java开发工程师职能_跨职能技能组作为可靠性工程师的重要性

“A human being should be able to change a diaper, plan an invasion, butcher a hog, conn a ship, design a building, write a sonnet, balance accounts, build a wall, set a bone, comfort the dying, take orders, give orders, cooperate, act alone, solve equations, analyse a new problem, pitch manure, program a computer, cook a tasty meal, fight efficiently, die gallantly.”

“人类应该能够更换尿布，计划入侵，屠宰生猪，连接船，设计建筑物，写十四行诗，平衡账目，筑墙，结骨，安抚垂死的人，接受命令，下达命令，合作，独自行动，解决方程式，分析新问题，撒肥，编程计算机，美味餐点，有效战斗，英勇牺牲。”

― Robert A. Heinlein

―罗伯特·海因莱因

Over the last decade the evolution of Information Technology and introduction of paradigms such as DevOps & SRE and their impact on IT culture have brought about an incredible change in how Software Development Lifecycle is managed. The boundaries between development and operations have continued to fade away. Practices like No Ops / Git Ops (In my view Automated Ops) and you build it, you run it have paved the way for autonomy, promoting accountability and integrated experiences between teams. However this has also meant that the skillset needed to be able to successfully manage those services and applications require a more generalist understanding of SDLC while specialising in areas of technical interest.

在过去的十年中，信息技术的发展以及诸如DevOps和SRE之类的范式的引入及其对IT文化的影响，导致了软件开发生命周期的管理方式发生了令人难以置信的变化。 开发与运营之间的界限不断消失。 诸如No Ops / Git Ops之类的实践(在我看来是Automated Ops )，并且在您构建，运行它之后，就为自治，促进责任感和团队之间的集成体验铺平了道路。 但是，这还意味着，能够成功管理那些服务和应用程序所需的技能要求对SDLC有更全面的了解，同时还要专门研究技术领域。

In this post I will try to identify and define those technical areas that together make up the skillset that one may require to be part of a cross-functional SRE team helping to deliver services and applications.

在本文中，我将尝试确定和定义那些技术领域，这些领域共同构成了可能需要成为跨职能SRE团队的一员，以帮助交付服务和应用程序的技能。

Each discipline below is vast subjects and have specialisation(s) in and of itself. My aim here, is merely to describe the importance of these disciplines within DevOps / SRE context as part of a cross-functional team and to not take a deep dive of each discipline.

下面的每个学科都是广阔的学科，并且本身具有专业领域。 我在这里的目的仅仅是描述这些学科在DevOps / SRE上下文中作为跨职能团队的一部分的重要性，而不是深入研究每个学科。

系统工程学 (Systems Engineering)

If you have come from a traditional Operations background when there used to be clear Silos (in some cases for good reasons) between Ops and Dev teams, you would know that despite best efforts on both sides, there were always times where Devs and Ops people locked horns on how the environments to deliver software and digital services must be designed, configured and maintained and should a configuration be part of the application stack or infrastructure.

如果您来自传统的运营背景，并且在运维团队之间经常存在明确的筒仓(在某些情况下是有充分的理由)，那么您会知道，尽管双方都尽了最大的努力，但有时开发人员和运维人员经常关于如何设计，配置和维护交付软件和数字服务的环境，以及配置应成为应用程序堆栈或基础架构的一部分的难题。

Having said that developers don’t care deeply for how the environments are configured as long as their code is working (ideally exactly as how it works on their laptops). Development workstations and laptops are customised environments that generally operate within a trusted zone, based on the use-case of development friendly machines. This is to ensure that the business and software development teams can work on quick feedback loops to deliver application, services and new features.

话虽如此，只要代码能够正常工作(理想情况下，就像其在笔记本电脑上的工作原理一样)，开发人员就不会在意环境的配置方式。 开发工作站和便携式计算机是自定义环境，通常基于对开发友好的机器的用例在受信任的区域内运行。 这是为了确保业务和软件开发团队可以在快速反馈循环上工作，以交付应用程序，服务和新功能。

However, planning and building environments to deliver those services to the end-users across multiple regions while keeping in mind the costs, available resources, service limitations, regulatory requirements, systems and their interaction points to users and other systems is altogether another matter. Of course, there are specialised roles for some of the areas I mentioned earlier but understanding their context is important as an engineer. If we look at a simple example of building an OS image to be used by an environment, you have to consider nuances of underlying virtualisation platforms like KVM, Xen and containers or hardware requirements of bare metal servers. It is a task that shouldn’t be taken lightly. Also being able to understand the use-case of an application or service allows system engineers to be able to build environments and systems for appropriate workloads. On top of that, understanding the hardening requirements based on the industry, CVE’s and their impacts adds another layer of complexity to the mix. All of the above cannot be underestimated and the need for systems engineers and their skills becomes a crucial part of the RE team.

