Migrating to a Cloud Native Architecture Accenture

Migrating To A Cloud Native Architecture Accenture-PDF Download

  • Date:01 Jul 2020
  • Views:1
  • Downloads:0
  • Pages:20
  • Size:2.06 MB

Share Pdf : Migrating To A Cloud Native Architecture Accenture

Download and Preview : Migrating To A Cloud Native Architecture Accenture


Report CopyRight/DMCA Form For : Migrating To A Cloud Native Architecture Accenture


Transcription:

Introduction 3,What does it mean to be cloud native 4. The cloud native landscape 5,Why use a Kubernetes platform architecture 6 7. What is the new way of service development 8,and deployment in a cloud native world. What are the distinguished complexities 9,that need to be considered when designing. a microservices or platform architecture,Why is there a need for a service mesh.
What is the recommended gateway 13,for microservices. What are recommendations for CI CD 14 17,DevSecOps and NFR in pipelines. What are other best practices to follow 18,Conclusions 19. GREAT MIGRATION 2,Introduction, Monolith legacy applications can be cumbersome and face issues. that more nimble modern cloud native platforms do not Cost is. a challenge as hardware and resources must be pre provisioned. However a bigger issue is that the individual components and. services of monolith applications cannot be scaled and deployed. separately Many legacy applications were designed using. technologies such as integrated java or Net stack These stacks. include a user interface UI backend middleware and database. all integrated as one deployable component within the application. server Many were designed for traditional hardware based. devices or appliances Hardware appliances e g those providing. networking features such as network traffic management security. and load balancing and application stacks delivered as appliances. do not allow application components to be independently scaled. Therefore they cannot take advantage of a huge benefit of the. cloud scaling based on the need, With enterprise boundaries blurring every day the need for a.
platform ecosystem is becoming imperative which is driving a. growing need to overcome some of the above hurdles and migrate. legacy apps and appliances to a cloud native architecture By. leveraging modern cloud native platforms enterprises can indeed. make elephants aka legacy apps fly Here we discuss multiple. important aspects of the platform and migration,GREAT MIGRATION 3. What does it mean,to be Cloud native, To be cloud native applications need to have the following architecture elements. Microservices Container packaged Dynamically managed Cloud agnostic. Service Oriented Architecture Containers are required for Orchestration platforms such Typically product companies. has evolved into a more velocity portability reliability as Kubernetes support dynamic deliver their product in all. loosely coupled microservices efficiency self service and scheduling and managing all the forms of cloud infrastructure. architecture Modern architecture isolation Containers which are containers and corresponding including on premise. is microservices oriented and standalone enable the ability resources deployed to the vSphere Being cloud native. based on the 12 factor app to isolate each microservice underlying infrastructure makes the product available in. principles Microservices enable deployment independently platform different marketplaces AWS. greater agility and speed This leads to higher levels of Azure GCP etc and ensures. experimentation innovation and compute resource isolation customers are not locked into. the ability to pick the right tool portability and scalability any particular vendor. for a service Support for polyglot,service is another new age. requirement,GREAT MIGRATION 4,Networking,Persistency Storage. Compute Services,Database Services,Enterprise Integration.
Security Identity and Access Services,Management Automation Services. Development Services,App Services,Various Cloud Building Blocks. Mobile Services,Analytics and Big Data,Artificial Intelligence Services. tools building blocks the cloud native landscape is very big. IoT VR AR Services, it is on private or public clouds With regards to selecting platforms and. Enterprise Applications, To support new age apps and services cloud is a natural choice whether.
The cloud native landscape,GREAT MIGRATION,Why use a Kubernetes. platform architecture, In general a platform should seamlessly A declarative platform Legacy platforms with web servers. work in a legacy datacenter private are imperative platforms as actions need to be defined. or public cloud but in a native way and adjusted or reprogrammed when something changes. that takes advantage of all cloud Declarative platforms are state driven Based on the desired. features such as autoscaling resource state the platform will try to adjust and achieve that state at all. optimization managed services and times It is similar to how when a thermostat is set to a certain. serverless functions temperature the desired state it tries to maintain the room at. that temperature all the time Kubernetes is a giant declarative. A platform should use all of the same code base and or state driven machine. microservices Although several options can be picked from. the above landscape to design a cloud native architecture. Kubernetes stands out as a de facto platform for multi cloud. cloud neutral architecture, Kubernetes is the Linux of the cloud This statement made. by Kelsey Hightower at Kubecon 2017 describes Kubernetes. well Kubernetes was first released in mid 2015 and was the. first project to graduate from the Cloud Native Computing. Foundation CNCF It is an open source cluster management. tool to automate deploy manage and scale applications It. can run on bare metal offered by various cloud providers It. is a natural choice for legacy apps that need to be supported. on multiple cloud providers and datacenters Although it is. primarily labelled as a container orchestration platform it is in. general a microservices platform that is declarative. GREAT MIGRATION 6,Some of the main features of the Kubernetes. platform include the following, Ability to build twelve factor apps Rolling update or rollback.
Container grouping using pods Resource monitoring and logging. Security Alpha beta feature, Authentication and authorization Replication controller. Auth tokens support static token file service, account tokens bootstrap tokens open id Storage management. connect tokens webhook token authentication,Resource monitoring. Authorization modes ABAC RBAC webhook,custom modules Health checking. Role binding and cluster role binding,Auditing and audit logs Service discovery.
