In this talk, you will hear the best practices from analysts at Gartner, engineers at Heroku, and experiences at VSP distilled down into a top ten list of characteristics that applications ought to have to achieve high availability, scalability and flexibility. Target audience includes developers of APIs and web-based applications, the analysts and architects that design them and the infrastructure teams that support them.
2. Credits
Richard Watson
Research VP, Gartner
Cloud Characteristics, Principles and Design Patterns
(G00226919)
Martin Fowler & James Lewis
ThoughtWorks
Microservices (http://martinfowler.com/articles/microservices.html)
Adam Wiggins
Co-Founder, Heroku
The Twelve-Factor App (12factor.net)
11. What is Configuration?
• Database and Backend Service Endpoint
– jdbc:db2://10.0.1.2:50001/DB01:currentSchema=API
– https://api.vsp.com/claims
• Credentials
– L33t
– wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
• Canonical Hostnames
– www.vsp.com
Source: http://12factor.net/config
12. What isn’t Configuration?
• Spring Wiring
<bean id="myBean” class=”com.vsp.PintoBean”/>
• Rails Routes
– get ’/stuff', :to => ’things#show’
Source: http://12factor.net/config
13. A litmus test for whether an app has all config
correctly factored out of the code is whether the
codebase could be made open source at any
moment, without compromising any credentials.
Source: http://12factor.net/config
14. Where does it go?
• Source Control? NO
• Java System Properties? NO
• Environment Variables? YES!
Source: http://12factor.net/config
20. Cloud Native applications must be isolated from
backing service failures or risk being taken down
with them.
Source: https://github.com/Netflix/Hystrix/wiki
32. Organizations should look at how they can inject
security practices throughout the agile
development cycle.
Source: http://www.thoughtworks.com/radar/techniques/security-sandwich
35. The principle of defense-in-depth is that layered
security mechanisms increase security of the
system as a whole.
Source: https://www.owasp.org/index.php/Defense_in_depth
40. The microservice architectural style is an
approach to developing a single application as a
suite of small services, each running in its own
process.
Source: http://martinfowler.com/articles/microservices.html
43. Immutable servers allow you to be absolutely
certain what the state of a server is once it has
been provisioned
Source: http://www.thoughtworks.com/insights/blog/rethinking-building-cloud-part-4-immutable-servers
51. A cloud native application exports HTTP as a
service by binding to a port, and listening to
requests coming in on that port.
Source: http://12factor.net/port-binding
53. The microservice architectural style consists of
services communicating with lightweight
mechanisms, often an HTTP resource API.
Source: http://martinfowler.com/articles/microservices.html
54.
55.
56. “Be conservative in what you do,
be liberal in what you accept from others” – Jon Postel
RFC 760
Robustness Principle