cloud professional services

May 20, 2021 5:10:27 PM by Ido Ziv

Architecture for A Cloud-Native App and Infrastructure

Cloud Native, High-Tech

"Cloud-native" has become a concept integrated into modern application development projects. A cloud-native application is an application that has been designed specially for the cloud. Such applications are developed and architectured with cloud infrastructure and services in mind. These applications rely on services that ignore the hardware layers and their maintenance. The Cloud Native Foundation  is a community of doers who push to enable more Open-Source vendor-free applications

 

How to Design a Cloud-Native App and Environment

Design as a loosely coupled micro-service

As opposed to creating a huge application, the microservices design consists of developing several smaller applications that run in their processes and communicate using a lightweight protocol such as HTTP. Fully automated deployment tools make it possible for these services to be deployed independently of business capabilities. for example, see AWS Serverless Architecture for loosely coupled applications:

Cloudride 1

Develop with the best languages and frameworks.

An application developed using cloud-native technology should use the language and framework best suited to the functionality. For example, a streaming service could be developed in Node.js with WebSockets, while a deep learning-based service could be built-in Python and REST APIs using Spring-boot.

Connect APIs for collaboration and interaction

Typically, cloud-native services should draw their functionality from lightweight APIs based on REST protocols. Service communication between the internal services is based on binary protocols such as Thrift, Protobuff, GRPC, etc, a great tool for collaboration is Postman, which also runs on AWS

Make it scalable and stateless.

Any instance of the app should process a request in a cloud-native app because it stores its state in an external entity. Unlike the underlying infrastructure, these apps are not bound to it. They can run distributedly while maintaining their state autonomous of it.

Your architecture should be built with resilience at its core

Resilient systems can recover from failures and continue to function, no matter how significant they may be. But it is not just about preventing failures but responding to them in a way that prevents downtime or data loss. this is AWS’s suggestion on Resilience Architecture

cloudride 2

Build for scalability

The flexibility of the cloud allows cloud-native apps to scale in response to an increase in traffic rapidly. A cloud-based e-commerce app can be configured to use additional compute resources when traffic spikes and then turn those resources off once traffic decreases. for example see this Azure Web Application Architecture:

Cloudride 3

Cloud-Native Application Architecture Development Requirements

Cloud-native DevOps architectures are designed for managing an application and its infrastructure consistently, verifiably, and automatically between non-production environments (testing and development) and production environments (operations). DevOps dissolves the gap between the development, testing, and production environments as the norm of organizational culture.

Architecture for Cloud-Native App and Infrastructure with DevOps

DevOps principles for cloud-native web development mean building CI/CD pipelines by integrating DevOps technologies and tools. Consistent integration processes result in teams committing code changes to their repository more often, leading to lower costs and higher software quality.

An Example architecture form the Argo CD Project

Cloudride 4

DevOps architecture prototype components

Amazon EKS

EKS is an Amazon Web Services' container-as-a-service offering for Kubernetes. To automatically clear out any abnormal instances of control planes that might be causing issues within Availability Zones within a Region, Amazon EKS checks whether they are running across Availability Zones and restarts them as necessary. Through AWS Regions architecture, EKS enables Kubernetes clusters to be highly available by avoiding single points of failure.

OpenShift Container Platform

Known as a private PaaS platform, RedHat's OpenShift is a containerization system deployed on-premise or on public cloud infrastructure like AWS.

Hard Kubernetes cluster

Using a Kubernetes cluster to build a complex environment is recommendable. Dedicated clusters offer more flexibility and robustness and can be managed by highly automated tools.

AWS KMS Key Management

The KMS software creates and manages cryptographic keys quickly and easily, controlling their use across AWS services and within the cloud-native application. An application must meet the requirements that hardware security modules are conformant to FIPS 140-2 or in the process of being validated against it. 

Development Tools

  • AWS ECR: For reliable deployment of containers and the ability to manage individual repositories based on resource access, much like https://hub.docker.com/
  • Terraform: an Infrastructure as code software tool much like AWS CloudFormation or Azure Resource Manager, but they beauty of it is that it can support multi clouds.
  • Helm: It runs on top of Kubernetes to describe and administer an app according to its structure.
  • Argo CD: To enhance the process of identifying, defining, configuring, and managing app lifecycles with declarative and version-controlled definitions and environments.
  • CodeCommit: To host the Git repository, so the DevOps team does not have to run their source control system, creating a bottleneck when scalability is needed
  • Harbor: the trusted cloud native repository for Kubernetes
  • CoreDNS: a DNS server which can be used in a multitude of environments because of its flexibility.
  • Prometheus: an open source monitoring solution used for event monitoring and alerting in real-time metrics.

and many more can be found in:  the periodic table of DevOPS

SonarQube code quality and security analysis

A tool called SonarQube, available under the Apache open-source license can help with automated code review to identify errors in code, bugs, and vulnerabilities. In addition to enhancing coding guideline compliance, the tool can be used to assess general quality issues.

AWS IAM Cloud Identity & Access Management

Another security pillar is the management of identities and access. Because we're using AWS, IAM from AWS makes perfect sense. Amazon Web Services (AWS) Identity and Access Management (IAM) governs who can access the cloud environment and sets the permissions each signed-in user has.

DevOps Teams & Consulting

If your organization can benefit from expert consulting in DevOps or need a flexible, experienced team to deliver cloud-native applications or manage Kubernetes clusters, Cloudride is here to help. Get in touch with us!

Subscribe today

For weekly special offers and new updates!