Architecting for the Cloud

Shared Responsibility

You are the architect!

Cloud is one big, great toolbox but…

You keep on having FULL responsibility for architecting the system

Design for Failure

Region Region

Global Services(such as admin console/API, Route 53, Cloudfront)

Availability Zone Availability Zone

Regional Services (such as ELB, S3, SNS, SQS etc.)

Cross-Region utilities(such as RDS Read-Replicas, AMI copy, Route53 LBR)

Leverage Topologies

Focus on Resilience

Availability of resources is difficult to guarantee, accept it, leverage it.

Design for resilience and low MTTR instead

Cloud requires a mind shift

When changing anything, launch a new stack.Don’t waste time fixing dying servers (unless of course)

Treat servers as disposable units

Router

Blue Stack Green Stack

Design for PaaS

Using high level services seems open door…

But in reality IaaS is still king

Design for PaaS (even if it doesn’t fit right from the start)

Pragmatic portability

Avoid vendor lock-in, but not at all costs

Stick to standards, understand alternatives but happily leverage unique features

SECURITY AND DATA PRIVACY

Is your cloud secure enough?

Still concern #1

Make sure you have your policy in place (and act upon it).

Apply Defence-in-depth

Secure each layerUse automation for repeatable tasks

Leverage the available servicesOrganise your security operations

Design security from the very start.

Questions?

gerco@4synergy.nl +Gerco Grandia @gercograndiahttps://nl.linkedin.com/in/gercograndia

BonusSERVICE INSTEAD OF APPLICATION

Think services

User Experience > ApplicationEnsure holistic view

Fail fast, act fast

Apply devops both in culture and design

Service reference architecture

Application Design PrinciplesSelf-service capabilities

Catalogue (SLA)

Licensing

Billing

Subscription Management

ID Management

Usage Analytics

Validation

Deployment

Provisioning

Monitoring & Root Cause Analysis

Platform and Infra services

DevOpsBack Office

End Users

App Developers

ServiceOperators