(This blog post is inspired by the talk that I will be giving at DevOps Talks Conference Melbourne and DevOps Talks Conference Auckland. Hope to...by Matt Stratton
March 4, 2019
Incident management is paramount to the success of any modern ITOps team. However, much like growing a business, scaling incident management can also trigger growing pains. As the landscape of devices, applications, and systems grows — each requiring monitoring — so too, does the alert noise and complexity around management for on-call staff. With an increasing number of engineers on your team, it can be difficult to on-board and implement new notification policies and after-hours operations to ensure your team is efficient and load is fairly distributed. And the push towards hybrid models of IT and bimodal IT environments can also complicate incident management. Nevertheless, with a few tried and true techniques, you can scale incident management in a planned, deliberate, organized, and effective way.
Let’s first understand the problem with an example where scaling becomes a serious issue.
You’ve finally dialed in your incident management process, only to shortly after learn that your company has bought a new business. Now your Ops team is taking over IT for the new environment, in addition to what you’re already responsible for. At first glance, you think of the perfect scenario in which you can simply apply the same tools and methodology to this entirely new stack.
However, reality is rarely perfect — the new company may leverage a different tech stack and different incident management monitoring tools and methodologies. While this scenario is incredibly daunting, it’s very similar to any growth scenario — whether it be growing your IT team, or adopting more agile and bimodal ITOps structures. Whichever scale scenario you may face, below are some ideas for any organization that is working on scaling their monitoring, incident management, and team.
Are you implementing new hardware, software, or services? Are there new complexities within your future state ITOps environment? Has your engineering team just grown? Have you inherited an application in which code errors need to be reported? In all cases, you must identify the areas in which your ITOps team is being forced to scale your operations.
Ensuring coverage of your monitoring tools across your entire stack is paramount to the success of scaling. To adopt to this change, don’t be afraid to implement multiple or entirely new monitoring systems outside of your current stack. The goal of these systems is to gain full-stack visibility, and in many cases this requires implementing different monitoring tools in order to appropriately monitor disparate and new systems. But to truly support organized scale, there needs to be a way to normalize, de-dupe, correlate, and gain actionable insights from all this data. All the events generated by these monitoring tools must be centralized in a single hub, from which they can be triaged and routed to the right on-call engineer.
When monitoring is in place, the goal is then to understand the data for effective incident resolution. Adjusting the routing behavior across your monitoring tools and configuring the appropriate thresholding is a great next step to ensure your team does not experience alert fatigue once you have implemented new tools. Aggregating this data and suppressing or filtering out non-actionable alerts from paging within a common incident management system is critical to help reduce the noise and enrich the visibility of incidents across your entire stack.
A comprehensive incident management platform will help integrate data from all your tools and grow with you as you scale. It not only unifies all your disparate monitoring alerts into one common system, it supports growth in your engineering team without generating confusion around resource management. Moreover, it helps facilitate more accountability as well as more organized collaboration. As a bonus, you can leverage incident analytics to show your boss how well your ITOps team is managing and resolving outages.
The world of ITOps is evolving rapidly, but one thing is clear — IT teams are being ordered to scale their operations in almost every capacity. Legacy ITOps environments are transitioning to and adopting more hybrid and agile architectures and frameworks. Users are continually demanding faster and more reliable access to data across different devices. As a result, it’s necessary for ITOps teams to be equipped with a plan for scaling. Incident management is now a necessity as the stakes of downtime get higher.