Top 9 Open Source DevOps Tools You Must Know

devops-tools
There was a time when developers and operations were always gnawing at each other’s throats. The production code was never updated on time, while the administrators always got irked over the ever piling server requests. As the battle ensued, it became all the more necessary to come up with an appropriate tool box, which could help rid both the parties of these battle lines.

This is where DevOps comes into the picture. DevOps is well configured to provide services which range from application portability to configuration management. While the list of services doesn’t end, it definitely makes life much easier for the end users. However, without the right kind of tools, even DevOps can’t make it to their destined uses.

Here are some of the names which stand out amongst the list of DevOps tools:

Chef:
Like the gourmet world, Chef is synonymous with the term recipes. It is a system and Cloud infrastructure, which automates an entire building, by deploying and managing infrastructure through short repeatable scripts, often termed as recipes. But the real power comes into play, when pluggable configuration modules are employed. Chef can be used to ease out complex tasks, perform automations, which can often prove to be heavy on resources, efforts and time.

Docker:
With Docker, you can expect portability, which is made possible through its unique containerization technology, often found in self contained units. The tool consists of a Docker Engine, a lightweight runtime and packaging tool and Docker Hub, which is essentially a cloud based service application, encompassing the concept of application sharing and workflow automation.

Puppet:
Puppet Enterprise, a unit of Puppet Labs, allows data orchestration by providing automation configurations and machine management. The latest version, Puppet 3.7, features Puppet Apps, and Node Manager, which helps manage large number of variable, dynamic systems. Puppet is also available as an open source software.

Jenkins:
Being an open source standard for managing DevOps, Jenkins allows everything, right from delivering code to production to source code management. Since it is a pluggable, de facto engine, it proves to be an ecosystem with more than 1100 plugins for the users. Jenkins has proved to be a continuous delivery and a continuous integration for developers.

ELK:
ELK, by Elastic, is a NoSQL database that is made on the Lucene search engine. ELK Stack is not just one tool, but a combination of 3 different tools rolled into one. ELK stands for Elasticsearch, Logstash, and Kibana; all three are open source projects, which are individually maintained by Elastic.

Cassandra:
Apache Cassandra is considered to be a good choice, when you need scalability, availability without worrying about performance. Through this tool, data is automatically replicated between multiple nodes. While single system replication is supported, one can also perform multiple systems replication. Thankfully, there are no single points of failure, which makes it a great devops tool.

Ansible:
Conceived by Michael Dehaan, Ansible was released in the year 2012. It is a configuration management platform which leverages Python to configure systems. The systems are expressed in the YAML format, which is a construct, commonly known as a Playbook. A Playbook has been tweaked to provide configurations for single and multiple systems at the same time.

Splunk:
If real time issue fixing is what you are looking for, then Splunk is your first time solution. It allows visualization of data, while taking cues from production environments. All this can be done without requiring access to production machines. With Splunk, users can access and embrace processes, which include successful integration and deployment.

SaltStack:
SaltStack helps in data automation, cloud building, server provisioning and application configuration. Since this tool is an event drive automation tool, it enables automation within the DevOps workflow. It features around 200 virtual machines, each of which is capable of running in the staging and production environment.

These were some of the top 9 DevOps tools which are helping bridge the gaps between production and development environments. Choose the one which suits your business needs and see the difference in your business operations instantly.

The Benefits of AWS Certification

aws certification
AWS or Amazon Web Services Certification is quickly becoming the rage of the season. As of today, there are 5 certifications available, which include certifications on associate and professional levels alike. Along with the initial certification, there is a re-certification required every two years, which makes the certification sell like hot cakes currently.

Amazon is adding two more certifications to the existing list of certifications, which are yet to be introduced. These certifications are the “Security Operations on AWS” and “Big Data on AWS certification”. So the main question is, “Why go for the AWS Certification at all?”

Since individuals and employers can benefit from AWS Certifications, it all depends on how you tend to look at the certifications. Let’s split the benefits into two categories and take it on from there.

