DevOps: An explorative case study on the challenges and opportunities in implementing Infrastructure as code

Basher, Mohamed

January 2019

Over the last few years, DevOps has gained much attention in the IT development field. It is a new way of thinking of how developers and operators work, which aim to integrate the development, testing, and operation work efficiently. DevOps breaks down communication silos, improve collaboration and productivity by automating infrastructure deployment, workflows, continuously improving the integration and delivery process, and measuring the application performance indicators. Automation is crucial in DevOps, and a key aspect of automation is “Infrastructure as code (IaC)”. IaC allows companies to manage and maintain their infrastructure resources such as virtual machines, load balancers, firewalls, and network devices programmatically in codes instead of manual processes and procedures. As a result, companies will be able to provision and deploy these infrastructure resources consistently, increase the rate of software delivery and improve the time to market, which in turns lead to a substantial competitive advantage. Previous research call for an examination of the gained opportunities and the challenges that can be faced in implementing IaC. Understanding these challenges and opportunities and their implications allow the companies to know why IaC can be interesting for them? And what and how changes should be done to adopt IaC. This paper presents a qualitative study that aims to illustrate the opportunities and challenges in implementing Infrastructure as a code. This paper will also present how infrastructure used to be managed in physical datacenter and cloud systems, and how agile, DevOps and IaC affect the infrastructure management. Our findings show considerable benefits in adopting IaC, and some challenges might be encountered when implementing IaC. Furthermore, the study acknowledges the role of agile, cloud systems, and DevOps in facilitating the implementation of Infrastructure as a code. Keywords: DevOps, Infrastructure as a code, Automation, Infrastructure resources, agile, cloud systems / <p></p><p></p><p></p>

DevOps

Infrastructure as a code

Automation

Infrastructure resources

agile

cloud systems

Information Systems, Social aspects

FreeTest 2.0: uma evolução do método FreeTest para a melhoria no processo de teste de software em micro e pequenas empresas

Louzada, Jailton Alkimin

11 August 2017

Submitted by Franciele Moreira (francielemoreyra@gmail.com) on 2017-09-11T13:42:06Z No. of bitstreams: 2 Dissertação - Jailton Alkimin Louzada - 2017.pdf: 5226619 bytes, checksum: bb291ad68acd8cf80fcb2c6c2392c596 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) / Approved for entry into archive by Luciana Ferreira (lucgeral@gmail.com) on 2017-09-15T15:43:54Z (GMT) No. of bitstreams: 2 Dissertação - Jailton Alkimin Louzada - 2017.pdf: 5226619 bytes, checksum: bb291ad68acd8cf80fcb2c6c2392c596 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) / Made available in DSpace on 2017-09-15T15:43:54Z (GMT). No. of bitstreams: 2 Dissertação - Jailton Alkimin Louzada - 2017.pdf: 5226619 bytes, checksum: bb291ad68acd8cf80fcb2c6c2392c596 (MD5) license_rdf: 0 bytes, checksum: d41d8cd98f00b204e9800998ecf8427e (MD5) Previous issue date: 2017-08-11 / The Information Technology (I.T) market is growing. In the age of information, world economies have been investing more and more in the services market. Within this competitive scenario, software testing is an important component for raising the quality of software developed in Brazil and in the global competitiveness cenario. However, Small and medium-sized enterprises (SMEs) have limited resources for investments in software testing maturity processes, tools and models in their business. Faced with this, this work has as main proposal to produce an apparatus to improve the process of software testing for SMEs. Objective: As the main objectives, this study proposed a more update version of the FreeTest 1.0 process, as well as practical instructions on how to implement the activities suggested in the process, all this formatted in a new process and a wizard respectively. Methodology: In order to fulfill the objectives of this work, the FreeTest 2.0 process was created as an improvement of the FreeTest Method process, focused mainly on Agile techniques, DevOps and aligned with the SMEs ecosystem. And the FreeTest Wizard, which consists of a deployment guide that supports the implementation of the process in a didactic, dynamic and flexible way. Another contribution of this work was the creation of support tools to disseminate this knowledge and content management, in this case the creation of a web platform, distributed free of charge and in the format "as a Service". Finally, the results and conclusions can be seen in the final chapter of this work. / O mercado de Tecnologia da Informação (T.I.) é crescente. Na era da informação, as economias mundiais investem cada vez mais no mercado de Serviços. Dentro deste cenário competitivo, o teste de software é um importante componente para elevação da qualidade do software desenvolvido no Brasil e sua competitividade mundial. Contudo, as Micro e Pequenas Empresas (MPEs) possuem recursos limitados para investimentos em processos, ferramentas e modelos de maturidade de teste de software em seus negócios. Diante disto, este trabalho tem como proposta principal produzir um aparato para melhoria do processo de teste de software para MPEs. Objetivo: Como objetivos principais, este estudo propôs uma versão mais atualizada do processo FreeTest 1.0, bem como instruções práticas de como implantar as atividades sugeridas no processo, tudo isso formatado em um novo processo e um guia de implantação, respectivamente. Metodologia: Com o propósito de cumprir os objetivos almejados neste trabalho foram criados: 1) o processo FreeTest 2.0 como uma melhoria do processo do FreeTest 1.0, focado principalmente em técnicas Ágeis, DevOps e alinhado ao ecossistema das MPEs; e 2) o FreeTest Wizard, que consiste em um guia de implantação que apoia a implantação do processo de forma didática, dinâmica e flexível. Outra contribuição deste trabalho foi a criação de ferramentas de apoio para disseminação deste conhecimento e gestão dos conteúdos, neste caso, a criação de uma plataforma web distribuída de forma gratuita e no formato "as a Service". Por fim, os resultados e conclusões serão vistos no capítulo final deste trabalho.

