Category Archives: Cloud Computing

Rising Cloud Technologies: Service Mesh

New technologies help companies to transform organizations into digital organizations. Identifying the emerging cloud technologies and understanding their impact on the existing cloud landscape can help companies to become more successful.

While some companies do not have a formal cloud strategy in place, most companies are using at least a cloud technology such as SaaS, IaaS or PaaS – whether in a private, public or hybrid cloud.

Other companies follow a multi cloud strategy since it allows them to select different cloud services from different providers because some are better for certain tasks than others. For example, some cloud platforms specialize in large data transfers or have integrated machine learning capabilities.

Most popular cloud models are the hybrid and multi cloud as of today. Seeing the first benefits of cost savings and increased efficiencies, companies focus now more on agility, speed and time to market to enable digital business success.

The new cloud capabilities increase the deployment options. Companies want the benefits of the cloud in all of their IT systems with the increased offering of cloud service providers, customers can now decide on the technology, services, providers, locations, form factors and control.

Since the digitalization journey raises new considerations and expectations, companies are now looking into technical areas to improve their cloud landscape such as the distributed cloud, API-Centric SaaS, Cloudlets, Blockchain PaaS, Cloud Native, Site Reliability Engineering, Containers, Edge Computing and Service Mesh.

Service Mesh

A service mesh controls how different parts of an application share data with each other. Unlike other communication management systems, a service mesh is a configurable and dedicated infrastructure layer directly integrated into the application. It can be used to document how well (or poorly) the various components of an application interact. In this way, communication is optimized and failures can be minimized, even as the applications grow.

Each part of an application, a “service”, is again based on other services that provide the user with the desired function. For example, if you buy a product via an e-Commerce application, you want to know if the product is in stock. So the service that communicates with that company’s inventory database needs to communicate with the product website, which in turn needs to communicate with the user’s online shopping cart. In order to increase business value, this retailer may eventually develop a service that recommends products to the user in the application. This new service communicates for these recommendations with a database of product tags, but also with the same inventory database that the product website accessed. So we are dealing with a large number of reusable moving parts.

Modern applications are often unbundled in this way, as a network of services, each service performing a specific business function. To perform its function, a service may need to request data from other services. But what happens if some of these services are overloaded with requests, such as our retailer’s inventory database? This is where Service Mesh comes in, a feature that routes requests from one service to another and optimizes the interaction of all the variable parts.

The difference between a Service Mesh and Micro Services

With a micro service architecture, developers can change the services of an application without having to deploy it from scratch. In contrast to application development in other architectures, individual micro services are built by small teams that can freely choose tools and programming languages. Micro services are basically developed independently of one another, communicate with one another and can fail individually without this leading to a complete failure of the entire application.

The basis of micro services is the communication between the individual services such as an inter-service communication. A communication logic can also be programmed into any service without a service mesh, but a service mesh becomes more and more useful as the complexity of communication increases. In cloud native applications, which are integrated into a micro service architecture, a service mesh can combine a large number of separate services into a functional application.

Sidecar Proxies

In a service mesh, requests between micro services are transmitted via proxies in a separate infrastructure layer. For this reason, individual proxies that make up a service mesh are sometimes called “sidecars” because they run in parallel to each service and not in it. Together these sidecar proxies, which are decoupled from each service, form a mesh network.

From a technical view, the sidecar proxies are assigned to the micro services and through which the entire communication is conducted. Sidecar proxies use standardized protocols and interfaces for the exchange of information. The proxies can be used to control, manage and monitor communication. The introduction of the additional infrastructure layer of the service mesh offers numerous advantages. The micro services interact securely and reliably. By monitoring the communication, the service mesh detects problems in service-to-service communication and reacts automatically.

Without a service mesh, all micro services must be programmed with inter-service communication logic, compromising the developer’s focus on business objectives. It also means that communication errors are harder to diagnose because the logic for inter-service communication is hidden in each individual service.

Each newly added service or each new instance of an existing service running in a container makes the communication environment of an application more complicated and poses an additional risk of failure. In a complex micro service architecture, it can become almost impossible to diagnose the root cause of problems without a service mesh.