For individuals: No matter the type of certification, any individual would need to demonstrate the skills and prove his/her ability of handling the required tasks. The same is the case with the AWS Certification as well. After achieving the required credentials, the certification can open up various avenues for your growth in AWS related projects or you might even get a chance to present your knowledge before your clients.

This way, there will always be tons of opportunities available to you, post certification, which will declare you as an inherent subject matter expert in the AWS domain. This is not all; post certification, you also get the opportunity to surpass various interviewing preliminaries, and end up straight away into the interviewing round, which helps in cracking the aforesaid position in a more elaborate manner.

For employers: Companies which work regularly in Cloud computing environments often require people with the same skill set. However, since the concept of Cloud Computing is still relatively new, people with AWS Certification are a feather in the cap, especially for companies on the lookout for such skilled workforce. People trained and certified in the AWS skills often posses extensive knowledge with respect to handling and implementing Cloud based projects successfully.

On the other hand, if employers employ AWS certified employees, they too gain a progressive edge in their day to day operations, which makes the hiring all the more successful and worthwhile. At the same time, post hiring, employers are eligible to become a member of AWS Partner Network (APN), which helps employers access a series of benefits, ranging from training subsidies to availing market support to AWS usage support, amongst many others.

As technology is changing at a progressively fast pace, there is a lot to achieve in order to stay up to date with the times. In order to stay competitive, more and more aspirants are seeking certification as a way out to ensure better job opportunities.

Simultaneously, employers are taking a lot of advantage of the sudden developments, since Cloud Computing is becoming a thing of the day. For this very reason, AWS Certification can help individuals go a long way, especially with regards to getting well paying jobs and the much needed exposure in the technology industry.

Understanding Cloud Security and Its Importance

cloud - securityCloud security is still an ever growing concern, despite the various set of advantages it provides to the individuals and companies alike. As per a recent survey, there are still close to 90% of companies which remain skeptical about putting in 100% trust in the Cloud infrastructure, simply due to the Cloud security problems.

Understanding Cloud security

Despite so many trust issues, there are a lot of things which organizations are yet to realize when it comes to Cloud security. The Cloud is not an insecure platform; the security model is relatively different than some of the other platforms available in the market currently. Due to this very reason, there are a lot of new relationships which need to be fulfilled with respect to data storage.

Cloud centers can be quite secure, especially more secure than their traditional counterparts. However, in order to understand Cloud security, the security aspect needs to be understood in the right context.

Cloud security myths busted

In order to ensure maximum security, it is imperative to review the security posture and understand what controls need to be put in place to enforce it. In order to be secure, any organization wants a platform that can offer an array of services which can address different requirements in one go.

• Breaches: However, a lot of people feel that there are a lot of breaches within the Cloud storage. On this day, it can be clearly stated that this is one of the biggest myths till date. Internet threats are a bigger threat as compared to Cloud security breaches, simply because Internet attacks are dynamic and can’t be detected easily.
• Not the client’s concern: At the same time, when it comes to maintenance, a lot of people differ in their views. Some people feel that since the Cloud services are provided by a third party, the security will always be lax. However, that is never the case.
• No management needed: While the infrastructure of the Cloud is managed, it is not safe to assume that the security is also a managed service. For this very reason, given this assumption, many client organizations assume that the service provider has taken all the necessary precautions for securing the Cloud service, which often ends up creating rather than solving Cloud security related problems.
• Single tenant systems vs. multi tenant systems: Multi tenant systems offer double security when it comes to a comparison with single tenant systems. There is a double security layer, which makes it even more secure than its counterpart. With multi tenant systems, there is always a third layer of protection called logical content isolation, which helps take the security up a notch.

Importance of Cloud Security:

When it comes to the importance of Cloud security, there are no two ways about it. With so many recent breaches and technological attacks, maintaining security has become all the more important. For this very reason, companies are become more and more particular about risk and the unknown disadvantages they fear of the unknown. Since the Cloud structure is still relatively a mystery, there is a lot to be investigated, especially from a security perspective. But this does not negate the fact that organizations are increasingly looking for Cloud service providers which are stable, secure and offer more than one layer of security for their client’s data.

