While DevOps needs particular champions, excellence can be achieved only if the entire organization is on board.[1]

—DevOps Institute

DevOps Practice Domains

Note: This is the third article in the SAFe DevOps series. It introduces the technical skills and tools that power the Continuous Delivery Pipeline. The next two articles can be accessed from the following links:  A CALMR Approach to DevOps and DevOps home page.

Enabling continuous flow through the end-to-end value stream in today’s enterprises can be complex. Practitioners across multiple teams and functions must collaborate effectively. Quality and security must be built in at every step. Solutions must be architected for rapid change. Governance and compliance controls must be streamlined and automated. A slew of metrics must be managed from all layers of the solutions stack. And the right automation must be in place to enable lightning-fast flow and on-demand processing.

Managing all this complexity, let alone optimizing it for continuous flow, requires specialized knowledge from everyone in the value stream who influences product delivery. Succeeding with DevOps requires applying knowledge at the right time, by the right people, and with the right tools.

SAFe categorizes this knowledge into DevOps practice domains, which comprise the inner rings of Figure 1 and together enable the Continuous Delivery Pipeline. Each contains a set of specific practices and tools that perform critical DevOps functions in the value stream. CALMR, at the center of figure 1, is not a practice domain; instead, it is the mindset that guides DevOps behavior and decision-making throughout the entire value stream. For details, please see the CALMR article.

Figure 1. DevOps practice domains enable the CDP
Figure 1. DevOps practice domains enable the CDP

Some domains, such as Continuous Quality and Continuous Security, span the entire CDP. This breadth indicates that there is always work in those areas. Others, such as Deployment Pipeline and Infrastructure Management, apply to smaller segments of the CDP. Work in those domains enables a subset of activities in the value stream. At any given time, knowledge from multiple disciplines is combined with supporting the current activity in the continuous delivery pipeline, as explained in the next section.

The outer ring of practice domains, composed of Agile Planning and Design, Deployment Pipeline, and Continuous Monitoring, represents a solution’s path through the system. It is where cross-functional DevOps practices converge with the evolving solution and is the ‘conveyor belt’ that moves the solution through its delivery life cycle.


DevOps implies close collaboration across team and department boundaries, as illustrated in Figure 2. Skills across domains are combined to produce specific outcomes in the CDP. For example, ensuring features are developed to foster continuous delivery. ARTs must apply knowledge from six domains (in this case, Deployment Pipeline, Configuration Management, Version Control, Continuous Security, Continuous Quality, and Value Stream Management) to develop solutions with speed, quality, security, version control, and more.

Figure 2. The CDP pulls DevOps practices in from across domains
Figure 2. The CDP pulls DevOps practices in from across domains

Using this model, it is clear where knowledge must ‘shift left’ and which individuals may need to collaborate at each delivery stage.

McKinsey states, “Transformation success requires thoughtful mastery of multiple domains and coordination of many moving parts.” [2] This DevOps model guides the management of this complexity to achieve transformation success. The result is a continuous delivery pipeline driven by a cross-functional DevOps culture that can deliver valuable digital solutions on demand.

Achieving that result begins with an understanding of the technical practices that power this new way of building. Following is an introduction to each DevOps practice domain and the specific technical practices and tools it encompasses.

Value Stream Management

Value stream management (VSM) is a business practice that focuses on increasing the flow of business value from customer request to customer delivery [3]. VSM provides lightweight, end-to-end governance of the continuous delivery pipeline and optimizes it for maximum value delivery instead of complete adherence to fixed delivery plans.

VSM includes specific practices such as mapping value streams, analyzing flow efficiency through the end-to-end delivery pipeline, and setting delivery speed, quality, and value targets. VSM also involves specialized software platforms that integrate with other tools throughout the pipeline to collect and surface real-time data about the health of the value stream.

Continuous Quality

DevOps practices that ensure high solution quality do not simply shift left; they extend to all activities in the value stream. Continuous Quality is a domain that ensures that quality is built in early in the pipeline and continually managed throughout a solution’s life cycle.

Continuous Quality includes specific practices like hypothesis-driven development, behavior-driven development (BDD), test-driven development (TDD), A/B testing, and exploratory testing. Automation enhances the speed and accuracy of testing throughout the value stream.

Continuous Security

Like quality, security is everyone’s responsibility. This domain spans the entire continuous delivery pipeline and ensures reasonably good information security practices—preventive and detective—are always active throughout the solution’s lifecycle.

Continuous Security emphasizes practices such as security by design, threat modeling, security-as-code, and automation in vulnerability scanning, penetration testing, and intrusion detection.

Version Control

DevOps requires all solution assets to be under version control to achieve quantum leaps in pipeline acceleration and quality control. Application code; server, network, and firewall configurations; database scripts; even requirements and test scripts need to be stored in a common repository to ensure ARTs can build solutions and environments and deploy, repair, and decommission them on demand.

