DevOps ..contd

DevOps is soon getting synonymous with management of IT automation. DevOps is more of an organization’s culture than the actual process. It is a stronger collaboration between developers and operations engineers. Developers are expected to turnaround new developments faster and operations engineers are expected to maintain up-time by following a set of defined processes. While change is the daily routine of Developers, for the operations engineer it is an absolute alien (more of 'follow the process').

DevOps predominantly is an extension of Agile methodology. In layman’s term, it would mean putting a system administrator in the agile development process. On the ground, it involves a lot of coordination between teams where tools play a very important role in streamlining communication, documentation and tracking. These tools are used for app/infra automation like automating the testing process, deployment and release process, change process, etc., as described below:

Change Management

Objective: To enable beneficial changes to be made, with minimum disruption to IT services.

Release & Deploy Management

Objective: To plan, schedule and control the movement of releases to test and live environments.

Incident Management

Objective: The primary objective of Incident Management is to return the IT service to users as quickly as possible.

Knowledge Management

Objective: The primary purpose of Knowledge Management is to improve efficiency by reducing the need to rediscover knowledge.

Commonly used tools:

Automation: Puppet, Chef, CFEngine, Ansible, Salt Stack, Docker

Functional Testing: Cucumber, QTP, Rational, Selenium, Visual Studio Test Professional

Configuration Testing: ScriptRock

Continuous Integration: Jenkins, Travis CI, Ant, Circle CI

Continuous delivery: IBM Tivoli

Content Management System: SharePoint, Wiki, Joomla.

Monitoring and graphical analysis: Nagios, NewRelic, Ganglia, iperf, AWS

While ITIL develops process culture in an organization and brings process maturity, agile helps in accelerating the processes ensuring faster time to market. With the right process combination and marriage of ITIL with agile, an organization can reap the benefits of speed and improved customer satisfaction; which the industry today has termed as " DevOps". 

DevOps Lifecycle

How true it is that a picture speaks a thousand words. The below picture explains the DevOps life cycle in a brilliant manner:

For more information on 'DevOps'. Please stay connected....

Defining Priorities

 ITIL says that Priority should be a product of the Impact/Urgency matrix. ISO/IEC20000 agrees with that in 8.1 Incident and service request management.

It is customary that Priority of issues has four to five levels. It is most commonly marked with the numbers 1-4 or 1-5, where "1" is the highest and "4/5" is the lowest priority. 

PRIORITY = IMPACT X URGENCY .  

Below is how the ITIL priority matrix looks like:

·         Impact - Is defined by the criticality of downtime is for the business. Usually measured by the number of users affected. For e.g.: If one or more application/ services are down.

·         Urgency - it is usually defined in SLA for the specific IT service. If more than one service is impacted, parameters for the higher urgency service will be taken into account.

Managing SLA’s using COBIT

Objectives:

Objective 1: SLA framework: Management should define a framework to promote the definition of formal SLAs. Define the minimal contents such as availability, reliability, performance, capacity for growth and levels of support provided to users. Users and IT function should have a written agreement that describes service level in qualitative and quantitative terms and responsibilities of both parties.

Objective 2: Aspects of SLAs: Explicit agreement should be reached on the aspects that an SLA should cover (e.g., availability, reliability and performance).

Objective 3: Performance procedures: Management should implement procedures to ensure that the manner and responsibilities for performance governing relations between all the involved parties are established, coordinated, maintained and communicated to all departments.

Objective 4: Monitoring and reporting: A service level manager should be appointed for monitoring and reporting on the achievement of the specified service performance criteria and all problems encountered during processing.

Objective 5: Review of SLAs and contracts: A regular review process for SLAs and underpinning contracts with third-party service providers should be in place.

Objective 6: Chargeable items: Management should include provisions for chargeable items in the SLAs

(Rewards and Penalties)

Objective 7: Service improvement program: A process to ensure that users and service level managers regularly agree on a service improvement program for pursuing cost-justified improvements.

