A DevOps Reference Architecture for Multi-Cloud IoT Applications Deployment

University of Technology Sydney. Faculty of Engineering and Information Technology.DevOps originated in the context of agile software development, which seems an appropriate approach to enable the continuous delivery and deployment of a software application in small releases. There is growing interest among organisations in adopting the DevOps approach and a multi-cloud environment for IoT (Internet of Things) application deployment. However, the challenge is how to apply DevOps when a multi-cloud heterogeneous environment is required for IoT application deployment. To address this vital research need, this thesis applies a design science research (DSR) method. It develops the DevOps reference architecture (DRA) framework to automate IoT applications deployment to the heterogeneous multi-cloud environment. The DRA is a cloud-enabled framework that mainly focuses on the deployment part of the integrated agile–DevOps methodology. Using a DSR method, the DRA has been incrementally developed by the iterative application of build, review, and adjust research activities. The DRA is intended for use by software organisations, coaches, managers, engineers, developers, and consultants as comprehensive reference architecture for deploying IoT applications to a multi-cloud environment using the DevOps approach. The DRA has three main components: framework characteristics, framework architecture, and framework composition. Framework characteristics incorporate nine main elements arranged into three categories: foundation (abstraction, human factor, infrastructure), core (process, tools, product), and extended (business value, rules, legal). Framework characteristics provide the building blocks necessary to create a reference architecture design using the DevOps approach and cloud infrastructure. Framework architecture is composed of five models: contextual, conceptual, logical, physical, and operational. Framework architecture is the blueprint used in the framework composition to create DevOps pipeline instances that enable IoT application deployment to the multi-cloud environment. The DRA framework composition includes three components: resources (architecture design, software, and hardware), configuration (pipeline, IoT application, IoT network), and output (DRA reference architecture, DRAv1.0 instance, DRAv2.0 instance). The framework provides implementation instructions and an evaluation template to implement and evaluate DRAv1.0 (single cloud) and DRA v2.0 (multi-cloud) instances in different organisational contexts. The proposed DRA framework is evaluated using an empirical evaluation composed of four iterations: industry case study, research case study, teaching case study, and industry field surveys. The results of this thesis indicate that the proposed DRA framework can be considered reasonable for the successful adoption of the DevOps approach for IoT application deployment to the multi-cloud environment. The evaluation results indicate that the DRA framework is generic and can be used in different organisational contexts and technology stacks to establish a cloud-based deployment architecture that is suitable for IoT applications

The DevOps Reference Architecture Evaluation : A Design Science Research Case Study

There is a growing interest to adopt vendor-driven DevOps tools in organizations. However, it is not clear which tools to use in a reference architecture which enables the deployment of the emerging IoT applications to multi-cloud environments. A research-based and vendor-neutral DevOps reference architecture (DRA) framework has been developed to address this critical challenge. The DRA framework can be utilized to architect and implement the DevOps environment that enables automation and continuous integration of software applications deployment to multi-cloud. This paper confers and discusses the evaluation outcomes of the DRA framework at the DigiSAS research Lab. The evaluation outcomes present practical evidence about the applicability of the DRA framework. The evaluation results also indicate that the DRA framework provides general knowledge-base to researchers and practitioners about the adoption DevOps approach in reference architecture design for deploying IoT-applications to multi-cloud environments

Report from GI-Dagstuhl Seminar 16394: Software Performance Engineering in the DevOps World

This report documents the program and the outcomes of GI-Dagstuhl Seminar 16394 "Software Performance Engineering in the DevOps World". The seminar addressed the problem of performance-aware DevOps. Both, DevOps and performance engineering have been growing trends over the past one to two years, in no small part due to the rise in importance of identifying performance anomalies in the operations (Ops) of cloud and big data systems and feeding these back to the development (Dev). However, so far, the research community has treated software engineering, performance engineering, and cloud computing mostly as individual research areas. We aimed to identify cross-community collaboration, and to set the path for long-lasting collaborations towards performance-aware DevOps. The main goal of the seminar was to bring together young researchers (PhD students in a later stage of their PhD, as well as PostDocs or Junior Professors) in the areas of (i) software engineering, (ii) performance engineering, and (iii) cloud computing and big data to present their current research projects, to exchange experience and expertise, to discuss research challenges, and to develop ideas for future collaborations

Service Level Agreement-based GDPR Compliance and Security assurance in (multi)Cloud-based systems

Compliance with the new European General Data Protection Regulation (Regulation (EU) 2016/679) and security assurance are currently two major challenges of Cloud-based systems. GDPR compliance implies both privacy and security mechanisms definition, enforcement and control, including evidence collection. This paper presents a novel DevOps framework aimed at supporting Cloud consumers in designing, deploying and operating (multi)Cloud systems that include the necessary privacy and security controls for ensuring transparency to end-users, third parties in service provision (if any) and law enforcement authorities. The framework relies on the risk-driven specification at design time of privacy and security level objectives in the system Service Level Agreement (SLA) and in their continuous monitoring and enforcement at runtime.The research leading to these results has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No 644429 and No 780351, MUSA project and ENACT project, respectively. We would also like to acknowledge all the members of the MUSA Consortium and ENACT Consortium for their valuable help