Benefits of Cloud Services for Businesses

Cloud-Businesses- Services
Cloud Services have undoubtedly become one of the most valuable computing services available on the Internet these days. There is no denying the fact that the Cloud has changed the very essence of running applications on different platforms. In the past, people used to run applications or programs hard stored in their computers. However, with the advent of Cloud Computing, people can run these applications from anywhere on the Internet.

For this very reason, there have been a lot of benefits which have come to the fore, with respect to Cloud Computing. No matter if you own a small business or are the CEO of a conglomerate, chances are, your business can benefit immensely from the use of Cloud Computing.

Here are some benefits of cloud services for businesses:

Cost savings: Every business owner wants to save money. Cloud storage can go a long way when it comes to securing and providing affordable storage solutions to businesses through Cloud computing. This way, providers can effectively distribute the costs of their infrastructure and make it cost effective for businesses wanting to conduct their business through the use of Internet. At the same time, Cloud storage can help save costs related to hardware and maintenance, since these are all considered capital expenditures, which add to the overall cost of a business’s expense list.

Convenience: Convenience is yet another factor which helps keep the Cloud business going. Since everything moves to the Internet, there are no physical servers or hardware you need to maintain to keep everything running smoothly. Everything gets transferred to your Cloud provider, who will be incurring the cost of maintaining the Cloud storage systems for your business and keep the services running without interruptions.

Security: All the Cloud storage is housed in an exclusive data center; this way, since no hardware is stored within the office, it becomes easier to maintain security. As the security is enhanced, there is no single point of failure, making the concept of storage all the more exclusive and safe. In other words, in case even one server crashes, your data will always remain safe, making it a fool proof way to maintain and store data.

Mobility: One of the main reasons for employing Cloud Storage in a business world is the mobility it offers to the customers. All you need is an Internet connection to get going and you will be all set to work from anywhere. No matter if you are waiting at the airport or sitting at home or travelling to another country, if you have an Internet connection, you can always stay connected.

Scalability: What you use is what you pay for! This is how simple it is. You don’t need to worry about ending up with unused storage space at the end of the month. This is the flexibility you get with Cloud storage. Modify your needs as your usage increases or decreases, so that you can adjust your usage with convenience.

Automatic software updates: Since the servers are not on the same premises as your business, you don’t have to worry about anything at all. The service providers roll out different updates for you periodically, thereby allowing you to stay abreast of all the latest services being provided by the Cloud storage providers.

Increased team collaborations: Since a lot of teams can be brought onboard to manage the data, there is always someone available to streamline and perform data monitoring. Gone are the days when each team member had to wait to access data from the server. With the Cloud services in place, everyone can access data at the same time, thereby making team collaboration more effective and well coordinated.

Environment friendly usage policies: As you increase/decrease your usage, the carbon footprint also fluctuates. This way, the environment also gets the love it deserves as your company does its bit in making the environment healthier and better.

Licenses: Pre-procured licenses can go a long way in the Cloud industry. However, procuring licenses from Cloud providers again and again can often prove to be a costly affair in the long run. This way, it’s always beneficial to have a set of licenses which can be used again and again.

Considering the points above, there are endless benefits a business can avail by making use of the Cloud service. The sooner you move to the Cloud, the faster and more effective the results you can garner in the short run and the long run alike.

10 Fantastic Recruitment and HR Blogs You Should Be Reading

HR-Recruitment

Every recruiter has to keep themselves updated with the latest information in the recruitment industry. We’ve searched the web for the 10 best blogs for the HR and Recruiting industry.Take some time to subscribe the blogs.

1. ERE

Web: www.eremedia.com/ere/

ERE was created in 1998 as an online gathering place for recruiters. It was designed as a destination where the community could network, share best practices, and learn from each other.

Fast forward to today, ERE Media has become the go-to information and conference source for human resources, talent acquisition, and recruiting professionals. We have built our publications and conferences around three core brands and audiences to cater to their specific needs.

