SlideShare a Scribd company logo

Challenges In Modern Application

R
Rahul Kumar Gupta

This presentation highlights major challenges in Modern Applications and provides tips on how to deals with them

Technology
1 of 35
Download to read offline
Challenges in Modern Applications By: Rahul Kumar Gupta (rahgup@yahoo.com)
Rahul Kumar Gupta • 23 yrs. of experience. • Sr Directory Tech, Publicis Sapient. • Technologist by Heart and Role • Engineering Lead for Microservice based project. • Executed > 30 projects for client across Americas, APAC, Europe • >15 Publications. • > 10 certification.
Modern Applications are high performing, high scalable applications which help organizations in accelerate their DIGITAL BUSINESS TRANSFORMATION (DBT) journey and make them FUTURE READY by bringing in high AGILITY to adopt new things , deliver them FAST , reduce TCO all by bringing the best of breed ARCHITECTURE, TECHNOLOGIES and PROCESS together.
NoSQL API Mgmt. SecDevOps SRE Reactive Programming Polyglot Data lakes PWA ELT AGILE Zero Trust Architecture FDD GraphQL GitOps Event Programming Cloud Microservices Micro frontend DevOps Cognitive Containerization BizDevOps NewSQL SAFe Serverless AI /ML Chaos Engineering BDD IoT Infra as a Code Domain Driven Design Canary Deployments BFF
Internal Systems External Systems Integration Layer Desktop site Mobile Site CORE Commerce MobileDesktop Front End CMS Front End CMS Search Product Price Inventory Cart Customer Order Checkout Monolithic Architecture Mobile /TabletDesktop CORE Commerce Search Product Price Inventory Cart Customer Order Checkout Experience ( Mobile / Desktop ) Assemble Component Library Front End Service API (JSON) Internal Systems External Systems Integration layer Headless Architecture or Internal Systems External Systems Integration Layer Mobile / Tablet Desktop Experience Assemble Component Library API GATEWAY Product Chatbot Voice Security Caching Logging Aggregation Modern Application Architecture Social Price Cart Order CUST Backend for frontend Product µ FE Price µ FE Cart µ FE Order µ FE CUST µ FE PWA MonetizationRouting Modernization Journey
Higher Performance Agility Incremental Updates Better Resilient /Flexible Freedom to choose Technology Independent Deployment Improved Productivity & Speed Decoupled codebases Improved Scalability Low TCO Autonomous Business Oriented Teams Benefits of Modern Applications
Challenges
Monitoring Many Moving parts Complex system communic ations More Failure Points Numerous Deployment units Multiple Tech stack Challenging Integration testing Keeping data Consistent More Vulnerabili ty Areas More Operational Complexity Debugging Challenges of Modern Application
Challenges Security Transaction Mgmt z
Security
88% growth in application vulnerabilities over two years. -The state of open source security report 2019 , SYNK 37% of open source developers don’t implement any sort of security testing during CI -The state of open source security report 2019 , SYNK 54% of developers don't do any docker image security testings -The state of open source security report 2019 , SYNK 78% of vulnerabilities are found in indirect dependencies -The state of open source security report 2019 , SYNK 60% of Organizations Suffered a Container Security Incident in 2018 - CyWare In 2018, more than 70 million records were stolen or leaked from poorly configured S3 buckets -Symantec
Programming Artifacts Infrastructure Access
Infrastructure as a Code Source Control Open Source Components/ API Application Code Configurations Programming Artifacts
● Separate Repository for Application & DevOps , Infrastructure code . ● Secured access to Repository. ● Encryption and decryption of files in a git repository ● Use of Vaults for secret Key and Rotate keys ● Don’t write credentials into your source code & docker files ● Don’t pass secrets using environment variable, Use kubernet Secret objects. ● Use Encryption Before Persisting sensitive Data Start Doing