This is because a service mesh captures all aspects of inter-service communication and performance metrics. Over time, data made visible by the service mesh can be applied to the rules of inter-service communication, thus improving the efficiency and reliability of service requests.

For example, when a service mesh fails, it can collect data on how long it took to successfully retry a particular service. Based on the collected downtime data, rules can then be written that determine the optimal waiting time until a new service call is made and ensure that the system is not overloaded by unnecessary retries.

The known service mesh products are Istio, Linkerd, Tetrate, Kuma, Consul, Maesh and inhouse products from cloud provides such as App Mesh from AWS.

Advantages of a service mesh

By creating an additional infrastructure layer through which all micro services communication is routed, a service mesh offers numerous advantages. All aspects of service-to-service communication can be captured, controlled and managed. Efficiency, security and reliability of the service mesh increase. In addition, services can be scaled more easily and quickly because the functionality is decoupled from the communication.

  • Developers can fully concentrate on programming the micro services without having to worry about the connections of the services.
  • The query logic shows a visible infrastructure parallel to the services, making problems easier to detect and diagnose because the service mesh detects dysfunctional services and automatically redirects requests.
  • The micro service architecture becomes more stable and fault tolerant because the service mesh redirects requests to non-functional services in time.
  • The authentication of the services and the encryption and decryption of the transmitted data by the sidecar proxies creates additional security in the service mesh.
  • Micro services can be seamlessly integrated into the service mesh regardless of the platform and provider used.
  • Traffic and load control are possible regardless of the respective cloud or IT environment.
  • KPI’s show possibilities for optimizing communication in the runtime environment.

Disadvantages of a service mesh

A service mesh must be understood conceptually in order to decide whether it is worthwhile for an application and which technology is the most suitable. The development team is then challenged with the complex task of configuring the service mesh, which involves not only functional but also technical effort. The components of the Control Plane and the additional service proxies that are provided to each container require additional CPU and memory resources, which in turn affect the cost of operating the cluster. The actual additional resource requirements depend on the number of requests and the service mesh product and its configuration. Depending on the service mesh product used, Istio for example needs more resources than Linkerd.

Another disadvantage of a service mesh is that the usage of the sidecar proxies can impact performance compared to direct communication of the services. Thus, latency times can increase due to the processing of the data in the proxies and can affect the end-user experience. The higher latency is caused by the additional call of service proxies for each request. Instead of a direct call between containers, two proxies – on the sender and receiver side – are now involved in a service mesh. The delay of the requests is dependent on the specific micro service system and the service mesh configuration and therefore should be tested before the service mesh is deployed to the production system.

Conclusion

A service mesh enables central control of monitoring, resilience, routing and security, which are implemented decentralized in the sidecars. It fits well into a micro service architecture and can replace API gateways and many libraries. From a vendor perspective, Istio is the most popular service mesh product and has its strengths in environments such as Kubernetes and also allows to integrate single virtual machines or containers. Kubernetes is an open source system for automating the deployment, scaling and management of container applications, originally designed by Google and donated to the Cloud Native Computing Foundation.

The required effort using a service mesh is apart from the cost and skills required of introducing new technologies the increased resource consumption and a higher latency.

If companies are using micro services, they should consider using a service mesh since it improves stability, extension, transparency and security of the applications.

Rising Cloud Technologies: Site Reliability Engineering

New technologies help companies to transform organizations into digital organizations. Identifying the emerging cloud technologies and understanding their impact on the existing cloud landscape can help companies to become more successful.

While some companies do not have a formal cloud strategy in place, most companies are using at least a cloud technology such as SaaS, IaaS or PaaS – whether in a private, public or hybrid cloud.

Other companies follow a multi cloud strategy since it allows them to select different cloud services from different providers because some are better for certain tasks than others. For example, some cloud platforms specialize in large data transfers or have integrated machine learning capabilities.

Most popular cloud models are the hybrid and multi cloud as of today. Seeing the first benefits of cost savings and increased efficiencies, companies focus now more on agility, speed and time to market to enable digital business success.

The new cloud capabilities increase the deployment options. Companies want the benefits of the cloud in all of their IT systems with the increased offering of cloud service providers, customers can now decide on the technology, services, providers, locations, form factors and control.

