Transcription

Modern ApplicationDevelopment on AWSdeCloud-Native Modern Application Development andDesign Patterns on AWSvihOctober 2019crAThis paper has been archived.For the latest techincal guidance on the AWS Cloud, see theAWS Whitepapers & Guides page:https://aws.amazon.com/whitepapers/

NoticesCustomers are responsible for making their own independent assessment of theinformation in this document. This document: (a) is for informational purposes only, (b)represents current AWS product offerings and practices, which are subject to changewithout notice, and (c) does not create any commitments or assurances from AWS andits affiliates, suppliers or licensors. AWS products or services are provided “as is”without warranties, representations, or conditions of any kind, whether express orimplied. The responsibilities and liabilities of AWS to its customers are controlled byAWS agreements, and this document is not part of, nor does it modify, any agreementbetween AWS and its customers.vihde 2019 Amazon Web Services, Inc. or its affiliates. All rights reserved.crA

ContentsIntroduction .6Accelerating the Innovation Flywheel .6Modern Application Development .7Capabilities of Modern Applications .7Best Practices of Modern Application Development .9deModern Application Design Patterns .14Implementing Microservice Architectures using AWS Services .14Continuous Integration and Continuous Delivery on AWS .30vihCI/CD Services on AWS .30CI/CD Patterns for Different Application Types .33Conclusion .38Contributors .38crAFurther Reading .39AWS Services .39Whitepapers .40Video.40Document Revisions.40

AbstractModern application development using containers and serverless technologies can helpyour organization accelerate innovation. This paper includes information aboutimportant best practices and design patterns that you can use to build your modernapplication in the AWS Cloud.crAvihde

Amazon Web ServicesModern Application Development on AWSIntroductionModern companies are increasingly global, and their products are increasingly digital.These digital products—such as cloud infrastructure, mobile apps, big data pipelines,and social media—are influencing application development, which requires anunprecedented pace of change for companies. To achieve this speed, business leadersmust adapt their culture, processes, and technologies to the new reality of this digitalage.deRapid innovation is vital for modern companies, which must drive growth by making themost of their human resources, seeking out new opportunities, and nurturing new ideas.Digital technology is at the core of this rapid innovation.vihAccelerating the Innovation FlywheelBusinesses in almost all industries are experiencing an unprecedented pace of change,and rapid innovation is crucial to improving their pace. Small, unknown competitors canget ahead in a matter of months by focusing on innovation, so it is essential to not onlyinnovate, but to do so quickly.crAAmazon has learned that experiments let you innovate faster. To accelerate innovation,we perform an experiment, listen to user feedback, and experiment again. We do notfear failure, but apply the learnings from each experiment in future efforts. We call thisthe innovation flywheel. To spin this flywheel rapidly, we need a system to releaseproducts, collect feedback, add new features, and release again. The features ofmodern applications make this process possible, and enable you to spin the flywheeland get ahead of the competition through rapid innovation.6

Amazon Web ServicesModern Application Development on AWSModern Application DevelopmentThe most successful companies recognize that it is their technology that sets themapart from the competition. To keep growing and winning business, companies need toinvent new products rapidly. To promote a culture of innovation that makes thispossible, successful companies continually update their methods of designing, building,and administering applications. We call this modern application development.Modern application development gives companies a competitive edge by enabling themto innovate more rapidly. Companies that embrace innovation can complete moreexperiments and bring ideas to market more quickly by shifting resources fromundifferentiated heavy lifting—such as administering and provisioning infrastructure—tomore valuable activities.devihModern application development practices can help companies to realize the speed andagility that go with innovation. Some customers take their on-premises virtual machines(VMs) and move them (also known as lift-and-shift) to host them on Amazon ElasticCompute Cloud (Amazon EC21). Other customers change the platform of theirapplications to a container-based model that is more optimized for the cloud. Still othercompanies refactor their monolithic applications and transition to a microservice-basedarchitecture. Most companies find that when they build more cloud-native applications,they spend less time on administrative overhead and can focus more on their corebusiness.crACapabilities of Modern ApplicationsModern applications should be: Secure – It is crucial for any application to be secure. Security measures mustbe implemented not only in a certain piece of the application, but in all layers andat each stage of the lifecycle.Resilient – A modern application is resilient. For example, if an applicationencounters a failure when it calls an external data source, it should retry orotherwise handle the exception—not become unresponsive—while continuing tooperate with a graceful degradation of functionality. This pattern also applies to amicroservice architecture2 and interactions with other services.7

