ContainerDays 2019, Hamburg: Talk by Mario-Leander Reimer (@LeanderReimer, Principal Software Architect at QAware)
=== Please download slides if blurred! ===
Abstract: The world of IT and technology is moving faster than ever before. Cloud native technology and application architecture have been influencing and disrupting the software engineering discipline for the past years and there is no end in sight. But according to Gardner we are currently entering the trough of disillusionment. So does this mean we followed the wrong path and that we should turn back? Hell no!!!
Despite of all disbelievers and trolls: cloud native is neither a failure nor a hype anymore! It will become mainstream. We already see widespread adoption at all our customers. Of course there still is a lot of room for improvement. No doubt about that. Technology, methodology, processes, operations, cloud native architecture and software development need to mature even further to become boring and ready for the enterprise. This is software industrialization in its purest form. And our skills and expertise are required to make this happen.
Just Call Vip call girls Erode Escorts ☎️9352988975 Two shot with one girl (E...
Enterprise Cloud Native is the New Normal
1. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware1
ENTERPRISE
CLOUD NATIVE
IS THE NEW
NEW NORMAL
17. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware17
Mario-Leander Reimer
Principal Software Architect
QAware GmbH
18. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
1996
18
19. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
2000
19
20. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
2009
20
21. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
2015
21
22. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
2019
22
23. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware23
By Simon Wardley #EEA @swardly https://twitter.com/swardley/status/1143463178396979200?s=03
24. NOPE, IT'S ALL BAD.
SO THIS IS
CLOUD NATIVE?
YOU KNOW WHAT?
IT'S NOT HALF BAD.
25. OF COURSE IT'S NOT
ALL RAINBOWS AND
UNICORNS IN
CLOUD NATIVE LAND.
26. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Gartner Hype Cycle for Cloud Computing, 2018
26
https://www.computerwoche.de/i/detail/artikel/3546147/1/3245986/EL_mediaN1005C/
27. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Don’t do this! This is not a good idea!
27
Microservice
A
Microservice
T
Microservice
?
The Monolith
Component
A
Component
T
Component
? REST
REST
REST
28. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Slice your system based on
Domain Concepts
28
29. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Hands-on Event Storming.
Event storming is a workshop-based interactive method
for rapidly identifying the key concepts and boundaries
in a business domain and aligning a variety of stake-
holders in the best way to slice potential solutions. The
basic idea is to bring together software developers and
domain experts and learn from each other. The business
process is "stormed out" as a series of domain events
which are denoted as sticky notes on a wide wall. It was
invented by Alberto Brandolini in the context of domain-
driven design (DDD).
29
https://www.thoughtworks.com/radar/techniques/event-storming
30. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware30
Domain Event
An event that occurs in the business process. Written in past tense.
Issue
An issue or question that needs to be clarified and resolved.
Business Process
Processes commands according to business rules. Creates 1..* domain events.
Aggregate
Cluster of domain objects that can be treated as a single unit.
Command
A command executed on an aggregate that results in the creation of a domain event.
External System
A third-party service provider such as a payment gateway or shipping company.
View
A view that users interacts with to carry out a task in the system.
1.Domain Event Storming
Write the domain events on Post-Its in past tense.
Arrange in chronological order.
2.Story Telling
Moderate through the process. Re-arrange Post-Its,
remove duplicates.
3.Functional Refinement
Search and find the bounded contexts in the
business processes to slice your system.
4.Technical Refinement
Further subdivision. Possible indicators: size,
isolation, speed, redundancy.
31. picture alliance / United Archive
8 Fallacies of Distributed Systems
1. The network is reliable
2. Latency is zero
3. Bandwidth is infinite
4. The network is secure
5. Topology doesn’t change
6. There is one administrator
7. Transport cost is zero
8. The networks is homogeneous
32. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
1. The network is reliable
Problem: Of course network calls are not reliable and will fail!
• Circuit Breakers and Retries are an option, but not the solution.
• Service Meshes can help but bring additional complexity and overhead.
Have a look at Istio, Linkerd, et.al. + Service Mesh Interface (SMI)
• Favour Event-driven Architecture (EDA) for loosely coupled systems. But
new challenges arise: protocols, delivery guaranties, message encoding
• Numerous exciting CNCF projects, e.g. CloudEvents, OpenMessaging
32
https://landscape.cncf.io/category=streaming-messaging&format=card-mode&license=open-source
33. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
2. Latency is zero
Problem: Network calls are not instant. The dreaded n+1 problem.
• Retrieve all required data with the least amount of requests, ideally one only.
• Several REST alternatives: GraphQL, efficient binary protocols like gRPC.
• Use the B4F and API gateway patterns for Server-side data aggregation.
• Inversion of Control: Usage of Pub/Sub mechanisms, Server-sent events, Web
Sockets or Local Storage.
• Move the data closer to your clients. Make use of Availability Zones, Content
Delivery Networks (CDN) and intelligent Caching.
33
https://landscape.cncf.io/category=remote-procedure-call&format=card-mode&license=open-source
34. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
4. The network is secure
Problem: The network is NOT secure.
„Running workloads in the cloud is easy - doing it securely and in a compliant way is hard.“
• Security by Design -> Continuous Security -> Continuous Compliance.
• Use a layered security approach: network, infrastructure, platform and application.
Free eBook on Securing Microservice APIs.
