This is the 1000th post on the Computer Weekly Developer Network in its seven year of existence.
It would have been inappropriate not to thank all the firms and their representative communications engines who have supplied commentary since this ‘column’ style blog started way back in July 2010 when we were still discussing developments for Windows Phone 7.
So, thank you.
From mobile, to cloud
One of the most fundamental shifts we have seen over the past seven years has been the shift to cloud, obviously.
If you click back on the ‘July’ link above you’ll see that we ran a story entitled I am a software developer; therefore I am a mobile developer… running this today we would need to change that to I am a software developer; therefore I am a cloud developer?
Looking at 2024
If we consider where we will be in another seven years time, will 2024 see us write I am a software developer; therefore I am a AI developer, I am a software developer; therefore I am a Quantum Computing developer, or perhaps I am a software developer; therefore I am a (not yet invented platform) developer.
Thank you once again to everyone who has read, contributed and been involved with this blog in every way.
Application Performance Management (APM) specialist AppDynamics hosted its 2017 Summit #AppDSummit event in New York this week and CWDN was listening to the proceedings in full.
AppDynamics CEO David Wadhwani took the stage to kick off proceedings.
Wadhwani noted that every [user or machine] action initiatives millions of lines of code across multiple methods in a variety of datacentres in a multiplicity of different environments. For developers, Wadhwani says he sees more and more departments now working to adopt more Agile work methods that embrace the elastic nature of cloud.
Hardening up brittle services
With too many brittle services out there relying on outdated legacy structures, Wadhwani attempts to justify and validate his firm’s technology proposition by saying that the health and agility of any customer’s technology stack now also reflects and describes the health and agility of that same firm’s business.
Rowan Trollope, SVP and GM of IoT and Applications at Cisco joined this event’s keynote to explain how he, as a core software application development professional at heart, understood that there needed to be a more vertical integration of the total [new] stack of application components now being built in the componentised world of cloud, containers and microservcies.
“We want to build self-driving infrastructures where we appreciate that infrastructures will become more intelligent, more automated and more secure. We need to always understand what is important to the business owner and be able to drive application services to deliver on that basis,” said Trollope.
So as the vertically integrated software defined network now gets smarter, Trollope says that the most exciting part of how AppDynamics now works as part of Cisco is how the teams themselves are now working to build out a wider vision.
It’s all about end-to-end visibility (from the end user, through the applications, all the way down to the infrastructure).
The suggestion here is that we should imagine a world where every technical decision that is made makes a direct [ultimate] impact upon every user through applications and then onward therefore to a business. But, deeper, that world runs in a universe where systems are self-healing and self-optimising. This is what AppDynamics says it is building.
Keynote presentations at this event also touched on the role of I/O (Input/Output) in APM.
According to AppDynamics, the role of I/O professionals increasingly includes not only justifying the cost of running the IT infrastructure, but also, more importantly, providing business executives with metrics and data that support business operations.
However, the firm insists that while the I/O team is comfortable monitoring network availability, application uptime and application response times, the business ultimately cares about how those things translate into revenue, cost, risk or some other business value metric.
Unified monitoring vision
What AppDynamics stresses is highly important is creating a single unified vision for monitoring through one platform and one User Interface.
The one platform monitoring vision from AppDynamics extends across: end users; application performance; database; server visibility… and now with a new IoT visibility offering, plus also a new network monitoring capability.
Looking at the platform scope that AppDynamics says it now brings to market, the software here is able to monitor every business transaction being executed within a given network through the diagnostics that it offers.
Application fabric & topology
As we all now look to getting this whole cloud migration process to happen, we know well that migrating all applications with all their associated methods and dependencies will be tough. The whole ‘fabric’ described here then becomes an even more complex ‘topology’ if we consider the fact that cloud apps, once running, will be deployed under a variety of different post-deployment billing methods for every instance in hand.
With this cloud centricity in mind, AppDynamics welcome Barry Russell from AWS to explain how AppDynamics has partnered with the cloud giant to also extends its APM vision (and capabilities) into the kinds of cloud deployments now happening… but all with a view on user experience (which should also channel to business success, as we have said).
