Latest released the research study on Global Cloud Microservices Market, offers a detailed overview of the factors influencing the global business scope. Cloud Microservices Market research report shows the latest market insights, current situation analysis with upcoming trends and breakdown of the products and services. The report provides key statistics on the market status, size, share, growth factors of the Cloud Microservices. The study covers emerging player’s data, including: competitive landscape, sales, revenue and global market share of top manufacturers are AWS (United States),CA Technologies (United States),Contino (United Kingdom),CoScale (Belgium),IBM (United States),Idexcel (United States),Infosys (India),Kontena (Finland),Macaw Software (United States),Marlabs (United States),Microsoft (United States),Netifi (United States),NGINX (United States),OpenLegacy (United States),Oracle (United States),Pivotal Software (United States).

Definition:
A cloud microservices is known as a software development technique and a collection of services which are loosely coupled. Cloud Microservices is a method of developing software systems which tries to emphasis on developing single-function modules with the well-defined operations and interfaces. It is also known as the microservice architecture. Cloud microservices are gaining popularity among companies that need greater scalability and agility. In businesses across the industries, i.e., from telecommunications and retail to the financial services and manufacturing, IT teams are choosing cloud microservices, to develop new applications and break down monoliths

Keep yourself up-to-date with latest market trends and changing dynamics due to COVID Impact and Economic Slowdown globally. Maintain a competitive edge by sizing up with available business opportunity in Cloud Microservices Market various segments and emerging territory.

Market Trend:
Digital transformations

Market Drivers:
Proliferation of the microservices architecture
Customer-oriented business

Restraints:
Security and compliance

The Global Cloud Microservices Market segments and Market Data Break Down are illuminated below:
by Type (Stateless, Persistence, Aggregator), Industry (BFSI, IT and ITeS, Telecommunications, Government, Healthcare, Retail and eCommerce, Media and Entertainment, Transportation and Logistics, Manufacturing, Others (Education, Energy & Utilities, and Travel & Hospitality)), Services (Consulting services, Integration services, Training, support and maintained services), Organisation (SMEs, Large Enterprises), Deployment model (Public Cloud, Private Cloud, Hybrid Cloud), Component (Platform, Services)

Analyst at AMA have conducted special survey and have connected with opinion leaders and Industry experts from various region to minutely understand impact on growth as well as local reforms to fight the situation. A special chapter in the study presents Impact Analysis of COVID-19 on Global Cloud Microservices Market along with tables and graphs related to various country and segments showcasing impact on growth trends.

Region Included are: North America, Europe, Asia Pacific, Oceania, South America, Middle East & Africa
Country Level Break-Up: United States, Canada, Mexico, Brazil, Argentina, Colombia, Chile, South Africa, Nigeria, Tunisia, Morocco, Germany, United Kingdom (UK), the Netherlands, Spain, Italy, Belgium, Austria, Turkey, Russia, France, Poland, Israel, United Arab Emirates, Qatar, Saudi Arabia, China, Japan, Taiwan, South Korea, Singapore, India, Australia and New Zealand etc.

Strategic Points Covered in Table of Content of Global Cloud Microservices Market:
Chapter 1: Introduction, market driving force product Objective of Study and Research Scope the Cloud Microservices market
Chapter 2: Exclusive Summary – the basic information of the Cloud Microservices Market.
Chapter 3: Displaying the Market Dynamics- Drivers, Trends and Challenges of the Cloud Microservices
Chapter 4: Presenting the Cloud Microservices Market Factor Analysis Porters Five Forces, Supply/Value Chain, PESTEL analysis, Market Entropy, Patent/Trademark Analysis.
Chapter 5: Displaying market size by Type, End User and Region 2015-2020
Chapter 6: Evaluating the leading manufacturers of the Cloud Microservices market which consists of its Competitive Landscape, Peer Group Analysis, BCG Matrix & Company Profile
Chapter 7: To evaluate the market by segments, by countries and by manufacturers with revenue share and sales by key countries (2021-2026).
Chapter 8 & 9: Displaying the Appendix, Methodology and Data Source

Finally, Cloud Microservices Market is a valuable source of guidance for individuals and companies in decision framework.

Data Sources & Methodology

The primary sources involves the industry experts from the Global Cloud Microservices Market including the management organizations, processing organizations, analytics service providers of the industry’s value chain. All primary sources were interviewed to gather and authenticate qualitative & quantitative information and determine the future prospects.

In the extensive primary research process undertaken for this study, the primary sources – Postal Surveys, telephone, Online & Face-to-Face Survey were considered to obtain and verify both qualitative and quantitative aspects of this research study. When it comes to secondary sources Company’s Annual reports, press Releases, Websites, Investor Presentation, Conference Call transcripts, Webinar, Journals, Regulators, National Customs and Industry Associations were given primary weight-age.

What benefits does AMA research study is going to provide?
• Latest industry influencing trends and development scenario
• Open up New Markets
• To Seize powerful market opportunities
• Key decision in planning and to further expand market share
• Identify Key Business Segments, Market proposition & Gap Analysis
• Assisting in allocating marketing investments

Definitively, this report will give you an unmistakable perspective on every single reality of the market without a need to allude to some other research report or an information source. Our report will give all of you the realities about the past, present, and eventual fate of the concerned Market.

Thanks for reading this article; you can also get individual chapter wise section or region wise report version like North America, Europe or Southeast Asia.

