Web applications running on a cloud platform are different from applications running on-premise in many ways. A cloud-based infrastructure provides many services and options to develop a scalable and highly available application that can cater to a global audience. It provides unlimited opportunities for an application to scale and match business requirements. To reap real benefits from cloud platforms, applications need to be developed using services and options provided by cloud infrastructure.
However, running applications on a cloud platform has its own challenges. These challenges can be broadly sub-divided into eight categories.
- Availability: Measured as a percentage of application uptime
- Data Management: Data is hosted in different locations. Eventual Consistency vs. Strong Consistency
- Messaging: Loose coupling between components and services, asynchronous messaging, ordering of message, and idempotency
- Management and Monitoring: Applications must expose runtime information for management and monitoring of the system
- Security: The application is exposed on the Internet, outside trusted on premise boundaries. It prevents malicious or accidental actions that can compromise security. It prevents disclosure or loss of information. Security has three sub-categories: Data security, network security, and identity management.
- Resiliency: Multi-tenancy uses shared platform services. Resiliency provides the ability to gracefully handle and recover from failures and the ability to detect failures
- Performance and Scalability: Responsiveness of a system. It is the ability of a system to handle increased load without any impact on performance
- Design and Implementation: Consistency and coherence in component design and deployment. Reusability of components
Design and implementation of a true cloud native application is one of the major challenges faced by application developers. Challenges described above have to be kept in mind while designing the application. One of the biggest worries for cloud based applications is vendor lock-in. Applications closely integrated with specific vendor services cannot be migrated on other cloud platforms. This creates dependency on that specific cloud vendor making migration to other cloud platforms a costly affair. The solution is to develop a cloud agnostic application.
Such challenges can be handled by implementing cloud design patterns into code. There are a host of design patterns that can be used in cloud-based applications. Some of the design patterns are:
- Federated Identity: Authentication is managed by an external identity provider. A dedicated security application manages the identity. This simplifies the application
- Gatekeeper: Dedicated host instance acting as a broker between client and services/application. Limits the attack surface of application. Additional layer of security
- Valet Key: Restricted access to a specific resource or service. Can be implemented using a token or a key
- Command Query Responsibility Segregation (CQRS): Segregate operations using a separate interface
- Circuit Breaker: Handles failures gracefully. Improves stability and resiliency
- Integration Provider: Messaging and sharing of data hosted by different providers
Developers can leverage options provided by the cloud platform and implement cloud design patterns to develop a robust, resilient and truly secure cloud hosted application. Here are a few points to keep in mind:
- Make your application as generic as possible
- Make it stateless
- Store the session information in a persistent data store
- Don’t log onto the file system. Use a proper logging mechanism
- Don’t code using any specific infrastructure dependency
- Use API gateway
- Use DevOps tool to automate deployment and configuration of your application on the cloud