This event would be incomplete without the a mention of Business iQ, the firm’s brand label for its line of application-centric and business-centric dashboards.
“Real time services inside Business iQ has allowed us to really see how changes in our IT stack [and its applications] really affects our end users,” said John Hill, CIO of AppDynamics customer and durable clothing wear seller Carhartt. “Most of the time we spend with the AppDynamics team was focused on understanding what each transaction in our system really meant and so then trying to model that out.”
Hill explains that his team works with AppDynamics to manage promotions management to analyse how promotions are working and [live] tune and monitor his company’s application propositions in real time.
Also noted in this main session was the notion of so-called ‘Business Journeys’ — this is the concept of being able to author, join, monitor and manage elements inside any given application in terms of its process steps.
If we take the example of a mortgage, this total process would involve loan applications, document verification, credit check, underwriting and then onwards to loan approval… all of which go together to form a total business journey.
In summary, AppDynamics has presented a keynote session with a surprisingly dovetailed mix of both corporate messaging (hey, we just got acquired, so here’s some roadmap and vision) alongside some deep dive practical product demos (hey, here’s some method architecture monitoring demos played out live by application owner developers)… and that’s a heady mix.
Transaction log message analytics alongside IPO stories, yeah really… now you know why people talk about distributed abstracted hybrid technologies, the same obviously goes for keynotes.
Cloud, datacentre and communications software company Node4 has sauced up its security portfolio with a series of upgrades and new security services under the banner of SECaaS (Security as a Service).
Essentially the firm is saying that software application developers working to implement security controls should have an appreciation for the fact that security (especially in the services centric world of cloud) comes in layers, just like onions.
Node4 has taken a holistic view to prevent the kind of vulnerabilities experienced when integrating separate point solutions.
The new service, which is fully-managed by Node4’s Security Operations Centre (SOC), incorporates a number of new elements, including AI and Threat Intelligence.
“Everyone talks about layered protection these days, and that’s hugely important,” commented Steve Nice, chief technologist, Node4. “However it also misses the point slightly. Businesses need the intelligence to put the various tools and services under a single layer of management and to ‘cement’ these elements together in such a way that nothing can slip between the cracks. If components aren’t well-optimised, or you don’t have the visibility to identify and react to threats quickly; businesses risk leaving themselves vulnerable.”
The advice from the firm is that SMEs and the mid-market sector need to remember that as threat vectors and the nature of security threats constantly evolve, security is becoming an increasingly difficult challenge for many SMEs to meet.
Node4’s improved SECaaS offering includes Node4 Next Generation Firewall (N4NGFW) – a managed high-specification firewall integrated with Unfied Threat Management (UTM), which is maintained, monitored and managed by the SOC team for enhanced protection.
There is also cloud security, threat detect intelligence, mobile device management and end point management system technology here.
All at sea on security
In related news, we also learn that a survey by independent satellite communications provider, NSSL Global, has suggested that, although shipping crewmembers understand that they are partially responsible for maintaining cybersecurity on-board their vessels, as many as 84% claim to have received limited or no cybersecurity training from their employers.
“The lack of cybersecurity training is a real concern, but largely tallies with what we’re seeing in the industry,” commented Nigel Quinn, IT security and enterprise manager, NSSLGlobal. “With threat vectors and the nature of security threats constantly evolving, the maritime industry needs to be just as prepared as any other industry to tackle the issue head on.:
Quinn insists that With the majority of attacks being targeted at people rather than IT infrastructure, the ‘human factor’ is widely considered to be the biggest risk in cybersecurity at sea.
To help crews better understand the cybersecurity risks they face and as part of its ongoing campaign to promote cybersecurity at sea, NSSLGlobal will now include its recently co-produced ‘cyber security at sea’ training video on all newly-installed equipment.
First the Earth cooled… and then there were tools, devices, machines and eventually software applications – then, finally, we started calling them apps.
In the second age of man (and woman and gender neutral individuals), we started to go beyond mere application existence and consider the fact that apps needed management tools broad enough to encompass their entire lifecycle – we called this APM, or Application Performance Management.