但是，规划和构建环境以跨多个区域向最终用户提供这些服务，同时牢记成本，可用资源，服务限制，法规要求，系统及其与用户和其他系统的交互点，这完全是另一回事。 当然，我前面提到的某些领域有专门的角色，但是作为工程师，了解它们的上下文很重要。 如果我们看一个构建供环境使用的OS映像的简单示例，则必须考虑基础虚拟化平台(例如KVM，Xen和容器或裸机服务器的硬件要求)的细微差别。 这是一项不应该掉以轻心的任务。 此外，由于能够了解应用程序或服务的用例，因此系统工程师能够为适当的工作负载构建环境和系统。 最重要的是，了解基于行业，CVE的严格要求及其影响会给组合增加另一层复杂性。 以上所有因素均不可低估，对系统工程师及其技能的需求成为RE团队的重要组成部分。

网络工程 (Network Engineering)

With the emergence of SDNs (Software Defined Networks), their adaptation, implementation and normalisation within the private and public cloud platforms, it has become ever more important for engineers to understand the networks, virtualised or otherwise, to be able to help deliver services that may span across multiple networks.

随着SDN(软件定义网络)的出现，它们在私有云和公共云平台中的适应，实施和规范化，对于工程师而言，了解网络(无论是虚拟的还是其他方式)以能够帮助提供可交付的服务变得越来越重要。可能跨越多个网络。

Networking in its fundamentals hasn’t changed over the last few decades. What has changed however is how the networks are implemented. Traditional networks are still important and mostly act as a backbone to the service. With the use of SDNs one single network can now act as a carrier for a mesh of virtualised networks, constantly evolving, growing and changing as the requirements of the services and their underlying networks change. A service can span across multiple virtualised networks which may still be residing on same underlying hardware. Those virtualised networks are built using software and can be destroyed as easily as they are created making space for newer networks. Understanding how networks interact, TCP / IP stack and being able to collaborate with traditional network engineers is an important skill to be part of a cross-functional team.

在过去的几十年中，网络的基本面没有改变。 但是，改变的是网络的实现方式。 传统网络仍然很重要，并且主要充当服务的骨干。 通过使用SDN，一个单一的网络现在可以充当虚拟化网络网格的载体，随着服务及其底层网络需求的变化，它会不断发展，增长和变化。 服务可以跨多个虚拟化网络，这些网络可能仍驻留在相同的基础硬件上。 这些虚拟网络是使用软件构建的，可以像创建虚拟网络一样容易地销毁，从而为新网络腾出空间。 理解网络如何交互，TCP / IP堆栈以及能够与传统网络工程师合作是成为跨职能团队的重要技能。

软件开发 (Software Development)

I think and see in systems, more specifically software systems. I came from a traditional systems administration background and mostly learned through trial and error. Think of shell and scripts. Different things plumbed together working in a (somewhat) harmonised manner. Over the years I have had to work with individuals with software engineering backgrounds, I eventually understood and appreciated the discipline for what it is, building those things that need to be plumbed together. It was in-fact, some of my time spent around software development folks that motivated me to start writing code and adapt some of the patterns and practices used in the SE world within Ops and truly understand the paradigms like DevOps and SRE.

