DevOps’ 2018 Surprises and 2019 Predictions

DevOps is becoming mainstream and in the upcoming year, DevSecOps will follow.

This post originally appeared on DZone.

Given how fast technology is changing, we thought it would be interesting to ask IT executives to share their thoughts on the biggest surprises in 2018 and their predictions for 2019. Here’s what they told us regarding DevOps:

Michael Schweighofer, Product Manager for Webtestit, Ranorex (a division of Idera, Inc.)

Although the demand for test automation is growing, there continues to be a lack of test automation engineers. People entering the software development field tend to choose a role as a developer or a manual tester, with insufficient numbers choosing the in-between role of test automation. To solve this problem, the test automation market either needs tools that are easier for non-technical testers, or there should be more emphasis on the test engineer role as a career in colleges and schools. Mobile testing also continues to be very challenging. This due in part to the major differences between Android and iOS, as well as the significant fragmentation of the market, with so many devices and older versions of the O/S in the install base. Existing tools have not been able to solve this to the point that mobile testing is easier: it’s still a thing for experts.

Performing a successful automation project requires skilled technical people, but they will continue to be relatively hard to find. This will create challenges for users of open-source test automation to get a good return on the investment of time and effort – especially in the web and mobile space. Tool providers will work to close this gap. A new generation of tools will seek to leverage the power of existing solutions but in a way that the resulting code stays maintainable. In addition, AI and machine learning will start to provide more and more real benefit for testers to solve their challenges in test automation.

Oded Moshe, VP of Products and IT, SysAid

One of the things that positively surprised me in 2018 is how fast the business side of organizations aligned with the benefits of DevOps, and started speaking the DevOps language. Unlike many other developments and IT buzzwords, which never really made it past the IT guys, DevOps methodology seems to have truly gone viral in 2018 – outside of the code development and operational teams.

For 2019, I predict that there will be a “stampede” of even more organizations adopting DevOps due to the increase of cyber attacks and privacy awareness issues (which we already see too much of). It will be the only way for them to keep up with mitigating all the threats and complying with regulations”.

DevOps engineers will divide into two sides: a dark side and a light side. The dark side will operate solely using the force of YAML and configuration-as-code, and the light side will embrace the power of user experience with the return of the UI. Automation wars will ensue where the light side will build automation and deployment pipelines in minutes, with the dark side one typo away from failure, and DevOps tool vendors will be forced to support both sides to restore balance.

Brajesh Goyal, Vice President, Engineering, Cavirin Systems

In 2018 we’re seeing the exponential growth of containers, but it’s taking longer than expected. Many thought it would follow the growth curve of virtualization (i.e., 2005-2009) but this has not happened. It requires more maturity of container technology and easier of deployment and management.

In 2019 we’ll see the deployment of service meshes such as Istio in combination with Kubernetes, now a de-facto standard, for orchestration. But the expected growth may not be realized until 2020.

Mark Curphey, VP of Strategy, Veracode

Analysis of Veracode scan data this year has revealed the most active DevSecOps programs fix flaws more than 11.5 times faster than the typical organization, due to ongoing security checks during continuous delivery of software builds from increased scanning. While we have always known that properly implemented DevSecOps programs are beneficial to organizations, it has been difficult to provide concrete evidence of this method until now. Our data yielded the surprising but welcome finding that DevSecOps is producing immensely positive results in remediating flaws much more quickly and providing a competitive advantage by reducing risk in software.

Tim Curless, DevOps Solutions Principal (Cloud), AHEAD

I think a surprise in DevOps in 2018 would be the increase in willingness for Dev and Ops’ teams to work together, more than we’ve seen before. I also believe that as the cloud continues to be such a prevalent model for operating, it will continue to push the DevOps issue.

In 2019, the emergence of “DevOps Dojos” and “Cloud Centers of Excellence” will continue to be prominent. Leadership will become more willing to pull people out of their day jobs and have them focus on the culture of the cloud service delivery model—instead of constant fire drills.

Martez Reed, Cloud/DevOps Services Engineer, AHEAD

The biggest surprise in 2018 was the adoption of Kubernetes as a de facto orchestration tool. This was evidenced by the major cloud providers like Microsoft Azure and Amazon Web Services releasing offerings like Azure Kubernetes Service (AKS) and Amazon EKS, respectively. 

I anticipate a huge focus in 2019 will be this notion of “chaos engineering,” which was popularized by Netflix a few years back. Chaos engineering is extremely effective in killing off instances, along with certain components of an architecture to validate the reliability and the availability, so I think this will be a popular trend in 2019.

Glenn Sullivan, Co-founder, SnapRoute

The biggest surprise is the lack of urgency to use DevOps in tandem within parts of network infrastructure, especially since it would truly benefit from it.

When it comes to DevOps, the security compliance of it all will be a key problem that will require solving within the networking community. In 2019, a microservices-based approach to DevOps will help rectify this. Compliance isn’t just limiting the access that is necessary and making sure policy is followed – it’s making sure local authentication credentials are rotated on a set schedule, keeping the operating system patched, and validating that improper access is not available at a service or application level.