As the APM space became a defined sub-universe of the wider development, programming and software engineering landscape, specialist vendors arose to populate the need for this function.
Finally, somewhere around 17 years after the turn of the second millennium, the tech industry started to host custom-created events to focus on the world of APM. And so… AppDynamics hosted its New York located #AppDSummit Summit 2017 event.
Catching up with AppDynamics
First a little background, earlier in 2017 Cisco acquired AppDynamics for $3.7 billion. The deal is now fully cemented and the next era for both firms is now in motion.
Today we know that AppDynamics and Cisco are now trying to share what they call a “joint vision for the future of APM” going forward.
Perhaps not just a corporate marketing platitude, the firm explains that this so-called vision centres around specific machine learning advancements and some big announcements around AppDynamics’s business IQ platform.
The New York event also promises to feature a strong focus around cloud migration and how crucial APM is to DevOps.
Convergence of IT & business
According to AppDynamic’s director of technology strategy John Rakowski, APM has become crucial in helping businesses understand themselves and their customers. He insists that the AppDynamics Summit NY is one of the few global events where Fortune 500 companies come together to discuss how they’re leveraging APM to drive major business revenue.
“Following our acquisition by Cisco earlier this year we will be telling the latest chapter in our story. Expect to hear about how we’re working together to apply machine learning to predict future application and business problems, major announcements around our App iQ platform and much more around migrating to AWS and mutli-cloud success, as we look to share our vision for the future of application and business monitoring,” Rakowski told the Computer Weekly Developer Network team.
Big apple, big vision?
Looking deeper at the event’s programme of activities and tracks we can see that there will be a customer best practices session.
There will also be a session titled Game Changers. For this, AppDynamics says it has picked three topics having a major impact on the way Application Performance Management is approached:
- DevOps which is now viewed as ‘mainstream’.
- The move to a multi-cloud strategy.
- Machine Learning (ML).
A strategy and vision session will detail new technology releases from AppDynamics and how these capabilities will be working in tandem with the broader Cisco solution portfolio. Senior teams from both organisations will present on the major new releases.
Finally there’s a product deep dive. The firm says this is time to focus on strategic integrations and additional product capabilities.
“Expand the potential of your AppDynamics investment, by extending your visibility into mainframe environments, and take a fresh look at issue resolution by combining with ServiceNow,” reads the promo details.
It’s APM and ML, all in a New York Minute, what’s not to like?
Load balancing and application services used to rely on traditional (i.e. old fashioned) appliance-based web application firewalls.
That day has now passed, according to Avi Networks… a firm known for its so-called Intelligent Web Application Firewall (iWAF) technology.
Where [software] appliance based firewall technologies were (admittedly) constrained by the operational and performance limitations of the hardware upon which they say, Avi Networks says it has come forward with a software-only solution that operates as a centrally managed fabric across datacentres, private clouds and public clouds.
It is, by nature then, scale-out… as big as the web needs.
Wall of knobs
The assertion here is that traditional web application firewalls suffer what the company calls ‘wall of knobs’ complexity, that is – they present a massively complex surface of dials and switches all operating as controls for black boxes that provide little to no intelligence.
Avi’s elastic scale-out platform enables iWAF to perform at what is claimed to be 50X faster than legacy appliances, processing hundreds of Gbps of throughput and over a million transactions per second.
Also… iWAF protects web applications from common vulnerabilities identified by Open Web Application Security Project (OWASP), such as SQL Injection and Cross-Site Scripting, while providing the ability to customise the rule set for each application.
Don’t fly blind
“In the face of ever-increasing cyber threats, enterprises need to protect their most important revenue-generating assets: their web applications. We designed iWAF to be robust and secure for any application, traditional or cloud-native, under any amount of traffic,” said Guru Chahal, vice president of product at Avi Networks. “With the Avi Networks iWAF, IT teams no longer need to fly blind when writing and enforcing security policies.”
Additionally, iWAF analyses the security rules that match a particular transaction, providing this in real-time as applications and attack patterns evolve.