An agile-devops reference architecture for teaching enterprise agile

©2019 The authors and IJLTER.ORG. All rights reserved. DevOps emerged as an important extension to support the Agile development for frequent and continuous software delivery. The adoption of Agile-DevOps for large scale enterprise agility depends on the most important human capability such as people competency and experience. Hence, academic education and professional training is key to the successful adoption of Agile-DevOps approach. Thus, education and training providers need to teach Agile-DevOps. However, the challenge is: how to establish and simulate an effective Agile-DevOps technology environment for teaching Enterprise Agile? This paper introduces the integrated Adaptive Enterprise Project Management (AEPM) and DevOps Reference Architecture (DRA) approach for adopting and teaching the Agile-DevOps with the help of a teaching case study from the University of Technology - Sydney (UTS), Australia. These learnings can be utilised by educators to develop and teach practice-oriented Agile-DevOps for software engineering courses. Furthermore, the experience and observations can be employed by researchers and practitioners aiming to integrate Agile-DevOps at the large enterprise scale

An Integrated Framework for the Methodological Assurance of Security and Privacy in the Development and Operation of MultiCloud Applications

x, 169 p.This Thesis studies research questions about how to design multiCloud applications taking into account security and privacy requirements to protect the system from potential risks and about how to decide which security and privacy protections to include in the system. In addition, solutions are needed to overcome the difficulties in assuring security and privacy properties defined at design time still hold all along the system life-cycle, from development to operation.In this Thesis an innovative DevOps integrated methodology and framework are presented, which help to rationalise and systematise security and privacy analyses in multiCloud to enable an informed decision-process for risk-cost balanced selection of the protections of the system components and the protections to request from Cloud Service Providers used. The focus of the work is on the Development phase of the analysis and creation of multiCloud applications.The main contributions of this Thesis for multiCloud applications are four: i) The integrated DevOps methodology for security and privacy assurance; and its integrating parts: ii) a security and privacy requirements modelling language, iii) a continuous risk assessment methodology and its complementary risk-based optimisation of defences, and iv) a Security and Privacy Service Level AgreementComposition method.The integrated DevOps methodology and its integrating Development methods have been validated in the case study of a real multiCloud application in the eHealth domain. The validation confirmed the feasibility and benefits of the solution with regards to the rationalisation and systematisation of security and privacy assurance in multiCloud systems

CloudOps: Towards the Operationalization of the Cloud Continuum: Concepts, Challenges and a Reference Framework

The current trend of developing highly distributed, context aware, heterogeneous computing intense and data-sensitive applications is changing the boundaries of cloud computing. Encouraged by the growing IoT paradigm and with flexible edge devices available, an ecosystem of a combination of resources, ranging from high density compute and storage to very lightweight embedded computers running on batteries or solar power, is available for DevOps teams from what is known as the Cloud Continuum. In this dynamic context, manageability is key, as well as controlled operations and resources monitoring for handling anomalies. Unfortunately, the operation and management of such heterogeneous computing environments (including edge, cloud and network services) is complex and operators face challenges such as the continuous optimization and autonomous (re-)deployment of context-aware stateless and stateful applications where, however, they must ensure service continuity while anticipating potential failures in the underlying infrastructure. In this paper, we propose a novel CloudOps workflow (extending the traditional DevOps pipeline), proposing techniques and methods for applications’ operators to fully embrace the possibilities of the Cloud Continuum. Our approach will support DevOps teams in the operationalization of the Cloud Continuum. Secondly, we provide an extensive explanation of the scope, possibilities and future of the CloudOps.This research was funded by the European project PIACERE (Horizon 2020 Research and Innovation Programme, under grant agreement No. 101000162)

Contribución a la estimulación del uso de soluciones Cloud Computing: Diseño de un intermediador de servicios Cloud para fomentar el uso de ecosistemas distribuidos digitales confiables, interoperables y de acuerdo a la legalidad. Aplicación en entornos multi-cloud.

184 p.El objetivo del trabajo de investigación presentado en esta tesis es facilitar a los desarrolladores y operadores de aplicaciones desplegadas en múltiples Nubes el descubrimiento y la gestión de los diferentes servicios de Computación, soportando su reutilización y combinación, para generar una red de servicios interoperables, que cumplen con las leyes y cuyos acuerdos de nivel de servicio pueden ser evaluados de manera continua. Una de las contribuciones de esta tesis es el diseño y desarrollo de un bróker de servicios de Computación llamado ACSmI (Advanced Cloud Services meta-Intermediator). ACSmI permite evaluar el cumplimiento de los acuerdos de nivel de servicio incluyendo la legislación. ACSmI también proporciona una capa de abstracción intermedia para los servicios de Computación donde los desarrolladores pueden acceder fácilmente a un catálogo de servicios acreditados y compatibles con los requisitos no funcionales establecidos.Además, este trabajo de investigación propone la caracterización de las aplicaciones nativas multiNube y el concepto de "DevOps extendido" especialmente pensado para este tipo de aplicaciones. El concepto "DevOps extendido" pretende resolver algunos de los problemas actuales del diseño, desarrollo, implementación y adaptación de aplicaciones multiNube, proporcionando un enfoque DevOps novedoso y extendido para la adaptación de las prácticas actuales de DevOps al paradigma multiNube