Deployments: The Irrational Fear of Them

The anxiety of deployments is real. Let's take a stab at understanding the human emotions related to deployment and learn best practices to minimize the fear. A recent outage involving CrowdStrike impacted 8.5 million Windows operating systems, leading to disruptions in various global services, including airlines and hospitals. Multiple analyses have examined the root cause of this incident itself. However, as a software engineer, I think we are missing the aspect of human emotions related to deployments, specifically the fear of breaking production. That’s what we will try to dive into in this article. We will cover: Understanding the function of release engineering. What software engineers care about and what they don’t. Impact of continuous delivery (CD). A look at manual deployments. Problems with manual deployment and the solution to these problems. Release Engineering Before delving into the fear of deployments from a software engineer’s perspective, let’s first understand the role of a release engineer. Release engineering has evolved considerably in recent years, thanks to the modern CI and CD tools and the standardization of Kubernetes. Despite these advancements, the primary responsibilities remain the same: Consistent and repeatable deployments: Standardizing release processes, reduces the risk of bad deployments to production. Reducing service disruptions: Standardized processes also ensure teams are equipped to tackle harmful production environment incidents—for example, a rollback strategy for scenarios where a release causes problems. Monitor and Optimize Performance: Look for performance improvements for faster and more reliable deployments. Collaborate with engineering: Work closely with developers, QA, and DevOps teams to ensure all new and existing services have a well-defined deployment process. What Software Engineers Care About Unlike the release engineers, as a software engineer working in the product team we may only care about certain aspects of deployments: Quick code merges: Merging quickly allows them to validate their work and move on to new tasks or unblock dependent tasks. Production incidents: Although engineers may not care about all production incidents, they definitely care about their code changes causing any production outages. Deployment schedule: Engineers also like to track when their changes go live or have gone live so that they can have access to real-time feedback on their changes. What Software Engineers Don’t Care About Although there are things we care about, there are also those we don’t: Deployment methodology: Although we know the need for an efficient and reliable deployment process, they don’t care how it is performed. Effect of other changes: Unless things go wrong, we don’t worry about unrelated changes from other developers. Deployment management: An engineer is indifferent to who manages deployment in a software team. For instance, we would only care about managing deployment if tasked with doing so. Impact of Continuous Deployments (CD) So what does the fear have to do with Continuous deployments? A lot. Studies have proven [several benefits](https://dora.dev/capabilities/continuous-delivery/#:~:text=DevOps%20Research%20and%20Assessment%20(DORA,as%20higher%20levels%20of%20availability) of Continuous Deployment (CD), and unsurprisingly, many of which are psychological in nature. Continuous deployments remove “human-in-the-loop”, therefore, it requires a strong trust in the test infrastructure. In other words, automated tests not only ensure the reliability of production but also provide psychological safety, sometimes irrationally, reducing the fear of deployments. As a developer, I’m more comfortable making changes in a CD process vs if I’m asked to verify the changes manually. However, despite the popularity of these CD strategies, a lot of companies still trigger deployments manually (have a human-in-the-loop), indicating a cautious approach to CD implementations. This behavior suggests that teams prefer to retain supervision of the release process and intervene where necessary. This is important to understand from a psychological safety perspective. Manual deployments imply that someone is overseeing the process and handling issues when things go wrong. While this provides a sense of security, it can also induce fear in the person deploying and is prone to human error. Manual Deployments Despite the drawbacks, most teams manage deployments manually. A typical manual deployment may include a few steps: Supervision Someone babysits the entire deployment process before a release goes out. This person is tasked with intervening when and if there are signs of trouble. Teams maintain an on-call person who manages their deployments and handles problems when they arise. Dedicated Release Teams Some teams have a dedicated release engineering team, which ensures releases go smoothly. Since this means a high degree of specialization, the deployment process could be more efficient and reliable. Spreadsheets Some companies maintain a spreadsheet to validate any changes made. This allows companies to systematically review and approve these changes, ensuring they meet predefined quality standards. Manual QA In addition to spreadsheets, manual QA is another layer companies add. Manual QA tests new releases in staging environments before deploying them to production. However, a testing environment isn’t foolproof, so some real-life scenarios won’t be accounted for. Where Do Things Go Wrong With Manual Deployments? Many things can go wrong for any software development team relying solely on manual deployments: Dependence on a Small Group This can create bottlenecks, which lead to release delays and human error in some instances. Also, a team could have problems when this specific person leaves or can’t deliver on the required tasks. No Risk-Mitigation Strategy There is no strategy for following through in an unfavorable production incident. When an incident happens, the release team has to grapple to find the relevant stakeholders to help resolve and make decisions. Prone