Technical Assessment: The Harness Platform for Intelligent Software Delivery
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
White Paper Technical Assessment: The Harness Platform for Intelligent Software Delivery Sponsored by: Harness Jim Mercer March 2021 IDC OPINION Jyoti Bansal, who was the founder and CEO of AppDynamics, was an early adopter of agile and DevOps development practices. However, Bansal became frustrated because although there were tools that enabled efficiencies on the continuous integration (CI) side of the CI/continuous delivery (CD) process, there were not any strong solutions to enable efficient software delivery. Instead, development teams were forced to dedicate a considerable number of resources toward scripting the software delivery processes. This created fragile delivery processes that impeded DevOps teams from achieving higher levels of software velocity, and once the software was deployed, if a problem arose, rolling back changes was fraught with manual processes. Continuous delivery enables organizations to meet the demands of their customers more swiftly and dependably by efficiently getting anticipated software functionality into production applications consistently and reliably. While we often hear the acronym CI/CD mentioned along with DevOps, CI/CD represents two different but complementary pieces of the DevOps pipeline. CI is continuous integration — this is all about automating the integration of developer code changes into a single software build enabling frequent software builds that are tested via automated testing tools to ensure code changes did not break the build. Meanwhile, CD provides the ability to assimilate code changes (error fixes, new functionality, etc.) into production in a repeatable manner via fast and frequent releases that use an automated delivery process. Bansal eventually sold AppDynamics to Cisco for $3.7 billion and later teamed up with Rishi Singh, a former platform architect who was running continuous delivery at Apple, to form Harness. Recognizing the growing importance of developer efficiency and how power has shifted toward developers, the pair went to work to solve the CD problem by building a next-generation software delivery platform that would provide CD as a service to simplify and optimize the software delivery process. In 2017, Bansal and Singh took the project out of stealth mode, and to date, Harness has raised $195 million in financing, reaching a valuation of $1.7 billion in three years after launching from stealth, and now has approximately 350 employees. The founders' collective vision was to create an intelligent self-service platform that can modernize or integrate with existing tools as part of application delivery. Given Bansal and Singh's background working with large enterprises, they intentionally architected the Harness platform to handle software delivery for some of the world's largest and most complex companies and modern distributed application architectures. March 2021, IDC #US47485621
SITUATION OVERVIEW Continuous Delivery Continuous delivery is at the heart of Harness' product portfolio. The company was started when the cofounders realized that with the current CI/CD tools on the market, the best release frequency they could achieve would be monthly releases. Even monthly release cadences came with additional engineering overhead and the added complexity of creating and maintaining custom scripts. The foray into creating a continuous delivery solution was born out of trying to solve real problems that the pair had experienced firsthand with trying to improve release velocity, reduce overhead costs, and improve the overall efficiency of developers and DevOps teams. The result was the Harness CD-as-a-service platform. Nearly every vendor in the CI/CD space started with CI — Harness may have been the first to focus on the problems with CD. The company concentrated on addressing the hidden complexity of how DevOps teams promote release artifacts across environments while managing change control such as approvals, security, and the auditing of volumes of software delivery artifacts. The key has been to address the tenuous nature of traditional CD pipelines in a simplified manner that does not require a lot of configuration and scripting. As such, Harness CD pipelines can be built using either YAML or a wizard that will guide a user through the process of configuring the pipeline using a web user interface (UI) and a series of drop-down menus. The single point of integration with the CI process is the completed build artifact. Using webhooks, Harness CD monitors a target directory or repository scanning to see if there is a new software artifact indicating a successful build. If a new artifact is identified, Harness CD initiates the automated software delivery process. Part of the success in acquiring new Harness CD customers has been that the company has not tried to replace DevOps tools that are already entrenched into development processes. Instead, Harness has taken more of a value-added approach and integrated Harness CD into existing DevOps tools stacks and platforms. Having over 100+ integrations available out of the box has helped the company get better