Twelve factor-app

Twelve-Factor App +
Middleware
Build the Future and Prevent Outages
José Javier Vélez-Colón

Agenda
1
Overview
2
Microservice
s
Architecture
3
Shifting
Architecture
4
Continuous
Integration,
Continuous
Delivery
5
Concurrency
6
App Service
7
Conclusion

Overview Microservices Shifting Architecture Continuous Integration, Delivery Concurrency App Service Conclusion
Middleware makes it easier for software developers to implement
communication and input/output, so they can focus on the specific purpose
of their application. It gained popularity in the 1980s as a solution to the
problem of how to link newer applications to older legacy systems, although
the term had been in use since 1968.[2]
Wikipedia!
Where is the middleware depicted in the picture?

Lets be more specific

Who offers middleware and can you avoid it?
Do it yourself (DIY) – App Service/IIS Logic Apps/Mulesoft/hundreds of
other vendors
Features
Send Mail Yes Yes
Connect to Symitar Yes Yes
Connect to Temenos Yes No
Many other features Always yes… Maybe….
Points to take home
• It is nearly impossible to avoid middleware in a line of business application. I had trouble even finding a ficticious
scenario where there would not be middleware…I imagined it would involved an Igloo and Antarctica.
• There is no silver bullet solution for all projects. Each of them have to evaluated individually and the right
architecture should be decided per project basis.
• Use guardrails (best practices to guide the architectural decision but don’t push a product).
• Middleware is a pipeline of how data is transmitted from point A to point B and is not a product

What is a Twelve-Factor App?
A 12-Factor app is a web app that follows the prescriptive
methodology conceived by the Heroku platform as a service (PaaS) for
cloud applications.
Benefits include:
Scalability Resiliency
Continuous
Delivery
Maintainability
Information
Security

+ Pros
» Faster software delivery.
» Better security.
» Team unity and
understanding of each
other’s roles.
» Team works as a unit to
succeed and has
ownership of the overall
project success.
» Microservices do not
require teams to rewrite
the whole app if they
want to add new
features.
» Smaller codebases make
maintenance easier and
faster; saving a lot of
development effort and
time, thus increasing
overall productivity.
» Configuration drift is
reduced.
» The parts of an app can
be scaled separately and
are easier to deploy.
» Reduce outages –
uptime!

- Cons
» Very complicated –need to bring in experienced staff to handle the
complexity.
» Most invest heavily in monitoring tools, such as Dynatrace.
» Larger vector of attack – must invest in SIEM, CASB, PDP, and other
third party tools to maintain safety and data governance.
» Product owners must be willing to invest in their infrastructure and
long term speed to market.
Overview Microservices Shifting Architecture Continuous Integration, Delivery Concurrency Docker Conclusion

Summary of Impact
Business Unit Impact
PMO/ProductO
wners
As product owners, they will be able to have faster release cycles in the long
term, but the initial learning curve within teams will delay their deployments.
QA They will have to automate their tests because the impact could be
downstream. In addition, each version of the API has to have its own unique
test since you do not upgrade microservices, rather you simply deploy a new
one.
Infrastructure The will have to become part of the sprints.
Operations They will have to become part of the sprints for new project developments that
involve APIs or web apps.
Info Sec Their team has a larger vector of attack to cover.
Desktop
Support
Not affected.

Microservices – Difficult to Manage?
A 12-factor app inherently uses microservices. What are microservices
and are they something we can manage?
“Death Star” Architecture Diagrams
Netflix Gilt Groupe (12 of 450) Twitter

API Management
• Access to APIs will be controlled using
Azure AD authentication.
• API gateway serves as the linking point for
all services (internal + external).
• API management platform integrates with
our continuous integration infrastructure.
• Developer portal serves as a single point
of interaction across all developers to.
access/understand/develop/deploy APIs.
• Mulesoft serves as the API Development
and Orchestration Platform.