Maturity levels:

Maturity Level	State	Indicators
0	Nonexistent	Management has not recognized the need for a process for defining service levels.
1	Initial/ad hoc	There is an awareness of the need to manage service levels, but the process is informal.
2	Repeatable and intuitive	There are agreed-upon service level agreements, but they are informal and not revised. Service level reporting is incomplete.
3	Defined process	The service level agreement process is in place with checkpoints for reassessing service levels and customer satisfaction.
4	Managed and measurable	Performance measures are increasingly reflecting end-user needs, rather than only IT goals.
5	Optimised	Service levels are continuously reevaluated to ensure alignment of IT and business objectives.

ITIL 2011 diagram

ITIL metrics (KPI's for Configuration Management):

Following are ITIL V3 key performance indicators for configuration management:

• Percentage improvement in maintenance scheduling over the life of an asset
• Degree of alignment between provided maintenance and business support
• Assets identified as the cause of service failures
• Improved speed for incident management to identify faulty CIs and restore service
• Impact of incidents and errors affecting particular CI types
• Percentage reuse and redistribution of under-utilized resources and assets
• Ratio of used licences against paid for licences (should be close to 100%)
• Achieved accuracy in budgets and charges for the assets utilized by each customer or business unit
• Percentage reduction in business impact of outages and incidents caused by Configuration Management
• Average cost per user for licences 
• Improved audit compliance

ITIL metrics (KPI's for Problem Management) :

Following are ITIL V3 key performance indicators for problem management:

• Total number of problems recorded in the period
• Percentage of problems resolved within SLA targets; percentage not resolved within SLA targets
• Number and percentage of problems that exceed target resolution times
• Backlog of existing problems and the trend
• Number of major problems, including opened, closed, backlog
• Percentage of Major problem Reviews successfully performed
• Number of Known Errors added to the KEDB
• Percentage accuracy of the KEDB (from audits of the database)
• Percentage of Major problem Reviews completed successfully and on time
• Average cost of handling a problem

ITIL metrics (KPI's for Change Management) :

Following are ITIL V3 key performance indicators for change management:

• Number of changes implemented to services that met customer requirements (for e.g. quality/cost/time  as a percentage of all changes)
• Reduction in the number of disruptions to services, defects, and rework caused by inaccurate specification, and poor or incomplete impact assessment
• Reduction in the number of unauthorized changes
• Reduction in the backlog of change requests
• Reduction in the number and percentage of unplanned changes and emergency fixes
• Change success rate (percentage of changes successful; i.e. number of RFCs approved)
• Reduction in the number of changes in which remediation is required
• Reduction in the number of failed changes
• Average time to implement based on urgency/priority/change type
• Incidents attributable to changes
• Benefits of change expressed as the value of improvements made or value of negative impacts prevented or terminated as compared with the costs of the change process

ITIL metrics (KPI's for Incident Management)

Following are ITIL V3 key performance indicators for incident management:

• Total number of incidents ( Measurement for control)
• Breakdown of incidents at each stage (for example, logged, work in progress, and closed)
• Current incident backlog
• Number and percentage of major incidents
• Average time to achieve incident resolution
• Percentage of incidents handled within target response time; incident response-time targets may be specified in SLA's, for example, by impact and urgency codes
• Average cost per incident ( To be measured against the cost investment such as tool, infra, people etc. against the invoices generated for the group for a given period of time. 
• Number of incidents reopened and as a percentage of the total
• Number and percentage of incidents escalated/ routed (wrong assignment) 
• Number and percentage of incidents incorrectly categorized
• Breakdown of incidents by time of day (for effective workforce planning and scheduling)

ITIL Road Map

ITIL road map

ITIL myths busted

Let us use this post and try to defy the logic of "seeing is believing", to a certain extent, if not completely. What we see around us in our day to day life may build few perceptions and most of the times they are not "facts".  The below post tries to bust the top myths about ITIL and why they do not qualify to be called "facts".