traction with enterprise customers with diverse DevOps tools stacks as well. Further, Harness provides an abstraction model that enables the support of major cloud providers and technology stacks. A common use case for Harness CD is organizations migrating applications to Kubernetes and cloud platforms and greenfield cloud-native application development using modern distributed architectures. However, the Harness automated CD capabilities can handle pipelines for traditional monolithic applications as well. The Harness CD plug-in integration capabilities include security and governance that empower developers to integrate Harness CD into their existing DevSecOps tools. This includes native integration into secrets management and self-service capabilities that come with the guardrails such as fine-grain, controlled RBAC rules across teams to safeguard the deployment of code. User verification is protected via a single sign-on using security assertion markup language (SAML) or a Lightweight Directory Access Protocol (LDAP) with the ability to support multifactor authentication. Harness provides what it calls "pipeline governance" to enable organizations to ensure security and verification standards coupled with software release audit trails. These audit logs include all software delivery and user events for compliance along with the ability to compare or diff pipeline changes ©2021 IDC #US47485621 2
within the UI. Further, common DevSecOps tools such as software composition analysis (SCA) can be integrated via plug-ins within the Harness CI and CD capabilities as appropriate. Harness provides what the company calls "smart automation" via CD pipeline templates that allow organizations to reduce deployment scripting and use one pipeline workflow with multiple services and infrastructure definitions and within a single environment. Harness CD supports continuous delivery via on-demand deployments and modern delivery techniques such as A/B, canary, and blue/green deployments. For organizations using Kubernetes that are planning to adopt GitOps, Harness CD has native GitOps capabilities so pipelines can be declared as code and driven via Git. CD provides bidirectional sync support to manage conflicting updates to Git. Branching is supported, allowing DevOps teams to manage multiple instances of version-controlled pipelines. Native support for the Kubernetes helm package manager enables teams to wrap Harness orchestration around their helm charts. Harness states that 75% of the company's customers are already using Kubernetes. The Harness CD capabilities and simplicity do come with a cost to flexibility. Some customers have complained that Harness is too opinionated and when you deviate from the Harness-generated pipelines, you can lose some flexibility. For example, it can be harder to modify or extend more complex pipelines with steps that may branch in/out with concurrent runners. Ultimately, it is a decision that an organization needs to make as to whether they want more streamlined CD capabilities, with some loss of flexibility, or they would prefer to have the option to customize their CD pipelines more easily but perhaps take on more overhead to maintain them. Continuous Integration Until August 2020, Harness was a CD-only solution although the company's products integrated with other CI solutions. Competitors such as Codefresh and CircleCI were offering a CD platform that included built-in CI capabilities. So Harness has backed into CI partly driven by competitive pressure as well as existing customers asking the company to improve the efficiency of the CI process and reduce software build times — akin to what Harness did with CD. For the past couple of years, the Harness engineering team has been working on a new enterprise CI solution due to be formally released in 2021. The new enterprise CI solution will offer deployments both on premises, for those with compliance or security concerns, and as a SaaS offering. It will be focused on building cloud-native applications and support popular coding languages and frameworks as well as both trunk-based and Git Flow development workflow styles. It can be driven via APIs, and to simplify the investigation of build errors, the Harness CI solution will allow developers to set break points at different areas of the flow and interrogate the value of variables and artifacts and change them on the fly with real-time manipulation of build steps. Like the CD offering, the new Harness CI solution will support templates for common build practices. The company has indicated that it intends to incorporate machine learning (ML) into its enterprise CI solution to enable more intelligence at the build test levels at a future date. When code is changed, the AI and ML capabilities will have the intelligence to determine the scope of the change and identify what test should be run first to ensure the code is thoroughly tested without the need to run an entire test suite. This will identify gaps in unit tests highlighting changed code that is not getting test code coverage. The AI will also automatically identify negative build trends and provide actionable insights to improve software quality. Harness appears to be the first vendor applying AI/ML to CI use cases. ©2021 IDC #US47485621 3