Processo de teste de software

DevOps

Métodos ágeis

MPT.Br

Software testing process

Agile methods

Cloud Based System Integration : System Integration between Salesforce.com and Web-based ERP System using Apache Camel / Molnbaserad systemintegration : Systemintegration mellan Salesforce.com och ett webb-baserat ERPsystem med Apache Camel

Söder, Mikael, Johansson, Henrik

January 2017

In an era of technological growth, cloud computing is one of the hottest topics on the market. This, along with the overall increased use of digital systems, requires solid integration options to be developed. Redpill Linpro recognizes this and has developed a cloud-based Integration Platform as a Service (IPaaS) solution called Connectivity Engine. New techniques like this can however seem very abstract to a customer, something which a demo application could help substantiate. To aid in this issue we have developed a web-based Enterprise Resource Planning (ERP) system as well as an Integration Application to connect the ERP system with Salesforce.com in a bidirectional integration. With the use of Connectivity Engine this can be hosted in the cloud and be easily accessible. The project has been a success for Redpill Linpro as well as the authors. A solid way to demonstrate the abilities of Connectivity Engine has been developed along with descriptive documentation for any sales representative assigned to pitch the platform.

Apache

Camel

Spring Framework

Spring Boot

Integration

DevOps

OpenShift

Open Source

Salesforce

API

JSON

REST

Java

Computer Sciences

Datavetenskap (datalogi)