● Static and Dynamic Application Scan ● Security scans for Open source library. ● Cloud Configuration scanning ● Blocking Non Compliant pipelines Start Doing DevSecOps. - Integrate Application, serverless and Opensource Code security scanning as part of CI Pipeline
OS Vulnerabilities Auto Scaling of Services Containers Docker Images Infrastructure
● Create docker images using base image. ● Use Certified docker images after Verification. ● Keep data , SSH key, tokens outside the container. ● Package a single application per container. ● Stop running containers as a Root User. Start Doing
● Self Healing - Kill Container when it misbehaves. ● Regularly update patches in all required PODS ● Scanning Containers and Docker Images. ● Container Sandbox Escaping protection. Start Doing DevSecOps. - Integrate VM and docker container scanner as part of CI/CD Pipeline Aqua security Anchore Engine
DeploymentResource Perimeter Access
● Never trust, Always verify- Define Access policy for all resource ● Use Multi-factor Authentication, wherever required. ● Define Network Policy ● Define SecCom Policy. ● VPC Service Control to restrict Cloud SaaS Service / Outbound traffic ● TLS Everywhere ● Use Web App Firewall as a Service to Restrict entries. Start Doing
● Create Availability Zones, ● Define API Topology. ● Use OpenID or OAuth 2.0 ● Centralising authentication and Authorization. Use API Gateway Pattern ● DDOS -Limit the no of request to be served by resources Start Doing USE Service Mesh Amazon Cognito
DNS CDN Cloud Public IP – Load balancer Firewall API Gateway Private Subnet Load balancer API Gateway Public Subnet fn fn fn fn External Systems/ API Sys1 Sys2 Ap1 Ap2 VPC https https https https https https
78% of more than 100 firms recently surveyed are not reconfiguring their security tools when migrating to the cloud. - Mckinsey
Transaction Mgmt.
As Monolithic Architecture is turned into Microservices , So the local transaction in the monolithic system is now distributed into multiple services. .
More Services = More Complexity
Distributed Tracing # Distributed Traces
● Try avoiding Transactions across Microservices, if possible. ● One Microservice should not change the data of other Microservice. ● Use Event Programming and Avoid Orchestration. ● Use of workflows/ BPM engine in transactions for multiple systems or endpoints. ● Use CQRS pattern for Read and write. ● Apply Back-Pressure mechanism in building distributed systems or will a failure can bring down whole system Start Doing
MS1 MS2 MS3 MS4 Call /Success Failed response F1 F2 F3 F4 1 Business transaction need 4 features to interact MS1 MS2 MS3 MS4 Let’s assume that one MS for each Feature
● Instead of Rollback trigger Delete operation. ● Idempotency is Important to Distribution Transaction. ● Use correlation-id between Micro Services involved in transaction ● Improve logging to include POD, Region, etc. ● Tools to trace the each transactions. Start Doing
Two-Phase Commit Protocol using LIXA LIXA is a transaction manager that implements the two-phase commit and supports the XA specification Source :https://dzone.com/articles/microservices-and- distributed-transactions
Few Points
• Standardize Techstack and toolset for project. • Don’t trust anyone. • Keeping business knowledge clean with API Gateway + Service Mesh + Kubernetes components in the architecture. • Make LEFT SHIFT as much as Possible in DevOps • Monitor , Monitor & Monitor - Build observability - Metrics, Logs & Traces. • Automate, Automate & Automate – Build & Deployment , IaaS, Autoscaling, Auto healing, Vulnerability Scanning. • Systems will fail - Embrace failure as a natural occurrence. Few points
Questions
Thank you rahgup@yahoo.com

