How to Become a Cloud-Native Company and 13 Tools to Get You There
This article explains how to become cloud native and recommends specific projects you can start using today.
Join the DZone community and get the full member experience.Join For Free
This article was originally published at Coder Society.
The last decade has seen a huge rise in cloud computing.
The worldwide public cloud services market is forecast to grow 17% in 2020 to total $266.4 billion, up from $227.8 billion in 2019, according to Gartner, Inc.
Cloud computing enables some of the largest companies in the world, such as Airbnb, Netflix, and Uber, to reinvent and dominate their industries.
These companies base their offerings on cloud services and take advantage of cloud-native technologies in order to be faster and more adaptive than their competition. Many other enterprises have also adopted cloud native and have brought the concepts to their on-premise applications.
Understanding and choosing the correct cloud-native technologies are critical for increasing development velocity and spending less time and money developing and maintaining tooling and infrastructure.
This post describes the must-know cloud-native tools and recommends specific projects you can start using today.
What Is Cloud Native?
Cloud native is about speed and agility. It’s about taking advantage of the cloud in order to solve business challenges faster and reduce IT costs. The Cloud Native Computing Foundation (CNCF) provides an excellent, official definition:
Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, service meshes, microservices, immutable infrastructure, and declarative APIs exemplify this approach.
These techniques enable loosely coupled systems that are resilient, manageable, and observable. Combined with robust automation, they allow engineers to make high-impact changes frequently and predictably with minimal toil.
In short, cloud native’s goal is to deliver software products to users or customers at the pace a business needs.
Cloud-native technologies offer the following advantages:
- Speed: Cloud-native apps can be quickly developed and deployed, which results in a faster time to market. Many clouds offer cloud-native components that make hosting these apps simple. Additionally, cloud-native tools rely heavily on abstractions, making them more generic and allowing teams to run their services without agreeing on a shared runtime across the company. Consequently, organizations have to deal with less overhead.
- Scalability and Availability: Cloud-native apps that handle 100 customers can seamlessly scale to serve millions of customers. Resources always adapt to the current demand, which saves money over traditional, statically scaled resources. In addition, techniques such as automatic failover and blue-green deployments are baked into cloud-native tools.
- Quality: Cloud-native apps are developed with immutability and decoupling in mind. This makes applications robust and comfortable to maintain, which increases the quality of your software. Since the most popular cloud-native technologies are open source and supported by the CNCF, companies can avoid vendor lock-ins and benefit from the community's maintenance and development efforts.
How to Become Cloud Native
To migrate to cloud-native systems, you need a structured approach like the following:
- Vertical: Choose a service that isn’t mission-critical and launch/migrate it to cloud-native technologies.
- Horizontal: Focus on a single cloud-native capability, such as continuous integration (CI) or continuous delivery (CD), and deploy it across all your existing services.
Choosing a non-mission-critical system is essential for mitigating risk while maximizing the chances of successful migration.
Following is a list of cloud-native tools. Companies that leverage the full suite of tools can often deliver faster, with less friction, and lower development and maintenance costs.
Microservices scope product functionality into units that can be individually deployed. For example, in traditional pre-cloud-native deployments, it was common to have a single website service that managed APIs and customer interactions. With microservices, you would decompose this website into multiple services, such as a checkout service and a user service. Then, you could develop, deploy, and scale these services individually.
Additionally, microservices are often stateless, and leveraging twelve-factor applications allows companies to take advantage of the flexibility that cloud-native tooling offers.
2. Continuous Integration/Continuous Deployment
Continuous Integration/Continuous Deployment (CI/CD) is an infrastructure component that supports automatic test execution (and optionally deployments) in response to version control events such as pull requests and merges. CI/CD enables companies to implement quality gates such as unit tests, static analysis, or security analysis. Ultimately, CI/CD is a foundational tool in the cloud-native ecosystem that can lead to substantial engineering efficiencies and reduced error counts.
Containers are at the heart of cloud-native ecosystems and enable unmatched velocity and quality gains by simplifying developer operations. Using containers with tools like Docker, teams can specify their system dependencies while providing a uniform and generic execution layer.
This layer enables infrastructure teams to operate a single infrastructure, such as a container orchestrator, like Kubernetes.