to Human Error Typographical errors in commands or scripts, or forgot to run the pre-deployment or post-deployment steps. High effort Since the deployments require babysitting the process, it becomes a time-consuming effort. Also causing the frequency of deployments to drop significantly. For instance, if it requires an hour to monitor the entire deployment, the release team may decide to skip deployments on the days with minor changes to save that time. Communication Breakdown It’s unclear from product teams the state of the releases and when their changes are getting into production. Looking at these challenges, it’s easy to understand why engineers dread deployments. The risk of deployment failures, the high stakes, and the pressure to keep downtime low also contribute to this fear. These failures can be minimized by increasing test automation. Still, since these tests are carried out in a test environment, you should not expect an automated test to catch every possible error. Failures are to be expected but at a reduced rate. What Can We Do About It? Simply set up Continuous Deployments? Easier said than done. Despite the drawbacks, manual deployments are still okay if managed well. The goals should be: provide guardrails to avoid production incidents reduce human errors enable anyone to trigger deploys ensure deployments happen frequently Guardrails – Canary and Rollbacks Canary and Rollback strategies can help reduce the impact of an outage and in many cases avert the crisis automatically. A canary release exposes your new release to a small portion of production environment traffic. This gives teams insight into issues that might not have come up during testing. On the other hand, a rollback strategy helps engineers revert a release to its previous stable version state. It is done when new problems arise after deployments to the production environment. Reduce Human Errors – Standardization Define standard deployment methodologies that result in efficiency, consistency, reliability, and high software quality. In their state of DevOps report, DORA shows that reliability predicts better operational performance. Furthermore, having a standardized process allows repeatability in release processes, which can be automated. Automating this process helps a team keep production costs lower. Democratize Deployment Process Democratizing the deployment process removes the reliance on specific individuals. If we empower any software engineer to deploy, it slowly reduces the fear. “If “anyone can deploy, it should not be too hard.” Share your legos! Frequent Deployments To reduce deployment anxiety, we need to deploy more frequently, not less. The DORA report also highlights that smaller batch deployments are less likely to cause issues and help lower the psychological barrier for developers. Improve Developer Experience Clarifying what is being deployed enhances the developer experience. Make it easy for developers to know when deployments occur and what changes are included. This transparency helps developers track when their changes go live and simplifies incident investigations. Defined Risk-Mitigation Strategies There should be defined steps to follow for rollbacks and hotfixes, as this helps eliminate any indecision with production incidents. For instance, there should be separate build and deploy steps for teams to follow for easy rollbacks. Similarly, standardizing how to deal with hotfixes and cherry-picks can make it simple to operate when the stakes are high. Feature Flags Feature flags are like kill-switches that can turn off a new feature that caused an incident in production. This can enable engineers to resolve production incidents quickly. Conclusion Software teams must treat release engineering as a priority from the outset of product development to avoid costly mistakes. And we should not let incidents like the Crowdstrike outage cripple our development practices. Addressing the fear of deployment and preventing production incidents involves several key strategies: Invest in the standardization of deployment processes. Set up well-defined risk-mitigating strategies, such as canary releases, strategic rollouts, rollbacks, and hotfixes. Simplify the developer experience by democratizing deployments, and encourage everyone to participate. At Aviator, we are building developer productivity tools from first principles to empower developers to build faster and better. For a modern way to manage deployments, check out Aviator Releases. The anxiety of deployments is real. Let's take a stab at understanding the human emotions related to deployment and learn best practices to minimize the fear. The anxiety of deployments is real. Let's take a stab at understanding the human emotions related to deployment and learn best practices to minimize the fear. A recent outage involving CrowdStrike impacted 8.5 million Windows operating systems, leading to disruptions in various global services, including airlines and hospitals. Multiple analyses have examined the root cause of this incident itself. recent outage However, as a software engineer, I think we are missing the aspect of human emotions related to deployments, specifically the fear of breaking production. That’s what we will try to dive into in this article. We will cover: Understanding the function of release engineering. What software engineers care about and what they don’t. Impact of continuous delivery (CD). A look at manual deployments. Problems with manual deployment and the solution to these problems. Understanding the function of release engineering. What software engineers care about and what they don’t. Impact of continuous delivery (CD). A look at manual deployments. Problems with manual deployment and the solution to these problems. Release Engineering Release Engineering Before delving into the fear of deployments from a software engineer’s perspective, let’s first understand the role of a release engineer. Release engineering has evolved considerably in recent years, thanks to the modern CI and CD tools and the standardization of Kubernetes. Despite these advancements, the primary