Since the digitalization journey raises new considerations and expectations, companies are now looking into technical areas to improve their cloud landscape such as the distributed cloud, API-Centric SaaS, Cloudlets, Blockchain PaaS, Cloud Native, Site Reliability Engineering, Containers, Edge Computing and Service Mesh.

Site Reliability Engineering

How closely should software development and operation be interconnected and which control processes are required? From this question and the implementation of the answers, Site Reliability Engineering (SRE) emerged as a new service management model.

Site Reliability Engineering is a structured approach to software development that incorporates aspects of software engineering and applies them to infrastructure and operations problems. The main goals are to create scalable and highly reliable software systems.

In general, an SRE team is responsible for availability, latency, performance, efficiency, change management, monitoring, emergency response and capacity planning. They split their time between operations/on-call duties and developing systems and software that help increase site reliability and performance.

What is the difference between DevOps and Site Reliability Engineering?

The difference between DevOps and SRE is while DevOps raise problems and dispatch them to Dev to solve, the SRE approach is to find problems and solve some of them themselves. The ideal SRE team includes developers with different specialties so that each developer can provide beneficial insight.

SRE is designed to give developers more freedom to create innovative and automated software solutions. By establishing reliable software systems with redundancy and safeguards in place, developers are not limited by traditional operations protocols. For example, in a DevOps team, the operations manager may need to approve each software update before it is published. In SRE, developers may be allowed to release updates as needed.

Since SRE is developer-focused, the manager of an SRE team must have development experience, not just operations knowledge. An SRE manager may actively help with software development instead of merely overseeing it.

SRE focuses on stability rather than agility and proactive engineering rather than reactive development and creates a bridge between development and operations by applying a software engineering mindset to system administration topics which also delivers services faster.

The ultimate goal for SREs is to establish a service quality from the perspective of the end customer. By continuously optimizing the control processes and automation, the human error factor should be kept to a minimum. The automatic control processes are indispensable for maintaining quality standards. This can be done by building self-service tools for user groups that rely on their services such as automatic provisioning of test environments, logs, and statistics visualization. Doing so reduces work in progress for all parties, allows developers to focus exclusively on feature development, and lets them focus on the next task to automate.

How to speed up the Software Development Life Cycle?

In every software development or standard applications implementation project, companies fail when the project is implemented without a methodology. For example, there are methodologies using international standards such as ISO/IEC 12207 for the Software Development Life Cycle (SDLC) or more specific ones such as Oracle’s Unified Method (OUM) when implementing Oracle Applications.

The experiences were positive and project teams were able to produce a high quality software that met customer expectations and reached completion. However, with increased complexity of IT landscapes and regulations, projects were delaying with completion in times and budgets.

Companies started to move to shorter development cycles and to become more agile to respond to a faster changing environment by introducing methodologies such as Scrum to break down deliverables into shorter cycles (sprints) to enable continuous improvements. However, scrum projects often ended up in chaos because of lacking leadership, teamwork and discipline. You need strong and professional change management to have commitment, courage, focus, openness and respect in those projects and it is often difficult to handle genius developers with a prima donna syndrome to adapt to those values.

Can new technology help?

Nowadays, companies rely on DevOps and agile methodologies in the cloud in order to speed up the software development process. More cooperation is visible between traditional and DevOps companies towards common standards to enable collaboration. For example in the financial industry, the Fintech Open Source Foundation (FINOS) is a community to promote open source solutions for the financial services industry by providing an independent setting to deliver software and standards that address common industry challenges and drive innovation.

Using a foundation where developers, IT experts and industry leaders agree on standards and collaboration on open source projects gives financial services companies the full advantage to use DevOps cloud platforms (i.e. Gitlab) and move from traditional SDLC to a modern, cloud based and service oriented software development life cycle with the aim to develop software more efficient and faster while keeping the high regulative and quality standards.

Choosing one DevOps platform may look risky, however, it helps to redefine development and engineering work because product owners from business, software developers, operators, test engineers, project managers etc. have access to the same information, using a common standard and have to work closely together to benefit from faster software development while maintenance cost budgets are constantly cut.