Somewhat unexpectedly, in 2020, Harness acquired Drone.io, a CI solution based upon the Drone open source project written in Go and created back in 2012. The company indicated that Drone.io was an organizational and architectural fit since it is based upon open source and the platform has a lightweight container-native design coupled with a declarative YAML configuration that can be versioned within Git, making it easier to use and manage. Drone boasts of having a vibrant open source community with over 100 million pulls on DockerHub to date. Drone has the distinction of being the first container-native CI solution. Harness has indicated that the company intends to maintain the Drone open source project as a freemium on-premises community edition offering and will continue to offer the commercial Drone CI Enterprise renamed as Harness CI Essentials. Some developers, who favor open source software, have been critical of the company's closed source approach toward software development. Harness does provide a CD community edition enabling start- ups and open source projects free-of-charge usage — but it is not open source. The Drone acquisition presents an opportunity for Harness to be the curator of an open source project and community, and perhaps, this will lead to other open source contributions in the future. Continuous Efficiency In 2020, Harness introduced a new capability called Continuous Efficiency (CE) that provides cloud cost management. CE helps organizations eliminate cloud waste with the potential to realize significant savings on their public cloud bill, according to the company. Traditionally, software deployments were managed by IT operations or release teams and infrastructure consisted of physical server computers in a datacenter — these were essentially fixed costs. Now with cloud technologies and using DevOps to drive rapid iteration and delivery, it is possible to convert cost into variable cloud cost. Today, with automated CD and cloud-native technologies, the responsibility for managing releases and reducing operational cloud cost is increasingly shifting left onto the actual developers. Using cloud platforms, organizations can break down the cost of digital transactions. However, typically developers do not have ready access to cloud cost data. Supporting the three major cloud providers (AWS, GCP, and Azure), Harness CE enables developers to see the costs incurred by their applications, microservices, and clusters without the need for manually tagging cloud infrastructure. Shifting workloads into the public cloud is not always as cheap or cost effective as expected, and CE answers the questions, "How much is it costing me to run my application in the cloud, and what can I do to reduce my cloud cost?" CE provides an explorer to get breakdowns of cloud cost and comes with a recommendation engine. The recommendation engine provides suggestions on adjustments that can be made to cloud resources to decrease costs. The data is presented using hourly time windows so developers can drill into cloud resource usage and cost trends over time or during specific time periods. Adjustments to cloud resource allocations can be edited within the platform UI or the deployment YAML file. While CE is still a new feature, Harness states that some of its CE customers are experiencing significant cloud cost savings. Several entrenched competitors already exist in this space including VMware CloudHealth and CloudZero, but Harness has democratized cloud cost data by putting it at the fingertips of developers. ©2021 IDC #US47485621 4
Continuous Verification Harness Continuous Verification (CV) uses AI/ML to automate the verification of software releases. CV applies machine learning to CD with no need for developers or IT operations to have to navigate charts or dashboards to find abnormalities in application behavior. It essentially provides an automated health check. Harness claims the ML model can be trained after just a few deployments and will only continue to improve as it processes more release data. Harness CV ML uses multiple data sources to evaluate the health of an application integrating with popular IT operations monitoring solutions. For application performance monitoring, CV integrates with existing APM and observability tools, such as AppDynamics, New Relic, and Datadog, to verify the performance of your software deployments. It uses event data from popular logging tools, such as Splunk, Sumo Logic, and ELK, to look for anomalous events and quality regressions. When parsing logs, CV uses conventional natural language processing (NLP) tokenizers coupled with a word frequency-based approach. DevOps teams using CV can add custom application or business-specific metrics to better understand the impact the released software is having on the business. Further after deployments, CV continues to monitor the health of your application 24 x 7 to pick up anything that does not surface at deployment time, such as new log messages that CV has never seen before. This helps provide a continuous feedback loop and enables developers to get persistent production application insights. Once a problem