Recommended

Simplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementSimplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementDevOps.com
 
Shifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsShifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsLibbySchulze
 
Moving Data Efficiently with Real-Time Streaming
Moving Data Efficiently with Real-Time StreamingMoving Data Efficiently with Real-Time Streaming
Moving Data Efficiently with Real-Time StreamingWSO2
 
30 daysofcloud - 2
30 daysofcloud - 230 daysofcloud - 2
30 daysofcloud - 2HitanshDoshi
 
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...WSO2
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
 
Achieve Full API Lifecycle Management Using NGINX Controller
Achieve Full API Lifecycle Management Using NGINX ControllerAchieve Full API Lifecycle Management Using NGINX Controller
Achieve Full API Lifecycle Management Using NGINX ControllerNGINX, Inc.
 
Automate Your Container Deployments Securely
Automate Your Container Deployments SecurelyAutomate Your Container Deployments Securely
Automate Your Container Deployments SecurelyDevOps.com
 

Recommended

Simplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementSimplify Your Way To Expert Kubernetes Management
Simplify Your Way To Expert Kubernetes ManagementDevOps.com
 
Shifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsShifting security left simplifying security for k8s open shift environments
Shifting security left simplifying security for k8s open shift environmentsLibbySchulze
 
Moving Data Efficiently with Real-Time Streaming
Moving Data Efficiently with Real-Time StreamingMoving Data Efficiently with Real-Time Streaming
Moving Data Efficiently with Real-Time StreamingWSO2
 
30 daysofcloud - 2
30 daysofcloud - 230 daysofcloud - 2
30 daysofcloud - 2HitanshDoshi
 
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...WSO2
 
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)Getting Started with Runtime Security on Azure Kubernetes Service (AKS)
Getting Started with Runtime Security on Azure Kubernetes Service (AKS)DevOps.com
 
Achieve Full API Lifecycle Management Using NGINX Controller
Achieve Full API Lifecycle Management Using NGINX ControllerAchieve Full API Lifecycle Management Using NGINX Controller
Achieve Full API Lifecycle Management Using NGINX ControllerNGINX, Inc.
 
Automate Your Container Deployments Securely
Automate Your Container Deployments SecurelyAutomate Your Container Deployments Securely
Automate Your Container Deployments SecurelyDevOps.com
 
Codemotion Azure Container Apps
Codemotion Azure Container AppsCodemotion Azure Container Apps
Codemotion Azure Container AppsAndrea Tosato
 
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEAAchieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEANGINX, Inc.
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?NGINX, Inc.
 
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components Automations
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components AutomationsFIWARE Global Summit - Leveraging Kubernetes for FIWARE Components Automations
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components AutomationsFIWARE
 
Dual write strategies for microservices
Dual write strategies for microservicesDual write strategies for microservices
Dual write strategies for microservicesBilgin Ibryam
 
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...WSO2
 
IoT 'Megaservices' - High Throughput Microservices with Akka
IoT 'Megaservices' - High Throughput Microservices with AkkaIoT 'Megaservices' - High Throughput Microservices with Akka
IoT 'Megaservices' - High Throughput Microservices with AkkaLightbend
 
Scale your application to new heights with NGINX and AWS
Scale your application to new heights with NGINX and AWSScale your application to new heights with NGINX and AWS
Scale your application to new heights with NGINX and AWSNGINX, Inc.
 
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controllerNGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controllerKatherine Bagood
 
APIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementAPIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementNGINX, Inc.
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleMofizur Rahman
 
Getting started with Azure Event Grid - Webinar with Steef-Jan Wiggers
Getting started with Azure Event Grid - Webinar with Steef-Jan WiggersGetting started with Azure Event Grid - Webinar with Steef-Jan Wiggers
Getting started with Azure Event Grid - Webinar with Steef-Jan WiggersCodit
 
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Inc.
 
Simplify Microservices with the NGINX Application Platform
Simplify Microservices with the NGINX Application PlatformSimplify Microservices with the NGINX Application Platform
Simplify Microservices with the NGINX Application PlatformNGINX, Inc.
 
2449 rapid prototyping of innovative io t solutions
2449 rapid prototyping of innovative io t solutions2449 rapid prototyping of innovative io t solutions
2449 rapid prototyping of innovative io t solutionsEric Cattoir
 
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDocker, Inc.
 
[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration Teams[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration TeamsWSO2
 
Empower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMEmpower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMElasticsearch
 
Using Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep diveUsing Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep diveCisco DevNet
 
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...Tiffany Jachja
 
Implement a Universal Data Distribution Architecture to Manage All Streaming ...
Implement a Universal Data Distribution Architecture to Manage All Streaming ...Implement a Universal Data Distribution Architecture to Manage All Streaming ...
Implement a Universal Data Distribution Architecture to Manage All Streaming ...Timothy Spann
 
Google Cloud Next '22 Recap: Serverless & Data edition
Google Cloud Next '22 Recap: Serverless & Data editionGoogle Cloud Next '22 Recap: Serverless & Data edition
Google Cloud Next '22 Recap: Serverless & Data editionDaniel Zivkovic
 

More Related Content

What's hot

Codemotion Azure Container Apps
Codemotion Azure Container AppsCodemotion Azure Container Apps
Codemotion Azure Container AppsAndrea Tosato
 
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEAAchieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEANGINX, Inc.
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?NGINX, Inc.
 
