Getting Started with DevOps
Supply chain management for software.
DevOps is supply chain management for software—with a culture of experimentation, learning, and iteration. Just like traditional supply chains transform raw materials into products, a software pipeline transforms commits into deployments.
Where to start depends on your team, your product, and your organization's objectives. But there are fundamentals that work everywhere.
The Four Metrics That Matter
It's easy to get distracted by shiny tools. I've done it. Before you adopt the latest thing, measure where you are today. These are the same metrics used by Google and the DevOps Research and Assessment team:
Throughput
Lead Time for Change
From commit to production
Deployment Frequency
How often do you ship?
Stability
Mean Time to Restore
From incident to resolution
Change Failure Rate
What % of changes cause problems?
These metrics act as a ballast. They keep you focused on improvements that bring value and help you avoid adopting tools for the sake of it.
Version Control: The Foundation
If you're not using version control, start there. Git is the standard. Everything in DevOps builds on top of it.
Version control gives you:
- Tool integrations across the ecosystem
- Traceability of what changed and when
- Easy reverts and conflict resolution
Once you have version control, pick a workflow. The short version is: pick one that fits your team size and deployment cadence, try it, and pivot or persevere.
Choosing CI/CD
There are endless Continuous Integration and Continuous Deployment options: CircleCI, GitHub Actions, Jenkins, GitLab CI, Azure Pipelines, and more.
Questions to ask:
- • What platforms are we already using?
- • Do we have special requirements (macOS builds, mobile, IoT)?
- • How many teams will use this? Should we limit configuration options?
Pick one, try it, see what blockers you hit. The goal isn't finding the perfect tool—it's learning what works for your team.
Cloud and Hosting
You've heard of Amazon Web Services, Microsoft Azure, and Google Cloud. There are also focused options: Heroku, Netlify, Vercel, Railway, Fly.io.
Virtualizing Environments
The goal: make local development, staging, and production as similar as possible. Docker and Docker Compose are the standard starting point.
| Questions to Ask |
|---|
| Where do we ship our software? |
| What runs locally vs. staging vs. production? |
| What's the maintenance overhead of virtualization? |
| What bugs are caused by environment differences? |
Monitoring
DevOps continues after deployment. You need visibility into what's happening in production. Sentry, New Relic, and Datadog are common choices. The right tool depends on your infrastructure complexity.
At minimum, catch unhandled exceptions and error logs. Beyond that, add monitoring where you see problems.
Security
DevSecOps is merging security into the development pipeline. You need to protect both your product and the pipeline that builds it. Start with a risk assessment:
Prioritize risks by business impact, tackle the highest ones first, then reassess quarterly as your system evolves.
Culture Matters
Tools are the easy part. Culture is harder. Research consistently shows that generative, performance-oriented cultures outperform bureaucratic and power-oriented ones.
| Low-Performing Teams | High-Performing Teams |
|---|---|
| Low cooperation | High cooperation |
| Messengers punished | Messengers trained |
| Responsibilities shirked | Risks shared |
| Failure leads to scapegoating | Failure leads to inquiry |
| Novelty crushed | Novelty implemented |
DevOps is about measuring, learning, and iterating—on your pipeline, your processes, and your culture. The goal isn't perfection; it's permanent improvement.
Keep on measuring so you always have a new problem to wake up and solve.
Building your DevOps practice?
I've helped teams at every stage of DevOps maturity. Let's talk about where you are and where you want to go.