IBM Cloud DevOps

Field Guide
 Download the current version of the IBM
Cloud DevOps Field Guide

http://ibm.biz/Ibm-cloud-devops-field-guide

© Copyright International Business Machines Corporation 2020, 2021. US

Government Users Restricted Rights - Use, duplication or disclosure restricted
by GSA ADP Schedule Contract with IBM Corp.
Deliver faster. Beat the
competition.
DevOps is the modern way to deliver digital products. It is an
approach where traditionally siloed development and operations
teams come together with a product-focused mindset to deliver
faster and with higher quality. Over time, other stakeholders, such
as the business owner, quality assurance (testing), security, and end
users collaborate to continuously deliver software.

QUICKLY DELIVER TO THE MARKET WITH QUALITY

Build a startup culture. Bring business, development, operations,

and other stakeholders together.
Respond to the market faster. Address organizational inertia,
optimize delivery workflow, and leverage cloud technology to
respond to consumer demands.
Reduce development and operational costs. Automate processes
such as code integration, testing, deployment, application
monitoring, and issue management.
Instill trust and confidence. Engineer transparency, observability,
and the appropriate amount of risk mitigation into the delivery
pipeline.

What’s inside?
This field guide provides a high-level overview of the IBM Cloud
DevOps strategy.

LEARN IT GET STARTED

A summary of the concepts. Tips to start your journey to the
cloud.
 LEARN IT

DevOps: the DNA of modern

delivery
To achieve enterprise agility and responsiveness, use the IBM Garage™
Methodology DevOps practices. These practices combined with En-
terprise Design Thinking, agile practices, Lean Startup, and modern
architectures enable you to improve your time to market.

AMP UP YOUR AGILE WITH DEVOPS

Break down silos. Don’t let heritage organizational boundaries hinder

delivery velocity. Collaborate with reckless abandon, work in new
ways, and focus on your product.

Establish a continuous delivery pipeline. Automate the mechanical

and mundane, instrument the delivery pipeline for observability, and
engineer just enough governance to mitigate the appropriate amount
of risk.

Improve, iteratively and continuously. Use key performance

indicators to gauge your success over time. Is delivery getting faster?
Is product quality improving? Are end users happy with the services
and experiences being delivered?

Learn more

Explore practices in the IBM Garage Methodology.

https://www.ibm.com/garage/method

2
 LEARN IT

A new reality for hybrid

multicloud
DevOps is not new. Or is it? Hybrid and multicloud adoption forces
your enterprise to re-examine how people, practices, processes, and
platforms are different than they were in the heritage landscape. How
are you applying DevOps practices to your integration landscape, data
science, and platform engineering?

MODERNIZE HERITAGE DEVOPS FOR THE CLOUD

Make way for new roles, stakeholders, and beneficiaries. The Site
Reliability Engineer (SRE) role speaks to the resurgence of service quality
(availability, scalability, maintainability) in delivery; throw some love at
IT Security, early....like real early, for the sake of your digital reputation.

Leverage new platforms and tools. Cloud’s commoditization of network,

infrastructure, and middleware has opened an opportunity to move value
up the stack. As you adopt cloud architecture and platforms the tools in
your continuous delivery pipeline should change.

Deliver differently. Consider 12 factor apps, containerization, and

microservices. Modern cloud-native apps are built, tested, and delivered
differently than their heritage counterparts and they land on different
platforms. The mechanics of build, test, and deploy are not the same.

Learn more

Read the Modern DevOps Manifesto.

https://medium.com/ibm-garage/the-modern-devops-manifesto-f06c82964722

4
 GET STARTED

DevOps Reference
Architecture
People, process, tools and technology are critical to DevOps. When
compared to people, tools and technology are the easy part of modern
delivery. People are your greatest asset. Create an agile culture and
give your people the tools they need to be successful.

SUPPORT CONTINUOUS “EVERYTHING”

Learn more

Check out IBM Cloud Architectures.

https://www.ibm.com/cloud/architecture/architectures/devOpsArchitecture/
reference-architecture

6
Continuous planning. A healthy rank-ordered backlog includes new
features, technical debt, defect remediation, and end user feedback.
Along with the squad, the product owner prioritizes, estimates and
clarifies user stories.

Continuous development. Curated application stacks, pipelines, and

integrated toolchains liberate developers so they can do what they do
best...code! Developers need to onboard quickly with a simple, easy,
and consistent experience that minimizes workstation variance.