Version Control stresses minimizing the amount and duration of open branches and ensuring that the code base always remains in a deployable state. Automation in this category is directed toward optimizing branching and merging strategies, facilitating distributed version control, and managing file types of all kinds.

Configuration Management

Configuration management systems have two main components: version control and task/issue management. Version control software keeps configurations in its repository. They often include application, database, infrastructure, and security configurations. Since these configurations collectively represent all design time and runtime aspects of a solution, they need careful management.

The related practices in this domain are expressed ‘as code’—infrastructure-as-code, security-as-code, and compliance-as-code, for instance. The Configuration Management practice domain represents an ‘everything as code’ approach to defining solutions, their runtime environments, and the systems that pull them through the continuous delivery pipeline.

Infrastructure Management

Infrastructure Management is a domain that focuses on the maintenance of production systems, many of which may be defined as code. Whereas configuration management is a set of design-time practices, infrastructure management is a set of runtime practices.

This domain is primarily concerned with ensuring the stability and resiliency of deployed solutions so that the business can realize the maximum value. Critical technical practices include chaos engineering, selective releases, and site reliability engineering (SRE). Automation is applied to enable immutable infrastructure, release on demand, rapid recovery, and auto-scaling.

Agile Planning and Design

DevOps begins well before development work starts. This approach ensures that the inputs to development, such as desired business outcomes, solution scope, architecture, and design, are performed in a way that fosters continuous delivery.

The Agile Planning and Design domain assures that ARTs follow a CALMR approach to DevOps from the onset of the delivery life cycle. This domain includes practices such as Lean UX, Agile architecture, backlog management, and emergent design. Tools focus primarily on streamlining Agile practices, making work visible, and accelerating the productivity of individuals and teams.

Deployment Pipeline

Arguably the most popular area of concentration in DevOps is the ‘CI/CD pipeline.’ This segment of the value stream begins with code committed to version control and ends with that code being successfully deployed in production. Because the goal is to deploy finished code to production as quickly and safely as possible, SAFe’s term for this subset of the value stream is the deployment pipeline.

Ultimately, the entire deployment pipeline should be automated from end to end using a carefully selected toolchain. Doing so accelerates builds, integration, testing, break-fix, and deployment cycles. Often the only manual activities in a mature deployment pipeline are peer reviews and responding to system-generated pipeline events and notifications.

Continuous Monitoring

Continuous Monitoring involves capturing, logging, surfacing, and analyzing production events. These events describe both system behavior and end-user behavior and directly support the measurement and recovery aspects of CALMR.

This domain calls for significant harmony between the monitoring systems and those who interpret and act on the results. This set of practices is tailored to measure and maintain business value with high precision through full-stack telemetry, observability, proactive issue detection, visualization, AIOps, and analytics.

Agile Product Management

DevOps enables a continuous learning loop, which drives rapid innovation. Agile Product Management defines what needs to be learned and ensures what was learned is captured and quantifiable.

Through customer centricity, hypothesis-driven development, design thinking, Lean Startup, and market research practices, this domain ensures that the continuous delivery pipeline is always calibrated to deliver specific, measurable business outcomes. Moreover, it ensures that the enterprise collects validated learning from every release and directs those learnings toward relentless improvement.

For more detail, please see the Product Management article.

Value Metrics

The ultimate goal of DevOps is to enable enterprises to deliver continuous value to their customers. The Value Metrics domain provides a method for defining and measuring value from the customer’s perspective.

Value metrics are precisely tuned to how customers derive value from deployed solutions. Outcome-oriented measurements provide objective evidence that solutions are (or are not) performing well in the market. This domain contains techniques such as innovation accounting, objectives and key results (OKRs), key performance indicators (KPIs), and service level agreements (SLAs). These measures forecast desired outcomes while evaluating actual outcomes determines a solution’s true value to the business.

More in the DevOps Series

Article 1: DevOps Main Page

Article 2: A CALMR Approach to DevOps

Article 3: SAFe’s DevOps Practice Domains (this page)

Learn More

[1] Upskilling: Enterprise DevOps Skills Report 2019. https://devopsinstitute.com/wp-content/uploads/2019/03/UpskillingReport-Final.pdf

[2] Agile’s Next Level: ABM AMRO’s Hybrid Cloud-DevSecOps Transformation. https://www.mckinsey.com/business-functions/mckinsey-digital/our-insights/agiles-next-level-abn-amros-hybrid-cloud-devsecops-transformation#

[3] The Rise of Value Stream Management (VSM). https://www.linkedin.com/pulse/rise-value-stream-management-vsm-mik-kersten/

Last update: 4 January 2023