is found, Harness CV can automatically take a variety of different actions to proactively initiate the recovery process. The actions can include opening a Jira ticket, sending a message on a Slack channel, or automatically initiating a software rollback to backout the software update that has destabilized production. Harness CV uses unsupervised machine learning to automatically verify the quality of deployments looking for anomalies in performance. CV queries all the metrics (application response time, etc.) from the underlying monitoring tools, builds a model of what it detects and compares it against previous deployments, and identifies differences between the new deployment and prior successful deployments. When rolling out software, developers want to know if anything has changed and if there are any new log messages since the latest code change. There are always things that have been in the log files for years that engineers are not concerned about. Although the CV ML is unsupervised, there are some lightweight supervised actions that DevOps teams can take, such as adjusting the threshold value of specific metrics and training the model to ignore certain types of messages or metrics. Applying these supervised capabilities on top of the unsupervised learning approach improves the accuracy of the findings. Further, CV uses a deep learning technique, called neural nets, to identify noisy attributes and log messages that can be ignored, such as UUIDs or IP addresses, to reduce the number of false positives. Harness indicates an upcoming enhancement to CV will give developers even greater impact awareness regarding software changes. This new capability will expand the scope of data CV consumes to include infrastructure, cloud, and configuration metrics. Continuous Features Harness Continuous Features (CF) is a feature flag management capability that enables modern progressive delivery of software updates. Progressive delivery is a practice that allows DevOps teams ©2021 IDC #US47485621 5
to control how and when new software features or changes are deployed into production. It is even more granular than established A/B, canary, or blue/green deployment methodologies. Feature flags are essentially if/else conditional logic that envelops the changed code and only allows it to be exercised if the corresponding feature flag has been enabled. Feature flags can also help alleviate the need for multiple code branches lessening the need to merge code from long-lived branches. With feature flags, new software can be deployed, but the actual features may not be enabled right away. The features can be enabled individually or in selected groups based upon business needs and dependencies. A feature can be flagged throughout the entire development process such that it can be toggled on or off in isolation, without impacting other development environments. Feature flags can also be used as a means of collecting fast feedback by turning select features off and on and gauging the response of the end users. Harness CF enhances feature flags by adding rigor, such as guardrails, and standardization around feature flags. CF helps DevOps teams effectively manage their feature flag deployments by providing cleanup mechanisms to avoid feature flag sprawl and providing RBAC to enforce least privileged policies. CF feature flags can be directed toward specific locations, referred to as targets or collections of users called segments. CF integrates with the same intelligence that makes the Harness CV solution tick, enabling organizations to turn on a feature flag and use AI/ML to automate the verification of the underlying feature. The AI/ML is fed by existing monitoring and observability tools and can connect changes in production behavior back to specific software changes (errors, performance changes, etc.). Several companies have entered the feature flag space in the past few years including LaunchDarkly and Split, and they all offer somewhat comparable capabilities. However, what makes Harness CF unique is the native integration with the Harness CV AI/ML capabilities and the uniform integration with the Harness CD capabilities all within a single platform with a common UI look and feel. FUTURE OUTLOOK Market Perspective In a recent IDC survey of U.S. enterprise organizations, respondents were asked if their organization has adopted or is planning to adopt DevOps practices. More than 77% of respondents indicated that they have already adopted DevOps in some capacity for a portion of their applications. However, when those same respondents were asked what the actual percentage of their application landscape was currently using DevOps, we found that most of these enterprise organizations are using DevOps for less than 20% of their application estate. The DevOps adoption rate will nearly double in 2021, with most organizations planning to have nearly 31–40% of their application estate using DevOps. As organizations continue to grow their application landscape and DevOps usage, there is tremendous upside for growth potential. The worldwide DevOps software tools market saw strong double-digit growth in 2019, with worldwide revenue totaling $8.5 billion (see Worldwide DevOps Software Tools Market Shares, 2019: Leaders Drive Double-Digit Growth, IDC #US45188620, July 2020). Despite the recent economic chaos, we project the market to continue to expand with a CAGR of 16% for 2020–2024 (see Worldwide DevOps Software Tools Forecast, 2020–2024, IDC #US45188520, July 2020). ©2021 IDC #US47485621 6