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components Automations
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components AutomationsFIWARE Global Summit - Leveraging Kubernetes for FIWARE Components Automations
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components AutomationsFIWARE
 
Dual write strategies for microservices
Dual write strategies for microservicesDual write strategies for microservices
Dual write strategies for microservicesBilgin Ibryam
 
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...WSO2
 
IoT 'Megaservices' - High Throughput Microservices with Akka
IoT 'Megaservices' - High Throughput Microservices with AkkaIoT 'Megaservices' - High Throughput Microservices with Akka
IoT 'Megaservices' - High Throughput Microservices with AkkaLightbend
 
Scale your application to new heights with NGINX and AWS
Scale your application to new heights with NGINX and AWSScale your application to new heights with NGINX and AWS
Scale your application to new heights with NGINX and AWSNGINX, Inc.
 
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controllerNGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controllerKatherine Bagood
 
APIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementAPIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementNGINX, Inc.
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleMofizur Rahman
 
Getting started with Azure Event Grid - Webinar with Steef-Jan Wiggers
Getting started with Azure Event Grid - Webinar with Steef-Jan WiggersGetting started with Azure Event Grid - Webinar with Steef-Jan Wiggers
Getting started with Azure Event Grid - Webinar with Steef-Jan WiggersCodit
 
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Inc.
 
Simplify Microservices with the NGINX Application Platform
Simplify Microservices with the NGINX Application PlatformSimplify Microservices with the NGINX Application Platform
Simplify Microservices with the NGINX Application PlatformNGINX, Inc.
 
2449 rapid prototyping of innovative io t solutions
2449 rapid prototyping of innovative io t solutions2449 rapid prototyping of innovative io t solutions
2449 rapid prototyping of innovative io t solutionsEric Cattoir
 
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDocker, Inc.
 
[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration Teams[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration TeamsWSO2
 
Empower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMEmpower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMElasticsearch
 
Using Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep diveUsing Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep diveCisco DevNet
 
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...Tiffany Jachja
 

What's hot (20)

Codemotion Azure Container Apps
Codemotion Azure Container AppsCodemotion Azure Container Apps
Codemotion Azure Container Apps
 
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEAAchieve Full API Lifecycle Management Using NGINX Controller – EMEA
Achieve Full API Lifecycle Management Using NGINX Controller – EMEA
 
Do You Need A Service Mesh?
Do You Need A Service Mesh?Do You Need A Service Mesh?
Do You Need A Service Mesh?
 
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components Automations
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components AutomationsFIWARE Global Summit - Leveraging Kubernetes for FIWARE Components Automations
FIWARE Global Summit - Leveraging Kubernetes for FIWARE Components Automations
 
Dual write strategies for microservices
Dual write strategies for microservicesDual write strategies for microservices
Dual write strategies for microservices
 
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...
[WSO2Con USA 2018] Adaptive and Iterative Integration for Microservices and C...
 
IoT 'Megaservices' - High Throughput Microservices with Akka
IoT 'Megaservices' - High Throughput Microservices with AkkaIoT 'Megaservices' - High Throughput Microservices with Akka
IoT 'Megaservices' - High Throughput Microservices with Akka
 
Scale your application to new heights with NGINX and AWS
Scale your application to new heights with NGINX and AWSScale your application to new heights with NGINX and AWS
Scale your application to new heights with NGINX and AWS
 
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controllerNGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
NGINX Lunch and Learn Event: Kubernetes and the NGINX Plus Ingress controller
 
APIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & ManagementAPIs: Intelligent Routing, Security, & Management
APIs: Intelligent Routing, Security, & Management
 
Istio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at ScaleIstio Mesh – Managing Container Deployments at Scale
Istio Mesh – Managing Container Deployments at Scale
 
Getting started with Azure Event Grid - Webinar with Steef-Jan Wiggers
Getting started with Azure Event Grid - Webinar with Steef-Jan WiggersGetting started with Azure Event Grid - Webinar with Steef-Jan Wiggers
Getting started with Azure Event Grid - Webinar with Steef-Jan Wiggers
 
NGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service MeshNGINX, Istio, and the Move to Microservices and Service Mesh
NGINX, Istio, and the Move to Microservices and Service Mesh
 
Simplify Microservices with the NGINX Application Platform
Simplify Microservices with the NGINX Application PlatformSimplify Microservices with the NGINX Application Platform
Simplify Microservices with the NGINX Application Platform
 