Rising Cloud Technologies: Cloud Native

New technologies help companies to transform organizations into digital organizations. Identifying the emerging cloud technologies and understanding their impact on the existing cloud landscape can help companies to become more successful.

While some companies do not have a formal cloud strategy in place, most companies are using at least a cloud technology such as SaaS, IaaS or PaaS – whether in a private, public or hybrid cloud.

Other companies follow a multi cloud strategy since it allows them to select different cloud services from different providers because some are better for certain tasks than others. For example, some cloud platforms specialize in large data transfers or have integrated machine learning capabilities.

Most popular cloud models are the hybrid and multi cloud as of today. Seeing the first benefits of cost savings and increased efficiencies, companies focus now more on agility, speed and time to market to enable digital business success.

The new cloud capabilities increase the deployment options. Companies want the benefits of the cloud in all of their IT systems with the increased offering of cloud service providers, customers can now decide on the technology, services, providers, locations, form factors and control.

Since the digitalization journey raises new considerations and expectations, companies are now looking into technical areas to improve their cloud landscape such as the distributed cloud, API-Centric SaaS, Cloudlets, Blockchain PaaS, Cloud Native, Site Reliability Engineering, Containers, Edge Computing and Service Mesh.

Cloud Native

Cloud Native is about designing modern applications that embrace rapid change, large scale, and resilience, in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, micro services, immutable infrastructure, and declarative APIs exemplify this approach.

These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal effort.

Challenges

Applications have become increasingly complex with users demanding more functionality and response time. Users expect rapid responsiveness, innovative features, and zero downtime. Performance problems, recurring errors, and the inability to move fast are no longer acceptable.

Companies are now looking more at cloud native concepts and to get the most out of the cloud instead of lift and shift migrations.

Benefits

Cloud Native is much about speed and agility. Business systems are evolving from enabling business capabilities to weapons of strategic transformation, accelerating business velocity and growth. It’s imperative to get ideas to market immediately.

Examples

Companies such as Netflix, Uber and WeChat deploy hundreds of services in production on a weekly basis and achieve speed, agility, and scalability using Cloud Native technologies.

Since the Cloud Native approach is provisioning each instance as a virtual machine or container, you do not have a lump risk of a single server downtime.

Cloud service provider platforms support this type of highly elastic infrastructure with automatic scaling, self-healing, and monitoring capabilities.

Conclusion

Without a paradigm shift in the IT departments, which includes not only technical aspects, the path for companies to Cloud Native IT will hardly be possible.

Among the major hurdles are legacy systems, which still control the core processes in many companies. Cloud Native is not about simply moving legacy applications unchanged into the cloud using the Lift & Shift method. The alternatives before a cloud migration are modernization or replacement or new development. The solution is usually integration into a hybrid IT such as both on premises systems and Cloud Native components.

Companies want to deploy and operate in a way that fully leverages native cloud potentials.

Rising Cloud Technologies: API-Centric SaaS, Cloudlets and Blockchain PaaS

New technologies help companies to transform organizations into digital organizations. Identifying the emerging cloud technologies and understanding their impact on the existing cloud landscape can help companies to become more successful.

While some companies do not have a formal cloud strategy in place, most companies are using at least a cloud technology such as SaaS, IaaS or PaaS – whether in a private, public or hybrid cloud.

Other companies follow a multi cloud strategy since it allows them to select different cloud services from different providers because some are better for certain tasks than others. For example, some cloud platforms specialize in large data transfers or have integrated machine learning capabilities.

Most popular cloud models are the hybrid and multi cloud as of today. Seeing the first benefits of cost savings and increased efficiencies, companies focus now more on agility, speed and time to market to enable digital business success.

The new cloud capabilities increase the deployment options. Companies want the benefits of the cloud in all of their IT systems with the increased offering of cloud service providers, customers can now decide on the technology, services, providers, locations, form factors and control.

Since the digitalization journey raises new considerations and expectations, companies are now looking into technical areas to improve their cloud landscape such as the distributed cloud, API-Centric SaaS, Cloudlets, Blockchain PaaS, Cloud Native, Site Reliability Engineering, Containers, Edge Computing and Service Mesh.