# 1: ITIL is for the "Tech Savvy"

If ITIL is implemented with an inclination towards only IT, then there are fairly high chances that the return on investment in terms of time and money is not worthwhile. When business objectives (pre-implementation of ITIL) are defined, both IT as well as business aspects should be thoroughly chalked out.

So, though the operational people are the ones who would eventually implement/ practice ITIL , yet the management buy-in plays a vital role in the success and eventual ROI. The strategy phase in ITIL V3 which discusses in detail about the various processes are generally governed by the executive (non-technical) staff of an organization. Also, the CSI phase that cuts across all the other 4 phases in Version 3 revolves around continuous improvement and is more inclined towards improvements than technology.

 # 2: By following ITIL processes, I will automatically get the results I want.

ITIL will give you the guidelnes of best or good practices that are supposed to be followed to derive maximum returns out of your investments in terms of process maturity, customer satisfaction, cost savings, revenue generation etc. The important aspect to remember here is that the desired outcome should dictate the process and not the other way around. Moreover, the process must achieve the desired results in an efficient manner; else you may want to have a relook at redesigning the process or changing it to achieve the desired results.

# 3: ITIL training will reap benefits for my organization

By now, you would have read on the internet that there are plethora of companies who have trained their employees on ITIL but have not realized its benefits to the optimum. The reasons behind this, as one would see is,

·                     No concrete business objective or direction

·                     Lack of management involvement

·                     Lack of measurement and metrics

There is no ready to use recipe to realize maximum benefit out of ITIL implementation. The ways to realize the benefits (stated in myth # 1 above) to the optimum would vary from organization to organization. Apart from ITIL education, few others aspects that should be built in to obtain the desired result are management buy in, clear objectives/ goals, developing the process culture (preparation for change), integrating processes, reviews, audits etc

So seeing may not always be believing but doing certainly is.

ITIL V3 2011 Edition compared with 2007 edition

For those who may not be aware, ITIL had undergone a review and the “ITIL V3 2011 edition” was released on 29 July 2011. The good news is that all the current certified ITIL V3 folks will not have to upgrade their certifications to the 2011 edition as this is just an update and not an upgrade (not a new version). Another reason for celebration is that the fundamental principles and concepts of lifecycle approach of V3 would still hold good.

Few major changes in the phases that have been incorporated under the 2011 edition as opposed to the 2007 edition of ITIL V3 are:

·         Service Strategy

o   It contains the newly defined process of strategy management for IT services. Business strategy and IT strategy are two different topics wherein business strategy defines IT strategy, and IT strategy supports business strategy (a more detailed explanation around Business Service Management)

o   Business relationship management and demand management are now covered as processes in Service Strategy. There are templates that describes each of the processes making their purposes easy to comprehend.

o   The entire world is taking about Cloud and how can our ITIL not be affected by it. There are explanations on how cloud impacts ITSM and few cloud concepts, types and components are also covered in it.

·         Service Design           

o   The ‘design coordination’ process has been added to clarify the flow of activity in the service design lifecycle stage.

o   More clarity on transition of a service from pipeline to catalogue to retired has been discussed.

·         Service Transition

o   An improved, structured, better interrelationships of the configuration management system (CMS) and service knowledge management system (SKMS) have been introduced to help understand the concepts better.

o   The evaluation process has been renamed ‘change evaluation’ with more clarity on the purpose of how to use this process.

·         Service Operation

o   Clarification on how basic events flow into filters and rule engines to produce meaningful information has been covered.

o   A new process flow has been introduced suggesting a set of activities and steps to be followed for the request fulfillment process, including the decision points for escalating requests to service transition as change proposals or incident management as incidents.

o   Clarification and difference between Application management and Application development has been highlighted along with the key activities of application management in each of the stages.

·         Continual service improvement

o   The concept of a continual service improvement register has been introduced to record improvement opportunities, categorize them, and identify effort required and potential benefits. The intention to gather this information is to determine and prioritize improvement initiatives.

o   CSI model has been renamed to CSI approach as it tasks about an approach to improvement of an IT service.

