How We Built a Scalable Cloud‑Native DevOps Platform from Scratch

Background and Challenges

In 2021 a new software R&D team was formed with no prior DevOps experience. The team faced four main problems:

Insufficient DevOps expertise to build and maintain infrastructure.

High upfront cost for self‑hosting project management, code repository, CI/CD, artifact storage and Kubernetes.

Strict compliance and security requirements, including multi‑tenant account management.

Need for rapid, reliable product development cycles.

Solution Selection

The team evaluated major Chinese cloud providers and DevOps products and chose Alibaba Cloud DevOps (Cloud Effect) based on:

Completeness: End‑to‑end support for project management, code repositories, pipelines, artifact stores, and both Kubernetes (ACK) and ECS deployments.

Integration: Tight coupling of pipeline stages with Kubernetes, reducing integration effort for small‑to‑medium teams.

Maturity: Stable, production‑ready features with extensibility.

Cost‑effectiveness: Low per‑user pricing and reduced reporting overhead.

Implementation Overview

Project and Task Management

Using Cloud Effect’s project management, separate projects were created for each product line. Custom fields such as “Product Line” and “Tech Stack” enable a single team to manage multiple products, and project sets provide cross‑team oversight.

Git Flow and Repository Policies

The team adopted a GitHub‑Flow style:

Protected main branch; all changes must be submitted via merge requests.

Branch names follow feature/XXXX-001 (task type + ID) and include standardized commit messages for automatic issue linking.

Git tags represent container image versions; the CD pipeline derives image names from repository and tag information.

CI/CD Pipelines

Three pipelines are defined per service:

Pre‑check Merge Request: Runs static code analysis, vulnerability scans, and unit tests before a merge is allowed.

Continuous Integration (CI): Triggered after merging to main; builds Docker images, runs unit tests, and pushes artifacts to a test environment.

Continuous Delivery (CD): Manual selection of a tag or branch to deploy the corresponding image to the target environment via a custom CLI step.

Pipeline names follow the pattern {application‑name}-service/web-ci-k8s (CI) and {application‑name}-service/web-cd-k8s (CD).

Multi‑Environment Image Promotion

A custom CLI step promotes a single built image across environments (pre‑production, preview, production) by creating a new Git tag after successful CI testing and reusing the same image in downstream deployments.

Release Branch Strategy

Each production release is isolated in a branch such as release/202406 with version identifiers like 202406-20240630.539481. A “release week” freezes non‑bug‑fix changes, allowing only verification and gray‑release to preview environments.

Dependency Management

Internal Maven and NPM artifact repositories host shared libraries, reducing reliance on external sources and simplifying security audits.

Infrastructure as Code

All infrastructure components (e.g., Redis, Consul) are defined in Kubernetes YAML or Helm charts stored in the same Git repositories. A single main branch tracks baseline infrastructure, enabling versioned reviews and rollbacks.

AppStack and Multi‑Cluster Deployment

The “AppStack” feature manages ~90 % of common applications across clusters, while special services (e.g., Gateways) receive dedicated configurations, lowering operational cost.

GitOps for Configuration Management

Configuration files are committed to Git. A watcher (Gonsul) or scheduled CronJob synchronizes the repository to Consul. Emergency changes can be applied directly in the config center but automatically expire after the next deployment cycle.

Container Management and Monitoring

Kubernetes clusters are provisioned with Alibaba Cloud ACK and managed through Cloud Effect’s resource pool. Monitoring combines Prometheus (via ACK) and Alibaba SLS for logs, providing real‑time alerts and troubleshooting.

Key Takeaways

The end‑to‑end Cloud‑Native DevOps platform now supports hundreds of micro‑services, dozens of pipelines, and automated multi‑environment releases, allowing a small R&D team to operate without a dedicated ops group while maintaining compliance, stability, and rapid delivery.

Reference: https://help.aliyun.com/document_detail/153810.html