• Know the 4C’s of Cloud Native Security: Cloud, Cluster, Container, Code.
https://kubernetes.io/docs/concepts/security/overview/
• Use Distroless images. https://github.com/GoogleContainerTools/distroless
• Zero Trust per Default: mTLS between services using a service mesh and SPIFFE.
• Compliance per GitSec und Phylake -> Open Policy Agent (OPA), Kubernetes, Istio, Falco
34
https://landscape.cncf.io/category=security-compliance&format=card-mode&license=open-source
35. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
5. Topology doesn’t change
Problem: Network topologies are changing constantly!
• Abstract from physical network structure. No hard-coded IPs. Use
DNS or other Discovery services.
• Cloud-native API Gateways cater for additional location transparency.
• Cattle, not pets. Treat Clusters Like Cattle. Immutable Infrastructure.
• Regular chaos testing to validate robustness: Netflix Chaos Monkey,
kube-monkey, Chaos Toolkit, Gremlin, …
35
https://landscape.cncf.io/category=chaos-engineering&format=card-mode&license=open-source
36. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
6. There is one administrator
Problem: There is not such thing as the one person that knows everything!
• Everyone on your team is responsible for the release process. Early involvement of all
relevant stakeholders. DevOps.
• Clearly define your DevOps Topology, with its roles, responsibilities, SLOs and SLAs.
• Eliminate manual chages to your infrastructure! GitOps is the magic workd!
• Weave Flux: https://github.com/weaveworks/flux
• Automated CI/CD pipelines: Knative Build, Spinnaker, Drone, GitLab, JenkinsX, …
• Seales Secrets: https://github.com/bitnami-labs/sealed-secrets
36
https://landscape.cncf.io/category=continuous-integration-delivery&format=card-mode&license=open-source
37. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware37
DevOps Anti-Types, e.g. DevOps Team Topologies, e.g.
https://web.devopstopologies.com
DevOps Team Silo
Dev Don’t Need Ops
Rebranded SysAdmin
Dev and Ops Collaboration Fully Shared Ops Responsibilities
SRE Team (Google Model) DevOps Advocacy Team
Ops as Infrastructure-as-a-Service DevOps as External Service
38. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Improve the
Cloud Native DevEx
of your teams!
38
39. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware39
vs.
https://www.datawire.io/guide/development/development-environments-microservices/
40. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Telepresence enables fast and local development
of Kubernetes and OpenShift microservices.
40
Laptop
Source Code
Lokaler
Service
TelepresenceClientIDE
Remote Kubernetes Cluster
TelepresenceProxy
Service A
Service B
Database
Queue
https://www.telepresence.io
2-way
Network
Proxy
41. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Various tools to make the Inner Development Loop
easier and more efficient.
• The Rise of the IDE: Plugins, Plugins, Plugins. Beispiele: Cloud Code,
OpenShift Extension
• Squash enables easy remote debugging of running microservices in
Kubernetes und OpenShift from within your IDE.
• Skaffold is for continuous development.
It simplifies the developer workflow and
combines individual development phases
into one simple command: skaffold dev
41
42. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Serverless
is the next logical evolution in
Cloud Native Software Development
42
43. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
–https://landscape.cncf.io/
„Serverless computing refers to a new model of
cloud native computing, enabled by architectures
that do not require server management to build and
run applications. It leverages a finer-grained
deployment model where applications, bundled as
one or more functions, are uploaded to a platform
and then executed, scaled, and billed in response to
the exact demand needed at the moment.“
43
44. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware44
Functions
as preferred Serverless application
programming model.
45. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware45
46. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
Put Knative, Riff and Kyma on your radar.
• Knative
• Build for Cloud-native Source-to-Container orchestration.
• Serving for a Scale-to-Zero request driven compute model based on Istio.
• Eventing provides primitives to enable late-binding event sources and consumers
• Project Riff
• Provides and integrates basic FaaS platform infrastructure components. Currently v0.3.0
• Combines Cloud Native Build Packs with Knative Serving and Knative Eventing.
• Kyma
• Full blown Serverless platform with many components. Currently v1.1.0
• Service Mesh, Knative, Service Broker, Event Bus, API Gateway, Diagnosability, Security, …
46
47. • 1st und 2nd Generation Platforms.
• Enable smooth transition and hybrid
architectures for selected use cases.
• Fission is a fast and complete platform with
support for many languages.
• Nuclio is lightning fast, with small footprint
and many triggers.
• OpenFaaS is super popular and a really active
and good community. Fast. ARM Support.
• Kubeless is simple and lightweight.
• https://github.com/lreimer/the-big-faas-lebowski
48. | ContainerDays 2019 | Enterprise Cloud Native is the New Normal | @LeanderReimer #cloudnativenerd #qaware
In a Nutshell …
• Model and slice your Cloud Native applications based on domain concepts.
Event Storming is a proven method in the context of domain driven design.
• Know the 8 Fallacies of Distributed Systems and their implications.
• Cloud native API Gateways and Service Meshes are useful and vital infrastructure
components in any cloud native architecture.
• Security by Design, Continuous Security and Continuous Compliance are complex but
important topics to study.
• Optimize the Cloud Native DevEx and the inner development loop your teams to improve
developer productivity and happiness!
• Serverless is the next logical evolution in cloud native software development.
48