book

Cloud Native

by Boris Scholl, Trent Swanson, Peter Jausovec

August 2019

Beginner

229 pages

6h 35m

English

O'Reilly Media, Inc.

Read now

Unlock full access

Preface
Conventions Used in This BookO’Reilly Online LearningHow to Contact UsAcknowledgments
1. Introduction to Cloud Native
Distributed SystemsFallacies of Distributed SystemsCAP TheoremThe Twelve-Factor AppAvailability and Service-Level AgreementsSummary
2. Fundamentals
ContainersContainer Isolation LevelsContainer OrchestrationKubernetes OverviewKubernetes and ContainersServerless ComputingFunctionsFrom VMs to Cloud NativeLift-and-ShiftApplication ModernizationApplication OptimizationMicroservicesBenefits of a Microservices ArchitectureChallenges with a Microservices ArchitectureSummary
3. Designing Cloud Native Applications
Fundamentals of Cloud Native ApplicationsOperational ExcellenceSecurityReliability and AvailabilityScalability and CostCloud Native versus Traditional ArchitecturesFunctions versus ServicesFunction ScenariosConsiderations for Using FunctionsComposite of Functions and ServicesAPI Design and VersioningAPI Backward and Forward CompatibilitySemantic VersioningService CommunicationProtocolsMessaging ProtocolsSerialization ConsiderationsIdempotencyRequest/ResponsePublisher/SubscriberChoosing Between Pub/Sub and Request ResponseSynchronous versus AsynchronousGatewaysRoutingAggregationOffloadingImplementing GatewaysEgressService MeshExample ArchitectureSummary
4. Working with Data
Data Storage SystemsObjects, Files, and DisksDatabasesStreams and QueuesBlockchainSelecting a DatastoreData in Multiple DatastoresChange Data CaptureWrite Changes as an Event to a Change LogTransaction SupervisorCompensating TransactionsExtract, Transform, and LoadMicroservices and Data LakesClient Access to DataRestricted Client Tokens (Valet-Key)Database Services with Fine-Grained Access ControlGraphQL Data ServiceFast Scalable DataSharding DataCaching DataContent Delivery NetworksAnalyzing DataStreamsBatchData Lakes on Object StorageData Lakes and Data WarehousesDistributed Query EnginesDatabases on KubernetesStorage VolumesStatefulSetsDaemonSetsSummary
5. DevOps
What Is DevOps?CollaborationAutomationLean Principles and ProcessesMeasurementSharingTestingTest DoublesTest Automation PyramidWhen to Run Which Types of TestsTesting CadenceTesting in ProductionDevelopment Environments and ToolsDevelopment ToolsDevelopment EnvironmentsLocal Development EnvironmentsLocal Development with a Remote ClusterSkaffold Development WorkflowRemote Cluster Routed to Local DevelopmentCloud Development EnvironmentsCI/CDSource Code ControlBuild Stage (CI)Test Stage (CI)Deploy Stage (CD)Release Stage (CD)Post-Release StageMonitoringCollecting MetricsObservable ServicesConfiguration ManagementSingle-Environment VariableMultiple-Environment VariablesAdding ConfigMap Data to a VolumeStoring SecretsDeployment ConfigurationSample CI/CD FlowsSummary
6. Best Practices
Moving to Cloud NativeBreaking Up the Monolith for the Right ReasonsDecouple Simple Services FirstLearn to Operate on a Small ScaleUse an Anticorruption Layer PatternUse a Strangler PatternCome Up with a Data Migration StrategyRewrite Any Boilerplate CodeReconsider Frameworks, Languages, Data Structures, and DatastoresRetire CodeEnsuring ResiliencyHandle Transient Failures with RetriesUse a Finite Number of RetriesUse Circuit Breakers for Nontransient FailuresGraceful DegradationUse a Bulkhead PatternImplement Health Checks and Readiness ChecksDefine CPU and Memory Limits for Your ContainersImplement Rate Limiting and ThrottlingEnsuring SecurityTreat Security Requirements the Same as Any Other RequirementsIncorporate Security in Your DesignsGrant Least-Privileged AccessUse Separate Accounts/Subscriptions/TenantsSecurely Store All SecretsObfuscate DataEncrypt Data in TransitUse Federated Identity ManagementUse Role-Based Access ControlIsolate Kubernetes PodsWorking with DataUse Managed Databases and Analytics ServicesUse a Datastore That Best Fits