responsibilities remain the same: Consistent and repeatable deployments: Standardizing release processes, reduces the risk of bad deployments to production. Consistent and repeatable deployments: Standardizing release processes, reduces the risk of bad deployments to production. Consistent and repeatable deployments: Reducing service disruptions: Standardized processes also ensure teams are equipped to tackle harmful production environment incidents—for example, a rollback strategy for scenarios where a release causes problems. Reducing service disruptions : Standardized processes also ensure teams are equipped to tackle harmful production environment incidents—for example, a rollback strategy for scenarios where a release causes problems. Reducing service disruptions Monitor and Optimize Performance: Look for performance improvements for faster and more reliable deployments. Monitor and Optimize Performance: Look for performance improvements for faster and more reliable deployments. Monitor and Optimize Performance: Collaborate with engineering: Work closely with developers, QA, and DevOps teams to ensure all new and existing services have a well-defined deployment process. Collaborate with engineering: Work closely with developers, QA, and DevOps teams to ensure all new and existing services have a well-defined deployment process. Collaborate with engineering: What Software Engineers Care About What Software Engineers Care About Unlike the release engineers, as a software engineer working in the product team we may only care about certain aspects of deployments: Quick code merges: Merging quickly allows them to validate their work and move on to new tasks or unblock dependent tasks. Quick code merges: Merging quickly allows them to validate their work and move on to new tasks or unblock dependent tasks. Quick code merges: Production incidents: Although engineers may not care about all production incidents, they definitely care about their code changes causing any production outages. Production incidents : Although engineers may not care about all production incidents, they definitely care about their code changes causing any production outages. Production incidents Deployment schedule: Engineers also like to track when their changes go live or have gone live so that they can have access to real-time feedback on their changes. Deployment schedule : Engineers also like to track when their changes go live or have gone live so that they can have access to real-time feedback on their changes. Deployment schedule What Software Engineers Don’t Care About What Software Engineers Don’t Care About Although there are things we care about, there are also those we don’t: Deployment methodology: Although we know the need for an efficient and reliable deployment process, they don’t care how it is performed. Deployment methodology : Although we know the need for an efficient and reliable deployment process, they don’t care how it is performed. Deployment methodology Effect of other changes: Unless things go wrong, we don’t worry about unrelated changes from other developers. Effect of other changes : Unless things go wrong, we don’t worry about unrelated changes from other developers. Effect of other changes Deployment management: An engineer is indifferent to who manages deployment in a software team. For instance, we would only care about managing deployment if tasked with doing so. Deployment management : An engineer is indifferent to who manages deployment in a software team. For instance, we would only care about managing deployment if tasked with doing so. Deployment management Impact of Continuous Deployments (CD) Impact of Continuous Deployments (CD) So what does the fear have to do with Continuous deployments? So what does the fear have to do with Continuous deployments? So what does the fear have to do with Continuous deployments? A lot. A lot. Studies have proven [several benefits](https://dora.dev/capabilities/continuous-delivery/#:~:text=DevOps%20Research%20and%20Assessment%20(DORA,as%20higher%20levels%20of%20availability) of Continuous Deployment (CD), and unsurprisingly, many of which are psychological in nature. Continuous deployments remove “human-in-the-loop”, therefore, it requires a strong trust in the test infrastructure. psychological In other words, automated tests not only ensure the reliability of production but also provide psychological safety , sometimes irrationally, reducing the fear of deployments. As a developer, I’m more comfortable making changes in a CD process vs if I’m asked to verify the changes manually. psychological safety However, despite the popularity of these CD strategies, a lot of companies still trigger deployments manually (have a human-in-the-loop), indicating a cautious approach to CD implementations. This behavior suggests that teams prefer to retain supervision of the release process and intervene where necessary. This is important to understand from a psychological safety perspective. Manual deployments imply that someone is overseeing the process and handling issues when things go wrong. While this provides a sense of security, it can also induce fear in the person deploying and is prone to human error. Manual Deployments Manual Deployments Despite the drawbacks, most teams manage deployments manually. A typical manual deployment may include a few steps: Supervision Supervision Someone babysits the entire deployment process before a release goes out. This person is tasked with intervening when and if there are signs of trouble. Teams maintain an on-call person who manages their deployments and handles problems when they arise. Dedicated Release Teams Dedicated Release Teams Some teams have a dedicated release engineering team, which ensures releases go smoothly. Since this means a high degree of specialization, the deployment process could be more efficient and reliable. Spreadsheets Spreadsheets Some companies maintain a spreadsheet to validate any changes made. This allows companies to systematically review and approve these changes, ensuring they meet predefined quality standards. Manual QA Manual QA In addition to