Set of technical and cultural practices that implement DevOps principles — from Infrastructure as Code to blameless post-mortems. The "how" behind the philosophy.
DevOps practices are the concrete implementations of the DevOps philosophy. While DevOps is the "what" and "why," these practices are the "how."
Define and manage infrastructure through versioned configuration files.
| Tool | Focus | Language |
|---|---|---|
| Terraform | Multi-cloud, declarative | HCL |
| Pulumi | Multi-cloud, imperative | TypeScript, Python, Go |
| AWS CDK | AWS, imperative | TypeScript, Python, Java |
| CloudFormation | AWS, declarative | YAML/JSON |
| Ansible | Configuration, agentless | YAML |
resource "aws_s3_bucket" "data" {
bucket = "my-data-bucket"
versioning {
enabled = true
}
server_side_encryption_configuration {
rule {
apply_server_side_encryption_by_default {
sse_algorithm = "AES256"
}
}
}
}Keep servers in a desired state automatically.
# Ansible playbook
- hosts: webservers
tasks:
- name: Install nginx
apt:
name: nginx
state: present
- name: Copy config
template:
src: nginx.conf.j2
dest: /etc/nginx/nginx.conf
notify: restart nginx
handlers:
- name: restart nginx
service:
name: nginx
state: restartedPackage applications with all their dependencies.
# Multi-stage build
FROM node:20-alpine AS builder
WORKDIR /app
COPY package*.json ./
RUN npm ci
COPY . .
RUN npm run build
FROM node:20-alpine
WORKDIR /app
COPY --from=builder /app/dist ./dist
COPY --from=builder /app/node_modules ./node_modules
EXPOSE 3000
CMD ["node", "dist/index.js"].dockerignore to exclude unnecessary filesUse Git as the source of truth for infrastructure and deployments.
# ArgoCD Application
apiVersion: argoproj.io/v1alpha1
kind: Application
metadata:
name: my-app
spec:
source:
repoURL: https://github.com/org/repo
path: k8s/
targetRevision: main
destination:
server: https://kubernetes.default.svc
namespace: production
syncPolicy:
automated:
prune: true
selfHeal: trueSeparate deployment from release — code in production but functionality controlled.
// Example with LaunchDarkly / Unleash / custom
if (featureFlags.isEnabled('new-checkout', { userId })) {
return <NewCheckout />;
}
return <LegacyCheckout />;The three pillars for understanding production systems:
{
"timestamp": "2024-01-15T10:30:00Z",
"level": "error",
"service": "api",
"trace_id": "abc123",
"message": "Payment failed",
"user_id": "user_456",
"error_code": "INSUFFICIENT_FUNDS"
}Structured logging — parseable JSON, not free text.
# Prometheus format
http_requests_total{method="GET", status="200"} 1234
http_request_duration_seconds{quantile="0.99"} 0.25
Types: counters, gauges, histograms, summaries.
Follow a request through multiple services:
[API Gateway] → [Auth Service] → [User Service] → [Database]
2ms 5ms 3ms 10ms
Tools: Jaeger, Zipkin, AWS X-Ray, Datadog APM.
| Sev | Impact | Response time | Example |
|---|---|---|---|
| 1 | Service down | Immediate | Site won't load |
| 2 | Major degradation | < 30 min | Payments failing |
| 3 | Minor degradation | < 4 hours | Secondary feature broken |
| 4 | Low impact | Next business day | Cosmetic bug |
Inject controlled failures to discover weaknesses.
Integrate security throughout the pipeline:
These practices are not optional for teams operating software in production. Each one reduces a specific type of risk: IaC eliminates manual configuration, feature flags decouple deploy from release, observability turns incidents into learning. Adopting them incrementally is more effective than trying to implement everything at once.
Culture and set of practices that unify development (Dev) and operations (Ops) to deliver software with greater speed, quality, and reliability. It's not a role — it's a way of working.
Continuous Integration and Continuous Delivery/Deployment — practices that automate code integration, testing, and delivery to production. Foundation of modern software engineering.
GitHub's native CI/CD platform. Declarative YAML workflows that automate build, test, deploy, and any development lifecycle task — directly from the repository.
Python project example with Pipenv, Pytest, pre-commit hooks, CI/CD with GitHub Actions, and badge generation.
Copier templates for project scaffolding with Docker Compose, MkDocs documentation, and automated configuration.
Twelve-principle methodology for building modern SaaS applications that are portable, scalable, and deployable on cloud platforms.
HashiCorp's Infrastructure as Code tool that enables defining, provisioning, and managing multi-cloud infrastructure through declarative HCL files.
Incremental migration strategy that gradually replaces a legacy system with new components, progressively routing traffic until the old system can be retired.
Open source fork of Terraform maintained by the Linux Foundation. Compatible with HCL and Terraform providers, created in response to HashiCorp's license change to BSL 1.1.
Ability to understand a system's internal state from its external outputs: logs, metrics, and traces, enabling problem diagnosis without direct system access.
Code organization strategy where multiple projects coexist in a single repository, sharing dependencies, configuration, and build tooling.
Practice of defining and managing infrastructure through versioned configuration files instead of manual processes. Foundation of modern operations automation.
Processes and practices for detecting, responding to, resolving, and learning from production incidents in a structured and effective way.
Discipline focused on optimizing developer productivity, satisfaction, and effectiveness through well-designed tools, processes, and environments.