In a stealthy way, serverless APIs have moved out of the “shiny new thing” phase to being enterprise software developers’ favorite way to bypass development overhead when delivering applications, APIs and microservice functions
Rich Sharples, Red Hat senior product management director, said he was surprised when he found out about the popularity of serverless APIs at Red Hat Summit 2017, last May. During his presentation there, he claimed he hadn’t spoken to many customers who were deploying business apps and APIs on serverless frameworks. That changed after his presentation.
“By the time I left the hall, I’d spoken to 15 customers who were using serverless APIs,” he said, adding that since then he’s talked to dozens more and heard of many other serverless API adopters. “Interest and adoption has ramped up very quickly.”
In serverless computing, a form of utility computing, a cloud service provider offers a pay-per-use compute runtime with a back-end that is invisible to the user. The cloud provider supplies and manages the servers and infrastructure, so that developers can focus on creating code.
However, businesses are not building, for instance, their next airline booking system or CRM system using serverless, Sharples said.
“It isn’t at that level,” he explained. “But serverless is there in terms of doing critical business functions.”
What’s driving increased serverless API use? The main attractors are freedom from provisioning servers, autoscaling capabilities, a small learning curve for developers, increased speed of development and the pay-as-you-go model, Sharples said. With serverless, a developer just has to care about a small fragment of code.
“They can be more task-focused and really push the responsibility of scaling and managing the infrastructure to somebody else,” Sharples said.
Developers deploy APIs on serverless frameworks to bypass the complexity of creating and deploying microservices whenever possible, he said.
“As adoption of microservices increased, developers realized that building them is hard,” Sharples said, adding that they see an API can cover some functions or features that a microservice does.
Serverless APIs win when the choice is between building that function within minutes or hours as an API versus taking more time to build a microservice, Sharples explained.
“I task anybody to go build a resilient measure of microservices in less than a few days,” Sharples said. He also said that serverless API users are making future plans around integration, design plans, event-driven architecture and next generation applications.
Tempering his enthusiasm with reality, Sharples stressed that serverless is not a silver bullet. Deploying APIs on serverless frameworks is good for certain use cases that can benefit from the runtime efficiency.
“There is an envelope where serverless makes sense,” he said. “Outside the envelope, a more traditional long-running microservice would probably make a lot more sense.”
Many businesses have mature API management practices in place for integration via REST APIs and application APIs. Unfortunately, those API strategies can create data silos for most business intelligence and analytics practices. That’s a problem that will only grow as demand for advanced analytics increases, according to industry experts.
Today, analytics pros face the challenge of programmatically answering questions using a limited data set available from an API. API strategies at most organizations have a singular function: to give application developers the ability to extend functionality of applications through process integration.
“These APIs often have limited surface areas and leave many of the data developer roles behind [without resources], because they lack rich query capabilities and are not designed for the purposes of data integration,” said Sumit Sarkar, chief data evangelist for Progress, an independent software vendor.
Data APIs in 2018
Sarkar has seen businesses with well-built data API practices successfully provide continuous operations and real-time capabilities. These functions strengthen analytics efficiency by provisioning data access specifically designed for data managers and business analysts, he said.
There have been encouraging developments in the area of data API management, Sarkar said. There are three in particular that stand out.
One of these developments is the IT industry’s adoption of OData, an industry standard RESTful data API. OData provides standard query capabilities and works without additional code to access data from popular analytical tools, especially those in data visualization, such as Tableau, Qlik or Microsfot’s Power BI.
A second development is better support for third-party analytics tools. SQL access is now increasingly published to developer portals for cloud applications, such as Microsoft Dynamics, NetSuite or ServiceNow.
Finally, as API management strategies continue to centralize authentication, authorization and business logic processes, there are more enterprise demands for SQL access to enterprise REST APIs. To that end, analytics tool vendors may release products that support REST APIs directly this year. However, they must first figure out how to accommodate the wide range of differences between REST APIs. This includes support for different security schemes, varying payloads, invocation methods and query capabilities.
Strategies for data APIs
Organizations should determine the requirements from all stakeholders as a first step in their API strategy planning, Sarkar explained. Teams also need to come to a consensus on the processes that govern access to analytics. For example, APIs that expose detailed data for the purposes of data discovery or compatibility should be provisioned with enterprise reporting tools, such as SAP Business Objects.
“Expect those [stakeholder] teams to ultimately become consumers of your APIs, even if there are no use cases today,” he said.
There are a few questions Sakar suggests teams ask when evaluating tools for managing data APIs. These include:
- Can it work with existing API strategies?
- Can it work together seamlessly with your existing security policies?
- Can it support necessary operational integrations to scale?
- Does it have support for open data standards such as Open Database Connectivity, Java Database Connectivity, and OData?