Applikationsövervakning : Dess möjliga bidrag till en verksamhet

Dellestrand, August, Lundin, Tobias

January 2015

Applikationsövervakning är en term för att i realtid övervaka applikationer och kunna upptäcka fel innan slutanvändaren märker av ett problem. Med övervakning av applikationer menas inte bara den enskilda programvaran utan allt som rör applikationen i fråga. Trafikverkets önskemål är att leverera en hög kvalité i sina applikationer. I nuläget har utvecklare ingen eller dålig insyn i hur en applikation levererar i en skarp miljö efter att de lämnat över ansvaret till drift. För att kunna hålla en bra kvalité i sina applikationer så vill de undersöka hur applikationsövervakning kan hjälpa till att se behov av ändringar i applikationer innan större problem uppstår. I en fallstudie bestående av intervjuer och dokumentstudier kommer genom användning av situationsbaserad FA/SIMM nuvarande arbetssätt fångas. Samt fånga mål och problem som uttrycks i verksamheten kring utveckling &amp; förvaltning och drift av applikationer. Dessa kommer sedan analyseras för att undersöka på vilket sätt applikationsövervakning skulle hjälpa utvecklare &amp; förvaltare, men även driftspersonal i deras arbete. Resultatet av detta visar att de problem och mål som tas upp dels är organisatoriska i sin natur och arbetssättet DevOps framhålls som en möjlig lösning. Även att applikationsövervakning de facto skulle kunna bidra till en ökad kvalité i applikationerna genom att tillföra en möjlighet att arbeta mer proaktivt. / Application monitoring is a term for real-time monitoring of applications to be able to discover faults before they reach the end-user. Application monitoring does not only mean the individual software but also everything surrounding it, which can have an impact on the application. Trafikverket wishes to deliver high quality in their applications. At present the developers have no or little insight in how an application delivers in a live environment after they handed over the responsibility to the operations. In order to maintain a good quality of their applications they want to explore how application monitoring may help to see changes in the needs of applications before major problems occur. In a case study consisting of interviews and document studies and through situation based FA/SIMM present ways of working will be produced. It will also identify wishes/concerns expressed by the developers and operations departments in the managing of existent applications. These will then be analyzed to examine in which way application monitoring would help developers, but also operations, in their work. The result shows that the problems which are brought forward are in a sense organizational of nature and that DevOps is a possible way for solution. But also that application monitoring could contribute to the delivery of high quality in applications in a proactive manor.

application monitoring

proactive

real time monitoring

DevOps

Application performance monitoring.

Applikationsövervakning

proaktivt

applikationsmonitorering

Information Systems

De fyra Hörnstenarna : En fallstudie om kontinuerliga leveranser av mjukvara i agil systemutveckling

Lundsten, David, Timander, Alexander

January 2018

When the traditional approach to system development transitioned over to agile methods the demand for ways to continuously deliver valuable software increased. With the increasing interest in these methods the umbrella term DevOps were introduced in 2008. DevOps is the practice to shorten the time, as well as streamlining the process, between changes in the source code and when it reaches the customer. This study aimed at investigating the process of adopting DevOps practices and identify success factors and challenges in this transition. We conducted a quality approached case study on a DevOps team in a multinational IT-consulting firm. Four explorative interviews were conducted based on categories identified in relevant literature as well as basis provided by the case company. We discovered that an implementation of continuous practices is far more complex than we initially thought. It is related to more fields outside the technical aspect that must be considered during a transition.  Our findings include four critical success factors for a successful DevOps implementation; conscious staff, conscious organization, functional infrastructure and adapted business model. Embedded in these critical success factors we were able to identify challenging fields that should be considered when adopting DevOps. These critical success factors and challenges was the basis for our model presented in the study.

Agila systemutvecklingsmetoder

Information Systems, Social aspects

Using DevOps principles to continuously monitor RDF data quality

Meissner, Roy, Junghanns, Kurt

01 August 2017

One approach to continuously achieve a certain data quality level is to use an integration pipeline that continuously checks and monitors the quality of a data set according to defined metrics. This approach is inspired by Continuous Integration pipelines, that have been introduced in the area of software development and DevOps to perform continuous source code checks. By investigating in possible tools to use and discussing the specific requirements for RDF data sets, an integration pipeline is derived that joins current approaches of the areas of software development and semantic web as well as reuses existing tools. As these tools have not been built explicitly for CI usage, we evaluate their usability and propose possible workarounds and improvements. Furthermore, a real world usage scenario is discussed, outlining the benefit of the usage of such a pipeline.

