Professional Documents
Culture Documents
Composable DevOps
Automated Ontology Based DevOps Maturity Analysis
Abstract— In this era of the emerging digitized, mobilized, and inside business organizations without explicit IT
cloudified enterprises, the concept of the “composable organizational knowledge or approval, in order to meet the
business” is the most critical piece which ties everything new time to market requirements being placed on Business
together. The digital enterprise is here, and its prime lines and quickly provide the services consumers are
characteristic is that is essentially detaches and segregates seeking. These factors are exerting enormous pressure on IT
existing businesses and reassembles them according to market to adapt to the evolving enterprise needs of the business lines
demands. Every industry, from transportation to eyewear is up in order to stay relevant, while still meeting their metrics
for disruption, and developers are in the forefront of this they have traditionally been judged on of Reliability and Up-
movement. In turn, these developers are under intense
time.
pressure to accelerate time to market.
In most enterprises, developers who need to move fast
The composable enterprise approach requires a and implement changes quickly in response to changing
reconsideration of traditional models of the entire IT business demands run into very legitimate barriers and
organization. These organization and their processes need to concerns from their IT and “governance” teams when they
be broken up into components that follow certain key design bring their ideas to the table. The groups responsible for
principles such as The Minimal Functions with least creating and supporting applications and solutions are
Dependencies, portability, Shared Knowledge, Predictable chartered with ensuring that data and intellectual property are
Contracts and Maximized Human Value. The last three bullet secure, privacy laws and other regulations are complied with,
points encapsulate the very definition of DevOps [3]. and that the solutions are “future proof” and smart
investments. The stewardship of one group to protect the
The concept of better integration between Development and company and the other to accelerate the response to change
Operations is a valuable objective. The goal is to foster creates tension, frustration, and conflict.
measurable incremental cultural change to derive most overall This is the harbinger of DevOps adoptions. DevOps blurs
value out of the union of people, process and technology. But the traditional boundaries between developers and IT by
the cultural issues, reward models, and risk allocation create ideally bringing together development and operations to
obvious barriers in attaining those goals. The common achieve a common goal. “Writing the code” and “making
industry belief is to use the composable enterprise framework
them work on a platform” are the kind of works done by
to build a platform using the right tools and you will have
different types of people who traditionally worked separately
attained DevOps nirvana. In this paper we will explore
valuable lessons learned from our mistakes in tool centric and implemented entirely different methodologies and
adoption of IT Infrastructure Library (ITIL) [8] . We will also workflows. For example, ITIL for IT operations and Agile
show how we applied those lessons to develop a lightweight for Development. A clear disconnect exists there as the two
composable/contextual DevOps framework that learns and teams speak two different languages and have traditionally
measure itself to avoid those cultural pitfalls. been judged by different reward structures. There is also fear
that this collaboration along with “up-skilling” Application
Keywords-devops;itil;maturity;ontology;deontic;semantic developers with the awareness of the operations as well as
codification of the operation domain knowledge will end up
I. INTRODUCTION in loss of controls, diminished responsibility, and possible
job redundancy.
Cloud, Analytics, Mobility, Social, and Security are Successful DevOps requires a change in mindset – all
making huge waves in the way traditional IT thinks and parties involved need to share responsibility for the success
reacts. These forces of change have made the end user the or the failure of the product. Enterprises cannot buy DevOps
king who is placing all kinds of demands on IT. Business off the shelf as many vendors would like you to believe.
leaders are concerned about engaging these savvy customers, Nobody can implement DevOps for an enterprise. Enterprise
and won't wait for IT to provide the technologies they need. needs to create fertile ground inside the organization to foster
Business and developers are not constrained by what their IT the DevOps mentality. Each and every component of
organization provides anymore. There is a proliferation of DevOps has its own timeframe and path to maturity which
“Shadow IT” or “Stealth IT”, IT solutions built and used
Authorized licensed use limited to: National University Fast. Downloaded on September 24,2020 at 10:09:33 UTC from IEEE Xplore. Restrictions apply.
cannot be forced without disastrous effects. Not every Framework (RDF) model, which can be successfully
traditional metric is applicable at every maturity level. processed but with weak or ambiguous inference.