2449 rapid prototyping of innovative io t solutions
2449 rapid prototyping of innovative io t solutions2449 rapid prototyping of innovative io t solutions
2449 rapid prototyping of innovative io t solutions
 
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise KubernetesDCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
DCSF 19 Zero Trust Networks Come to Enterprise Kubernetes
 
[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration Teams[WSO2Con EU 2018] Enabling Agile Integration Teams
[WSO2Con EU 2018] Enabling Agile Integration Teams
 
Empower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEMEmpower Your Security Practitioners with Elastic SIEM
Empower Your Security Practitioners with Elastic SIEM
 
Using Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep diveUsing Cisco pxGrid for Security Platform Integration: a deep dive
Using Cisco pxGrid for Security Platform Integration: a deep dive
 
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...
DevOps Institute SkilUp Day Enterprise Kubernetes - Navigating Your Kubernete...
 

Similar to Challenges In Modern Application

Implement a Universal Data Distribution Architecture to Manage All Streaming ...
Implement a Universal Data Distribution Architecture to Manage All Streaming ...Implement a Universal Data Distribution Architecture to Manage All Streaming ...
Implement a Universal Data Distribution Architecture to Manage All Streaming ...Timothy Spann
 
Google Cloud Next '22 Recap: Serverless & Data edition
Google Cloud Next '22 Recap: Serverless & Data editionGoogle Cloud Next '22 Recap: Serverless & Data edition
Google Cloud Next '22 Recap: Serverless & Data editionDaniel Zivkovic
 
Horizontal Scaling for Millions of Customers!
Horizontal Scaling for Millions of Customers! Horizontal Scaling for Millions of Customers!
Horizontal Scaling for Millions of Customers! elangovans
 
DevOps LA Meetup Intro to Habitat
DevOps LA Meetup Intro to HabitatDevOps LA Meetup Intro to Habitat
DevOps LA Meetup Intro to HabitatJessica DeVita
 
Ultimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on KubernetesUltimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on Kuberneteskloia
 
Spring and Pivotal Application Service - SpringOne Tour - Boston
Spring and Pivotal Application Service - SpringOne Tour - BostonSpring and Pivotal Application Service - SpringOne Tour - Boston
Spring and Pivotal Application Service - SpringOne Tour - BostonVMware Tanzu
 
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS
 
Cloud Native Application Integration With APIs
Cloud Native Application Integration With APIsCloud Native Application Integration With APIs
Cloud Native Application Integration With APIsNirmal Fernando
 
The what, why and how of knative
The what, why and how of knativeThe what, why and how of knative
The what, why and how of knativeMofizur Rahman
 
GCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native ArchitecturesGCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native Architecturesnine
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudNETSCOUT
 
Network Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveNetwork Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveWalid Shaari
 
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Michael Elder
 
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring Boot
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring BootSpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring Boot
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring BootVMware Tanzu
 
[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...
[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...
[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...Srijan Technologies
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Apigee | Google Cloud
 
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...InfluxData
 

Similar to Challenges In Modern Application (20)

Implement a Universal Data Distribution Architecture to Manage All Streaming ...
Implement a Universal Data Distribution Architecture to Manage All Streaming ...Implement a Universal Data Distribution Architecture to Manage All Streaming ...
Implement a Universal Data Distribution Architecture to Manage All Streaming ...
 
Google Cloud Next '22 Recap: Serverless & Data edition
Google Cloud Next '22 Recap: Serverless & Data editionGoogle Cloud Next '22 Recap: Serverless & Data edition
Google Cloud Next '22 Recap: Serverless & Data edition
 
Horizontal Scaling for Millions of Customers!
Horizontal Scaling for Millions of Customers! Horizontal Scaling for Millions of Customers!
Horizontal Scaling for Millions of Customers!
 
