How to assess your architectural maturity for Cloud Native 2.0

1) Service-orientation

Services/Microservices are the minimum running unit of service applications. Monolithic applications are decoupled and split as required by service functions and iteration periods. Multiple services/microservices are integrated and orchestrated as standard APIs. Services are integrated in event-driven mode to minimize interdependency. The SLA of services/microservices is constantly improved through measurable construction.

2) Scalability

Services/Microservices need to support the scale-in or out of resource load instances to dynamically adapt to service peak changes.

3) Observability

To prevent service interruption, any software or hardware error in the enterprise IT infrastructure and service applications must be quickly rectified. To this end, services and microservices must be comprehensively observable, including traditional logging, monitoring, alarm/event reporting, microservice-oriented E2E tracing, and service QoS/SLA measurement.

4) Resilience

Service applications should leverage the capabilities of microservice architectures to develop common features such as circuit breaker, traffic control, service degradation, automatic retry, and backpressure. In addition, high-availability DR and asynchronous features need to be developed for better reliability and robustness.

5) Security & Trustworthiness

Enterprises should use cloud security services to harden the security of applications, data, networks, and platforms during digital transformation. In addition, security and trustworthiness management should be implemented throughout the DevSecOps lifecycle, including the key milestones, so that enterprise applications can comply with national, regional, and industry cloud security standards, such as ISO27001, Payment Card Industry Data Security Standard (PCI DSS), and Classified Protection.

6) Automation

While large-granularity monolithic applications of an enterprise are decoupled and split into small-granularity services/microservices, their full-lifecycle management, including development, construction, test, deployment, upgrade, and scaling, should also be automated. Otherwise, the IT system may be complex and suffer from inefficient O&M. To address this challenge, service/microservice software that used to be installed using PM or VM packages is now encapsulated in containers. In addition, the Infrastructure as Code (IaC) for automatic orchestration and DSL cloud service orchestration and deployment scripts that are compatible with mainstream frameworks (Tosca/Terraform and CNCF OAM) are used. Automated CI/CD pipelines and O&M tools, such as GitHub and Jenkins, help streamline information breakpoints and process breakpoints between automatic O&M tools and cloud services at each layer. All these features help automate the entire process, including the input of original service requirements, development, deployment, verification, and roll-out of functions, and subsequent modification and change.

7) Cloud-edge collaboration

In addition to the conventional Internet services, emerging services such as low-latency interactive video livestreaming and AR/VR gaming are also being migrated to the cloud. As more industries accelerate their digital transformation, devices at industrial IoT production sites and IoT terminals in smart cities need to access cloud services at a lower latency. Generally, the latency should be less than 5 ms for industrial IoT, and less than 20 ms for AR/VR gaming. To shorten the latency of accessing cloud services, cloud applications must be deployed near data generating devices.

Data generated by tens of billions of connected IoT terminals around the world amounts to 50 trillion GB. Uploading such massive amounts of data to the cloud is costly. Before data is uploaded to the cloud, the data needs to be analyzed and filtered on the nearby edge node, and then the pre-processed data is uploaded to the cloud for less bandwidth consumption. The data processing and filtering of enterprises that require high security of their core or confidential businesses may be completed in on-premises data centers. This prevents the leakage of sensitive data and personal private information.

Cloud-edge collaboration requires that edge nodes be permanently connected to the cloud so that the cloud can manage the node operating. However, when edge nodes are disconnected from the cloud, they still need to control the Internet and terminals for a period of time, and should be capable of offline processing and self-recovery.

8) Serverless maturity

More cloud services instead of third-party services are used. This is crucial when an enterprise independently performs O&M on open source software. Application design should be based on the stateless mode and the stateful part is saved in cloud services. FaaS, containerized, and serverless cloud services should play a significant role in the organization.