Sarkar predicts 2018 will bring a surge of interest among companies to merge management processes for app and data APIs. He also predicted more collaboration between business intelligence and analytics teams and the API design teams. By year’s end, the distinction between application-oriented APIs and data APIs will be blurred, which will topple data silos.
There’s a lot of information about DevOps out there, making it hard to determine exactly what it means. However, there are still key principles you can stick to in order to achieve success through DevOps. Here are four questions that, according to our experts, you should be asking when thinking about your DevOps strategy.
1. Have we established a zone of business impact?
DevOps tasks should be clearly connected to the applications they support, and businesses should in turn identify the business processes those applications support. This lets organizations map out what is referred to as a zone of business impact for each DevOps process, and it’s a fundamental part of DevOps documentation. That way, as expert Tom Nolle points out in his piece on the connection between DevOps and enterprise architecture, the impact any DevOps strategy has on business processes — even if the impact is simply a risk of disruption — can be planned for ahead of time. This will also ensure that development teams understand the business process lifecycle, or even lifecycles, that their application may impact.
2. Are we deploying continuously?
Implementing continuous delivery means that changes to your application are created and deployed on an ongoing basis. If your apps are not being delivered continuously, it’s important to start thinking about building a continuous delivery pipeline for them by making sure that everyone involved in app development and delivery is working together. According to expert Chris Tozzi in his piece on applying DevOps principles to app modernization, part of this means ensuring you have the infrastructure tools in place to roll out changes quickly from development to production.
3. Are non-IT departments involved?
Everyone who plays a role in software delivery, including those not in the IT department, should be plugged into a project, advises Tozzi in his piece on DevOps principles to apply to software architecture. Those in customer support, legal and HR departments have a stake in software production. A DevOps-friendly environment should ensure these non-IT stakeholders can collaborate with developers and IT operations staff as needed. Otherwise, nontechnical issues could hinder continuous delivery efforts.
4. Are we going all the way?
Those who do not go all out in terms of cultural acceptance and fully transitioning to all the required tools are going to have a hard time adopting a DevOps strategy, says Twain Taylor in his piece on common mistakes made when transitioning to DevOps. Some of this, he says, involves making significant changes to your infrastructure, like transitioning from servers and virtual machines to containers.
Like it or not, it appears that the continuing skills gap that continues to plague many sections of the software world, including development, testing and more, has found a new victim: digital transformation through the use of machine learning.
A survey conducted by ServiceNow looked at the eagerness of organizations to incorporate machine learning as part of their digital transformation. Mainly, senior executives want to buy into machine learning in order to support faster and more accurate decision making. But the survey polled some interesting numbers that point to what appears to be a significant lack of machine learning skills needed to manage intelligent machines within organizations.
The report shows that 72% of CIOs surveyed said they are leading their company’s digitalization efforts, and just over half agree that machine learning plays a critical role in that. Nearly half (49%) say their companies are using machine learning and 40% said that they plan to adopt.
However, as ambitious as these CIOs are, a serious machine learning skills gap is occurring. Only 27% of those surveyed report having hired employees with skill sets related to intelligent machines, and just 40% of respondents have redefined job descriptions to highlight work with intelligent machines. Furthermore, 41% say they lack the skills to manage intelligent machines, and 47% of CIOs surveyed said they lack the budget for new skills development.
While a good portion of these companies appear to at least be making an effort to find the skills they need to make the most of machine learning, it’s striking that just over half of those CIOs who strongly believe machine learning is essential have managed to acquire the skills they need to make it happen within their organization.
But it’s no surprise that CIOs say they lack the budget for machine learning skills: According to Glassdoor.com, the national average salary in the U.S. for machine learning engineers is $128,000 a year. That’s a serious chunk of change, and it’s probably not enough just to hire one. You also have to consider the upfront cost of machine learning when you add in the money you inevitably will have to spend on software, hardware or various other services your engineers will demand to use.
Again, it seems that a bright sector of the software world suffers again from the ongoing skills gap in the market, one that continues to drive up the cost of engineers and leave those who lack large budgets stuck behind the goliaths. And yet again, it shows that it’s high time to push for better computer science curriculums in schools and also considering the value software development and management talent coming out of developing countries, two things that may help both level the playing field and open up job opportunities for millions of people.
Docker and Hewett Packer Enterprise (HPE) hit the road this month to demonstrate their recently launched Modernize Traditional Applications (MTA) program, designed to help enterprises update their existing legacy apps and move forward with their plans for digital transformation. The presentation was focused on their new program, but Docker’s MTA Roadshow also revealed some common misconceptions C-level execs have when it comes to public cloud hosting for workloads.
One misconception, explained John Orton, workloads in order to determine where they are best suited to live and will perform their functions most efficiently. While some have been in a rush to migrate almost all of their workloads to public clouds, Orton pointed out that many organizations should not forget that there are a large number of applications that may work at least equally well, if not better, on a private cloud or even bare-metal infrastructure.