Continuous integration. Merging features quickly and frequently

into the pipeline promotes early detection of defects. Build trust
and confidence by using automation for build, test, static analysis,
compliance/governance, and packaging.

Continuous delivery. Automate deployment so that when it is time to

deploy to production, it’s almost a “non-event.”

Continuous operations. If “Day 1” is “all that development stuff”,

“Day 2” is “all that operations stuff”. Monitor granular services and
healthcheck end points, connect operations tools with chatbots, and
instrument applications with the hooks needed to manage them in their
runtime environments.

Continuous learning. Observe the delivery pipeline and make

improvements that infuse more quality into the product. Cloud-native
applications make it easier to respond to user feedback via roll out and
rollback deployments, which make A/B testing, and canary and zero
downtime deployments possible.

Continuous testing. Weave image scanning, vetting library

dependencies for license compliance, and testing cluster and
namespace policies into the pipeline in addition to unit, contract, and
penetration testing.
 LEARN IT

DevOps trends
Look at DevOps through a new lens to cope with modern client
challenges. DevOps is not just for applications anymore, nor is it just
about development and operations. Here are some trending ways in
which DevOps is being applied. Some are new and some are perennial
favorites.

DUST OFF YOUR DEVOPS AND EXPAND YOUR HORIZONS







































































































































Learn more

Read the blog on DevOps trends:

https://medium.com/ibm-garage/2019-devops-trends-4f8f9b476ac7

8
DevSecOps. Look at DevOps with a focus on secure design, development
and delivery. Note how security is architected into cloud-native
applications and platform constructs like clusters, namespaces,
deployment configurations, SDN, roles, and pipelines.

AIOps (AI for IT Operations). Apply deep and machine learning (ML)
to model behavioral patterns in operations using the data that cloud
native applications generate to arrive at predictions. When applied to IT
operations, AIOps provides insight about a system and can give rise to
predictive alerts, reduction in mean time to repair (MTTR), and outage
avoidance.

ModelOps. About those ML models...they’re not just for AIOps. Part of

infusing AI into the enterprise is building a rich set of ML models that can
differentiate you from your competition. ML model lifecycles are highly
iterative, involve code, deployments, and publishing for consumption. The
constructs are different, but the pipeline activity, like application code,
can be automated in a toolchain.

BizDevOps. Focus on leading product management practices and tools,

while grooming strong, agile product owners. Avoid failure by investing
and emphasizing the importance of agile product management practices.

GitOps. Adopt an approach in which operations benefit from managing

platforms and services on “Day 2” similar to the way developers manage
their code on “Day 1.” GitOps is an evolutionary step in infrastructure-
as-code. Source repositories are the source of truth for operational,
infrastructure, and platform assets that define the desired state of
environments.
 GET STARTED

DevSecOps
DevSecOps is DevOps with a lens for security: secure design and
development of code, secure delivery through the pipeline, and secure
operations on Day 2. The challenges introduced with decentralized
workloads on the cloud, developers empowered with self-service,
and unprecedented accountability requires careful re-examination of
separation of duties, policy implementation, and how that translates to
modern cloud platform constructs.

SECURE DELIVERY INSTILLS TRUST & CONFIDENCE

Everyone is accountable. The IT security organization, developers,

architects, operations, and engineers are accountable for protecting
the enterprise. It is essential to include ITSec, AppSec, and NetSec
as crucial stakeholders in the evolution of your delivery governance,
pipeline activities, and operational readiness.

Mitigate the right amount of risk. Boldly question every pipeline task
that hinders velocity. Be sure it addresses a liability or mitigates an
unacceptable risk to the enterprise’s digital reputation. What risk is
taken if a pipeline task is not done?

Implement continuous compliance. Cloud adoption includes policies

and tools that provide a new granularity of control to images, pipeline
governance, application stacks, cluster environments, and identity and
access management that can extend the cloud platform.

Learn more

Check out the IBM Cloud Security Architecture.

https://www.ibm.com/cloud/architecture/architectures/securityArchitecture

10
 Declarative approaches to platform compliance leave the
control flow logistics to the platform to achieve the “desired
state”, making continuous compliance achievable.
 GET STARTED

AIOps
Traditional monitoring is changing. Teams can no longer rely on
administrators to define a set of monitors and associated thresholds
that might or might not detect an issue as it occurs. This lack of insight
into a system means that significant events can occur with almost no
foresight or warning.

“AI for IT Operations takes data from tickets, metrics, and log sources,
and uses deep learning and AI to gain insights from the data. This
data is then infused into processes to provide expert guidance for the
operations teams.” –Richard Wilkins, IBM Distinguished Engineer

SOLVE IT OPERATIONS PROBLEMS BY USING AI





































































































































Learn more

Read about AIOps.

https://www.ibm.com/cloud/architecture/architectures/sm-aiops/overview

12
Collect relevant data. Monitoring products collect large amounts of
data that is streamed into a common centralized data lake, which
enables AI models to create a system performance baseline. Relevant
data must be defined collaboratively by application and system
stakeholders.

Organize and curate data. Understanding the data and ensuring

that it is curated, accurate, organized, and up to date is important. A
data science team that understands the origin of the data, company
policies and rules, and the different data types can make or break
the accuracy of your AI predictions. Use big data tools and concepts
to organize the data into logical groups, or data sets, that drive AI
models.

Analyze by using data models. It is key to select the right AI models

to get the most accurate results from a data set. Data scientists select
and train the AI models that best suit the available data. Models
are fed data through supervised and then unsupervised learning to
establish a baseline of predictions that yield high confidence. Models
continuously learn with reinforcement learning to correct biases and
follow changes in application behavior.

Infuse processes with insight. The true value of AIOps is realized

when the insight gained from AI models is infused into operational
processes and procedures. Use collaboration tools that surface and
publish the results from AI models. These tools bring people together
so they can interact while using the insights provided by AI.
 GET STARTED

ModelOps
ML models must be trained (tested) and iteratively refined to achieve
the predictions needed to bring greater insight to a problem. ML
models consist of code, an analogous build to package and publish a
binary artifact, which is the runtime deployment of the model, and an
endpoint in which the model is consumed.

MACHINE LEARNING MODELS + DEVOPS = MODELOPS

Consider the lifecycle of model data. ML models are fed with data
from the collect and organize rungs of the IBM AI Ladder. Raw data
is collected from a variety of sources and pre-processed to prepare it
for consumption by an ML model.

Manage and govern your ML models in a pipeline. ML model code is

stored and version controlled in a repository. The source code must
be packaged and deployed (usually as an API endpoint), married
with its pre-processed data, trained, and evaluated to generate
predictions.

”Day 2” for ML models. Models and their predictions are only as good
as the data they ingest. Data changes over time, ML models “decay,”
which signals an opportunity to iterate on the model and examine
the data it consumes to make its predictions. Continuous learning is
key for the life cycle of ModelOps, which may result in a model being
updated or retired.

Learn more

See IBM’s AI and Analytics architecture.

https://www.ibm.com/cloud/architecture/architectures/aiAnalyticsArchitecture

14
AI is built on the strength of the machine learning (ML)
models that provide good actionable predications.
 GET STARTED

BizDevOps
The fast pace of cloud adoption and change leads successful agile
organizations to place a much greater emphasis on the quality and
business effectiveness of new digital capabilities. After adopting DevOps
practices and technology to streamline your IT team, removing blockers,
and building a pipeline, you continuously deliver faster than ever before.
However, you must ensure you are delivering what the market demands.

THE RIGHT OUTCOMES AT THE SPEED THE MARKET DEMANDS

Clearly define the business and user problem. Enterprise Design Thinking
is a proven way to clarify the definition of your desired business outcomes.
Technology enables you to deliver the solution.

Focus on business outcomes, not the work. Set Specific, Measurable,

Achievable, Relevant, and Time-bound (SMART) goals for your product
owners. Effective and empowered product ownership sets clear strategic
goals so that delivery teams can autonomously achieve those goals.

Empower product owners. Product owners are the organizational glue

between leaders and agile teams. As CEO of their product, good product
owners help teams do less starting and more finishing.

Measure value outcomes, not work. When it comes to delivering value,

busy does not mean productive. SMART goals matter to the business, and
measuring and achieving those goals defines true success.

Learn more

Learn how to empower your product owners.

https://www.ibm.com/garage/method/practices/culture/empower-product-
owners/

16
Ensure you deliver what the market demands!
 GET STARTED

GitOps
Infrastructure, platform, and operations engineers are essential roles in a
modern enterprise. With the adoption of cloud platforms, configurations
for applications, clusters, policies, roles, monitors, chatbots, and operators
are version controlled coded assets with their own pipeline and lifecycle.
Git is a well-known version control system for coded assets. Use it or your
favorite version control system to enable GitOps.

THE NEXT EVOLUTIONARY STEP OF CONFIGURATION-AS-CODE

System engineers are coders. System operators are engineers who code.
Their code is a valuable asset to the enterprise and must be treated as a
“first class citizen,” just like application code. Ensure your engineers have
the tools they need to maintain and curate their assets.

Everything is code. Source repositories are the source of truth for

operational, infrastructure, and platform assets that define the desired
state of environments. Repositories serve as the single point of
management for environment configurations and can be used to separate
concerns, duties, and access.

Compliance, governance, agility...oh my! Configuration-as-code can

make IT Sec and auditors super happy with the audit trail, access and
version control capabilities that come with repositories, because all
changes are observable and verifiable. Deploy configs through pipelines
and trigger config deployments, just like application code. That’s pretty
hands off!

Learn more

Read about the DevOps architectures.

https://www.ibm.com/cloud/architecture/architectures/devOpsArchitecture

18
 GET STARTED

One facet in the enterprise

modernization diamond
The modern enterprise is all about delivering modern applications
on modern platforms with modern teams. DevOps in combination
with application, integration, platform, and operations modernization
becomes a multiplier to achieving the success enterprises strive for.

DEVOPS...IT GOES SO GOOD WITH FILL IN THE BLANK

Application modernization. You invested in cloud adoption and

moving parts of your application portfolio to the cloud. Pipelines and
toolchains must evolve with your apps and the platforms.

Integration modernization. Whether it’s exposing functions deep in

your core systems, connecting microservices to APIs, or managing
configurations, use DevOps automation as an enabler to bridge custom
application development and integration capabilities.

Platform modernization. As workloads move to container based

platforms, infrastructure engineering implements GitOps to create
and manage platform assets. Policies, configurations, and resources
require governance and benefit from pipeline automation as they are
iteratively developed and managed.

Operations Modernization. Modernize operations for the cloud and

adopt SRE practices.

Learn more

Read about modern architectures.

https://www.ibm.com/cloud/architecture/architectures

20
If DevOps is the only facet of your transformation, you’re doing it
wrong.
 GET STARTED

DevOps on IBM Cloud

IBM Cloud has DevOps capabilities for your cloud native apps no
matter where your hybrid cloud workloads land. Create and custom-
ize an open toolchain from a template or roll your own. Powered by
open source technologies, like Tekton, IBM Cloud Continuous De-
livery service provides the framework to take your source code to a
running container in the cloud.

CLOUD PROUD, DEVOPS STRONG

Like open source pipeline tech? We do too! IBM Cloud provides

Kubernetes CI/CD capability using open source Tekton. Of course,
we git code, and hope you do too!

Leverage existing tool investments? Check! The toolchain

templates enable you to start quickly, easily integrate your existing
tools with your toolchain, and create custom stages for your
continuous delivery pipeline.

Instrument with IBM Cloud innovation? Yes, please! You can

instrument innovative security and compliance services in your CI/
CD pipeline using the IBM Cloud Code Risk Analyzer and IBM Cloud
Security and Compliance Center. Shift left security and compliance
are integrated with your pipeline without changing your code and by
leveraging predefined industry compliance goals.

Learn more

Check out IBM Cloud Pak®.

https://www.ibm.com/cloud/cloud-pak-for-applications

22
 Open source
tools

Existing tools
and toolchains

Instrumented
security

Want to send build alerts to your Slack team?

 GET STARTED

Hybrid DevOps with Red Hat

OpenShift
Hybrid cloud holds the promise of extending the enterprise estate
beyond on-premises data centers to include the public cloud mul-
tiverse. How do you you design, develop, deploy, and manage your
cloud native workloads?

COEXISTENCE IS KEY, CONSISTENCY IS CRUCIAL

“Hey, Java! Those containers look good on you!” Modernize your

WAS estate to Java running in Liberty containers on the Red Hat
OpenShift Container Platform. Migrate heritage WAS workloads
using tools to analyze and automate. Match your containerized Java
by modernizing your k8s native CI/CD pipelines with Tekton.

Deploy workloads to Red Hat OpenShift in your “frankencloud”.

Build once, deploy anywhere. Red Hat OpenShift Container Platform
is the industrialized version of Kubernetes in your hybrid, multi,
open, “frankencloud”. Deploy containers with open source k8s
native CI/CD to land anywhere in your hybrid cloud.

Respecting the “classics” (mainframe DevOps). In many

enterprises mainframes run your essential core processes.
Accelerate the modernization of your mission-critical apps. IBM Z®
offers a standard lifecycle toolchain and automation.

Learn more

Check out IBM CLoud Pak.

https://www.ibm.com/cloud/cloud-pak-for-management

24
 Ne

Deploy workloads in
your frankencloud

Modernization and the

mainframe

Ma.
 GET STARTED

IBM Garage can help you with

DevOps
DevOps is at the core of IBM Garage and enterprise modernization. The
IBM Garage is ready to help enterprises transform people, process,
and tools to achieve the business results you need to stay competi-
tive and differentiate your business in the market. IBM Garage is your
trusted partner to co-create, co-execute, and co-operate in ways that
matter to your enterprise.

LET’S BUILD SOMETHING TOGETHER

Partner with the IBM Garage!

Enterprise modernization roadmap
out
Build
Align vision and
biz outcomes

Just enough
Technical
architecture
underpinnings

Build MVP
Frame
MVP

Learn more

Check out the IBM Garage.

https://www.ibm.com/garage

26
Align on vision and desired business outcome. Whether it’s
strengthening your enterprise’s position in the market with innovative
products for consumers, or being responsive to market conditions,
DevOps must be placed in proper context to bring value to the business.
This results in defining your “diamond”, which includes more than
DevOps.

Discover technical underpinnings. Explore technical areas of interest.

Are there applications that are of interest? Are there emerging
technologies or capabilities that align with enterprise strategies? Define
the non-functional and qualities of service you strive for.

Frame your MVP. Use Enterprise Design Thinking to align business and
IT with an end user experience and roadmap that meets the desired
business outcome. Identify, define, and scope your MVP experiment in
the context of a roadmap. Be sure to identify risks and assumptions.

Define just enough architecture. Define a secure minimum viable

architecture that mitigates risk. Architect and create an implementation
roadmap for a hybrid, multicloud platform and DevOps adoptions.

Build an MVP. With new ways of working, modernize, deploy, and test
the application with a DevOps pipeline. Test hypotheses against the
stated business outcome.

Build out. Iterate across multiple MVPs to refine your solution until
you achieve the stated business outcome. Then, scale your production
environment and applications.

IBM Garage is a trusted partner, providing technology and prescriptive

guidance to deliver immediate business value.
Notes:
i t h t h e IB M Cloud
w
Get Technical ture
tec
DevOps Archi ecture/ hit
/ w w w .i b m .c om/cloud/arc
https:/ ture
h it ec tu re s / d evOpsArchitec
arc

Try these DevOps code assests!!

https://github.com/ibm-cloud-architecture/
gse-devops

Learn more about Red

Hat OpenShift
https://www.openshift.c
om/
Learn more about IBM Cloud Paks
https://www.ibm.com/cloud/paks/

Check out these cool DevOps videos

!
htt ps://www.youtube.com/playlist?li
st=P-
LOspHqNVtK AAm1dmyiR9WMm
w1U-
BoOwZVj
Visit an IBM Garage
https://www.ibm.com/garage

Explore the Garage a

Methodology and get
badge!!!
d-course
ibm.biz/explore-metho
Notices
© Copyright International Business Machines Corporation 2020, 2021.

IBM may not offer the products, services, or features discussed in this document in other countries. Consult your
local IBM representative for information on the products and services currently available in your area. Any reference
to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or
service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM
intellectual property right may be used instead. However, it is the user’s responsibility to evaluate and verify the
operation of any non-IBM product, program, or service.

IBM may have patents or pending patent applications covering subject matter described in this document. The
furnishing of this document does not grant you any license to these patents. You can send license inquiries, in
writing, to:

IBM Director of Licensing

IBM Corporation
North Castle Drive, MD-NC119
Armonk, NY 10504-1785
US

The following paragraph does not apply to the United Kingdom or any other country where such provisions are
inconsistent with local law: INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION
“AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED
TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR
PURPOSE. Some jurisdictions do not allow disclaimer of express or implied warranties in certain transactions;
therefore, this statement may not apply to you.

This information could include technical inaccuracies or typographical errors. Changes are periodically made
to the information herein; these changes will be incorporated in new editions of the publication. IBM may make
improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time
without notice.

Statements regarding IBM’s future direction or intent are subject to change or withdrawal without notice, and
represent goals and objectives only.

Trademarks

IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corp.,
registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other
companies. A current list of IBM trademarks is available on the web at “Copyright and trademark information” at
www.ibm.com/legal/copytrade.shtml.
IBM CLOUD DEVOPS STRATEGY
© 2020, 2021 IBM CORPORATION