Amazon Web ServicesModern Application Development on AWS Elastic – By flexibly scaling out and scaling in depending on the rate of requestsor other metrics, modern applications can optimize cost without missing businessopportunities. Automating the process of scaling out and scaling in, or usingmanaged services that include auto scaling functionality, reduces routineadministrative burden and prevents the extreme disruption of outages. Modular – Modern applications are modular, with high cohesion and loosecoupling. Larger systems should not be single monoliths, but should beseparated along domain boundaries into different components, each with adistinct responsibility. Not only does this separation allow for greater availabilityand scalability, but frequent releases are easier, because different componentscan be deployed independently. Automated – Integration and deployment of modern applications must beautomated to enable frequent, high-quality releases. In addition to being errorprone, manual processes can introduce dependence on individual people, suchas requiring a single administrator to make deployments. To support agiledevelopment and frequent releases, modern applications should be deployedthrough continuous integration and continuous delivery (CI/CD) pipelines. In aCI/CD model, code is pushed to version control, tests are run in a clean CIenvironment, and deployments are performed automatically if all tests pass. decrAvihInteroperable – In modern applications, each service must interact with otherservices, provide the resources requested of it, and perform the tasks expectedof it. It must be possible to add functionality to different services independentlyand continue to release frequently, without impacting other services. This meansthat services must keep their implementation details private, exposing allrequired functionality through robust, public APIs. These public APIs must alsobe stable and backward compatible to allow for independent releases.There are various methods you can use to implement modern applications. This paperincludes information about methods to deploy applications in the cloud with containersand serverless technology.8

Amazon Web ServicesModern Application Development on AWSBest Practices of Modern Application DevelopmentThrough conversations with customers and our own development teams, we found thatthere are several modern application development best practices shared byorganizations that bring innovative ideas to the market rapidly.Security and ComplianceWhen you build your system in the AWS Cloud, we recommend that you always startwith security and compliance. Securing the whole application lifecycle enablesorganizations to address security threats without sacrificing speed of innovation.For example: deAuthentication – Control access to your system with permission settings thatprevent malicious access. AWS administrators can sign in to the AWS Consolewith AWS Identity and Access Management (IAM) credentials, or throughintegrations with Microsoft Active Directory or a SAML Identity Provider.Applications built on AWS can leverage Amazon Cognito to allow end users toauthenticate and access resources.vihcrAAuthorization – Implement role-based access control with flexible policies thatrestrict the use of resources without overly complicated administration. IAMprovides granular authorization policies for any AWS resources.Auditing and Governance – Evaluate the behavior of workloads and make surethat they conform to compliance requirements and your organization’s standards.AWS CloudTrail can audit interactions with AWS APIs and log aggregation withAmazon CloudWatch enables you to audit your applications. AWS Config canmake sure that AWS resources are configured to align with your organization’sstandards.Validation – Test all aspects of application functionality, and make sure that itworks as intended. Automate validation as much as possible with continuousintegration and continuous delivery (CI/CD).Modern applications should be thoroughly and frequently tested, however, this must notreduce development velocity. Similarly, you should limit developer permissions, but youshould not revoke the access that they require. Build your security into the entireapplication lifecycle, and automate and continuously reevaluate your security processesand standards.9

Amazon Web ServicesModern Application Development on AWSMicroservice ArchitectureAs monolithic applications grow, it becomes difficult to modify or add functionality tothem, and to track what parts of the codebase are involved in a specific change. As aresult, small changes can require lengthy regression testing, and development of newfeatures can slow. In an application built with a microservice architecture and looselycoupled components, many new features and bug fixes can be implemented at the levelof a single service and released much more rapidly.Organizations with monolithic legacy applications can become more agile and flexibleby redesigning their applications into microservices. Each service is deployedseparately, and all the services work together to offer the same functionality as themonolithic system. Microservices can be built, modified, and released quickly, whichprovides faster experimentation and innovation. Each team that builds microservicescan also take clear ownership of their own design, development, deployment, andoperations.devihTo achieve this loose coupling, the microservices in a system must communicate witheach other. A datastore that is shared between services creates tight coupling, hiddendependencies, timing issues, and challenges with scaling and availability. It is better touse published APIs or asynchronous message queues to communicate betweenseparate services. Separating processes into different pieces that are connected bymessages in queues creates clear transaction boundaries and enables services tooperate more independently.crAMessaging systems can provide scalability, resilience, availability, consistency, anddistributed transactions because of the following characteristics: Trusted and resilient message delivery systemNon-blocking and one-way operationLoosely coupled servicesBringing focus to different logical components in the system, and allowing eachto work independentlyArchitectures that take advantage of these elements can easily expose robust APIs andasynchronous communication channels, which enables each service to be operated andautomated independently, and which also improves reliability.When many different microservices are connected to perform a process, you must havea method to monitor the state of a single end-to-end task. You must also make sure that10