DevOps LA Meetup Intro to Habitat
DevOps LA Meetup Intro to HabitatDevOps LA Meetup Intro to Habitat
DevOps LA Meetup Intro to Habitat
 
Ultimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on KubernetesUltimate Guide to Microservice Architecture on Kubernetes
Ultimate Guide to Microservice Architecture on Kubernetes
 
Spring and Pivotal Application Service - SpringOne Tour - Boston
Spring and Pivotal Application Service - SpringOne Tour - BostonSpring and Pivotal Application Service - SpringOne Tour - Boston
Spring and Pivotal Application Service - SpringOne Tour - Boston
 
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
 
Cloud Native Application Integration With APIs
Cloud Native Application Integration With APIsCloud Native Application Integration With APIs
Cloud Native Application Integration With APIs
 
The what, why and how of knative
The what, why and how of knativeThe what, why and how of knative
The what, why and how of knative
 
GCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native ArchitecturesGCP Meetup #3 - Approaches to Cloud Native Architectures
GCP Meetup #3 - Approaches to Cloud Native Architectures
 
A New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the CloudA New Approach to Continuous Monitoring in the Cloud
A New Approach to Continuous Monitoring in the Cloud
 
Network Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspectiveNetwork Automation Journey, A systems engineer NetOps perspective
Network Automation Journey, A systems engineer NetOps perspective
 
Balaji Resume
Balaji ResumeBalaji Resume
Balaji Resume
 
Serverless_with_MongoDB
Serverless_with_MongoDBServerless_with_MongoDB
Serverless_with_MongoDB
 
Ahmed El Mawaziny CV
Ahmed El Mawaziny CVAhmed El Mawaziny CV
Ahmed El Mawaziny CV
 
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
Elevate Your Continuous Delivery Strategy Above the Rolling Clouds (Interconn...
 
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring Boot
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring BootSpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring Boot
SpringOne Tour: Deliver 15-Factor Applications on Kubernetes with Spring Boot
 
[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...
[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...
[Srijan Wednesday Webinar] How to Run Stateless and Stateful Services on K8S ...
 
Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?Which Application Modernization Pattern Is Right For You?
Which Application Modernization Pattern Is Right For You?
 
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
Gilmore, Palani [InfluxData] | Use Case: Monitoring / Observability | InfluxD...
 

Recently uploaded

Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Farhan Tariq
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 

Recently uploaded (20)

Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...Genislab builds better products and faster go-to-market with Lean project man...
Genislab builds better products and faster go-to-market with Lean project man...
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 