Harness Market Opportunity Although its platform can be used by the growing number of teams practicing DevOps, Harness appears to be focused on providing an intelligent software delivery platform that will cater to modern cloud-native application development. Cloud-native development brings the automation of the cloud to application development and is typically optimized for distributed application architectures. IDC survey data indicates that DevOps teams are increasingly leaning into cloud-native development, and that trend is expected to continue through 2022 and beyond (see Figure 1). FIGURE 1 Cloud-Native Development Trends Q. Relative to your total estate of custom-built applications running in a cloud environment, please estimate the percentage of apps built/deployed using cloud-native development (2020/2022). 40.0% 35.0% 30.0% 25.0% 20.0% 15.0% 10.0% 5.0% 2022 2020 0.0% 0% 1–4% 5–14% 15–24% 25–34% 35–49% 50–74% 75–99% 2020 2022 Source: IDC's U.S. DevOps Survey, September 2020 This shift to cloud-native development is only increasing the demand for better and faster tools to improve developer productivity. At its core, the Harness platform is designed to enhance developer efficiency and provides developers with a single self-service platform streamlining the delivery of modern cloud-native applications. So the market growth and demand for the capabilities Harness provides should persist for the near future. IDC finds considerable competition in the CI/CD space, making for a high noise level that customers must negotiate. We see key competitors such as GitLab, Codefresh, GoCD, and Armory aggressively trying to capitalize on the move toward cloud-native software delivery as well. Cloud providers, such as AWS, are also providing competitive pressure by offering tools such as AWS CodePipeline and CodeDeploy. There is peripheral competitive pressure from feature flag providers such as LaunchDarkly as well as cloud cost management providers such as those natively provided by cloud providers and third-party providers such as CloudZero. ©2021 IDC #US47485621 7
Key strengths for Harness in differentiating itself from the competition include the ease of use, AI/ML intelligence, and providing a single platform for software delivery that includes CI/CD, cloud cost management, and feature flags all within a single platform and user experience. ESSENTIAL GUIDANCE As organizations mature in their DevOps capabilities and adopt newer cloud-native technologies, there is an expectation that the deployment of software will be optimized enabling increased agility as well as more frequent software releases with continuous deployment. However, the reality is that many DevOps teams discover they can be limited by CD tools and fragile delivery processes that impede their ability to achieve higher levels of software velocity as well as the increased resources needed to maintain the underlying automation scripts and so forth. Organizations trying to improve their CD capabilities should consider Harness as part of any product research and due diligence effort. The Harness platform can help alleviate the pain of complex software delivery while providing integrated AI/ML capabilities to streamline processes and other valuable capabilities such as multiple CI options, cloud cost management, and feature flags. These capabilities empower developers to efficiently ship software while getting feedback via progressive delivery and a clear line of sight into the cloud cost implications of modern software delivery. ©2021 IDC #US47485621 8
About IDC International Data Corporation (IDC) is the premier global provider of market intelligence, advisory services, and events for the information technology, telecommunications and consumer technology markets. IDC helps IT professionals, business executives, and the investment community make fact- based decisions on technology purchases and business strategy. More than 1,100 IDC analysts provide global, regional, and local expertise on technology and industry opportunities and trends in over 110 countries worldwide. For 50 years, IDC has provided strategic insights to help our clients achieve their key business objectives. IDC is a subsidiary of IDG, the world's leading technology media, research, and events company. Global Headquarters 140 Kendrick Street Building B Needham, MA 02494 USA 508.872.8200 Twitter: @IDC idc-community.com www.idc.com Copyright Notice External Publication of IDC Information and Data — Any IDC information that is to be used in advertising, press releases, or promotional materials requires prior written approval from the appropriate IDC Vice President or Country Manager. A draft of the proposed document should accompany any such request. IDC reserves the right to deny approval of external usage for any reason. Copyright 2021 IDC. Reproduction without written permission is completely forbidden.
You can also read