2. Greg Savage

Web: www.gregsavage.com.au/

Over a career spanning thirty-five years, Greg is a respected voice across the global recruitment industry and is a regular keynote speaker at staffing conferences around the world.

3. Fistful of Talent

Web: www.fistfuloftalent.com/

Fistful of Talent is a group of pros from Recruiting practices, HR shops and Consulting firms across the nation. The center of the conversation is talent – which includes recruiting as well as everything you do with the talent once it’s in the door.

4. Undercover Recruiter

Web: www.theundercoverrecruiter.com/

This blog has less of a pure recruiting and HR focus, and blends jobseeker-specific content with tips for recruiters and hiring managers. Overall, it gives a good perspective into both sides of the current employer/employee market.

5. Indeed Blog

Web: www.blog.indeed.com/

More people find jobs on Indeed than anywhere else. This is Indeed blog, where they share data trends and insights, tips for employers, product updates and best practices.

6. Matt Charney

Web: www.mattcharney.com

Matt Charney is probably the world’s top expert when it comes to talent and technology. If you want to know what’s cool, what’s new or what’s next in recruiting, all you have to do is ask Matt.

7. Recruiter

Web: https://www.recruiter.com/recruiting-tips.html

Find recruiting tips and recruiting strategies to help you be a better recruiter, make more placements, stay on top of recruiting technology trends,and stay motivated. Learn about recruiting industry trends and best practices for both corporate and agency recruiters.

8. Staffing Talk

Web: http://staffingtalk.com/

Staffing Talk is a website that is focused on the Staffing Industry. From news, opinions, personal stories, events, contests and other opportunities to get involved, we look forward to hearing from you! If you are in the staffing industry, Staffing Talk is for you!

9.RecruitingBlogs

Web: http://www.recruitingblogs.com/

RecruitingBlogs is the #1 online media resource for today’s recruiting world, offering a signature mix of content, news, webinars, podcasts, videos, eBooks, white papers and events that develop professional best practices.

10. BoleanStrings

Web: http://booleanblackbelt.com/

Glen Cathey created this blog to share his obsession with talent attraction, engagement and acquisition.

2017 DevOps Conferences: Your Guide to Top DevOps Conferences

DevOps Confernces 2017
If you are looking for the best DevOps conferences to learn what’s new in DevOps world. We’ve put together few top conferences to help you choose the ones you want to attend in 2017.

DevOps Enterprise Summit

Web: events.itrevolution.com/us
Date: Nov. 13-15
Location: San Francisco, California.

DevOps Enterprise Summit is a conference for the leaders of large, complex organizations implementing DevOps principles and practices. The event programming emphasizes both evolving technical and architectural practices and the methods needed to lead widespread change efforts in large organizations. The goal is to give leaders the tools and practices they need to develop and deploy software faster and to win in the marketplace.

DockerCon

Web: 2017.dockercon.com
Date: April 17-20
Location: Austin Convention Center, Austin, Texas

DockerCon is the community and container industry conference for makers and operators of next generation distributed apps built with containers. The three-day conference provides talks by practitioners, hands-on labs, an expo hall of Docker ecosystem innovators and great opportunities to share your experiences with other virtual container enthusiasts.

Velocity Conference

Web: conferences.oreilly.com/velocity/vl-ca
Date: Training, June 19-20; tutorials and conference, June 20-22
Location: San Jose, California

The O’Reilly Velocity Conference: Build resilient distributed systems.
Our industry is evolving rapidly, shifting to a distributed systems stack that spans the application layer all the way down through compute, storage, networking, to the data center (whether yours is in the cloud or not). At Velocity, we’ll delve into these domains, helping you focus on engineering performance and operations from the bottom of the stack right up to the customer.

DevOps Days

Web: devopsdays.org
Date: Varies
Location: Held throughout the year in multiple cities.

Devopsdays is a worldwide series of technical conferences covering topics of software development, IT infrastructure operations, and the intersection between them. Topics often include automation, testing, security, and organizational culture.