Amazon Web ServicesModern Application Development on AWSall the necessary steps happen in the correct order and at the correct time. You can usestate machines to both monitor the state of tasks and make sure they occur in thecorrect order.You also need a method to manage the overall workflow between services, to configurevarious timeouts, cancellations, heartbeats for long-running tasks, and granularmonitoring and auditing. Managing services with this type of tooling improves speed,productivity, and flexibility. To make sure that microservices execute in the correctsequence with appropriate timing, modern applications take advantage of orchestrationand messaging tools. Using orchestration tools makes it easy to build robust services ina repeatable way. AWS Step Functions is a fully managed tool that can coordinatearbitrary workflows across services. When you use messaging tools, you remove directdependencies between services, which improves reliability and scalability. You can usedifferent tools—such as Amazon Simple Queue Service (Amazon SQS), AmazonCloudWatch Events, and Amazon Kinesis—depending on the specific workload. Byusing orchestration and messaging tools together, your developers do not have tospend time on workflow execution, state management, and inter-servicecommunication, which gives them valuable time to focus on core business logic.vihcrAUsing Serverless TechnologydeWhen you operate and maintain the servers and operating systems (OS) that run yourorganization’s applications, your system administrators must spend time completingsimple and repetitive tasks, such as applying OS security patches. Instead of scaling upby request volume, they must provision servers for peak volume ahead of time, whilecarefully considering availability and durability requirements. You might also have to payfor all of this overprovisioned infrastructure in advance, instead of paying for what youuse as you go.Though services such as AWS Auto Scaling and AWS Systems Manager can reducethese burdens on conventional, VM-based infrastructure, when you build your systemon serverless technology, you don’t have to provision and manage servers. Youradministrators don’t have to spend time on OS patches, or maintain unused resourcesto be prepared for occasional peak usage. Serverless applications scale to meet theprecise demand on each component. Reliability and fault-tolerance are also largelybuilt-in by default, which eliminates much of the design and operations time required forthese aspects of the system. By building modern applications with serverlesstechnologies from the beginning, the whole lifecycle of building, deploying, and runningapplications can also be kept secure. When you remove operational complexity, your11

Amazon Web ServicesModern Application Development on AWSdevelopers can focus their time and energy on building products that delight yourcustomers.AWS provides serverless computing services such as AWS Lambda3 and AWSFargate4. There is Amazon Simple Storage Service (Amazon S3)5 for object storage,and there are now two serverless database options: Amazon DynamoDB6, a fast andflexible NoSQL database, and Amazon Aurora Serverless7, an on-demand and autoscaling configuration for Amazon Aurora. If you want to build an end-to-end serverlessapplication, compute, database, and storage services might not be enough. You canuse other serverless AWS offerings8 throughout your workload, from API management,messaging, and orchestration, to troubleshooting and monitoring.deAutomating Deployment with CI/CDvihCompanies strive to innovate quickly to deliver the most value they can to customers asquickly as possible. To achieve this, modern applications use continuous integrationand continuous delivery (CI/CD) to automate the entire release process: building andrunning tests, promoting artifacts to staging, and the final deployment to production.CI/CD can also automate certain security controls, such as scanning for knownvulnerabilities and performing static analysis. The full CI/CD pipeline can consist of anarbitrary number of quality gates and controls, all of which must be passed successfullybefore any new code makes it to production.crABy automating the full build/test/deploy process, it becomes not only more reproducible,but faster as well. It can also be performed much more frequently—perhaps many timesa day—meaning that each individual deployment consists of fewer changes and lessrisk. Instead of being a high-risk, all-hands-on-deck event, CI/CD allows deployments toproduction to be mundane affairs. Finally, because the time from when code iscommitted to when it is deployed is so much shorter than with manual processes, highpriority security fixes or config changes no longer require special hot patches, but canflow through the standard pipeline.AWS customers can take advantage of fully-managed CI/CD services such as AWSCodeBuild, AWS CodePipeline, and AWS CodeDeploy, in addition to open-sourceoptions and third-party marketplace offerings.12