Based on this intelligence, one-click customisation of rules and exceptions could help reduce the problem of false-positive fatigue.
Essentially this product provides centralised management, elastic scale and closed-loop security analytics.
The Avi Networks iWAF is the latest component of the Avi Vantage Platform, which features a Smart Load Balancer and an Application Service Mesh.
This is guest post for the Computer Weekly Developer Network blog written by Ben Newton, analytics lead at Sumo Logic.
Sumo Logic, a firm known for its cloud-native machine data analytics platform designed for what has been called ‘continuous intelligence’ in the continuous always-on world of cloud.
Newton writes as follows…
So, what does it mean to be cloud native?
It reminds me of that age old cocktail party question – “Where are you from…originally?”
In most fast moving urban areas, that answer is almost always somewhere else… and then you meet that rarest of creatures – the native.
They grew up in the neighborhood.
They are ‘street smart’ i.e. they know where to go to get the best sandwiches and where to vacation away from the tourists. They may never have visited all the tourist attractions – because, you know, it just never occurred to them to do it. Being cloud native is like this and more.
So, what are the assumptions and secrets of the cloud native?
Assumption #1: What’s a server anyway?
This is really the most basic and the most profound question.
I remember racking my own servers. I could see the blinking lights and hear the fans. To the cloud native, a server is just a line on an administrative screen. It is a unit of compute. When a better unit of compute comes along, the cloud native presses a button and upgrades.
They don’t name their units of compute after Simpsons characters or care if there are blinky lights. They don’t even know what a server looks like.
Assumption #2: Why build – that sounds painful!
In the pre-cloud world, Oracle clusters are lovingly configured and nurtured – hours are spent deciding on network device specs and hardware configurations. The cloud-native doesn’t understand such drudgery.
These are just services to be configured and be billed monthly by per-second usage.
Why on God’s green earth would you build a database cluster when you stand one up in seconds with a simple command – and scale it by the mere power of thought? In the time it took you to ponder that thought, the cloud native has already scaled their database cluster to 3 continents.
Assumption #3: Is your scaling organic & conflict-free?
In the sad, gray world of the pre-cloud, scaling was something that required thought, planning, and purchase orders.
The cloud-native thinks of their application as organic, like the milk they buy at Whole Foods (which is now on the same bill as their cloud services and can be delivered by drone. Nice!). It starts in a small plot (without using pesticides, of course), and grows to fill the space. Scaling is just something that happens when you shine sun on plants and feed them compost, silly.
The cloud native uses services that are built with scaling as a given, not something to be planned. Of course, there might be hiccups along the way, but you feed the misshapen tomato to your inordinately happy, free-range chickens and move on with your life. It’s 2017 for crying out loud.
Assumption #4 – Geography is for slackers
In the olden days, moving to a new datacenter was like building a new town from scratch. It was painful and lasted for years. The cloud native sees no boundaries to their international ambitions. They can replicate their responsibly grown, modern application to Dublin without even going there to drink their Guinness.
The beauty of the cloud world is the consistency – everywhere. And unlike certain unnamed fast food joints, the cloud native enjoys their non-mediocre, artisanal, conflict-free services the world over.
Just like anyone that moves to a new place, you can assimilate and try to fit in. But you will never know New York like the native Yorker, or understand Chicago like a native of the windy city.
You will never understand technology as well as your kids. That’s life…
About the Author
Ben Newton has spent the last decade and a half of his working life in the world of IT. He is machine data analytics lead for Sumo Logic and part of a team focused on a new approaches to machine data/big data analytics.
Follow Ben on twitter @benoitnewton
This is a guest post for the Computer Weekly Developer Network written by Eric Sigler in his capacity as head of DevOps at PagerDuty.
Pager Duty offers what it calls a Digital Operations Management Platform that aims to integrate machine data alongside human intelligence on the road to building interactive applications that benefit from optimised response orchestration, continuous development and delivery.
Sigler writes as follows:
These days it’s rare that I speak with a customer building on-premises only infrastructure.