ChefConf

Web: chef.io/chefconf
Date: May 22-24
Location: Austin, Texas

Chef comes alive when nearly 2,000 passionate leaders, practitioners, and innovators from the DevOps community converge upon Austin, Texas. We’ll present an invigorating blend of technology and local Austin experiences to engage and energize both technical practitioners and corporate leaders.

Jenkins World

Web: cloudbees.com/jenkinsworld
Date: August 28-29, training and workshops; August 30-31, conference
Location: Marriott Marquis, San Francisco, California

Jenkins World will bring together the largest gathering of Jenkins® users in the world, including Jenkins experts, continuous delivery thought leaders and companies offering complementary technologies for Jenkins. Jenkins World will provide opportunities for attendees to learn, explore and network face-to-face, as well as to help shape the future of Jenkins. Secure your spot now by registering today!

PuppetConf

Web: puppet.com/puppetconf
Date: October 10-12
Location: Hilton San Francisco Union, San Francisco, California

PuppetConf 2017 is your path to sharpening Puppet skills by learning from industry experts, enthusiasts, community members, and Puppet employees. Explore how to drive change across your infrastructure, team, and organization’s culture.

IT/Dev Connections

Web: devconnections.com
Date: October 23-26
Location: Hilton Union Square, San Francisco, California

The IT/Dev Connections teams work hard in the background to bring a seamless and valuable experience each year so all you have to do is show-up.
One of those teams is responsible for the content. Called Track Chairs, these individuals sift through the submitted session proposals to hand-select just the right content and just the right speakers. There’s no question that the content provided at IT/Dev Connections is just right. Our content provides deep technical education without even a hint of marketing or keynote fluff. Developing great and valuable content like we have each year for IT/Dev Connections takes a lot of work, but the effort gets a lot easier when we have the right people on the content team.

Agile Dev West

Web: adcwest.techwell.com
Date: June 4-9
Location: Caesar’s Palace, Las Vegas, Nevada

Discover the latest in agile methods, technologies, tools, and leadership rinciples.
Whether you’re new to the agile process and need to get up to speed quickly, or you’re experienced and ready to take your team or organization to the next level, our hands-on, in-depth workshops have you covered. Plus, all Agile Dev West is held in conjunction with Better Software West and DevOps West conferences, allowing you to choose from three distinct programs.

Agile Dev East

Web: adceast.techwell.com
Date: Nov. 5-10
Location: Hilton Orlando Lake Buena Vista, Orlando, Florida

Discover the latest in agile methods, technologies, tools, and leadership principles.
Whether you’re new to the agile process and need to get up to speed quickly or you’re experienced and ready to take your team or organization to the next level, our hands-on, in-depth workshops have you covered. Plus, Agile Dev East is held in conjunction with Better Software East and DevOps East, allowing you to choose from three distinct programs.

Security Testing: An insight

secutiy testing
You will never want to implement software that bugs up every fortnight and annoys your customer. Security testing is so, an inevitable step prior to software deployment in client’s place. In this article, we shall bring an insight to the security testing and state why it is so important web applications.

What is security testing?

Security testing forms an integral part of software testing that is done to identify weaknesses and vulnerabilities of a software application. The main objective is to identify the vulnerabilities of software and determine if the data and other resources are protected from foreign intruders. It is a way to verify whether or not a confidential data stays confidential or not.
Due to the notable explosion of the ecommerce websites in the world today, security testing has become all the more important. The testing is done once the application is developed and installed. To identify all the potent vulnerabilities, a network security testing is suggested.
Seven attributes the security testing needs to follow are:
• Authorization
• Authentication
• Confidentiality
• Integrity
• Availability
• Resilience
• Non-repudiation

The Security Testing “Terminology”

Penetration testing:

It is a type of testing that is done by evaluating the system and/or network using various malicious techniques. The purpose of this testing is to protect important data from users who do not have access to the system, like hackers. It is carried out after cautious notifications, considerations and planning.

