One size fits all is no longer good enough. Products tailored to individual user preferences continue to grow more common, and modern IT architectures must be able to support them. Thankfully, virtualization, DevOps, and other initiatives have made it possible to customize IT applications and efficiently deliver microservices to the general public, though consumers may not know it by that name.
That’s not to say that meeting expectations and delivering applications in an IT environment through microservice-driven applications isn’t a challenge. IT architects are building flexible and dynamic network designs to spin up services that understand individual preferences and policies. Unfortunately, many components within the application delivery infrastructure are often overlooked or ignored when microservice application models are deployed.
No Application is an Island
When an end user connects to an application, numerous applications and components are involved behind the scenes to deliver the data. For instance, firewalls and security devices confirm that the connection and content are valid. A policy and management system validates the user’s profile, and the backend database verifies that the user can only access and manipulate data he or she is authorized for.
If an instance of the application is spun up or enabled within the network infrastructure, all of these components and policies must be implemented in conjunction with the micro instance of the application. It isn’t adequate to bring up an instance of the application on the network for a specific user or group and believe that all requisite IT policies and best practices have been applied.
At a minimum, firewalls and security technologies with the application-specific and user-specific policies should be brought up in front of the application server concurrently with the application. Network routing and pathing advertisements may need to change to open access to the server from a specific location or deny access to restricted parts of the network infrastructure where the application server is spun up. The application needs access to authentication servers, policy servers, and databases, and network paths should be altered to enable the required connectivity.
Ultimately, developing a detailed and non-trivial process will ensure that all the components and changes associated with each creation of a microservice-based application are accurate and secure. This will ensure appropriate network design and management policies are adhered to.
The procedure to enable microservice-based applications cannot be manual. Microservice application delivery should be automated and orchestrated, including the different components in the IT architecture, such as application servers, hypervisors, security devices, network switches, and routers. The process should be quick to meet user expectations, too. Taking days or even hours for each application instance to be created and made available is too long. On-demand infrastructures must provide access when the demand is created, not after it has dissipated.
Automation also eliminates the high potential for human error during the application instantiation process, when a step can easily be missed or a policy misconfigured. The process could occur multiple times in a day depending on the granularity of the microservice and the nature of the application.
Policing the Policies
For the microservice application delivery model to work, procedures to support and maintain the overall IT architecture design and management policies must be implemented. Well-defined application access policies also must be incorporated through the orchestration and automation system, and reviewed regularly to ensure they keep up with changing business needs.
An efficient and effective application delivery infrastructure within the microservices model requires IT organizations to take a fresh look at their architecture and policies. The dynamic nature of the microservices model means that a comprehensive automated and orchestrated implementation of the IT policies and procedures is critical for long-term success.
Frank Yue is the Director Application Delivery Solutions for Radware (News - Alert). In this role, Yue is responsible for evangelizing technologies and trends around Radware�s ADC solutions and products. He writes blogs, produces solution architectures, and speaks at conferences and events around the world about application networking technologies. Prior to joining Radware, Yue was at F5 Networks (News - Alert), delivering their global messaging for service providers. Yue has also covered deep packet inspection, high performance networking, and security technologies. Yue is a scuba diving instructor and background actor when he is not discussing technology.
Edited by Alicia Young