“I think there’s a lot of confusion in the market about workloads and where they should live,” Orton said, adding that too many companies who have migrated workloads to the public cloud did so without an “exit strategy” that allows them to easily move those workloads back to a private cloud or bare-metal infrastructure.
“Before we decide where these workloads live, let’s take a look at what existing value there is in our infrastructure,” Orton said.
Ken Lavoie, solution engineer at Docker, went so far as to liken C-level executives still pushing initiatives to pursue public cloud hosting to modern day “Don Quixotes,” chasing after a technology that he said has gone past its prime. By leveraging the power of container technology, he said, these enterprises can make use of private clouds or bare-metal infrastructure in a way that surpasses performance in the public cloud.
There’s certainly no reason to say that the days of the public cloud hosting are over, but when a vendor like Docker who basically “covers the bases” when it comes to deploying on the public vs. private cloud, it makes you think that maybe they’re onto something. That certainly does not bode well for those still deploying in the public cloud, or the vendors invested in it.
Breaking your monolith out to a distributed architecture is certainly a complex task. But having a solid perspective of what microservices are at a basic level can go a long way in terms of forming your migration and development strategies as you shift to this new architectural paradigm.
We asked three software pros actively working with microservices to give us their simplest definition of microservices, and also to provide a little food for thought when it comes to microservice methodologies and planning. These engineers, architects and CTOs have all given presentations at software conferences about moving to microservices and have some fundamental advice for those getting started.
We’ve barely caught our breath from the emergence of containers, and already serverless is picking up as a notable trend in the world of enterprise applications. And big vendors are not wasting any time in catching on. As software pros gear up for Oracle OpenWorld 2017, they may want to keep their ears open for announcements around what the goliath company plans to do around serverless.
“We do believe that serverless is the future,” Said Bob Quillin, vice president of the Oracle container group, in an interview I recently conducted with him about the company’s plans around contianers and other infrastructure trends. “There’s a whole set of technologies that we’re investing in currently. We’ll be making some announcements around that at OpenWorld, so stay tuned there.”
Interesting that the company is already making announcements around serverless when the industry is still in the throes of adopting Docker and other technologies needed for application container management. And while Quillin does admit that while the sample size for utilization is still relatively small, the potential makes it worthwhile to the company to support.
“Probably 5% to 10% of applications may fall into the serverless kind of patterns that you could use today,” Quillin said. “But it’s tremendously exciting, and I think it’s an area that we’re definitely investing in.”
While it’s hard to say how much of a role serverless plays in handling enterprise-grade production application workloads, the buzz around this trend may be rapidly pushing it into enterprise application environments. In fact, 451 Research has already released a report that found that this infrastructure approach offers a lower cost of ownership than both virtual machines and containers for the majority of new applications — quite an endorsement.
“Obviously, it all depends on that precise situation,” explained Owen Rogers, research director at 451 Research. “But if you’ve built in a brand new application, maybe in that situation, serverless is going to be better value because you can build it the serverless way.”
So how does it save organizations cash? While it does not eliminate the need for servers, as the name might suggest, a serverless approach will utilize a third-party’s servers for the purposes of application development. This means that the organization will not have to rent or provision servers or virtual machines to development applications. The developers can write their code in response to events as they arise, and won’t have to worry about building and maintaining their own infrastructure.
Though Rogers says that large organizations are putting serverless to use for some day-to-day operations, such as automating processes based on events, identifying and logging events and transferring files, it seems like serverless is still a little ways off from becoming the standard for enterprises. This is especially true, he said, considering that there are still plenty of organizations who have yet to make the transition from virtual machines to containers.
“I don’t think serverless is going to take on the world,” Rogers said. “People have been saying that about containers for the past year, but we still see virtual machines everywhere. There’s so much legacy, so much stuff on virtual machines and containers, not all of them are going to shift to serverless overnight.”
Quillin also said that since many are still playing catch up with other development trends, serverless may take its fair share of time to catch on. However, he is inspired by the work he sees being done even at a small scale by some of today’s organizations.
“It’s at breakneck pace, and many companies are just getting into Docker and DevOps. But there are people who are leveraging serverless in a very powerful way,” Quillin said. “The potential is huge; the less you have to deal with infrastructure in the long-term the better. But there is some work that needs to be done.”
You can’t go to an application development conference these days without the terms Agile and DevOps being thrown around more than free t-shirts from vendors. But for all our talk about these prized development approaches and structures, how many of us actually implement Agile or DevOps in a way that helps development and isn’t just the waterfall approach with a fancy new title?