Internal - First App (Avoka),
(Salesforce)
Partners – Alkami.. Others!
Public - Member or any third party developed–
Rate Lookup, Branch Locations, Products
API
Execution
Business Friendly Micro-Services (REST)
Orchestration to Tie Multiple Micro-
Services
Exception Handling
Mapping to Downstream End Points
Security – Access, Authentication, Certification, Monitoring
Standards Conformation DocumentationDiscovery Monetization
API Monitoring
API
Management
Code Management
Jenkins
Backlog
Core/Block
Chain
Lending Mortgage Products Analytics ……..
Can be anywhere
On Prem, Cloud,
Hosted, etc.
Example Conceptual Architecture of API-Driven FI
External Services

Conceptual Microservices Architecture
SPA &
Mobile
App
Mobile
App
Backends for Frontends
Microservices for mobile
Microservices for SPA
RDB
Remote
Service
NoSQL
Strangler
API Gateway
GatewayRouting
&Aggregation
Microservice
Ambassad
or
Sidecar
Anti-corruption Layer
Legacy System RDB
Microservice
Ambassad
or
Sidecar
Microservice
Ambassad
or
Sidecar
Gateway
Offloading

Microservices Architecture Example
Mobile
App
AVOKA
API
Gateway
Firewall
CASB SIEM
Other APIs
Load Balanced
Core API Services
Ambassado
r
Azure Function/
Azure Event Grid
For MQ Processing
App Service
Logic App
Policy Decision
Point (PDP)
XACML
API FAÇADE Anti-Corruption Layer
Legacy Technology
(Jack Henry Symitar)
SPLUNK
Azure ASE
ILB
Ambassad
or
P2P
AZURE
ASE
ILB
Ambassador
Backend
for
Frontend
NoSQL/
SQL Server
WAF

Typical 3-Tier Architecture
Presentation Tier
The top-most level of the app is the UI. The main function of
the interface is to translate tasks and results to something
that the user can understand.
Logic Tier
This layer coordinates the app, processes commands, makes
logical decisions and evaluations, and performs calculations.
It also moves and processes data between the two
surrounding layers.
Data Tier
In this layer, information is stored and retrieved from a
database or file system. The information is then passed back
to the logic tier for processing, and then eventually back to
the user.
>GET SALES
TOTAL
>GET SALES
TOTAL
4 TOTAL
SALES
Get list of
all sales
made last
year
DatabaseStorage
Add all sales
together
Query
Sale 1
Sale 2
Sale 3
Sale 4

Hexagonal Architecture
Application
HTML5 App
Test Agent
REST
Adapter
SOAP
Adapter
TEST
Adapter
EI
Adapter
MQ
Adapter
SQL
Adapter
NoSQL
Adapter
Environme
nt
Adapter
ERP
CRM
DOC
s
File Source
Adapter
Enterprise Integration
Web Services
Database
Configuration
Messaging Queue

Example App Built for Speed
Application Services (Gateway/Edge Svc)
Read Model Microservice
UI Request (HTTP)
Redis
Commands & Queries
SQL Server
Domain Microservice
RabbitMQ
Commands Queries
Events Domain Events
Precomputed
Results

Requirement
Codebase
Production
Staging
Developer 1
Developer 2
Deploys

Solution
Developer
GitHub
Team City
Code Coverage
+ TDD
Git Push
GitHub Pull
Request Review
Pass Code
Review?
Merge Master/
Staging/QA/Dev
Yes
Azure DevOps
Build
No
Trigger
Prod
Environment
Staging
Environment
QA
Environment
Dev
Environment
Communicates
with
Pass

Dependencies
 Requirement
A twelve-factor app that never relies on the implicit existence of system-wide packages. It
declares all dependencies, completely and exactly, via a dependency declaration manifest.
 Solution
• NuGet Server + NPM
• NuGet Gallery is the central package repository used by all package authors and consumers.
• NPM is the package manager for JavaScript and the world’s largest software registry; it can be
used to discover packages of reusable code and assemble them in powerful new ways.

