Enterprise Cloud Native is The New Normal #CDS19

Transcript

1. | ContainerDays 2019 | Enterprise Cloud Native is the New

   Normal | @LeanderReimer #cloudnativenerd #qaware 1 ENTERPRISE CLOUD NATIVE IS THE NEW NEW NORMAL

2. CLOUD NATIVE BUZZWORD

3. Kubernetes

4. Microservices

5. Docker

6. Monoliths

7. Prometheus

8. FC St. Pauli

9. Waterfall

10. GitOps

11. CI/CD

12. REST APIs

13. YAML

14. CloudEvents

15. Serverless

16. Container Days 2019

17. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 17 Mario-Leander Reimer Principal Software Architect QAware GmbH

18. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 1996 18

19. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 2000 19

20. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 2009 20

21. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 2015 21

22. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 2019 22

23. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 23 By Simon Wardley #EEA @swardly https://twitter.com/swardley/status/1143463178396979200?s=03

24. NOPE, IT'S ALL BAD. SO THIS IS CLOUD NATIVE? YOU

    KNOW WHAT? IT'S NOT HALF BAD.

25. OF COURSE IT'S NOT ALL RAINBOWS AND UNICORNS IN CLOUD

    NATIVE LAND.

26. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Gartner Hype Cycle for Cloud Computing, 2018 26 https://www.computerwoche.de/i/detail/artikel/3546147/1/3245986/EL_mediaN1005C/

27. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Don’t do this! This is not a good idea! 27 Microservice A Microservice T Microservice ? The Monolith Component A Component T Component ? REST REST REST

28. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Slice your system based on Domain Concepts 28

29. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Hands-on Event Storming. Event storming is a workshop-based interactive method for rapidly identifying the key concepts and boundaries in a business domain and aligning a variety of stake- holders in the best way to slice potential solutions. The basic idea is to bring together software developers and domain experts and learn from each other. The business process is "stormed out" as a series of domain events which are denoted as sticky notes on a wide wall. It was invented by Alberto Brandolini in the context of domain- driven design (DDD). 29 https://www.thoughtworks.com/radar/techniques/event-storming

30. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 30 Domain Event An event that occurs in the business process. Written in past tense. Issue An issue or question that needs to be clarified and resolved. Business Process Processes commands according to business rules. Creates 1..* domain events. Aggregate Cluster of domain objects that can be treated as a single unit. Command A command executed on an aggregate that results in the creation of a domain event. External System A third-party service provider such as a payment gateway or shipping company. View A view that users interacts with to carry out a task in the system. 1.Domain Event Storming Write the domain events on Post-Its in past tense. Arrange in chronological order. 2.Story Telling Moderate through the process. Re-arrange Post-Its, remove duplicates. 3.Functional Refinement Search and find the bounded contexts in the business processes to slice your system. 4.Technical Refinement Further subdivision. Possible indicators: size, isolation, speed, redundancy.

31. picture alliance / United Archive 8 Fallacies of Distributed Systems

    1. The network is reliable 2. Latency is zero 3. Bandwidth is infinite 4. The network is secure 5. Topology doesn’t change 6. There is one administrator 7. Transport cost is zero 8. The networks is homogeneous

32. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 1. The network is reliable Problem: Of course network calls are not reliable and will fail! • Circuit Breakers and Retries are an option, but not the solution. • Service Meshes can help but bring additional complexity and overhead. Have a look at Istio, Linkerd, et.al. + Service Mesh Interface (SMI) • Favour Event-driven Architecture (EDA) for loosely coupled systems. But new challenges arise: protocols, delivery guaranties, message encoding • Numerous exciting CNCF projects, e.g. CloudEvents, OpenMessaging 32 https://landscape.cncf.io/category=streaming-messaging&format=card-mode&license=open-source

33. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 2. Latency is zero Problem: Network calls are not instant. The dreaded n+1 problem. • Retrieve all required data with the least amount of requests, ideally one only. • Several REST alternatives: GraphQL, efficient binary protocols like gRPC. • Use the B4F and API gateway patterns for Server-side data aggregation. • Inversion of Control: Usage of Pub/Sub mechanisms, Server-sent events, Web Sockets or Local Storage. • Move the data closer to your clients. Make use of Availability Zones, Content Delivery Networks (CDN) and intelligent Caching. 33 https://landscape.cncf.io/category=remote-procedure-call&format=card-mode&license=open-source

34. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 4. The network is secure Problem: The network is NOT secure. 
 „Running workloads in the cloud is easy - doing it securely and in a compliant way is hard.“ • Security by Design -> Continuous Security -> Continuous Compliance. • Use a layered security approach: network, infrastructure, platform and application. 
 Free eBook on Securing Microservice APIs. • Know the 4C’s of Cloud Native Security: Cloud, Cluster, Container, Code.
 https://kubernetes.io/docs/concepts/security/overview/ • Use Distroless images. https://github.com/GoogleContainerTools/distroless • Zero Trust per Default: mTLS between services using a service mesh and SPIFFE. • Compliance per GitSec und Phylake -> Open Policy Agent (OPA), Kubernetes, Istio, Falco 34 https://landscape.cncf.io/category=security-compliance&format=card-mode&license=open-source

35. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 5. Topology doesn’t change Problem: Network topologies are changing constantly! • Abstract from physical network structure. No hard-coded IPs. Use DNS or other Discovery services. • Cloud-native API Gateways cater for additional location transparency. • Cattle, not pets. Treat Clusters Like Cattle. Immutable Infrastructure. • Regular chaos testing to validate robustness: Netflix Chaos Monkey, kube-monkey, Chaos Toolkit, Gremlin, … 35 https://landscape.cncf.io/category=chaos-engineering&format=card-mode&license=open-source

36. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 6. There is one administrator Problem: There is not such thing as the one person that knows everything! • Everyone on your team is responsible for the release process. Early involvement of all relevant stakeholders. DevOps. • Clearly define your DevOps Topology, with its roles, responsibilities, SLOs and SLAs. • Eliminate manual chages to your infrastructure! GitOps is the magic workd! • Weave Flux: https://github.com/weaveworks/flux • Automated CI/CD pipelines: Knative Build, Spinnaker, Drone, GitLab, JenkinsX, … • Seales Secrets: https://github.com/bitnami-labs/sealed-secrets 36 https://landscape.cncf.io/category=continuous-integration-delivery&format=card-mode&license=open-source

37. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 37 
 DevOps Anti-Types, e.g. DevOps Team Topologies, e.g. https://web.devopstopologies.com DevOps Team Silo Dev Don’t Need Ops Rebranded SysAdmin Dev and Ops Collaboration Fully Shared Ops Responsibilities SRE Team (Google Model) DevOps Advocacy Team Ops as Infrastructure-as-a-Service DevOps as External Service

38. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Improve the Cloud Native DevEx of your teams! 38

39. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 39 vs. https://www.datawire.io/guide/development/development-environments-microservices/

40. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Telepresence enables fast and local development of Kubernetes and OpenShift microservices. 40 Laptop Source Code Lokaler Service Telepresence Client IDE Remote Kubernetes Cluster Telepresence Proxy Service A Service B Database Queue https://www.telepresence.io 2-way Network Proxy

41. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Various tools to make the Inner Development Loop easier and more efficient. • The Rise of the IDE: Plugins, Plugins, Plugins. Beispiele: Cloud Code, OpenShift Extension • Squash enables easy remote debugging of running microservices in Kubernetes und OpenShift from within your IDE. • Skaffold is for continuous development.
 It simplifies the developer workflow and
 combines individual development phases
 into one simple command: skaffold dev 41

42. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Serverless is the next logical evolution in Cloud Native Software Development 42

43. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware –https://landscape.cncf.io/ „Serverless computing refers to a new model of cloud native computing, enabled by architectures that do not require server management to build and run applications. It leverages a finer-grained deployment model where applications, bundled as one or more functions, are uploaded to a platform and then executed, scaled, and billed in response to the exact demand needed at the moment.“ 43

44. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 44 Functions as preferred Serverless application programming model.

45. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 45

46. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware Put Knative, Riff and Kyma on your radar. • Knative • Build for Cloud-native Source-to-Container orchestration. • Serving for a Scale-to-Zero request driven compute model based on Istio. • Eventing provides primitives to enable late-binding event sources and consumers • Project Riff • Provides and integrates basic FaaS platform infrastructure components. Currently v0.3.0 • Combines Cloud Native Build Packs with Knative Serving and Knative Eventing. • Kyma • Full blown Serverless platform with many components. Currently v1.1.0 • Service Mesh, Knative, Service Broker, Event Bus, API Gateway, Diagnosability, Security, … 46

47. • 1st und 2nd Generation Platforms. • Enable smooth transition

    and hybrid architectures for selected use cases. • Fission is a fast and complete platform with support for many languages. • Nuclio is lightning fast, with small footprint and many triggers. • OpenFaaS is super popular and a really active and good community. Fast. ARM Support. • Kubeless is simple and lightweight. • https://github.com/lreimer/the-big-faas-lebowski

48. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware In a Nutshell … • Model and slice your Cloud Native applications based on domain concepts. 
 Event Storming is a proven method in the context of domain driven design. • Know the 8 Fallacies of Distributed Systems and their implications. • Cloud native API Gateways and Service Meshes are useful and vital infrastructure components in any cloud native architecture. • Security by Design, Continuous Security and Continuous Compliance are complex but important topics to study. • Optimize the Cloud Native DevEx and the inner development loop your teams to improve developer productivity and happiness! • Serverless is the next logical evolution in cloud native software development. 48

49. OUR CLOUD NATIVE FUTURE IS SO BRIGHT, WE NEED SHADES.

50. | ContainerDays 2019 | Enterprise Cloud Native is the New

    Normal | @LeanderReimer #cloudnativenerd #qaware 50 CompletableFuture<SoftwareIngenieurIn> ich = CompletableFuture.supplyAsync(() -> erfindergeist() .handwerksstolz() ); CompletableFuture<Projekthaus> qaware = CompletableFuture.supplyAsync(() -> professionalität() .lässigkeit() ); Erfolg start = qaware.thenCombine(ich, (i, q) -> i.sendeBewerbung(q)) .join(); More details at http://www.qaware.de/karriere/#jobs

51. & Mario-Leander Reimer Principal Software Architect, QAware GmbH [email protected] https://www.qaware.de

    https://speakerdeck.com/lreimer/
52. None