Posted on by DevOpsin
By Tim Palko
Senior Member of the Technical Staff
CERT Cyber Security Solutions Directorate
In the realm of DevOps, automation often takes the spotlight, but nothing is more ubiquitous than the monitoring. There is value to increased awareness during each stage of the delivery pipeline. However, perhaps more than any other aspect of DevOps, the act of monitoring raises the question, "Yes, but what do we monitor?" There are numerous aspects of a project you may want to keep an eye on and dozens of tools from which to choose. This blog post explores what DevOps monitoring means and how it can be applied effectively.
Before getting into the state of monitoring in DevOps, I want to take a minute to discuss tooling. Because there are so many products trying to promote monitoring, choosing among them can be distracting. It is best to, first, understand what holds business value to you and your customers. You should also recognize that not everything that can be monitored should be monitored. Discussing any particular tool isn't the aim of this post, but it is worth noting that the most vendors offer free trials and many other products are simply free, so it might be worth your time to sample a few after you have determined your monitoring strategy.
Infrastructure and service monitoring have been around long before DevOps, so how does DevOps really affect monitoring strategy, and is DevOps even needed for monitoring? Strangely, yes, in a way.
While monitoring predates DevOps, DevOps has furthered the software development process to such a degree that monitoring can't help but evolve as well. As a community, we are beyond writing cool application code; we are now writing cool infrastructure as code, automating integration and testing, and deploying everything in the cloud. Generally, the pace of development has increased, which imposes greater load on the customer feedback loop and deployment tooling. There is more to monitor, so where we use DevOps-style tooling to automate integration, testing, provisioning, and deployment, we need to use DevOps-style tooling to monitor our builds, resources, and performance.
Primary Categories of Monitoring Targets
Monitoring targets fall into several primary categories, and you will likely want to cover at least one aspect of each category. Broadly, these categories are application log output, server health, development milestones, vulnerabilities, deployments, and user activity. I will cover each briefly below:
One final note about logging--whether about application logs, user activity monitoring, or simply project history: logging has even more value if the storage is centralized. Any problems with the application can be detected and analyzed in a global context, and if problems are well annotated, different log sources can be correlated to learn even more about the state of the application and the project.
Wrapping Up and Looking Ahead
While one area of monitoring may be more important to your business case than another, it is hard to make an argument for ignoring any one area. Some of these areas of monitoring are built into popular tools, such as issue trackers and integration servers, while others must be deliberately included. But, incorporating some minimal implementation of each kind of monitoring in your DevOps strategy will get you well on your way toward a more complete implementation of DevOps and a more stable and reliable infrastructure, product, and process.
The DevOps blog offers technical guidelines and practical advice for DevOps in practice. We welcome your feedback on this series, as well as suggestions for future content. Please leave feedback in the comments section below.
To view the webinar DevOps Security: Ignore It As Much As You Would Ignore Regular Security by Chris Taschner and Tim Palko, please click here.
To view the webinar Culture Shock: Unlocking DevOps with Collaboration and Communication with Aaron Volkmann and Todd Waits please click here.
To view the webinar What DevOps is Not! with Hasan Yasar and C. Aaron Cois, please click here.
To listen to the podcast DevOps--Transform Development and Operations for Fast, Secure Deployments featuring Gene Kim and Julia Allen, please click here.
To read all of the blog posts in our DevOps series, please click here.