Few generic changes across the phases:

Quite interestingly, the 2011 contains lists of various inputs and outputs of the phases along with examples across the service life-cycle. This definitely makes all the life-cycle phases more cohesive and helps a user understand how the different life-cycle stages are interrelated.

Please take cognizance that there are quite a lot of minor changes in the 2011 edition but I have tried to list down all the major changes that in a way affects the way the ITIL V3 version has been used thus far.

Business Service Management in IT

Business Service Management (BSM) is a methodology which helps organizations align their IT with business goals. Gone are the days when the IT organizations used to operate with only the IT perspective. Organizations today implement BSM solutions to understand the business perspective in context to the IT environment. Hence, BSM provides transparency to an organization about the ROI and ROV of their investments in infrastructure and technologies.

The below example will give all of us a better picture of the importance of BSM and the underlying predominant difference with the traditional approach (IT focus):

An organization uses a system to monitor the health of the IT components in the infrastructure. This system provides information to the users about the metrics and trends of the components. However, if two components fail at the same time, this system would not provide the intelligent information about the impact that each component can have on the business. This system would also not provide the information about the criticality of the services that are affected due to the failure of the above components, hence re-active. With the use of BSM tools, a user would be able to identify the service impacted and its criticality to the business with the failure of any components, even before the end customer may experience it, hence proactive identification and pre-emptive resolution (alignment of IT with business).

In a nutshell, BSM is the collaboration of IT systems management with business management to meet an organization's goals.

Some of the benefits that can be derived with the adoption of BSM methodology are as below:

·    Effective alignment of IT goals with business goals

·    Prioritization of IT services on the basis of business goals and needs

·    Achieve service excellence and organization maturity with the implementation of industry’s best  practices

·    Increased transparency in the return on IT investments

·    Improved relationship with customers due to improved service levels

Best sources of ITIL

More often than not, the web misleads you more than it guides. Same is the case with the ITIL subject. If you try to search for a topic under ITIL, the web will give you enough food for thought to get confused than convinced. Every one of us would have been a victim of it, sometime or the other. What we will try to do in this post is discover the top 5 web sources of ITIL, their contents and takeaways from these websites.

#1 - The official ITIL site (http://www.itil-officialsite.com/) takes the first position, hands down. It contains all information related to the history, qualification scheme, certifying bodies and major developments that is speculated in the ITIL space.

#2 - So, after browsing through the first link, you have got enough information about this subject, the qualification schemes etc. etc. What next! Try browsing through the ITIL process map on wiki (http://wiki.en.it-processmaps.com/index.php/Main_Page). This site works as a wonderful flash card to revise/ refer the ITIL topics at a high level. Some good contents of it being, the ITIL V2 and V3 details, process maps et al.  All in all, an informative site to bookmark under your favorites tab for quick reference.

#3 - If you are looking for a very informative and detailed process level information (phase wise break up) on ITIL, then i would strongly recommend you peek a boo at http://www.itil.org/en/vomkennen/itil/index.php. This site contains some good detailed break up of processes under each phase of ITIL V3, few good diagrams to help you understand the concepts better. It also gives you an insight into ISO 20K, COBIT and how to implement the ITIL processes. 

#4 - Another good site to seek information and updates on ITIL subject is http://www.itilnews.com/. This site gives good information on overall service management

(Includes ISO 20K as well). How about downloading few whitepapers and following the best practices, this site will give you enough take away, not to forget few free downloads as well (which all of us are ardent fans of).

#5 - Now, you would want to go that extra mile after attaining some knowledge on ITIL and doing few basic certifications. A good site to keep yourself updated about the recent developments, events, news, forums is http://www.itsmfi.org/ . More than a good source of knowledge, it gives you a platform for effective networking when it comes to service management. 

By now, you would have realized that there is no one stop shop to get all the information about ITIL, but yes, this post will give you some insight of “where to find what”.