Craig Francis (PR & Marketing Manager)
AMA Research & Media LLP
Unit No. 429, Parsonage Road Edison, NJ
New Jersey USA – 08837
Phone: +1 (206) 317 1218
sales@advancemarketanalytics.com

Advance Market Analytics is Global leaders of Market Research Industry provides the quantified B2B research to Fortune 500 companies on high growth emerging opportunities which will impact more than 80% of worldwide companies’ revenues.
Our Analyst is tracking high growth study with detailed statistical and in-depth analysis of market trends & dynamics that provide a complete overview of the industry. We follow an extensive research methodology coupled with critical insights related industry factors and market forces to generate the best value for our clients. We Provides reliable primary and secondary data sources, our analysts and consultants derive informative and usable data suited for our clients business needs. The research study enables clients to meet varied market objectives a from global footprint expansion to supply chain optimization and from competitor profiling to M&As.

The post Cloud Microservices Market Will Hit Big Revenues In Future | IBM, Contino, AWS appeared first on Artificial Intelligence.

We examine how monitoring and observability help development teams keep a distributed architecture from coming unraveled by individual failures and performance bottlenecks.

Failure is rarely predictable, and detecting the exact cause of complex application errors post-deployment is excruciatingly difficult. Even the most experienced development teams struggle to prepare for all the possible scenarios that could bring down their applications and put data at risk.

For this reason, the ability to detect problems in real time and address them quickly is essential. This is where observability and monitoring come into play, and architects who approach these two tasks diligently will reap the rewards of a more resilient software architecture. Let’s explore more about the specifics of observability and monitoring, including how they differ and the fundamental practices that each one dictates.

What is observability?

Observability in microservices largely revolves around making sure development teams have access to the data they need to identify problems and detect failures. For example, an observable system can help developers understand why a specific service call failed, or determine the source of bottlenecks in a particular application workflow.

With the surge in microservices adoption, it is imperative that a system is observable for effective debugging and diagnostics. Since services can span across multiple systems and run operations independently, tracing the source of a failure is a grueling and time-consuming task — if even possible.

Observability consists of three fundamental components:

• Logs are timestamped records that provide comprehensive information about an application’s behavior as it executes functions and communications. These logs are particularly useful when things go wrong in a microservices architecture, because architects can use this information to better identify specific defects and debug code.
• Metrics are numeric records of an application’s resource use, performance and stability. For example, metrics will show the number of requests a service can handle per second, or the total amount of resources an activity consumes.
• Traces keep track of IDs, names and other values and help architects monitor application transactions that cross multiple systems. This makes tracing particularly useful for microservices-based, serverless and containerized applications that rely on multitudes of integrations and asynchronous communication.

What is monitoring?

Monitoring is a process that tracks performance and identifies problems and anomalies. Overall, it describes the health, performance, efficiency and other essential features relative to the internal state.

Much like observability, monitoring can help detect and identify failures, but it does so with a focus on qualitative information. For example, you might want to monitor an application for issues such as excessive data consumption, service messaging failures or breaking changes. To use monitoring effectively, architects must determine core sets of metrics that provide a benchmark for the overall health of the system, such as acceptable latency times and call failure rates.

When monitoring microservices-based applications, architects must gain a comprehensive understanding of the various calls an application and its related services make. Don’t forget to monitor APIs and containerized services, and map monitoring processes and responsibilities based on team structure. Everyone should know who owns what service, and who needs to address a certain failure.

Microservices monitoring and observability tools

Some organizations try to adopt a manual, do-it-yourself approach to observability and monitoring by stringing homegrown monitoring solutions into their architecture. However, this takes up a lot of time, and is not likely to meet the needs of large, distributed systems.

Before attempting to do it yourself, you might want to look into existing tools designed to provide the essential aspects of monitoring and observability in microservices. Here are a few notable tools and platforms worth consideration.

Sentry

Sentry is an open source monitoring system designed with a focus on real-time, code-level error tracking that pinpoints failures and allows developers to address issues quickly. Part of Sentry’s appeal rests in its ability to analyze the scope of a failure, allowing developers to easily prioritize errors based on severity. It also features ready-made integrations with most popular development languages and frameworks, such as JavaScript, Python, Objective-C and iOS, as well as services like GitHub and Splunk.

Sensu

Sensu is another open source observability and monitoring tool that excels at monitoring applications, services, servers and containers deployed across large software ecosystems and cloud environments. Some of Sensu’s spotlight features include role-based service identification, its alignment with publish-subscribe messaging patterns and an interface that provides quick visuals of code workflows.

Sumo Logic

Thanks to this platform’s notable proficiency in data aggregation and analysis, Sumo Logic is a very useful tool for gleaning continuous metrics from application logs in real time and quickly spotting performance and stability issues in service workflows. Sumo Logic boasts a number of microservices-specific observability features, such as distributed tracing for services, transactions and application data.

The post The basics of monitoring and observability in microservices appeared first on Artificial Intelligence.

Key Takeaways

• Since 2018, several new microservices frameworks – including Micronaut, Helidon and Quarkus – have been introduced to the Java community, and have made an impact on microservices-based and cloud-native applications development.
• The MicroProfile community and specification was created to enable the more effective delivery of microservices by enterprise Java developers. This effort has influenced how developers are currently designing and building applications.
• MicroProfile will continue to evolve with changes to its current APIs and most likely the creation of new APIs.
• Developers should familiarize themselves with Heroku’s “Twelve-Factor App,” a set of guiding principles that can be applied with any language or framework in order to create cloud-ready applications.
• When it comes to the decision to build an application using either a microservices or monolithic style, developers should analyze the business requirements and technical context before choosing the tools and architectures to use.

In mid-2016, two new initiatives, MicroProfile and the Java EE Guardians (now the Jakarta EE Ambassadors), had formed as a direct response to Oracle having stagnated their efforts with the release of Java EE 8. The Java community felt that enterprise Java had fallen behind with the emergence of web services technologies for building microservices-based applications.

Introduced at Red Hat’s DevNation conference on June 27, 2016, the MicroProfile initiative was created as a collaboration of vendors – IBM, Red Hat, