Overview of DevOps flow enrichment for microservices-Cloud Monitor(CMS)-阿里云帮助中心

Background and goals

Built on UModel from Observability 2.0, DevOps flow enrichment for microservices introduces UModel entities for development and publishing. These entities enable end-to-end data modeling from code development to container deployment and integrate deeply with existing application performance monitoring (APM) and Kubernetes (K8s) observability systems.

Core value

1. End-to-end traceability

Code to service: Traces the complete path from the code repository and code publishing to the running APM service.
Image to deployment: Tracks the full process from container image building to K8s deployment.
Accountability: Clearly identifies the owner for each stage to quickly locate issues.

2. Cross-domain data fusion

DevOps domain: Focuses on development flows and artifact management.
APM domain: Application performance monitoring and service administration.
K8s domain: Container orchestration and infrastructure management.
Unified view: Associates cross-domain data using EntitySetLink.

3. AI-friendly data structure

Structured relationships: Provides a clear Entity Relationship Diagram for AI analysis.
Semantic modeling: Supports intelligent analysis based on business semantics.
End-to-end context: Provides complete business context information for AI.

Entity domain design

Note: The following architecture and implementation are examples. You can adjust and optimize them for your specific business scenarios.

DevOps domain (devops)

Entity type	Purpose	Core fields	Business value
Developer	Manages developer information, including roles such as developer, tester, O&M engineer, and product manager.	Employee ID, Name, Team, Role	Accountability, team collaboration analysis
Code repository	Manages code repositories.	Repository ID, Name, Language, Frame	Technology stack analysis, code quality tracking
Code publishing	Manages publishing records.	Publish ID, Tag, Commit SHA, Publish time	Version management, publish quality tracking
Image repository	Manages container image repositories.	Repository ID, Name, Type, Provider	Centralized image management, security compliance
Container image	Container image information	Image name, Tag, Summary, Build time	Image version management, deployment tracking

Integration with existing domains

APM domain integration

Service traceability: Traces APM services back to specific code repositories and published versions.
Accountability: Identifies the developer responsible for the service.
Version association: Quickly locates the specific code change that caused a service performance issue.

K8s domain integration

Image association: Links workloads such as pods, deployments, and StatefulSets to specific images.
Deployment tracking: Traces the full path from code publishing to container deployment.
O&M visibility: Lets O&M engineers quickly view the version and owner of a deployed service.

Relationship modeling design

Internal relationships in the DevOps domain

Developer ──manages──► Code repository
Developer ──manages──► Image repository
Code publishing ──sourced_from──► Code repository
Container image ──sourced_from──► Code publishing
Image repository ──contains──► Container image

Cross-domain relationships

Association with the K8s domain

K8s Pod ──uses──► Container image
K8s Deployment ──uses──► Container image
K8s StatefulSet ──uses──► Container image

Association with the APM domain

APM Service ──sourced_from──► Code repository
APM Service ──sourced_from──► Code publishing
Developer ──manages──► APM Service

Scenarios

1. Root cause analysis for failures

When an APM service has a performance issue:

You can quickly locate the responsible developer.
You can trace the issue back to a specific code change and published version.
You can analyze whether the issue is related to a recent image update.

2. Version impact analysis

Before publishing code:

You can analyze which APM services the release will affect.
You can predict the K8s workloads that might be affected.
You can develop rollback policies and risk contingency plans.
You can notify the relevant developers and O&M engineers.

3. Security and compliance management

A complete data link lets you:

Audit the entire code change flow.
Track the image building and distribution procedure.
Ensure that the source of deployed images is trusted.
Implement end-to-end security administration.

4. Performance analysis and optimization

Using rich associated data, you can:

Analyze the delivery performance of development teams.
Identify bottlenecks in the code-to-deployment process.
Optimize CI/CD flow configurations.
Improve overall delivery quality.

Technical implementation

Data collection

Code repository data: Obtained through the Git API or webhooks, including repository information and publishing records.
Image data: Collected through the Container Registry API, covering image building and storage details.
Developer data: Retrieved through integration with an HR system or LDAP.
Relationships: Established using CI/CD configuration files and deployment records.

Data storage

EntityStore: Stores entity data and relational data.
Real-time/Near-real-time updates: Maintained through event-driven or scheduled full-data synchronization mechanisms.

Value and benefits

Immediate benefits

Data unification: Provides a unified DevOps data view.
Relationship transparency: Clearly shows the dependencies between code, images, and services.
Clear accountability: Quickly locates the owner and scope of an issue.

Mid-term benefits

Intelligent analysis: Enables in-depth association analysis based on the graph structure.
Performance improvement: Identifies and optimizes bottlenecks in the DevOps flow.
Proactive risk identification: Detects potential deployment and service threats before they escalate.

Long-term benefits

Knowledge accumulation: Captures DevOps best practices as reusable knowledge.
Intelligent decision-making: Drives informed decisions based on historical data and relationship analysis.
Ecosystem extension: Provides a unified data foundation for more DevOps tools and flows.