Secrets management ConfigMap and secret,Security context at pod container level. Network policy for pod communication Networking, Encryption at REST With pod intra pod pod to service external to service. Self healing Rolling deployment and rollback, Auto scalability mainly horizontal autoscaling CI CD integration canary and blue green deployments. High availability and multiple zones Logging and distributed tracing. DNS management Monitoring,Load balancing, WHY USE A KUBERNETES PLATFORM ARCHITECTURE GREAT MIGRATION 7. What is the new way of service,development and deployment.
in a cloud native world, In a cloud native world declarative APIs offer many advantages. as a primary means of service development and deployment. Although both declarative and standalone APIs can use the. Kubernetes platform declarative APIs are especially advantageous. in green field environments especially when migrating legacy. apps from the ground up All types are readable by kubectl and. can be viewed in the Kubernetes UI dashboard Also resources. are naturally scoped to cluster and all Kubernetes API support. features are available There is an operator framework available. from the CoreOS for this API development In fact the new way of. delivering software is not a zipfile tar ball or install shield but as. operators For example Kafka is available as an operator that can. run as a service in Kubernetes,GREAT MIGRATION 8,What are the distinguished. complexities that need to be,considered when designing. microservices or platform,architecture, Out of the standard complexities the highlighted ones should be given additional. attention based on Accenture s experience,API Management Monitoring.
Auto Scaling Network,Automated Deployment Observability. Circuit Breaking Orchestration,Configuration Resiliency. Contracts Security,Distributed Logging Service Discovery. Distributed Tracing ServicetoService Communication. Distributed Transactions Testability,Health Check Versioning. Load Balancing,Metrics Collection, Traditionally a circuit breaker is provided by application libraries and APIs.
which are coded by the developers,GREAT MIGRATION 9. Why is there a need,for a service mesh, Next gen microservices platforms need a service mesh Below are some of the advantages. architecture to manage the many complexities previously of using a service mesh. identified, A service mesh is a dedicated infrastructure layer for handling A network for Timeout. service to service communication which in the legacy world is services not bytes. achieved using appliances Mesh is a layer of services across all. environments that containerized applications and microservices Retries. can be connected to as needed The service mesh is responsible Resiliency. efficiency, for the reliable delivery of requests through the complex. Circuit breakers, topology of services that comprise a modern cloud native.
application It allows the decoupling of the application network Traffic control. reliability observability and security from service code It does Health checks. this in a programming language agnostic way,Visibility. In practice the service mesh is typically implemented as an Load balancing. with automatic, array of lightweight network proxies that are deployed alongside Security failover. application code without the application needing to be aware. There is a central controller which orchestrates the connections. Service traffic flows directly between proxies and the control Policy enforcement Systematic fault. plane is aware of the interactions The controller delivers access injection. control policies and collects performance metrics The controller. Adds fault tolerance,easily integrates with platforms like Kubernetes. to the application,no code changes,GREAT MIGRATION 10. Istio Service Mesh, Istio is an open source service mesh project that was introduced Control Plane This manages and configures all the runtime.
in May 2017 It was formed through a partnership between Google components across Istio with their corresponding rules and. IBM and Lyft Istio is one of the key building blocks to the new policies It consists of three primary components. Knative serverless platform being built by Google Pivotal IBM Red. Hat and SAP It can be deployed to any Kubernetes based platform Pilot is the configuration source for all the envoy sidecars. on prem and public cloud Aspen mesh is the F5 network s It provides service discovery details routing rules resiliency. enterprise ready version of Istio on multicluster and mulitcloud like configurations and authorization policies to all the envoy proxies. AKS Azure Kubernetes Service EKS Elastic Kubernetes Service Mixer enforces various policies across the service mesh. GKS Google Kubernetes Service and PKS Pivotal Kubernetes and collects telemetry data from the envoy proxy and other. Service Istio service mesh architecture primarily consists of a data services Mixer includes a flexible plugin model which allows. plane and a control plane Istio to plug in to different infrastructure backends if desired. e g metrics aggregation and visualization, Data Plane This consists of a fleet of intelligent envoy proxies. which are deployed as sidecars alongside each microservice Citadel provides security features such as strong service. These sidecars intercept and control all the network traffic between to service and end user authentication with built in identity. services using iptables The circuit breaker in Istio operates more in and credential management It facilitates mutual Transport. a blackbox way unlike Hystrix white box way in legacy apps using Layer Security mTLS across the entire service mesh without. envoy proxy and it is native to Kubernetes ecosystem running inside touching the services Service level authorization support. a Kubernetes cluster The envoy proxies are where the following JSON Web Token JWT and Role Based Access Control RBAC. capabilities are implemented in a service mesh is also available. Service discovery Health checks,Fault injection,Istio out of the box metrics and. Load balancing,distributed tracing solution,Circuit breaker Rich metrics and tracing. Traffic routing TLS termination Istio comes packaged with a Prometheus backend for metrics. aggregation For metrics visualization Istio provides Grafana with. HTTP 2 and gRPC L7 filters, a pre built dashboard and Servicegraph for visualizing mesh call. Resiliency graphs It supports both Yaeger and Zipkin for distributed tracing. collecting and visualization All of these are optional and an in. house solution can be plugged in if desired, WHY IS THERE A NEED FOR A SERVICE MESH GREAT MIGRATION 11.
A typical Kube Istio implementation architecture depicting. North South and East West Traffic Management,Control Istio Istio. Manager API Server Prometheus,North Ingres Control. API Plane and,Istio REST,Gateway API,CONTROL Istio Pilot Mixer Citadel. or public cloud but in a native way that takes advantage of all cloud features such as autoscaling resource optimization managed services and serverless functions A platform should use all of the same code base and microservices Although several options can be picked from the above landscape to design a cloud native architecture

Related Books