Most companies I speak with are moving to the cloud [model] in some capacity, have already migrated, or were built from scratch in the cloud. As a result of this huge shift in how companies approach their infrastructure, many are inevitably and necessarily adopting a cloud-native architecture.
Going cloud native acts as a ‘forcing function’ for how applications are built on top of infrastructure.
Because you’re standardising on the behaviour of lower-level components like compute and network, what you’re effectively telling individual teams working on these smaller, more agile units of software (be it ‘service oriented’ or ‘microservices’) is….
“Please stop spending all of your time reinventing the wheel [in respect of] everything below the application layer.”
This is where traditional or virtualised application design tends to fall down, as you end up spending lots of time reinventing how you ship that software. Which is a painful process, and one that doesn’t often result in useful business value.
Failure 5#1t happens
There are a couple of different, related useful mindsets to remember. The first is just to accept that failure happens, yet this is an area where many software developers tend to treat their software as a precious, unique snowflake.
If, for instance, the network breaks, it’s assumed that the software had nothing to do with that failure – but that’s not the case. Failure happens at all parts and in all aspects of operating a cloud-native infrastructure. In my experience, you ignore this reality at your own peril.
A dependency on dependencies
The second mindset to adopt is that you can’t ignore external application dependencies, such as DNS providers or SMTP delivery services.
Own your dependencies or they will own you.
This isn’t a new concept, but whatever you are building, it’s the responsibility of the service under your control to deliver. Your customers won’t care what downstream dependencies you use, or what problems they had. You must have that engineering in place so that when a dependency fails, you can rapidly recover.
Shifting to a cloud-native approach absolutely changes an organisation’s collaboration among its developer and operational teams. With cloud native comes the move to a consistent, standardised set of primitives that a team can use. This is closer to total ownership of that service, which is uncomfortable for some teams.
The operations team in most companies should be shifting toward providing those platforms and the primitives to their developer teams.
- Ops teams are no longer charged solely with spinning up infrastructure; they’re also now there to be enablers for developers.
- Conversely, the developer teams must effectively use these primitives and platforms provided by operations.
One final aspect that I consider foundational to a cloud-native approach is the importance of small teams working together on smaller services that are then composed together. This leads to far more agility within the business and to a better ability to address the multitude of problems that come innately with software development.
Keeping these points in mind should ease your move to a cloud-native approach and hopefully make it a little less painful.
PagerDuty explains more on digital Ops management here.
Enterprise cloud company Nutanix has announced new capabilities for its Acropolis File Services (AFS) software. This is new technology and it has only been around for a couple of quarters. In that time Nutanix states that around 10% of its customers are choosing Nutanix AFS for their file services needs.
Delivered as part of the Nutanix Enterprise Cloud OS, AFS software is intended to streamline IT operations by ‘natively converging’ Virtual Machines (VMs) and file storage into a single computing platform that is inherently engineered for cloud computing with its ‘scale-out’ characteristics.
Nutanix (as is common with all firms in this space) is usually economical of its explanation of what the mechanics of native convergence might mean. We can safely assume that this is about engineering file structures to the types of compute and data management DNA needed to operate in the cloud i.e. an environment where storage comes from services-based streams rather than one single host machine of any description.
Essentially this is all about:
- getting to cloud computing
- mixing best of public and private cloud
- doing it without creating data silos
Cloud portfolio services
The Nutanix Enterprise Cloud OS architecture has been engineered to provide ‘portfolio’ services for cloud applications. Again we ask, what’s a portfolio service?
Nutanix is using this label to express a notion of application building blocks that come with on-demand compute resources. That makes sense, that’s what cloud is.
The kind of things found here are elastic storage services for block and file-based data. The concept is that IT managers could use these tools to build and operate enterprise datacentres that rival public clouds.
Pleasure from your partner
The firm says that its AFS partner ecosystem will also provide tools to help with security (simple in-line antivirus scans using software from Symantec); backup (partners Rubrik and Comtrade); and detailed audits of file system access (partners Varonis and STEALTHbits).
“Rapid AFS adoption shows that customers are clamouring for more ways to converge and simplify all their IT operations, and to replace legacy products with more flexible software-driven solutions,” said Sunil Potti, chief product and development officer at Nutanix.