Amazon Web ServicesModern Application Development on AWSManaging Infrastructure as CodeTo get the full benefits of CI/CD, you should create a model for your entire applicationand infrastructure as code (IaC). By modeling infrastructure as code, you canincorporate it into your standard application development lifecycle, executeinfrastructure changes in your CI/CD pipeline, and get additional benefits, such asreducing configuration errors and provisioning faster. AWS provides a number of IaCtools. One tool is AWS CloudFormation9, which is a service that lets you specify anycloud infrastructure you need in a simple template file, and then provisions theinfrastructure for you. Another tool is AWS Serverless Application Model (SAM)10, whichbuilds on AWS CloudFormation with additional tooling and convenience functions forbuilding serverless applications. AWS Cloud Development Kit (CDK)11 is a tool thatprovides a framework to design cloud infrastructure in code using a language of yourchoice and then provisions it with CloudFormation.devihMonitoring and LoggingDevelopers of modern applications should monitor the behavior of their application atruntime using monitoring and logging tools, and use that data to maintain or improvetheir customers’ experience. In modern digital products, this could mean monitoring amany data types, including application logs, data from mobile devices, web clickstreams, IoT sensor data, or other usage data. Modern application developers shouldtake advantage of all of this data as they continue to expand and enhance theirproducts.crAOn AWS, you can set up monitoring, logging, and alarms for all your applicationcomponents using Amazon CloudWatch. For more information on logging, see LogAggregation.Modern Application ChecklistUse the following information to verify the modernization level of your application: Security and compliance are built in throughout the application lifecycleApplication is structured as a collection of microservices Serverless technologies are used wherever possible CI/CD is used to deliver high-quality functionality quickly Infrastructure is developed and deployed as code Monitoring tools are used to gain insight into the behavior of the application13

Amazon Web ServicesModern Application Development on AWSModern Application Design PatternsA best practice for modern application development is to use patterns to design andimplement your applications. Using AWS services as building blocks for theseapplications, you can greatly reduce your implementation effort and achieve reliabilityand availability, which enables your developers to focus on business logic that addsvalue to your applications.Implementing Microservice Architectures using AWSServicesdeYou can use common patterns for microservices, following best practices, andimplement them using AWS services.vihAPI GatewaysThe API gateway pattern can be used when there are many calls to backend services,and when the content provided varies depending on the client interface or device type.API gateways can consolidate different backend services behind a unified API andserve the content required for each device.crAFigure 1 – Example of communication between services and mobile devices and computerbrowsers without an API gateway14

Amazon Web ServicesModern Application Development on AWSdevihFigure 2 – Example of communication between services and mobile devices and computerbrowsers with an API gatewaycrAIf you plan to use the API gateway pattern in the AWS Cloud, you can use Amazon APIGateway12 to integrate with backend endpoints. Amazon API Gateway also enables youto create, publish, maintain, monitor, and protect REST or WebSocket APIs at anyscale.Amazon API Gateway provides many other capabilities required of production-gradeAPIs, such as throttling, caching, logging, API tokens, authentication or authorizationintegrated with Amazon Cognito, custom authorizers, and proxying of requests to otherAWS services. One essential AWS service that Amazon API Gateway can send proxyrequests to is AWS Lambda, which is the foundation for creating arbitrary web serviceswithout managing any server infrastructure.15

Amazon Web ServicesModern Application Development on AWSBecause Amazon API Gateway is managed by AWS, you don't have to worry aboutoperating and maintaining it. Using Amazon API Gateway provides improved security,reliability, and availability, which allows your developers to spend more time on coreapplication functionality.decrAvihFigure 3 – Example of communication between services and mobile devices and computerbrowsers with Amazon API gateway16

Amazon Web ServicesModern Application Development on AWSService Discovery and Service RegistriesWhen a system includes multiple microservices, services must be able to find thelocation of the other services that they depend on. Microservices must be scalable andelastic, and if components fail, new instances or containers must be brought online toensure constant availability. This means that the IP addresses of the instances orcontainers in a microservice can be constantly changing. Each instance of a servicealso must be continually monitored for availability. You can use load balancers toprovide stable, available endpoints, which are usually the best choice for public-facingweb endpoints. However, load balancers require additional compute resources andintroduce latency. If the client is under your control, as are the calls betweenmicroservices, it can be more efficient to use a service discovery pattern, which you canalso think of as client-side load balancing.devihIn the service discovery pattern, information about the services to be discovered mustbe registered somewhere. A service registry is a central location where services to becalled can store information about themselves as each individual container or instancestarts up.crAFigure 4 – Example of a service registry pattern17