Such is the subject of senior TechTarget editor Valerie Silverthorne’s article on the state of Agile in 2017, where she questions industry analyst Jeffery Hammond about the state of Agile today. His outlook, it seems, isn’t so pleasant when it comes to how people are actually implementing Agile, saying that often teams get bogged down by focusing on “process purity” rather than the actual results — a practice that he think flies directly in the face of the Agile Manifesto. Hammond said that the conversations surrounding Agile are so focused on process that he can’t even stand going to Agile conferences anymore.
DevOps practitioners may fall into the same trap, though perhaps in a different way. Often you hear about companies implementing a “DevOps team” or hiring “a DevOps leader.” Both of those things run opposite of what DevOps is meant to be: an ecosystem of small, independent teams that can carry an app from concept through production as a single unit without having to throw anything to another team.
Maybe the truth is that ideas like Agile and DevOps are just too romantic for reality. For instance, how many letters can we add on to DevOps until it actually encompasses every phase of the application lifecycle? BizDevOps? DevSecOps? BizDevSecOps? And for Agile — is there really going to be a case where development teams are allowed to simply do “whatever it takes” to continuously deploy apps at a breakneck pace? Companies are bound to have rules, and rules mean procedures. It seems to me that most organizations aren’t quite ready to completely let developers off the leash, less they end up with a Mad Max-esque version of what used to be their software development department.
What do you think? Do you agree? Disagree? Let me know with your comments.
Recently I was tasked with rewriting TechTarget’s definition for “applet,” one that I admittedly was not too familiar with. But after a little research, I realized I must have interacted with applets thousands, if not millions, of times before.
An applet, essentially, is a very small application designed to perform a very specific function within another application. Often these are web applications, and the applet runs through a plugin. They are typically used for things like checkboxes or buttons, but can be used to create small animations, fetch data, run threads, buffer videos and more — and they were a popular option for a long time.
In addition to stiff competition, there are also some security-related issues surrounding applets. Applets, like many things, can be used for malicious purposes. As such, applets almost always trigger a security prompt asking the user if they want to run it, which may concern and turn away some users.
Of course, if you’re willing to do the legwork, it’s still possible to run a Java applet on a webpage. However, while it’s possible, the consensus surrounding their use seems to be: “Why would you?”
It seems like no matter how popular a technology becomes, there’s nothing that can last forever in the development world. It does make me wonder what will be the next methodology to bite the dust — and for what.
What do you think? Have you used applets in the past and ditched them in favor of new approaches? Do you think the applet is still viable today? What do you think is the next technology on the chopping block? Let us know with your comments.
However organizations choose to interpret the meaning behind digital transformation, there is at least one thing that appears consistent: it’s got business decision makers thinking about their integration middleware.
A survey report titled The Great Middleware Transition put out in cooperation between Aberdeen Group and the cloud-based integration provider Liaison Technologies shows that a vast majority of organizations plan to make a change when it comes to their middleware. The report, authored by analyst Michael Caton, specifically found that:
- 76% of those surveyed plan to fully or partially replace their integration middleware platforms
- 84% of all middleware will be replaced in the next four years
- 84% of companies surveyed have 50 or more business applications to integrate
Caton said that the high numbers garnered from the survey were surprising. However, it is not surprising that more organizations are looking to the cloud. As such, he said the industry should prepare to witness a paradigm shift in how organizations manage their software infrastructure.
“IT organizations are about to undertake one of the most dramatic infrastructure shifts we’ve seen in 20 years, and the transition will be to the cloud,” Caton said. “This shift makes sense as companies look for greater flexibility, scalability and predictable cost models.”
However, while the cloud appears to be a popular destination, the report also found that 30% of organizations are still considering on-premises middleware management services. It makes sense that there are plenty of security-conscious organizations out there — financial institutions and the like — who no doubt prefer the on-premises approach. Still, it seems a little surprising that organizations would actually plan a middleware migration to another on-premises system as part of their so-called digital transformation.
Why are organizations making the switch? The survey found that many IT departments feel pressure to keep integration costs down while the number of integrations that need to occur between increasingly disparate applications and data sources grows. With compliance and security also a growing concern, for many this means shifting from DIY approaches like iPaaS to leveraging managed services like Red Hat’s JBoss platform, Oracle’s Fusion platform or Liason’s ALLOY platform.
This is certainly not the first we at SearchMicroservices.com have heard of organizations feeling the pressure to ditch their old application middleware, not just in favor of the cloud but also in favor of API-centric approaches. And it’s not just about keeping internal applications integrated; experts have been talking about the need for organizations to consider API-based approaches for B2B data integration as well.
But as organizations think about changing their middleware technology, they should also think about how that middleware ultimately fits into their application infrastructure. Specifically, organizations should think about how to keep middleware from becoming an application performance bottleneck. They should also think critically about who should be in charge of that middleware if an organization chooses to manage it themselves.
What do you think about the changing middleware landscape, or digital transformation in general? Let us know with your comments.