Allowing clearly defined roles to work within their comfort Like DevOps, ITIL is not something one implements, it
zone, with tools they are comfortable with is the first big step is not a standard. It is a set of best practices that one can
in adopting DevOps culture within the enterprise. Goal of integrate into the unique properties of one’s IT organization.
this paper is to propose a meta-model driven solution There are two key components of any organizational
framework where DevOps descriptive methodology improvement, and that is process improvement and the
expressed in deontic logic (permissions and obligations), ability of people to change or adapt to change. This is highly
help guide and incrementally refactor the existing dependent on clean, contextual data regarding people,
Development and Operations practices increasingly into process, infrastructure etc. Most of the vendors for CMDB
cohesive, collaborative set of processes to climb the maturity interpreted the ITIL prescribed CMDB functions as dogma
ladder. and came up with proprietary implementations that are
inflexible and understands their prescribed data format. For
example IBM CMDB only support IDML format in order to
import external data. For automated CI and their relationship
discovery and reconciliation, IT operations usually uses
assortment of centralized discovery agents that significantly
reduced the agent deployment and management costs across
thousands of servers. They expect a solution that consumes
discovery data with varying format with minimal data format
manipulation, requires low CMDB API learning curve, and
provides fast query response and CI reconciliation.
Unfortunately cleansing, contextualizing and reconciling
various discovered data into CMDB format takes so long that
it sort of becomes prohibiting in the way of realizing quick
value of ITIL. Another prohibiting factor is the Service
Management application’s inability to work straight off the
CMDB configuration data. For example IBM SmartCloud
Control Desk requires CMDB configuration data to be
imported and persisted into native format.
Hence key to successful ITIL or DevOps adoption is not
making teams listen to what a best-of-the-breed tool asks
them to do. It’s rather understanding the unique properties of
Figure 1. DevOps Maturity and Composable DevOps.
the enterprise, existing processes, existing team specific
skillsets and applying those to show quick ROI.
601
Authorized licensed use limited to: National University Fast. Downloaded on September 24,2020 at 10:09:33 UTC from IEEE Xplore. Restrictions apply.
Constraints Features ITIL Agile
Phases
Description Modality …...
DevOps Team
dependent systems
environments
Teams must be able to provide self- Obligation
Release/ service, on-demand provisioning and Figure 2. Composable DevOps solution architecture.
Deploy management of cloud environments and
infrastructure resources
Team must be able to speed lead times Obligation A. Composable DevOps Runtime
Release/ and make more frequent application
Deploy deployments at the pace demanded by An execution container for Composable DevOps uber
the business processes which controls the behavior of DevOps pipeline
Number of tools required to monitor Obligation instances for various product and feature delivery. The
Operate network, systems, databases etc. must be composable DevOps platform reads a Domain Specific
/Assure consolidated to reduce complexity and
speed time to problem resolution
Declarative configuration that captures the high level
Teams must have the visibility and business requirements, DevOps pipeline component
Obligation
insight you need to ensure reliable (Configure, Build, Quality Assurance, Deployment etc.)
Operate business service delivery for the specific requirements in the form of declarative policy and
/Assure applications and business services that data items. Hints about Solution Domain, DevOps maturity
have moved to third-party cloud level, DevOps pipeline component runtime technology assist
providers
Teams must have visibility into capacity
the Composable DevOps runtime to assemble the DevOps
Obligation pipeline instance that is fit for purpose and fit to use. Deontic
in order to understand the impact on
Operate policies for various components guides the DevOps maturity
infrastructure when there are increases in
/Assure
workload, transactions, application controls to check periodically through management
upgrades, and hardware refreshes workflows to ensure policy adherence as well as DevOps
Teams must have access to feedback Obligation
Operate adoption progress and performance. Changes in
information on mobile app behavior and
/Assure organizational roles, hierarchy as well as culture affect the
usage analytics to drive improvements
Teams must automate the feedback of Obligation requirements thus also affecting the mapping of DevOps
Operate
critical performance information across maturity controls and policy items. Therefore, policy will
stages of the application lifecycle so as to have a process for controlling its overall lifecycle.
/Assure
further optimize applications and
services B. Composable DevOps Controller
This is the centralized management system for DevOps
IV. “COMPOSABLE DEVOPS” SOLUTION ARCHITECTURE pipeline provisioning. The controller co-ordinates with
various distributed policy-aware components to foster
Figure 2 describes the high level Composable DevOps collaboration in a fully automated fashion. The controller
solution framework that enables iterative collaborative up- continuously polls filtered monitoring data as well as other
skilling and collaboration value measurement. Major complementary information through an event collection
solution components are: framework. It indexes and aggregates the machine produced
602
Authorized licensed use limited to: National University Fast. Downloaded on September 24,2020 at 10:09:33 UTC from IEEE Xplore. Restrictions apply.
data, applies DevOps maturity control contexts and persists Composable DevOps monitoring plug-in and communication
in the repository. It then invokes Composable DevOps hook back to Composable DevOps Management processes.
analytics and native algorithms to compute process and Based on the various criteria, for example, parallel/sequential
collaboration drifts that impacts the plan, process and actions build or test, the provision engine may deploy component
of getting closer to the target maturity level. If components processes in single private or hybrid cloud.
are determined to be out of policy adherence, the controller
invokes the Composable DevOps management plan
(Remediation and Refactoring Engine) to remediate the non-
adherence. All the maturity level computations are also
validated by a metadata driven controller function called the
“Process Maturity provenance function”. Finally, the
controller provides functions to formalize knowledge derived
from trend analysis and applies the knowledge to predict
corrections in process, collaboration and methodology
adoptions.