我在系统中，尤其是软件系统中思考和看到。 我来自传统的系统管理背景，主要通过反复试验来学习。 想想shell和脚本。 不同的事物以(某种)协调的方式一起工作。 多年来，我不得不与具有软件工程背景的人员一起工作，最终我理解并赞赏该学科的本质，将这些需要结合在一起的东西进行构建。 实际上，我花了一些时间在软件开发人员身上，这些动机促使我开始编写代码，并在Ops中改编SE世界中使用的某些模式和实践，并真正了解DevOps和SRE之类的范例。

I mean, it made complete sense, why would I want to manage systems, OS(es) and application configurations manually. Being an automation enthusiast (virtue of being lazy at times), that is exactly what I wanted to do. Automate everything where possible. My thirst was finally quenched when I finally stumbled upon and started to practise Infrastructure as Code and Configuration as Code workflows and took part in regular sprints on Infrastructure development with cross functional teams to design, develop, deploy, automate and monitor services. Some of these projects have tens of repositories just for Infrastructure as Code and multiple others for system & application configurations and yet others for testing, monitoring tools and analysis. No more hand cranking of environments that require searches in unfinished and stale documentation or reverse engineering environments to understand their need for existence when a contractor or a permanent employee walks off the premises after his last day at the office without any handovers. Embracing and understanding the SDLC allows engineers to not only follow the tried and tested patterns of building software and systems, it also harmonises the flow of delivery between teams promoting collaboration across multiple teams.

我的意思是完全合理的，为什么我要手动管理系统，操作系统和应用程序配置。 作为自动化爱好者(有时会偷懒)，这正是我想要做的。 尽可能使一切自动化。 当我最终偶然发现并开始实践“基础结构即代码”和“配置即代码”工作流时，我的渴望终于得到了解决，并与跨职能团队一起设计，开发，部署，自动化和监视服务的基础设施开发定期冲刺。 其中一些项目有数十个存储库，仅用于“ 基础结构即代码”，而其他多个则用于系统和应用程序配置，还有一些用于测试，监视工具和分析。 当承包商或永久雇员在办公室的最后一天后没有任何移交的情况下离开房屋时，无需手动搜索需要在未完成且过时的文档中进行搜索的环境，也无需进行逆向工程环境来了解其生存需求。 拥护和理解SDLC不仅使工程师能够遵循构建软件和系统的久经考验的模式，而且还协调了团队之间的交付流程，从而促进了多个团队之间的协作。

持续交付与监控 (Continuous Delivery & Monitoring)

One of the main tenets of delivering robust software and web service is allowing development teams to deploy and test their work in a self-service fashion. This is achieved in form of Continuous Integration and Continuous deployment feedback loops allowing teams to iterate over ideas, features and designs quickly and in a repeatable manner.

提供强大的软件和Web服务的主要原则之一是允许开发团队以自助服务方式部署和测试他们的工作。 这可以通过持续集成和持续部署反馈循环的形式来实现，从而使团队可以快速且可重复地遍历想法，功能和设计。

This means building pipelines that deliver software services for different teams. Maybe those pipelines are automated or triggered on demand. The idea is being able to quickly run build, deploy and test cycle round the clock ready to for end users. Understanding the organisational needs for CI / CD and being able to implement them helps SRE’s add incredible value.

这意味着建立为不同团队提供软件服务的管道。 这些管道可能是自动化的，也可能是按需触发的。 这个想法是能够全天候快速运行构建，部署和测试周期 ，以供最终用户使用。 了解CI / CD的组织需求并能够实施它们有助于SRE增添不可思议的价值。

Monitoring modern web applications is no mean feat. In a large scale web service built on microservices architecture, the number of services that make up the whole can be numerous, with each service reporting errors, logs and traffic metrics. However, to be able to measure, learn and optimise an application, metrices and telemetric data must be captured in a centralised location for use by the SRE teams. This is to ensure that you are making the most out of underlying hardware resources, network bandwidths and appropriate application stack while proactively working to curb potential bottlenecks, latency and bandwidth issues on the service. Without a skillset to be able to effectively monitor and analyse data collected through the monitoring tools, teams do not have enough facts to make informed decisions when developing services.

监视现代Web应用程序绝非易事。 在基于微服务架构的大规模Web服务中，组成整体的服务数量可能很多，每个服务都报告错误，日志和流量指标。 但是，为了能够测量，学习和优化应用程序，必须将度量标准和遥测数据捕获在集中的位置，以供SRE团队使用。 这是为了确保您在充分利用潜在的硬件资源，网络带宽和适当的应用程序堆栈的同时，主动减少服务上的潜在瓶颈，延迟和带宽问题。 如果没有一个技能组能够有效地监视和分析通过监视工具收集的数据，那么团队就没有足够的事实来在开发服务时做出明智的决定。

网络安全 (Cyber Security)

Although Cybersecurity is a pretty broad topic, I will keep my focus specifically on Data security. With rising data breaches, being able to identify the potential data security and ex-filteration points within a system is one of the most critical skills. Sure, a security breach that steals a company’s Intellectual property is bad for business but data breaches are also destructive to the end-users wreaking havoc for all in their wake.