Present
» Copy NuGet packages to a
local share and have
everyone read off of that.
» We have a private
repository bldsrvr-
dev02NuGet
Repository for all our
NuGet packages. By
configuring the NuGet
Package Manager within VS
we gain access.
Alternative
» Obtain a license for myget and
store the nugget packages
there.
Dependencies: NuGet Server

Requirement
An app’s config is
everything that is likely
to vary between
deployment
environments (staging,
production, developer,
etc.)
Solution
» .NET projects use:
 web.config
 machine.config
 project.json
(appsettings.jso
n)
Configuration
Anything that varies per environment:

Backing Services
» Resources can be attached and detached to deploys at
will.
» For example, if the app’s database is misbehaving due to
a hardware issue, the app’s administrator might spin up a
new database server restored from a recent backup.
» The current production database could be detached, and
the new database attached—all without any code
changes.

Concurrency
Applications sometimes need to run:
• Batch jobs
• Emails
• Workflows
• Other complex logic
A good UX would not wait for all the
services to be completed for the user
to continue interacting with the app.
What is
concurrency in the
context of a twelve
factor app?

Logic Apps
Logic Apps is a fully managed iPaaS (integration Platform as a Service) that handles hosting, scalability,
availability, and management—so developers don’t have to. It can scale up automatically to meet
demand.
Key features:
• Save time by designing complex processes using easy to understand design tools.
• Seamlessly implement patterns and workflows that would otherwise be difficult to implement
in code.
• Get started quickly from templates.
• Connectors to many cloud apps, such as Salesforce, FTP, SQL Server, SharePoint, etc.

Logic Apps /App Service
When a record is updated
Transform XML
Register in Datamart
If record requires action
Add to Service Bus topic
If Yes If No
Create a new record
Slack – Post Message
Execute stored procedure
Add an action Add an action

Disposability
 Requirement
Deploying new code should not
affect production services
startup times.
 Solution
App Service allows you to have the
right amount of resources running to
handle the load on an app. It allows
you to add resources to handle
increases in load and also save
money by removing resources that
are sitting idle.
Max = 5
VM VM
Min = 2
3 currently running
VM VM VM
+/- VMs as needed

Infrastructure
» Training
» Operations Tools
 Azure Container
Registry
 Security
 Management
Monitoring and
logging
Developers
» Learn a
microservices
approach
» Learn .NET core
and avoid IIS
deployments
Training
» Continuous
» Frequent
» Bring experts on
site to teach and
evaluate practices
Change
Management
» Change in culture
» Change in team
structures
» Product owner has
to understand the
long term
investment and
that dev will slow
down at first.
Ok, I’m Sold – Let’s Begin Today…
First, let’s consider the following:

DevOps
Developers must work with Operations from the
start of the project and they have to be included
during the sprint planning as part of the ongoing
work to devise the architecture and deploy it!
When you have developers working alongside
Operations, you get DevOps!
Overview Microservices Shifting Architecture Continuous Integration, Delivery Concurrency Docker Conclusion

Change + Visual Management – Part I
Communicating/disseminating our plan:
• Roadmap
 How are we going to get from our current state to our future state?
 What are our requirements and assumptions?
 How does our future state link to our business and quality values?
 How do we measure success?
• Elevator speech – consistent messaging/signaling during scrums and meetings
 What did we agree on and how did we make this decision?
 What does the future state look like?
 Why are we making the change?
 How does everyone fit into the planning and execution of the future state?

Change + Visual Management – Part II
Tracking our progress and keeping ourselves accountable using visual management
tools:
• SWOT analysis/pre-assessment
• SMART objectives and action items
• Desired outcome
• Tool, service, framework, or process to achieve the item
• Responsible parties (RASCI matrix)
• Key milestones
• Due dates
• Measures of success

Thank You!
Questions/Comments?
Jose.colon@nativoplus.com

Twelve factor-app

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a Twelve factor-app

Similar a Twelve factor-app (20)

Último

Último (20)

Twelve factor-app

Notas del editor