Healthy services are regularly deployed
The remediation of the recent log4j security vulnerability has solidified an idea in my mind. Services and infrastructure must be regularly deployed to be considered healthy long-term.
I’ve read through several Reddit threads where people in companies with a strong devops culture had an easier time doing the dependency update and deploy as opposed to others. The issue people tend to have were updating services that have had infrequent and/or manual deploys. This made it much more difficult for on-call engineers to update the dependency and track down how to properly deploy the service.
I’ve struggled with the consequences of irregular deploys at past companies. That’s why I suggest having regular deployments of your code and infrastructure, even if it’s a no-op to make sure you can.
Like what you've read?
If you're an engineering leader or developer, you should subscribe to my 80/20 DevOps Newsletter. Give me 1 minute of your day, and I'll teach you essential DevOps skills. I cover topics like Kubernetes, AWS, Infrastructure as Code, and more.
Not sure yet? Check out the archive.
Unsubscribe at any time.