer may have multiple types of solutions at play. For example a SaaS and a privately-hosted option that work together. CloudBees is hopeful the platform is invisible to the development experience allowing a developer to get to the easiest golden path. Additionally a hybrid approach allows organizations to have better control of their core products but experiment quickly.
Another key portion of the platform I found beneficial was CloudBees integration with security scanning of the code in the platform. This ties directly to their Compliance product. The dashboard for delivery includes many DORA metrics.
As expected, the DevOps World in Silicon Valley 2023 did not disappoint. From the latest Cloudbees announcement of a new cloud-native platform to a massive Jenkins update and everything in between. There’s a lot to be excited about with the latest Cloudbees updates and the releases on the horizon.
As trusted Cloudbees partners, SPK is here to support you – no matter where you are in your Cloudbees journey. Whether you’re an expert who needs a bit of extra support to optimize your DevOps processes, or you’re considering migrating to Cloudbees.If you’d like to learn more about any of the latest updates announced by Cloudbees at DevOps 2023 in Silicon Valley, contact our team here.