SRE and DevOps deliver the best value when used together. Culture is key to avoiding burnout. You need the cloud more than ever.
These are among the main takeaways from Google Cloud’s latest Accelerate State of DevOps report, which examines how companies are using DevOps practices. Based in part on a survey of more 32,000 professionals, the 2021 report, which was compiled by the DevOps Research and Assessment (DORA), identifies best practices that DevOps and SRE teams can use today to achieve operational excellence.
The full report is 45 pages long. It’s worth a read if you can spare the time. But in case you can’t, we’ve pulled out the most important takeaways for SREs -- who have much to learn from the DORA findings, even if the official focus of the report is on DevOps and not SRE.
You don’t need SRE or DevOps. You need SRE and DevOps
Probably the most significant finding is that DevOps and SRE aren’t an either-or proposition. Although some folks conflate these domains, or assume that one is more important than the other, Google says modern organizations need both SRE and DevOps.
“SRE and DevOps are highly complementary, and our research demonstrates their alignment,” according to the report, which added, “SRE drives DevOps success.”
Granted, it’s not exactly surprising that a report from Google would emphasize the importance of SRE. Google is the company that invented SRE and published a series of books to help popularize the concept. It makes sense for Google to encourage businesses to embrace SRE.
On the other hand, it’s not as if the report argues that SRE is more important than DevOps. It says that businesses need both types of roles. You could interpret this as a recognition by Google that SRE alone doesn’t cut it -- which is kind of a big deal.
Security drives reliability
In some ways, there’s a tension between SRE and security. Maximum reliability does not always translate to maximum security.
Interestingly, however, the 2021 State of DevOps report concludes that reliability outcomes are much better when organizations bake security into their reliability processes. “Elite performers that met or exceeded their reliability targets were twice as likely to have security integrated in their software development process,” Google reports.
The lesson here is that it has become more important than ever to reconcile reliability with security and DevSecOps. You can’t attempt to prioritize one or the other. Finding ways to achieve both through a common process leads to systems that are as reliable and secure as possible.
Multicloud and hybrid cloud enhance reliability
SREs may not think of cloud strategy as a core part of their job responsibility. That’s a task that more commonly falls to cloud architects.
But simply encouraging their organizations to leverage more reliable cloud architectures can be one way to improve reliability, according to the State of DevOps report. While enhanced reliability is not the only reason why more and more organizations are now expanding into multicloud and hybrid cloud architectures, increased availability was the second most common reason for adopting one of these strategies among the professionals whom Google surveyed.
The report also noted that organizations with multicloud or hybrid cloud architectures were 1.6 times more likely to meet or exceed their performance goals.
The takeaway here for SREs is that, although having more clouds to manage creates new reliability challenges in some respects, the data clearly shows that multicloud and hybrid cloud lead to better reliability outcomes in the long run. It’s time to let go of your single cloud.
Culture should encourage reasonable risks
The report devotes considerable discussion to culture and its role in shaping organizational success. Although the report doesn’t explicitly link culture to SRE, one finding that will interest SREs is that “high-performing organizations are more likely to have a culture that encourages employees to take calculated and moderate risks without fear of negative consequences.”
SREs can do much to help their companies build this type of culture. They can encourage blameless postmortems. They can also maximize maintainability in order to ensure rapid recovery when someone makes a mistake.
One way to think about your role as an SRE, then, is to devise ways to encourage your organization as a whole to take moderate, calculated risks without worrying that the world will end if something goes wrong.
Again, we encourage you to check out the complete State of DevOps 2021 report when you have a moment. But in the meantime, think about how SREs can integrate with DevOps and security teams, encourage cloud innovation and build risk-tolerant cultures as a way to bring greater value to their companies.