C. Deontic Constraints and Semantic Analyzer
Semantic Analyzer uses Ontology[17] and Semantic
Web Technologies[19] to model building of Business goals
as well as DevOps people, process, monitoring etc. related
knowledge and implement maturity criteria validation
techniques using deontic constraints.
D. Monitoring Framework
The Event collection Framework enables modularized
solutions to collect events and alerts from key domains in a Figure 3. DevOps pipeline instance provision examples.
common format. This Framework also allows defining
domain specific event filters created through the DevOps V. ONTOLOGY BASED DEVOPS MATURITY EVALUATION
Dashboard. AUTOMATION
E. DevOps Portal A meta model for DevOps Maturity evaluation i.e.
DevOps teams uses the portal to compose the DevOps DevOps-Maturity-Evaluation-Ontology is proposed, based
pipeline provision configuration in a collaborative fashion. It on which, DevOps Business constraints can be modeled into
allows team to register various pipeline component artifacts Web Ontology Language (OWL)[17] axioms and Semantic
to an application lifecycle management project. The portal Web Rule Language (SWRL)[18] rules.
also allows creating plug-in for external services (Change An activity (Development-Configuration-Assessment-
Management, Configuration Management, Identity as a Activity) from the DevOps Maturity Evaluation Process
Service, Compliance as a Service etc.) as well as various Flow has been used to show how business and deontic
monitoring services. The portal also provide dashboard to constraints are applied to evaluate DevOps maturity. This
show metrics and Key Performance Indicator ( KPI) meta model is influenced by “Ontology-based semantic
pertaining to DevOps maturity level. modeling of regulation constraint for automated construction
quality compliance checking” as described by B.T. Zhong,
F. DevOps DSL Generator L.Y. Ding, et al. [1] . DevOps Maturity Ontology serves as a
DevOps Domain Specific Configuration is the key set of meta model, defining the concepts and relations related to the
information that the Composable DevOps controller uses to DevOps Maturity evaluation. Validation-Task class is the
provision a specific instance of DevOps pipeline for a central concept in this Ontology. A Validation-Task is set
specific maturity level. Defining DSL is a collaborative according to the specific deontic constraint. A Validation-
effort between Dev and Ops team. Private Docker [15] Task can be related to the Validation-Object through the
registry contains multiple tools’ images for each pipeline “hasValidationObject” property, which indicates that the
component. Each tool is indexed with DevOps maturity Validation-Object will be inspected to make sure their
level. Tool selection for each Composable DevOps pipeline compliance to the relevant deontic constraints through the
component depends on maturity level. This could be execution of the Validation-Task. The Validation-Object
overwritten by DSL author. refers to any concepts governed by business and indicates
what is to be inspected, in the case of DevOps Maturity
G. DevOps Pipeline Instance Provisioning Engine Evaluation domain the entities include identification,
The provision engine uses DevOps DSL configuration to evaluation, remediation processes (activities and
pick up appropriate components for the pipeline instance. It procedures), the DevOps products and resources used in
also plug-in appropriate tools to each components. The validation. An Validation-Object may include a set of
Docker private registry contains images of tools baked with process optimization validation items. These validation items
603
Authorized licensed use limited to: National University Fast. Downloaded on September 24,2020 at 10:09:33 UTC from IEEE Xplore. Restrictions apply.
can be identified from the business constraints. For example, model or user activities and so on. Basing on the meta
some of the DevOps business constraints are: model, the specific domain model for the DevOps maturity
checking can be obtained via specializing and instantiating
TABLE II. DEVOPS BUSINESS CONSTRAINTS the generic concepts and relations in the meta model. Since
Feature the meta model is not limited to any specific DevOps pattern
Description Goal
or model, the meta model can be reused independently of
Code Shipping : 30x faster any specific DevOps implementation. Basing on the meta
Deployment Frequency model and the ontology, the constraints knowledge imposed
Deployment : 8000x faster
Deployment Speed An hour or less by the enterprise can be clearly and unambiguously defined
such that they may potentially be interpreted by a machine.