info:eu-repo/classification/ddc/000

ddc:000

Application Security Review Criteria for DevSecOps Processes

Heilmann, Jonas

January 2020

For several years a trend in agile software development methodologies that connect the development with operations is transforming business activities in the industry. This methodology, that breaks down the formerly separated silos of development and operations is commonly referred to as DevOps. From a security point of view, however, the DevOps methodology lacks a fundamental integration of security in any of its phases. As a result of that, the DevSecOps practice, that intertwines the disciplines of security, development and operations is more and more gaining popularity. The biggest challenge in this shift of practice is the flawless introduction of security methods into existing DevOps processes without disturbing the fast pace and responsiveness of those. Whereas the security integration and processes on how to make DevOps secure are discussed in various preceding studies, this research focuses on an investigation of criteria that can be used to measure application security in DevSecOps integration. Given the lack of a fundamental base of academic literature on the topic, a Multivocal Literature Review (MLR) was conducted. For the study, not only academic research but also gray literature such as blogs and articles from industry practitioners were investigated to extract meaningful review criteria. As applicable, high-level criteria, agreed-upon best-practices and descriptions of security controls were thereby examined and compiled out of the studied literature. The criteria resulting from the conducted MLR process were further analyzed with each criterion's coverage in existing security standards in mind. Additionally, an investigation of a criterion's connection to the fundamental principles of the DevOps methodology was performed. The resulting list of criteria as well as additional, partially classified sub-criteria are presented as the primary contribution of the thesis. Further, a discussion of the results and evaluation of the criteria for measurability and applicability with the help of an expert group from the cooperating company Veriscan Security AB was performed. Lastly, the conducted study highlights the current state of research on the topic, discusses the lack of knowledge for particular areas as well as serves as a foundation and suggestion for several fields of future research. The criteria could, for instance, enable future design science research on DevSecOps security measurement.

DevSecOps

DevOps

Security Measurement

Security Review Criteria

Computer and Information Sciences

Data- och informationsvetenskap

Information Systems

A DevOps Approach to the EA Blueprint Architectural Pattern

Persson, Susanna

January 2022

In the world of software development, there is an increasing demand for software to keep up with rapid changes in its real-world context. A Resilient Digital Twin of an Organization is a type of software whose purpose is to digitally represent an organization or a component of an organization - as a Digital Twin -, and to keep doing so accurately throughout the real-world organization’s changes - a Resilient Digital Twin. An architectural pattern, called the EA Blueprint Pattern, has recently been proposed as a pattern to use for developing Resilient Digital Twins that can change together with the changes in the organization. However, software architecture is not the only factor that enables continuous change and adaptability in software. For software development teams to be able to deliver software rapidly and reliably, the software development process itself must be adapted to allow for frequent and fast changes. From this need, the Agile methodology and subsequently the set of work practises called DevOps has emerged. DevOps leverages automation and fast feedback as tools to facilitate a shorter system development life cycle and continuous delivery. The usage of DevOps is becoming increasingly popular in the software development field. It stands to reason that there is a need to ensure that the EA Blueprint Pattern is appropriate even in a DevOps context, where different tools and routines may be used than in traditional development. To complete this project, a use case of the EA Blueprint Pattern has been moved from a traditionally developed and deployed setting to a DevOps setting that includes essential DevOps tools such as Infrastructure as Code, a cloud environment, and a CI/CD pipeline that enables automatic deployment and therefore a shorter system development life cycle. By doing this, it can be gauged how well the EA Blueprint Pattern is adapted to a modern software development process which utilises the advantages of DevOps.

Software Architectural Patterns

DevOps

Infrastructure as Code

CI/CD

Deployment Pipeline

Digital Twin of an Organization

DTO

Computer Sciences

Datavetenskap (datalogi)