Penetration testing is categorized into two types – Black Box Testing and White Box Testing. In White Box Testing, the tester has access to all vital information like Code, IP Address, Infrastructure Diagram, etc. In Black Box Testing, the tester doesn’t have any access to any sort of vital information. Black box testing tends to be the most accurate testing as the tester doesn’t have any access to any information, thereby, simulating the testing as a hacker.

Password cracking:

In Password crack testing, the system is tested to identify the weak passwords. Password Cracking tools are used for testing of this attribute. The end result is to ensure that users are adequately using strong password.

Vulnerability:

This is to identify the weakest attributes in the system which might lend easy paths for the malicious software to be attached by unauthorized users. Vulnerability can occur due to bug in software, inaccurate software testing or presence of malicious code. This phase requires fixes, patches to prevent the compromised integrity by malware or hackers.

URL Manipulation:

One of the popular ways to hack a website is URL manipulation where in hackers manipulate website URL query strings and get access to confidential information.

This usually takes place when the application makes use of HTTP GET to pass information between client & server. Information is passed via query string. The tester alters the query parameters to check if is accepted by the server.

An URL Manipulation testing ensures that database records are not accessed neither other vital information of the website by unauthorized users.

SQL Injection:

One of the other common ways picked by hackers to steal the vital information from the web, the SQL Injection testing ensures all the databases are safe and protected. It is a type of testing that takes the advantages of the loopholes that make the hackers easily pass into the system by passing all possible SQL queries to hack it.

They try to query the database using the SQL Injection statements to pull information and crash the system. Even the errors displayed while crashing the system will provide generous amount of important data to the hackers.

So, SQL Injection testing is purposed to take care of the input fields like comments, text boxes etc. Special characters are either handled or skipped from the input.

Cross Side Scripting (CSS):

It is a common application layer hacking technique. It is a vulnerability aroused in a web application by injecting HTML and Javascript code into the website pages. The attacks are generally done to inject malicious code web browsers. The code is then used to steal information present inside the cookies.

Security Testing Approach

• Following are the approaches taken for preparing and planning for security testing:
• Security Architecture Study: The first step is to comprehend the client’s requirements and security goals and objectives in compliance to the security need of the organization.
• Security Architecture Analysis: Comprehend the need of application under test.
• Classify security testing: Collect system set up information like operating system, technology and hardware to identify the list of vulnerabilities.
• Threat profile: Based on the information collected above, a threat profile is created.
• Test Planning: Based on identified threat, security risks and vulnerabilities, a test plan is drafted to address the issues.
• Traceability matrix preparation: A traceability matrix is prepared based on the identified threats and vulnerabilities.
• Security Testing Tool Identification: Identify the most suitable tool to test security test cases faster.
• Test Case Preparation: Prepare a test case document.
• Test Case Execution: Test case execution is done and the defect cases are fixed. Test case regressions are executed.
• Reports: Document a detailed report of Security Testing from step 1 to the final including the still open issues.

At Idexcel, we perform security testing for all our clients to ensure they enjoy a bug free application execution across various domains. Our standards, methodologies and experience help us deliver the best business value to customers.

We have a robust automation framework using SOAP UI open source tool.
Key Features of framework

• Data Driven Framework to test with multiple inputs.
• Supports Security and functional testing of Web Services.
• Affordable framework since we are using open source SOAP UI tool.
• Simple and ready to use framework
• Suitable for both SOAP and REST web services

Would you like to experience an error free execution of your application? Call us today!

