alphaspirit - Fotolia

Three ways to make your app development process cloud-ready

To get the most out cloud, organizations need to rethink the app development process. Expert Tom Nolle offers three ways to get started.

While the cloud already offers a number of benefits compared to on-premises IT systems, companies can enhance their...

cloud experience further by evolving their app development process. To do this, organizations should consider three changes: moving from a service-oriented strategy to a microservices strategy, mapping out workflows with the cloud in mind, and modernizing security and compliance practices to accommodate the cloud.

Let's take a closer look at each of these steps, along with best practices for implementing them for cloud software development.

Using microservices in your app development process

Componentization and modularity have been mainstays of software design for decades. Breaking large applications into reusable and manageable pieces improves development efficiency and helps with application lifecycle management, security and governance. However, many organizations have wondered how to bind those components into applications. And, prior to the cloud, the most common answer was a service-oriented architecture (SOA).

To enable parallel processing and hosting, SOA separates the integrated components of a monolithic image. SOA is supported by remote procedure calls (RPCs), which extend requests for a component to a remote location via a network. However, this creates a complex string of stateful application components, meaning each component has to wait for other processes to complete before continuing to run.

One of the cloud's primary benefits is its ability to replicate components to accommodate workloads and quickly replace failed components. However, stateful applications inhibit those features. Instead, organizations should consider microservices -- or small units of application functionality -- for their cloud app development process.

In well-designed microservices, each process request is complete; unlike SOA, there's nothing the microservice has to remember from prior steps. As a result, any copy of the microservice can handle the request.  

JSON is an API style that's widely used in the Web and for microservices. Organizations adopting the cloud should consider using JSON instead of heavyweight SOA, SOAP or Web service standards.

Mapping workflows for cloud

Another way to evolve your app development process for cloud is to carefully map workflows among application components. It can be risky to fragment applications too much, particularly if those fragments run in a different part of the cloud or a different cloud altogether. Delays can accumulate and impact the application's reliability.

If you have a highly interactive group of microservices, run them locally to each other when you deploy them or bind them as a group into a single cloud function. Also, support component replication and replacement where it provides the most benefit in terms of availability and performance. For example, if you have a back-end database process that must handle reads and updates for all requests, placing parallel components in front of that won't do anything but move the bottleneck around.

For modern applications, it's common for organizations to manage workflow steering using a service bus and a process language, such as BPEL or BPML. However, central workflow steering can cause too many transitions into and out of the cloud, introducing delays and reducing reliability. To avoid this, map the exchanges associated with your service busses and, if necessary, put a bus in both the cloud and data center to handle exchanges locally.

Rethinking app security and compliance

The third way to evolve your app development process for cloud is to focus on security and compliance. While elasticity is a key benefit of cloud, moving components across hosting environments can introduce risks if those environments are not secured and governed.

Ensuring your cloud meets full data center standards for security and compliance is an option, but it may take things further than needed and introduce higher cloud costs. In most cases, security and compliance efforts are intended to protect access to data, applications or both. These areas are likely found in the back end of transaction processing, near the databases themselves. So, if organizations can apply access controls there, after user formatting and request management front-end processing, it's easier to host front-end elements without special security and compliance constraints.

In addition, security keys present a risk in the cloud because it's difficult to protect them. Consider keyless systems and blockchain technology, such as the type used in bitcoin, as an alternative to traditional encryption. It's possible to authenticate both the process elements and data with these technologies, and the result is cloud-ready applications.

Finally, don't make piecemeal changes by focusing on just one of the three steps above. Optimizing your app development process for cloud is a complex undertaking. Only early and constant testing of your approach can ensure you deploy cloud-ready apps in a timely way.

Next Steps

A complete enterprise guide to cloud app development

Understanding the evolution of DevOps in cloud

Weighing microservices pros and cons

Dig Deeper on Managing Cloud-Native Applications