Amazon Web ServicesModern Application Development on AWSdeFigure 5 – Example of a service discovery patternYou can use AWS Cloud Map to implement a service registry and service discoverypattern in the AWS Cloud. AWS Cloud Map is a fully managed service that allowsclients to look up IP address and port combinations of service instances using DNS, andto dynamically retrieve abstract endpoints, such as URLs or Amazon Resource Names(ARNs) over the HTTP-based service discovery API.vihcrAFigure 6 – Example of a service registry and service discovery pattern using AWS Cloud MapCircuit BreakerThe circuit breaker pattern regulates the calls between microservices in yourapplication. To respond to user requests, the microservices in your application makecalls to each other. If Service A sends a call to Service B, but the return call fromService B is delayed or produces an error, then Service A returns an error to the user. IfService A retries the call instead of returning an error, it might provide a better userexperience, but retries can produce extra load and long delays, and can end with an18

Amazon Web ServicesModern Application Development on AWSerror returned to the user. Instead, Service A should recognize that Service B is down,and degrade gracefully, if possible.deFigure 7 – Example of a circuit breaker pattern with returned calls between microservicesIn the circuit breaker pattern, when calls to other services take longer than expected orreturn errors, the circuit breaker keeps count of the incidences and changes to the openstate if the count exceeds the limit you configure. When in the open state, the circuitbreaker returns errors to the caller immediately, without calling downstream services.After a fixed amount of time has passed, the circuit breaker returns to a closed state,which allows calls to the downstream service to return to normal.vihcrAFigure 8 – Example of a circuit breaker pattern with errors returned immediately to the userIt was previously a best practice to implement circuit breakers using a library orframework in the service code, but now it is often handled in containerizedmicroservices with sidecars. A sidecar is a separate helper container that is launchedwith the main container that exposes a core service. Envoy Proxy13 is one popularexample of a sidecar. Though Envoy Proxy can be deployed on its own, it is oftendeployed as part of a service mesh. In this type of deployment, Envoy Proxy is the dataplane and a tool such as AWS App Mesh or Istio is the control plane.19

Amazon Web ServicesModern Application Development on AWSCommand-Query Responsibility SegregationCommand Query Responsibility Segregation (CQRS) involves separating the datamutation or command part of a system from the query part. Updates and queries areconventionally completed using a single datastore. You can use CQRS to separatethese two workloads if they have different requirements for throughput, latency, orconsistency. When you separate command and query functions, you can scale themindependently. For example, you can send queries to horizontally-scalable readreplicas. For greater separation of command and query functions, you can use differentdata models and datastores for updates and queries. You can perform writes on anormalized model in a relational database through an ORM (object-relational mapping)and perform queries against a denormalized database that stores data in the sameformat required by an API (such as data transfer objects or DTOs), which reducesprocessing overhead.devihcrAFigure 9 – Example of an architecture with updates and queries using a single datastoreand ORM20

Amazon Web ServicesModern Application Development on AWSdevihFigure 10 – Example of a CQRS architecture with separate command and query workloads andtwo datastorescrAThough this example optimizes your architecture for consistent writes in a relationaldatabase and very low-latency reads, you might instead want to optimize for very highwrite throughput and flexible query capabilities. In this situation, you can use a NoSQLdatastore, such as Amazon DynamoDB, to get high write scalability on a workload withcertain, well-defined access patterns when you add data. You can then use a relationaldatabase, such as Amazon Aurora, to provide complex, one-time query functionality.With this option, you can use Amazon DynamoDB streams that send data to an AWSLambda function that makes appropriate updates to keep the data on Amazon Auroraup-to-date.21

Amazon Web ServicesModern Application Development on AWSdevihcrAFigure 11 – Example of a CQRS architecture on AWS with DynamoDB, Lambda, and AuroraYou can also combine the command part of a CQRS architecture with the eventsourcing pattern (see the following section). When you combine these patterns, you canrebuild the service query data model with the latest application state by replaying theupdate events. It is important to remember that the CQRS pattern generally results ineventual consistency between the queried datastore and the datastore that

These digital products—such as cloud infrastructure, mobile apps, big data pipelines, and social media—are influencing application development, which requires an unprecedented pace of change for companies. To achieve this speed, business leaders must adapt their culture, processes,