Data RequirementsKeep Data in Multiple Regions or ZonesUse Data Partitioning and Replication for ScaleAvoid Overfetching and Chatty I/ODon’t Put Business Logic in the DatabaseTest with Production-like DataHandle Transient FailuresPerformance and ScalabilityDesign Stateless Services That Scale OutUse Platform Autoscaling FeaturesUse CachingUse Partitioning to Scale Beyond Service LimitsFunctionsWrite Single-Purpose FunctionsDon’t Chain FunctionsKeep Functions Light and SimpleMake Functions StatelessSeparate Function Entry Point from the Function LogicAvoid Long-Running FunctionsUse Queues for Cross-Function CommunicationOperationsDeployments and Releases Are Separate ActivitiesKeep Deployments SmallCI/CD Definition Lives with the ComponentConsistent Application DeploymentUse Zero-Downtime ReleasesDon’t Modify Deployed InfrastructureUse Containerized BuildDescribe Infrastructure Using CodeUse Namespaces to Organize Services in KubernetesIsolate the EnvironmentsSeparate Function Source CodeCorrelate Deployments with CommitsLogging, Monitoring, and AlertingUse a Unified Logging SystemUse Correlation IDsInclude Context with Log EntriesCommon and Structured Logging FormatTag Your Metrics AppropriatelyAvoid Alert FatigueDefine and Alert on Key Performance IndicatorsContinuous Testing in ProductionStart with Basic MetricsService CommunicationDesign for Backward and Forward CompatibilityDefine Service Contracts That Do Not Leak Internal DetailsPrefer Asynchronous CommunicationUse Efficient Serialization TechniquesUse Queues or Streams to Handle Heavy Loads and Traffic SpikesBatch Requests for EfficiencySplit Up Large MessagesContainersStore Images in a Trusted RegistryUtilize the Docker Build CacheDon’t Run Containers in Privileged ModeUse Explicit Container Image TagsKeep Container Images SmallRun One Application per ContainerUse Verified Images from Trusted RepositoriesUse Vulnerability Scanning Tools on ImagesDon’t Store Data in ContainersNever Store Secrets or Configuration Inside an ImageSummary
7. Portability
Why Make Applications Portable?The Costs of PortabilityData Gravity and PortabilityWhen and How to Implement PortabilityStandardized InterfacesCommon Services and FeaturesAbstractions and LayersManaged Services from Other VendorsPortability ToolingKubernetes as a Portability LayerSummary
Index

Content preview from Cloud Native

Chapter 1. Introduction to Cloud Native

What are cloud native applications? What makes them so appealing that the cloud native model is now considered not only for the cloud, but also for the edge? And, finally, how do you design and develop cloud native applications? These are all questions that will be answered throughout this book. But before we dive into the details on the what, why, and how, we want to provide a brief introduction to the cloud native world and some of the fundamental concepts and assumptions that are building the foundation for modern cloud native applications and environments.

Distributed Systems

One of the biggest hurdles that developers face when they build cloud native applications for the first time is that they must deal with services that are not on the same machine, and they need to deal with patterns that consider a network between the machines. Without even knowing it, they have entered the world of distributed systems. A distributed system is a system in which individual computers are connected through a network and appear as a single computer. Being able to distribute computing power across a bunch of machines is a great way to accomplish scalability, reliability, and better economics. For example, most cloud providers are using cheaper commodity hardware and solving common problems such as high availability and reliability through software-based solutions.

Fallacies of Distributed Systems

There are couple of incorrect or unfounded assumptions ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781492053811Errata Page

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design