An infrastructure for autonomic and continuous long-term software evolution

Jiménez, Miguel

29 April 2022

Increasingly complex dynamics in the software operations pose formidable software evolution challenges to the software industry. Examples of these dynamics include the globalization of software markets, the massive increase of interconnected devices worldwide with the internet of things, and the digital transformation to large-scale cyber-physical systems. To tackle these challenges, researchers and practitioners have developed impressive bodies of knowledge, including adaptive and autonomic systems, run-time models, continuous software engineering, and the practice of combining software development and operations (i.e., DevOps). Despite the tremendous strides the software engineering community has made toward managing highly dynamic systems, software-intensive industries face major challenges to match the ever-increasing pace. To cope with this rapid rate at which operational contexts for software systems change, organizations are required to automate and expedite software evolution on both the development and operations sides. The aim of our research is to develop continuous and autonomic methods, infrastructures, and tools to realize software evolution holistically. In this dissertation, we shift the prevalent autonomic computing paradigm and provide new perspectives and foci on integrating autonomic computing techniques into continuous software engineering practices, such as DevOps. Our methods and approaches are based on online experimentation and evolutionary optimization. Experimentation allows autonomic managers to make in- formed data-driven and explainable decisions and present evidence to stakeholders. As a result, autonomic managers contribute to the continuous and holistic evolution of design, configuration and deployment artifacts, providing guarantees on the validity, quality and effectiveness of enacted changes. Ultimately, our approach turns autonomic managers into online stakeholders whose contributions are subject to quality control. Our contributions are threefold. We focus on effecting long-lasting software changes through self-management, self-improvement, and self-regulation. First, we propose a framework for continuous software evolution pipelines for bridging offline and online evolution processes. Our framework’s infrastructure captures run-time changes and turns them into configuration and deployment code updates. Our functional validation on cloud infrastructure management demonstrates its feasibility and soundness. It effectively contributes to eliminate technical debt from the Infrastructure-as-Code (IAC) life cycle, allowing development teams to embrace the benefits of IAC without sacrificing existing automation. Second, we provide a comprehensive implementation for the continuous IAC evolution pipeline. Third, we design a feedback loop to conduct experimentation-driven continuous exploration of design, configuration and deployment alternatives. Our experimental validation demonstrates its capacity to enrich the software architecture with additional components, and to optimize the computing cluster’s configuration, both aiming to reduce service latency. Our feedback loop frees DevOps engineers from incremental improvements, and allows them to focus on long-term mission-critical software evolution changes. Fourth, we define a reference architecture to support short-lived and long-lasting evolution actions at run-time. Our architecture incorporates short-term and long-term evolution as alternating autonomic operational modes. This approach keeps internal models relevant over prolonged system operation, thus reducing the need for additional maintenance. We demonstrate the usefulness of our research in case studies that guide the designs of cloud management systems and a Colombian city transportation system with historical data. In summary, this dissertation presents a new approach on how to manage software continuity and continuous software improvement effectively. Our methods, infrastructures, and tools constitute a new platform for short-term and long-term continuous integration and software evolution strategies and processes for large-scale intelligent cyber-physical systems. This research is a significant contribution to the long-standing challenges of easing continuous integration and evolution tasks across the development-time and run-time boundary. Thus, we expand the vision of autonomic computing to support software engineering processes from development to production and back. This dissertation constitutes a new holistic approach to the challenges of continuous integration and evolution that strengthens the causalities in current processes and practices, especially from execution back to planning, design, and development. / Graduate

Software Evolution

Autonomic Computing

Continuous Experimentation

Self-Evolution

DevOps

Delivery Pipeline

Infrastructure as Code

Feedback Loop

Continuous Integration

Control Theory

Challenges with Measuring Software Delivery Performance Metrics : A case study at a software organisation

Gebrewold, Yamo, Wirell, Johanna

January 2023

Online software businesses constantly face new challenges. Businesses are competing to deliver high-quality software solutions to their end users as quickly as possible. The performance of a software team in terms of software delivery needs to be measured to identify bottlenecks and understand what can be improved. This project is a case study of a software organisation that delivers online web solutions for a business. The organisation strives to follow a DevOps mindset and work data-driven by collecting data, learning from it and acting on the learnings. Our method to perform the case study was to study existing data collected by the organisation and conduct interviews with software professionals to get their insights about the software delivery performance of three software teams within the organisation. We focus on two metrics - deployment frequency and lead time for change - which measure the throughput of a software team and how often and fast it can deploy changes to production. Software organisations that adopt a DevOps approach are facing challenges with collecting data about their software delivery performance and learning from that data to improve their throughput. We aim to identify these challenges and discuss various problems that software organisations need to be aware of when measuring software delivery performance. We present the results from the interviews and collected metrics, analyse them and discuss them, as well as give suggestions on future research. We observe that there are multiple factors impacting software delivery performance and various challenges with measuring it accurately. This is related to the way of reporting data reliably and developing models to study and understand the collected data.

Software delivery performance

DORA metrics

deployment frequency

lead time for change

DevOps speed metrics

Computer Sciences

Datavetenskap (datalogi)