尽管网络安全是一个相当广泛的话题，但我将继续专注于数据安全。 随着数据泄露事件的增多 ，能够识别系统中潜在的数据安全性和防爆点是最关键的技能之一。 当然，窃取公司知识产权的安全漏洞对企业不利，但数据泄露也对最终用户造成巨大破坏的最终用户具有破坏性。

Modern applications require a lot of different services to integrate together to deliver a working whole. Security, after the fact is often a bad idea, the damage (sometimes irreversible) is already done in form of reputation destruction and information of customers exposed to criminals. Cyber attacks come in all form and not only originate outside the organisations but from within as well. Disgruntled employees, corporate spies and hacktivists can cause damage once inside a trusted zone. For this reason, embedding security as an important factor of software and system design and delivery is crucial.

现代应用程序需要将许多不同的服务集成在一起以提供一个整体。 安全性通常是一个坏主意，但损害(有时是不可逆的)已经以声誉破坏和暴露于犯罪分子的客户信息的形式发生。 网络攻击有各种形式，不仅发源于组织外部，而且发源于组织内部。 心怀不满的员工，公司间谍和黑客主义者一旦进入受信任的区域，便可能造成损害。 因此，将安全性作为软件，系统设计和交付的重要因素至关重要。

Organisations have teams of cyber security professionals and being able to collaborate and understand the organisational needs for data security, industry regulations, frameworks and standards like HIPAA, GDPR and ISO-27001 help a cross-functional team identify and help mitigate any data and IP security risks by planning and designing systems that can or integrate with third-party systems to proactively thwart future attacks.

组织拥有网络安全专业人员团队，能够协作并了解数据安全，HIPAA，GDPR和ISO-27001等行业法规，框架和标准的组织需求，可帮助跨职能团队识别并缓解任何数据和IP安全性通过规划和设计可以与第三方系统集成或与第三方系统集成以主动阻止未来的攻击的风险。

以客户为中心和交付方式 (Customer focus and delivery mindset)

The main premise of one of my other posts Empathy is the way to AutomatedOps is that as an engineer, you need to make sure that you have empathy with your customers and have a human centric approach to solve problems. DevOps paradigm is based on the constantly evolving seamless integration of people, processes and technology working together to deliver business goals, increase efficiency and minimise costs. SRE principles go one step further which is harder to achieve unless you can relate to the customers you are working with, internally and externally.

我的另一篇文章的主要前提是移情是实现AutomatedOps的方法 是作为工程师，您需要确保对客户有同情心，并以人为本的方法来解决问题。 DevOps范例基于不断发展的人员，流程和技术的无缝集成，这些集成在一起以实现业务目标，提高效率和最小化成本。 SRE原则更进一步，除非您可以与内部和外部的客户联系，否则很难实现。

For example, working with developers, being able to understand their day-to-day work patterns, technology stack they work with, technical challenges around code delivery from pipelines, testing and QA all the way to a production release i.e. In essence understanding the SDLC framework adapted by the team or the organisation.

例如，与开发人员合作，能够理解他们的日常工作模式，与他们合作的技术栈，从管道传递代码，测试和质量保证一直到生产发布的技术挑战，即本质上理解SDLC由团队或组织改编的框架。

In case of working with Product owners and scrum masters, being part of the ceremonies, understanding the needs of the sprint, communication on commitment, estimation and delivery of stories as well as finding priorities based on major milestones is an important skill.

在与产品所有者和Scrum主管合作的情况下，作为仪式的一部分，了解冲刺的需求，就承诺进行沟通，对故事进行估算和交付以及根据主要里程碑找到优先级是一项重要技能。

结论 (Conclusion)

I hope through this post you have gained an insight on how different skillsets make up the paradigms of SRE and DevOps engineering principles, a diverse, challenging yet valuable endeavour and the impacts it has on the delivery of software projects and the modern world.

我希望通过这篇文章，您可以了解不同的技能如何构成SRE和DevOps工程原理的范式，多样化，具有挑战性但有价值的努力及其对软件项目和现代世界的影响。