Potti further insists that his firm is reducing operational complexity with a common software layer. He explains that in addition to simplifying IT infrastructure by removing silos created by dedicated file services offerings, AFS software gives customers a public cloud experience, but with the security and control of a private cloud deployment.
AFS customers can manage file services via Prism, delivering a unified, consumer-grade management interface for their full infrastructure stack and freeing IT resources to focus on critical, business-driving activities.
Deeper dive info on this subject can be found on the Nutanix blog.
There are software application development professionals in every industry from oil & gas to cake baking, obviously.
There are core characteristics and functions that will bind all developers together — such as the need to adopt web-scalable composable containerised architectures in the modern cloud era along with Agile programming practices… and so on.
But could the need to engineer payment mechanisms into modern app structures in our oh-so very customer centric society form a new ‘must have’ in contemporary programming environments?
Paysafe thinks the answer to the above technology propositions is yes.
But then it would do… the firm is a developer-focused API-first global payments company with a programming platform that it sees as one of the key channels for receiving direct feedback to optimise its product range.
Paysafe says it has long-held strong relationships with developers within medium-to-large enterprise merchants.
The aim of its Developer Centre is to allow developers to understand the breadth of Paysafe’s product range, how they can integrate APIs/payment services.
Its also aims to encourage engagement through its blog and Stack Overflow.
The ‘checkout experience’
Paysafe.JS is a hosted payment product that allows merchants to download an SDK to create a customised payment form that adheres to a firm’s own brand and so-called ‘checkout experience’ (Ed – oh, that’s really a ‘thing’ now then).
“The Developer Centre is the main platform for Paysafe to showcase product innovation to the developer community, it also allows merchants to integrate their new product innovation/APIs. Paysafe has a number of new features in development, including its Global Product Roadmap, greater interactive product tutorials and demonstrational videos; allowing merchants and developers to subscribe to real time APIs statuses updates via Status.io. Paysafe also plans to further simplify its application process so that merchants and developers can onboard even faster,” said the company, in a press statement overview.
Look & feel
The Paysafe Card Payments API appears to offer a full suite of credit and debit card functionality for card-processing needs… plus, the Paysafe 3D Secure API offers control of the cardholder authentication process for a developer’s e-commerce platform of choice.
Paysafe… hmm, it almost sounds like a good excuse for a padlock and keyboard picture, oh okay, go on then.
Software application developer-focused revision (and version) control system company Perforce Software has nipped down to IKEA and bought itself Sweden-based Hansoft Technologies.
Hansoft is neither known for its effective implementation of flat-packed furniture or its development of delicious low-cost meatballs.
Instead, Hansoft is a provider of enterprise-level Agile planning tools.
Perforce then, for its money, gets additional project management tools as the core component of this deal.
“At Perforce, we’re on a mission to connect teams to the efficiency, insights, support and security they need to innovate. With this latest acquisition, we’re pleased to build on that undertaking with a solution that provides both macro- and micro-level views into enterprise Agile projects,” said Janet Dryer, Perforce CEO.
Hansoft software is said to be applicable across entire teams — from developers to managers to executives — to provide planning, management and collaboration functions.
Previously Perforce will have already had a good degree of planing and management tools inside its Helix ALM (Application Lifecycle Management) product to help centralise and link development artifacts across the application lifecycle… but presumably the firm wanted an extra dose of Agile, which it will get from the Hansoft boys and girls.
The software achieves its team-wide functionality by synchronising two entities that often have conflicting needs in Agile enterprises: the development team and the management team.
Agile + Waterfall
“Using Hansoft, team members are free to use their preferred combinations of Agile and Waterfall project management methodologies, including changing methodologies in flight, while managers and executives can make informed decisions with real-time insights and status provided by comprehensive visual dashboards,” explained Patric Palm, Hansoft co-founder and former CEO.
The announcement comes weeks after Perforce unveiled its latest software, Helix TeamHub Enterprise, a code hosting and collaboration solution for multi-repository types that offers build performance for large-scale Git environments.