Challenges In Modern Application

  • 1. Challenges in Modern Applications By: Rahul Kumar Gupta (rahgup@yahoo.com)
  • 2. Rahul Kumar Gupta • 23 yrs. of experience. • Sr Directory Tech, Publicis Sapient. • Technologist by Heart and Role • Engineering Lead for Microservice based project. • Executed > 30 projects for client across Americas, APAC, Europe • >15 Publications. • > 10 certification.
  • 3. Modern Applications are high performing, high scalable applications which help organizations in accelerate their DIGITAL BUSINESS TRANSFORMATION (DBT) journey and make them FUTURE READY by bringing in high AGILITY to adopt new things , deliver them FAST , reduce TCO all by bringing the best of breed ARCHITECTURE, TECHNOLOGIES and PROCESS together.
  • 4. NoSQL API Mgmt. SecDevOps SRE Reactive Programming Polyglot Data lakes PWA ELT AGILE Zero Trust Architecture FDD GraphQL GitOps Event Programming Cloud Microservices Micro frontend DevOps Cognitive Containerization BizDevOps NewSQL SAFe Serverless AI /ML Chaos Engineering BDD IoT Infra as a Code Domain Driven Design Canary Deployments BFF
  • 5. Internal Systems External Systems Integration Layer Desktop site Mobile Site CORE Commerce MobileDesktop Front End CMS Front End CMS Search Product Price Inventory Cart Customer Order Checkout Monolithic Architecture Mobile /TabletDesktop CORE Commerce Search Product Price Inventory Cart Customer Order Checkout Experience ( Mobile / Desktop ) Assemble Component Library Front End Service API (JSON) Internal Systems External Systems Integration layer Headless Architecture or Internal Systems External Systems Integration Layer Mobile / Tablet Desktop Experience Assemble Component Library API GATEWAY Product Chatbot Voice Security Caching Logging Aggregation Modern Application Architecture Social Price Cart Order CUST Backend for frontend Product µ FE Price µ FE Cart µ FE Order µ FE CUST µ FE PWA MonetizationRouting Modernization Journey
  • 11. 88% growth in application vulnerabilities over two years. -The state of open source security report 2019 , SYNK 37% of open source developers don’t implement any sort of security testing during CI -The state of open source security report 2019 , SYNK 54% of developers don't do any docker image security testings -The state of open source security report 2019 , SYNK 78% of vulnerabilities are found in indirect dependencies -The state of open source security report 2019 , SYNK 60% of Organizations Suffered a Container Security Incident in 2018 - CyWare In 2018, more than 70 million records were stolen or leaked from poorly configured S3 buckets -Symantec
  • 13. Infrastructure as a Code Source Control Open Source Components/ API Application Code Configurations Programming Artifacts
  • 14. ● Separate Repository for Application & DevOps , Infrastructure code . ● Secured access to Repository. ● Encryption and decryption of files in a git repository ● Use of Vaults for secret Key and Rotate keys ● Don’t write credentials into your source code & docker files ● Don’t pass secrets using environment variable, Use kubernet Secret objects. ● Use Encryption Before Persisting sensitive Data Start Doing
  • 15. ● Static and Dynamic Application Scan ● Security scans for Open source library. ● Cloud Configuration scanning ● Blocking Non Compliant pipelines Start Doing DevSecOps. - Integrate Application, serverless and Opensource Code security scanning as part of CI Pipeline
  • 17. ● Create docker images using base image. ● Use Certified docker images after Verification. ● Keep data , SSH key, tokens outside the container. ● Package a single application per container. ● Stop running containers as a Root User. Start Doing
  • 18. ● Self Healing - Kill Container when it misbehaves. ● Regularly update patches in all required PODS ● Scanning Containers and Docker Images. ● Container Sandbox Escaping protection. Start Doing DevSecOps. - Integrate VM and docker container scanner as part of CI/CD Pipeline Aqua security Anchore Engine
  • 20. ● Never trust, Always verify- Define Access policy for all resource ● Use Multi-factor Authentication, wherever required. ● Define Network Policy ● Define SecCom Policy. ● VPC Service Control to restrict Cloud SaaS Service / Outbound traffic ● TLS Everywhere ● Use Web App Firewall as a Service to Restrict entries. Start Doing
  • 21. ● Create Availability Zones, ● Define API Topology. ● Use OpenID or OAuth 2.0 ● Centralising authentication and Authorization. Use API Gateway Pattern ● DDOS -Limit the no of request to be served by resources Start Doing USE Service Mesh Amazon Cognito
  • 22. DNS CDN Cloud Public IP – Load balancer Firewall API Gateway Private Subnet Load balancer API Gateway Public Subnet fn fn fn fn External Systems/ API Sys1 Sys2 Ap1 Ap2 VPC https https https https https https
  • 23. 78% of more than 100 firms recently surveyed are not reconfiguring their security tools when migrating to the cloud. - Mckinsey
  • 25. As Monolithic Architecture is turned into Microservices , So the local transaction in the monolithic system is now distributed into multiple services. .
  • 26. More Services = More Complexity
  • 27. Distributed Tracing # Distributed Traces
  • 28. ● Try avoiding Transactions across Microservices, if possible. ● One Microservice should not change the data of other Microservice. ● Use Event Programming and Avoid Orchestration. ● Use of workflows/ BPM engine in transactions for multiple systems or endpoints. ● Use CQRS pattern for Read and write. ● Apply Back-Pressure mechanism in building distributed systems or will a failure can bring down whole system Start Doing
  • 29. MS1 MS2 MS3 MS4 Call /Success Failed response F1 F2 F3 F4 1 Business transaction need 4 features to interact MS1 MS2 MS3 MS4 Let’s assume that one MS for each Feature
  • 30. ● Instead of Rollback trigger Delete operation. ● Idempotency is Important to Distribution Transaction. ● Use correlation-id between Micro Services involved in transaction ● Improve logging to include POD, Region, etc. ● Tools to trace the each transactions. Start Doing
  • 31. Two-Phase Commit Protocol using LIXA LIXA is a transaction manager that implements the two-phase commit and supports the XA specification Source :https://dzone.com/articles/microservices-and- distributed-transactions
  • 33. • Standardize Techstack and toolset for project. • Don’t trust anyone. • Keeping business knowledge clean with API Gateway + Service Mesh + Kubernetes components in the architecture. • Make LEFT SHIFT as much as Possible in DevOps • Monitor , Monitor & Monitor - Build observability - Metrics, Logs & Traces. • Automate, Automate & Automate – Build & Deployment , IaaS, Autoscaling, Auto healing, Vulnerability Scanning. • Systems will fail - Embrace failure as a natural occurrence. Few points