Failure Rate 50% less
Time to Recovery 12x faster ( less than an hour)
604
Authorized licensed use limited to: National University Fast. Downloaded on September 24,2020 at 10:09:33 UTC from IEEE Xplore. Restrictions apply.
semantic web. It offers a relatively high level of expressivity </owl:onProperty>
while still being decidable. In addition, OWL, as a formal </owl:Restriction>
language with description logic based semantics, enables </rdfs:subClassOf>
automatic reasoning about inconsistencies of concepts, and <owl:unionOf rdf:parseType=”Collection”>
provides RDF/XML syntax to represent ontology. <owl:Class rdf:about=”#UID5E3604” />
<owl:Class rdf:about=”# UID5E3605” />
A. Existential restriction <owl:Class rdf:about=”# UID5E3606” />
Existential restriction “One Validation-Task has at least …………………. …………………………
one Validation-Item-Checking-Action” can be modeled in </owl:unionOf>
the following axioms </rdfs:subClassOf
Axiom A1. “Validation-Task hasValidationItem rdf:resource="http://www.w3.org/2002/07/owl#Thing"/>
PolicyAdherenceCheckingAction only Validation-Item- </owl:Class>
Checking-Action” Axiom B.
Axiom A2. “Validation-Task hasValidationItem <owl:Class rdf:ID=”incidence-management-system”>
PolicyAdherenceCheckingAction min 1” can be <rdfs:subClassOf>
expressed in below OWL format <owl:Restriction>
<owl:onProperty
<owl:Class rdf:ID=”Validation_Task”> rdf:resource=”#hasType”/>
<rdfs:subClassOf> <owl:hasValue rdf:resource=”#ops-
<owl:Restriction> incident-management-system”/>
<owl:allValuesFrom> </owl:Restriction>
<owl:Class rdf:ID="Validation-Item- </rdfs:subClassOf>
Checking-Action"/> </owl:Class>
</owl:allValuesFrom> Typical constraints in the business occur in the form of
<owl:onProperty> rules. SWRL is a good candidate to represent the constraints
<owl:ObjectProperty rdf:ID=" rules, since SWRL rule language is tightly integrated with
hasValidationItemPolicyAdherenceCheckingAction "/> OWL and the predicates in SWRL rules may be OWL-based
</owl:onProperty> classes or properties. The use of SWRL rules along with
</owl:Restriction> OWL axioms results in more powerful constraints and
</rdfs:subClassOf> intuitive inferring capability, which could not be achieved
<rdfs:subClassOf> through the use of axioms alone. Another benefit is that
<owl:Restriction> SWRL is a descriptive language that is independent of any
<owl:minCardinality rule language internal to rule engines, which decouples the
rdf:datatype="http://www.w3.org/2001/XMLSchema#int">1 rules from the technical implementation of the rules engine.
</owl:minCardinality> For example, the constraint “There must be an agreement
<owl:onProperty> between business, dev and ops on critical services that are
<owl:ObjectProperty rdf:about=" necessary to meet pre-defined business goals”, can be
#hasValidationItemPolicyAdherenceCheckingAction " modeled in Axiom C1 & C2 and SWRL Rule 1:
/> Rule 1. Dev-Ops-Business-Agreement-Exists-
</owl:onProperty> Verification-Activity (?CT_aa) ? Predefined-Business-
</owl:Restriction> Goals-Exists-Verification-Activity (?CT_bb) ?
</rdfs:subClassOf> isDirectlyBefore(?CT_aa, ?CT_bb )
</rdfs:subClassOf Axiom C1. Dev-Ops-Business-Agreement-Exists-
rdf:resource="http://www.w3.org/2002/07/owl#Thing"/> Verification-Activity isDirectlyBefore only Predefined-
</owl:Class> Business-Goals-Exists-Verification-Activity
Axiom C2. Dev-Ops-Business-Agreement-Exists-
B. Constraints
Verification-Activity isDirectlyBefore exactly 1
Constraint, “Developers must have access to the Here, Rule 1 is written in terms/concepts from the
operations / support team incident details” can be modeled in DevOps Maturity Analysis process model. Rule 1 indicates
the following Axiom A: that the existence of one instance of the Dev-Ops-Business-
Agreement-Exists-Verification-Activity implies the
<owl:Class rdf:ID=”Incident-Details-Access”> existence of one corresponding instance of the Dev-Ops-
<rdfs:subClassOf> Business-Agreement-Exists-Verification-Activity, and the
<owl:Restriction> constraints represented by object property isDirectlyBefore
<owl:onProperty rdf:resource=“#access- should be met.
control-list"/> The implementing soft environment is shown in Figure 8.