Tailoring Your DevOps Transformation to Organizational Culture – Idexcel DevOps Roundup

devops team work

1. Tailoring Your DevOps Transformation to Organizational Culture

In the ‘2016 State of DevOps Report’ the Westrum Model [1] of organizational culture is proposed. It focuses on information flow, high cooperation and trust as predictive factors of DevOps success in a company. It is a perfect future state design tool which, however, tells little about where your company is at the moment. Moreover, it does not suggest how to influence an organizational culture and in which direction it should change. Read more…

2. How to Set Up a Continuous Delivery Environment

With the increasing popularity of microservices, more and more is being said about Continuous Delivery. There are many interesting books and articles about that subject. There are also many tools and solutions that can help set up a Continuous Delivery environment. Read more…

3. DevOps done right: Why work-life balance matters to digital transformation success

As enterprises in every industry grapple with digital transformation, and fixate on meeting user demands for always-on services, IT departments find themselves under growing pressure to perform and deliver. Read more…

4. Is DevOps security about behavior or process?

One of my main roles is improving the security of the software produced by my employer, and it was in that role that I attended the annual gathering of the security industry in San Francisco last week. The RSA Conference is one of the two global security conferences I attend, the other being Blackhat. While Blackhat has become more corporate, it’s still dominated by hackers and focuses more on vulnerabilities, whereas RSA is very much a corporate event focused on enterprise security and security policy. Read more…

5. Finance industry leading the way in DevOps implementations, research says

Financial services firms are embracing DevOps approaches and best practices more quickly than other industries, according to new research from managed services provider Claranet. Read more…

Top Ten Must-Read Cloud Computing Blogs

cloud banner

1. Reddit – Cloud computing

About Blog: News, articles and tools covering cloud computing, grid computing, and distributed computing.

Link: reddit.com/r/cloudcomputing

2. Amazon Web Services (AWS) – Cloud Computing Services

About Blog: Amazon Web Services offers reliable, scalable, and inexpensive cloud computing services.

Link: aws.amazon.com/blogs/aws

3. Google Cloud Platform Blog

About Blog: Google Cloud Platform’s blog contains hundreds of articles written by Google cloud experts. You will find product updates, customer stories, and tips and tricks on Google Cloud Platform.

Link: cloudplatform.googleblog.com

4. Infoworld – Cloud Computing

About Blog: Business technology, IT news, product reviews and enterprise IT strategies.

Link: infoworld.com/category/cloud-computing

5. Cloud Tech

About Blog: CloudTech is a leading blog and news site that is dedicated to cloud computing strategy and technology.

Link: cloudcomputing-news.net

6. All Things Distributed

About Blog: All Things Distributed is written by the world-famous Amazon CTO Werner Vogels. His blog is a must-read for anyone who uses AWS. He publishes sophisticated posts about specific AWS services and keeps his readers up-to-date on the latest AWS news.

Link: allthingsdistributed.com

7. CloudTweaks

About Blog: Technology News Articles – Cloud, Big Data, IoT News and Resources.

Link: cloudtweaks.com

8. Cloud Computing Magazine

About Blog: One of the most active and extensive cloud blogs available. Its posts are from numerous writers from across the cloud industry.

Link: cloud-computing.tmcnet.com

9. Talkin’ Cloud

About Blog: Cloud Computing Industry News Trends for cloud services providers (CSPs), managed services providers (MSPs) and value-added resellers (VARs).

Link: talkincloud.com

10. Compare the Cloud

About Blog: Compare the Cloud is one of the Internet’s most popular sources for cloud industry information.

Link: comparethecloud.net

Microservices architecture, advantages and challenges

I was asked to review an architecture diagram for an application that would use MicroServices. I could find few REST APIs in the diagram connecting to a single database.
That raised tons of questions:
1. Only one database?
2. What if the database is down?
3. All services will be hosted in a single server?
4. What if I need to upgrade the server?

What is MicroService?
It will not be an easy task to define MicroService in a single statement. The definition depends on different viewpoints & requirements. However, most of the prominent characteristics of MicroServices are:

• They encapsulate a customer or business scenario.
• They are developed by a small development team.
• They can be written in any programming language and use any framework.
• OOPS concept is implemented in loosely coupled manner
• The Codebase is small that are independently versioned, deployed, and scaled.
• They interact with other MicroServices over well-defined interfaces and protocols.
• They have unique names (URLs) that can be used to resolve their location.
• They remain consistent even after failures.