API-Centric SaaS

An API-centric application is a web service that is built using application programming interfaces (APIs) to exchange data with other applications and allows the frontend and backend to communicate. In order to prevent these API-Centric SaaS services from coexisting in silo form, they must be integrated, i.e. enabled to exchange data with each other. The transfer of data is structured according to a previously precisely defined syntax. The backend of the app is used to facilitate data exchange with components such as operating systems, databases and other APIs. It is saved on a server that can be configured to a variety of client frontend interfaces like social media channels, browsers and devices. Each API performs a defined task such as merging data from a process or transferring data according to certain rules.

Most API-based SaaS products have no user interface, like a GUI. The interaction with the service is through a web-based API – a programmatic way of connecting services and transferring data across the web in a machine-readable way. The value of the service is usually in the data that’s delivered (through the API). Pricing is often usage-based, meaning that the cost is based on the number of requests made to the API.

The reason to use API-Centric SaaS goes back to the make or buy decision. Instead of spending development time and costs on cloud integration, API-centric SaaS vendors focus on best practice solutions for specific businesses.

For example vendors like Clearbit focus on contextual data such as BI API’s, Contentful on CMS, Twilio for messaging voice, video and authentication API’s for every application, Algolia for high-performance search in the applications used, Checkout for payments and Polygon with market data and their API’s for the FinTech industry.

API’s from specialized vendors as mentioned above can avoid companies to reinvent the wheel resulting in using best practice, flexibility, low code maintenance and code continuity.

API-centric development and integration will become more important for DevOps model application configuration and will drive the deployment process.

However, each interface increases the potential to be attacked, therefore security is a key aspect of APIs. After all, companies use these same APIs to connect services and transfer data.

Companies can no longer afford to view APIs as an extension and evolution of integration-based architectures and, instead, need API management and integration platforms to connect data and applications across multi-cloud and hybrid environments.

Cloudlets

A cloudlet is a mobility-enhanced small-scale cloud datacenter that is located at the edge of the internet. Cloudlet simplifies the efficient delivery and acceleration of personalized applications without the hassle of integrating with the various acceleration services. The cloudlet represents the middle tier of a 3-tier hierarchy: mobile device – cloudlet – cloud and can be viewed as a data center in a box whose goal is to bring the cloud closer.

The main benefit is the short end-to-end communication delay for mobile devices in the proximity of a cloudlet. The cloudlet reduces the latency in reaching the cloud servers and also resides near the mobile devices such as wearable devices, tablets and smartphones within a given geographical proximity.

Blockchain PaaS

Blockchain-as-a-Service, or BaaS, is a managed blockchain platform allowing companies to build blockchain applications and digital services on a distributed network while the cloud service provider supplies infrastructure and blockchain building tools such as set up of a fully functional blockchain environment including not only the ledger itself, but also the infrastructure, user interface, off-chain storage and a complete set of tools for management throughout the software lifecycle.

Does it make sense for companies to invest in their own hardware and software resources for blockchain projects? Especially since the majority of these projects are for individual business areas rather than as a company-wide solution means that business units have rarely sought the support of large IT providers to date, but instead opt for smaller, specialized blockchain technology providers.

For a company to set up its own blockchain environment in the cloud, special know-how is required. Since this knowledge is also not scalable, an as-a-service offer makes more sense for companies than investing in their own resources.

Since blockchain projects are rather short term, it is not reasonable to spend almost the same amount of time on setting up the blockchain. In a short project context, it also makes sense to shift from CAPEX costs to OPEX budgets.

Another benefit is that those business units who initiate blockchain projects usually do not know which tools they will need in the end. These costs are therefore difficult to forecast. In the cloud, users have a whole range of tools at their disposal and they only pay for the duration of tool use.

Also, in all areas in which a large and comprehensive data exchange takes place, blockchain technology can be an answer to mapping this in an audit-proof manner.

Regarding security concerns, a blockchain is secure because it does not need a central instance, for example an intermediary. Each computer in the chain collects the same data. If a user transfers data to another computer, this is done directly from computer to computer. This is entered anonymously in a table and stored in parallel on all network computers. There is therefore no computer that has more information than the others. Malicious manipulations at one location are therefore not decisive or not possible. A wrong date alone cannot falsify the whole system.