<owl:minCardinality Ontology editor enables the users to load and save OWL and
rdf:datatype="http://www.w3.org/2001/XMLSchema#int">1 RDF ontologies, edits and visualizes classes, properties, and
</owl:minCardinality> SWRL rules, defines logical class characteristics as OWL
605
Authorized licensed use limited to: National University Fast. Downloaded on September 24,2020 at 10:09:33 UTC from IEEE Xplore. Restrictions apply.
expressions, executes reasoners such as description logic
classifiers and edits OWL individuals. actual reasoning
process is conducted through the rule engine. The rule engine
converts a combination of OWL+SWRL into new facts. The
inferences are carried out in Rule engine inference engine by
matching facts in working memories in accordance with the
rules in rule base. Also, if the inference engine infers
knowledge using forward chaining, the new knowledge can
be used for further inference or querying stored or inferred
knowledge.
606
Authorized licensed use limited to: National University Fast. Downloaded on September 24,2020 at 10:09:33 UTC from IEEE Xplore. Restrictions apply.
challenges in supporting heterogeneity in workloads. To the http://www.interoute.com/what-paas
researchers , the best IT tools and practices are simple and [11] OASIS extensible Access Control Markup Language (XACML)
lightweight. Their value is non-binary. They don’t make a https://www.oasis-
difference between right and wrong, or good and bad. open.org/committees/tc_home.php?wg_abbrev=xacml
Instead, the very fact of using them makes things better. [12] DMTF – Common Information Model
They need support for all kinds of tools. Also they require http://dmtf.org/standards/cim
high velocity feature deployment. [13] OASIS Topology and Orchestration Specification for Cloud
In contrast IBM CIO develops, deploys and manages Applications (TOSCA)
applications for external client with varying business https://www.oasis-
criticality. They want to hasten pervasive cultural changes open.org/committees/tc_home.php?wg_abbrev=tosca
holistically and through out the lifecycle. They like to [14] Assessing DevOps maturity
identify the “best” through try and learn. http://blogs.ca.com/2015/02/04/assessing-devops-maturity/
Both business units stand to gain a lot from the [15] Docker
configuration driven composable DevOps pipeline feature of https://www.docker.com/
our solution. They gained the flexibility to try out various [16] Deontic Logic
combinations of DevOps pipeline phase specific criteria and http://en.wikipedia.org/wiki/Deontic_logic
tools to find the best process that meet their requirements. [17] Web Ontology Language
http://www.w3.org/TR/owl-features/
IX. FUTURE WORKS [18] Semantic Web Rule Language
Boundariless Joint Development and Research is in the http://www.w3.org/Submission/SWRL/
heart of every agile enterprise.External clients are eager to [19] Semantic Web
collaborate with focused groups inside solution providing http://www.w3.org/standards/semanticweb/
enterprises to develop mixed solution assets in an agile
fashion. They also want the means to guide those solution
assets climb the maturity ladder and eventually convert those
into SaaS offering with scale.
This complex many-to-many collaboration requires
supporting unlimited programming models, operations
models to ensure low friction innovation path. This truly
calls for a “Composable Devops” solution proposed by us.
In fact, we launched a project named “IBM.Next” to
realize this vision.
REFERENCES
[1] Zhong , B.T., Ding , L.Y., Luo, H.B. , Zhou, Y., Hu, Y.Z., Hu, H.M
(2012) , “Ontology-based semantic modeling of regulation constraint
for automated construction quality compliance checking”,
ELSEVIER
[2] Edit. O. Lassila, R. Swick,”Resource Description Framework (RDF)
model and syntax specification”, Working Draft, W3C,1998
Electronic source for references without author nor publication time :
[3] DevOps- http://en.wikipedia.org/wiki/DevOps
[4] Software Defined Data Center SDDC
http://www.webopedia.com/TERM/S/software_defined_data_center_
SDDC.html
[5] Openstack – Open Source Cloud Computing Software
https://www.openstack.org/
[6] Infrastructure as a Service (IaaS)-
http://www.interoute.com/what-iaas
[7] SoftLayer- www.softlayer.com
[8] ITILV3-Service Asset and Configuration Management
http://www.itil.org/en/vomkennen/itil/servicetransition/servicetransiti
onprozesse/serviceassetconfigurationmgmt.php
[9] Security Information and event management (SIEM)
http://en.wikipedia.org/wiki/Security_information_and_event_manag
ementDevOps- http://en.wikipedia.org/wiki/DevOps
[10] Platform as a Service (PaaS)
607
Authorized licensed use limited to: National University Fast. Downloaded on September 24,2020 at 10:09:33 UTC from IEEE Xplore. Restrictions apply.