SOA vs. Microservices
Microservice is not only SOA. If Microservices are to be defined, is simply an ideal, refined form of SOA. SOA focuses on imperative programming, whereas MicroServices architecture focuses on a responsive-actor programming style. It’s something like decomposing a large monolithic service into smaller independent services which are self deployable, sustainable & scalable.

Microservice Architecture – Overview
Just as there is no formal definition of the term MicroServices, there’s no standard model that you’ll see represented in every system based on this architectural style. But you can expect most MicroService systems to share a few notable characteristics.
1. Software built as MicroService can be broken down into multiple components, so that each of these services can be deployed, and redeployed independently without compromising the integrity of an application.
2. The MicroServices style is usually business and priorities centric. Unlike a traditional monolithic development approach, MicroService architecture utilizes cross-functional teams. In MicroServices, a team owns the product for its lifetime, as in Amazon’s oft-quoted maxim “You build it, you run it.”
3. MicroServices have smart endpoints that process info and apply logic, and dumb pipes through which the info flows. They receive requests, process them, and generate a response accordingly.
4. Decentralized control between teams, so that its developers strive to produce useful tools that can then be used by others to solve the same problems.
5. MicroServices architecture allows its neighbouring services to function while it bows out of service. This architecture also scales to cater to its clients’ sudden spike in demand.
6. MicroService is ideal for evolutionary systems where it is difficult to anticipate the types of devices that may be accessing our application.
MicroService architecture uses services as small components and is usually business centric; focuses on products functionality; has smart end points but standard input/output mechanisms; is decentralized, as well as decentralized data management; is designed to auto scale & is resilient to failure; and, of course is an evolutionary model.

Knowledge needed to implement MicroService
To conclude our brief overview of microservices here, we need to have a basic grasp of the following concepts:
• Object Oriented Programming (OOP) with loose coupling techniques
• Web service / API/ REST—a way to expose the functionality of your application to others, without a user interface
• Service Oriented Architecture (SOA)—a way of structuring many related applications to work together, rather than trying to solve all problems in one application
• Single Responsibility Principle (SRP)—the idea of code with one focus
• Interface Segregation Principle (ISP)—the idea of code with defined boundaries.

Advantages of MicroService
• Evolutionary Design – No need to rewrite your whole application. Add new features as MicroServices, and plug them into your existing application
• Small Codebase – Each MicroService deals with one concern(SoC) only – this result in a small codebase, which means easier maintainability
• Auto Scale – freedom to scale only the loaded service, as that service will handle the bigger load.
• Easy to Deploy – Deploy only the needed codebase, instead of redeploying the entire application.
• System Resilience – If some of the services go down only some features will be affected, not the entire application.

Challenges of MicroService
The MicroService architecture helps a lot, but comes with its own challenges.
• Inter Service Communication – MicroServices will rely on each other and they will have to communicate. A common communication channel needs to be framed using HTTP/ESB etc.
• Health Monitoring – There are more services to monitor which may be developed using different programming languages.
• Distributed logging – Different services will have its own logging mechanism, resulting GBs of distributed unstructured data.
• Transaction Spanning – MicroServices may result in spanning of transactions over multiple services & database. An issues caused somewhere will result is some other issues somewhere else.
• Finding root cause – Distributed logic with distributed data increases the effort of finding the root cause. The performance related root cause can still be managed using APM tools like New Relic & Dynatrace.
• Cyclic dependencies between services – Reproducing a problem will prove to be very difficult when it’s gone in one version, and comes back with a newer one.

Conclusions
MicroServices architectural style is an important idea – one worth serious consideration for enterprise applications. A Monolithic architecture is useful for simple, lightweight applications. It will be a maintenance nightmare if used for complex applications. The MicroServices architecture pattern is the better choice for complex, evolving applications despite the drawbacks and implementation challenges.
MicroServices is prevalent for a long time and recently we are seeing increase in their popularity. There are a number of factors that lead to this trend with scalability being probably the most important one. Utilization of MicroServices by “big guys” like Amazon, NetFlix, eBay, and others, provides enough confidence that this architectural style is here to stay.