DevOne is a one day conference targeting DevOps and general software development topics with around 500 attendees (probably half of them Dynatrace employees). Unlike last year the conference venue was Tabakfabrik Linz, a heritage-protected location in Linz that now serves as an incubator for the local tech and startup scene.
The conference schedule offered two parallel tracks on the main stages and a separate breakout session track. The speaker lineup was a great selection of mainly external (i.e. non-Dynatrace) international speakers from companies like Microsoft, Amazon, Google, Red Hat and many more. Here's a short overview of the sessions I personally attended.
Opening Keynote (Donovan Brown)
Donovan Brown's (@donovanbrown) keynote, titled "Our DevOps journey – Microsoft’s internal transformation story", gave some very interesting insights into the development and planning practices of the TFS (Team Foundation Server) / Visual Studio Online team. How they managed their transformation from a 3-year-release-cycle waterfall to a 3-week-release agile product is quite a success story.
Interesting takeaways for me were:
- They are using feature flags instead of branches for the introduction of new features. Something I can relate to very well. While I sometimes I still wonder if there could be better ways than a bunch of basically
ifstatements to prepare new features, this is more or less industry standard. Definitely a better choice than keeping a feature isolated in a branch for weeks or months, where it never gets the same attention in terms of testing or daily usage than the trunk / master code.
- The TFS team settled on 3 week sprints after trying 2 weeks (which felt too short with too much overhead) and 4 weeks (which felt too long). At the company I was before, we had made the same experience.
- Sprint reviews are done with short demo videos from all feature teams to give product management a good idea what has been achieved during a sprint.
All in all this was highly entertaining and interesting keynote by a very talented speaker.
Building a high Quality Product (Finn Lorbeer)
Finn Lorbeer's (@finnlorbeer) session on product quality was packed with useful advice out of practical experiences of projects he had been involved with:
- Limit things in progress: I couldn't agree more with that and can just tell from my own practical and bad experiences: Many parallel tasks and task switching as a consequence is the death of productivity.
- Commit to production: Similar to the keynote, the idea is to avoid branches and get feedback and test results on committed code as soon as possible. Fully agree here.
- Avoid end to end tests: Sure - whenever possible, unit tests should be the preferred way. But it's just not always that simple or feasible.
- Again - feature flags (or toggles as he referred to them) are the way to roll out new features.
- Avoid bias: Whether that is sunk cost bias, overconfidence, social bias, ... try not to fall into these traps. Easier said than done probalby, but nonetheless true of course.
Serverless by Design (Danilo Poccia)
In his talk about serverless applications, Danilo Poccia (@danilop) from Amazon focussed mainly on SAM (Serverless Application Model) which is a way to specify these kinds of applications in a simple and clean syntax. In addition to the SAM CLI, he also demonstrated a web UI for it, with which he orchestrated a demo applications consisting of a couple of services.
Making Security an integrated part of the Software Development Lifecycle (Siren Hofvander)
InfoSec talks are something I always look forward to because they usually leave me both scared and fascinated at the same time. Siren Hofvander's (@securitypony) talk was no exception to that rule. She apparently had a ton of experience in that area and the way she tried to get her points across very pragmatic and hands-on, which was a refreshing contrast to the elitist and obnoxious behavior I have experienced way too often with people in that role.
Her key advice points were simple but effective:
- Never assume that this could not happen to you or your product.
- Do not say, "I would never do that" (because maybe your colleague would, or even you probably ... let's be honest here).
- Ask yourself, how could attackers get in?
- What are your account types?
- Where are your trust boundaries?
- Check your session handling!
CI/CD in the OpenStack community and beyond (Maria Bracho)
This session by Maria Bracho(@mariabracho) from Red Hat was a rather high-level overview of her experience as a product manager of an open source product (which probably poses a challenge in itself). Honestly, this talk left me least impressed of all but then - I am usually more interested in technical talks.
Load-shedding (Acacio Cruz)
Acacio Cruz (@acaciocruz) from Google shared their insights on handling load and how Google deals with this topic after they had experienced a couple of drastic Gmail outages in the early 2000s.
He mainly focussed on the basic load shedding principles, which are:
- Sustaining Peak Performance
- Work Conserving
Closing Keynote (Holger Weissböck)
The closing keynote by Dynatrace's Holger Weissböck (@holgua) was titled "Let's put U in UX!" and was a great example of how humour and wittiness can be great vehicles for getting a message across. The message in this case was that UX (user experience) is far more than just visuals and UI and it manifests itself already in things like well-designed APIs. By using funny analogies of failed user experiences in real life and in the software world, he made an excellent point of how essential user experience is for a product.
The last item on the schedule had been more forward to by many probably. After show come together with snacks and even custom branded DevOne beer.