spreadsheets, manual QA is another layer companies add. Manual QA tests new releases in staging environments before deploying them to production. However, a testing environment isn’t foolproof, so some real-life scenarios won’t be accounted for. Where Do Things Go Wrong With Manual Deployments? Many things can go wrong for any software development team relying solely on manual deployments: Dependence on a Small Group Dependence on a Small Group This can create bottlenecks, which lead to release delays and human error in some instances. Also, a team could have problems when this specific person leaves or can’t deliver on the required tasks. No Risk-Mitigation Strategy No Risk-Mitigation Strategy There is no strategy for following through in an unfavorable production incident. When an incident happens, the release team has to grapple to find the relevant stakeholders to help resolve and make decisions. Prone to Human Error Prone to Human Error Typographical errors in commands or scripts, or forgot to run the pre-deployment or post-deployment steps. High effort High effort Since the deployments require babysitting the process, it becomes a time-consuming effort. Also causing the frequency of deployments to drop significantly. For instance, if it requires an hour to monitor the entire deployment, the release team may decide to skip deployments on the days with minor changes to save that time. Communication Breakdown Communication Breakdown It’s unclear from product teams the state of the releases and when their changes are getting into production. Looking at these challenges, it’s easy to understand why engineers dread deployments. The risk of deployment failures, the high stakes, and the pressure to keep downtime low also contribute to this fear. These failures can be minimized by increasing test automation. Still, since these tests are carried out in a test environment, you should not expect an automated test to catch every possible error. Failures are to be expected but at a reduced rate. What Can We Do About It? Simply set up Continuous Deployments? Easier said than done. Despite the drawbacks, manual deployments are still okay if managed well. The goals should be: provide guardrails to avoid production incidents reduce human errors enable anyone to trigger deploys ensure deployments happen frequently provide guardrails to avoid production incidents reduce human errors enable anyone to trigger deploys ensure deployments happen frequently Guardrails – Canary and Rollbacks Guardrails – Canary and Rollbacks Canary and Rollback strategies can help reduce the impact of an outage and in many cases avert the crisis automatically. A canary release exposes your new release to a small portion of production environment traffic. This gives teams insight into issues that might not have come up during testing. On the other hand, a rollback strategy helps engineers revert a release to its previous stable version state. It is done when new problems arise after deployments to the production environment. Reduce Human Errors – Standardization Reduce Human Errors – Standardization Define standard deployment methodologies that result in efficiency, consistency, reliability, and high software quality. In their state of DevOps report , DORA shows that reliability predicts better operational performance. Furthermore, having a standardized process allows repeatability in release processes, which can be automated. Automating this process helps a team keep production costs lower. state of DevOps report DORA Democratize Deployment Process Democratize Deployment Process Democratizing the deployment process removes the reliance on specific individuals. If we empower any software engineer to deploy, it slowly reduces the fear. “If “anyone can deploy, it should not be too hard.” Share your legos! Frequent Deployments Frequent Deployments To reduce deployment anxiety, we need to deploy more frequently, not less. The DORA report also highlights that smaller batch deployments are less likely to cause issues and help lower the psychological barrier for developers. Improve Developer Experience Improve Developer Experience Clarifying what is being deployed enhances the developer experience. Make it easy for developers to know when deployments occur and what changes are included. This transparency helps developers track when their changes go live and simplifies incident investigations. Defined Risk-Mitigation Strategies Defined Risk-Mitigation Strategies There should be defined steps to follow for rollbacks and hotfixes, as this helps eliminate any indecision with production incidents. For instance, there should be separate build and deploy steps for teams to follow for easy rollbacks. Similarly, standardizing how to deal with hotfixes and cherry-picks can make it simple to operate when the stakes are high. Feature Flags Feature Flags Feature flags are like kill-switches that can turn off a new feature that caused an incident in production. This can enable engineers to resolve production incidents quickly. Conclusion Conclusion Software teams must treat release engineering as a priority from the outset of product development to avoid costly mistakes. And we should not let incidents like the Crowdstrike outage cripple our development practices. Addressing the fear of deployment and preventing production incidents involves several key strategies: Invest in the standardization of deployment processes. Set up well-defined risk-mitigating strategies, such as canary releases, strategic rollouts, rollbacks, and hotfixes. Simplify the developer experience by democratizing deployments, and encourage everyone to participate. Invest in the standardization of deployment processes. Set up well-defined risk-mitigating strategies, such as canary releases, strategic rollouts, rollbacks, and hotfixes. Simplify the developer experience by democratizing deployments, and encourage everyone to participate. At Aviator, we are building developer productivity tools from first principles to empower developers to build faster and better. For a modern way to manage deployments, check out Aviator Releases . Aviator Releases