Engineering teams can store container images in a container registry, which in most cases, also provides vulnerability analysis and fine-grained access control. Popular services for this are as Docker Hub, Google Container Registry, or Quay.
4. Container Orchestration
Container orchestrators are tools for launching and managing large numbers of containers and remove the need for language-specific or team-specific deployment strategies. They allow users to specify a container image or group of images and some configuration. Finally, the orchestrators take these specifications and translate them into running workloads.
Container orchestrators enable infrastructure teams to maintain a single infrastructure component, which can execute any container that adheres to the OCI specification.
5. Infrastructure as Code
Infrastructure as code is a strategy that puts cloud configuration under version control. Companies often manage their cloud resources manually by configuring them through an admin panel. Manual configuration, however, makes it hard to keep track of changes. Infrastructure as code addresses this by defining cloud resources as code and putting them under version control. Changes are made in the infrastructure config in code and promoted through the company's deployment process, which can include peer reviews, CI, and CD. Version control provides an audit log that shows who has changed which resources and when.
Secret management is essential for cloud-native solutions but is often neglected at smaller scales. Secrets are anything private, such as passwords, private keys, and API credentials. At the very least, secrets should be encrypted and stored in configuration. Mature solutions enable temporary database credentials or rotating credentials to be issued, making secret management even more secure. Finding a fitting solution for secret management is vital for cloud-native applications since containerized services scale horizontally and may be scheduled on many different machines. Ultimately, organizations that ignore secret management could increase the surface area for credential leakage.
Secure communication over TLS is not only best practice but a must-have. This is especially important in container-based solutions because many different services may run on the same physical machine. Without encryption, an attacker who gains access to the host's network could read all traffic between these services. At the very least, it becomes untenable to manually update certificates for cloud-native deployments, which is why some sort of automated solution is essential.
8. API Gateway
- Protocols like gRPC, HTTP/2, and Websockets
- Dynamic configuration
- Mutual TLS
- Resiliency primitives, such as rate limiting and circuit breaking
- Visibility in the form of metrics
Logging is a foundational pillar of observability. Logging is often very familiar and accessible to teams, making it a great starting place to introduce observability. Logs are essential to understanding what is happening in systems. Cloud-native tools emphasize time series for metrics, since they are more cost-effective than logs to store. However, logs are an invaluable tool for debugging, and some systems are only observable through them, which makes logging a requirement.
Monitoring systems store important events as a time series. Monitoring data is aggregated, which means that you don't store all events. This makes it cost-effective for cloud-native systems, and is essential for understanding the state of cloud-native systems and answering these questions:
- How many operations are occurring?
- What is the result of the operations (success, failure, or status codes)?
- How long do operations take?
- What are the counts of important resources such as queue depths or thread pools?
You can assign different dimensions to monitoring metrics to drill into performance on an individual machine, operating system, version, etc.
Alerting makes logs and metrics actionable, notifies operators of system issues, and pairs well with time series metrics. For example, alerts can notify teams when there is an increase in HTTP 500 status codes or when request duration increases. Alerting is essential for cloud-native systems. Without alerts, you don't get notified of incidents, which in the worst case means that companies don't know that there have been problems.
Cloud-native technologies reduce the overhead in launching and scaling services. As a result, teams often launch more services than they did pre-cloud. Tracing enables teams to monitor communication between services and makes it easy to visualize an entire end-user transaction and each stage in that transaction. When performance issues arise, teams can see what service errors are occurring and how long each phase of the transaction is taking. Tracing is a next level observation and debugging tool that can significantly reduce downtime by allowing teams to debug issues faster.
13. Service Mesh
Service meshes are the Swiss army knife of cloud networking. They can provide dynamic routing, load balancing, service discovery, networking policies, and resiliency primitives such as circuit breakers, retries, and deadlines. Service meshes are an evolution in load balancing for cloud-native architectures.
Stay Competitive With Cloud Native
Cloud-native tools help companies stay competitive by increasing both quality and availability while decreasing time to market. Companies that choose the right tools can maintain competitive advantages through increased delivery speed and agility.
Adopting cloud-native technologies may seem daunting, but just remember that beginning with a single technology can already provide considerable benefits.
Published at DZone with permission of Kentaro Wakayama. See the original article here.
Opinions expressed by DZone contributors are their own.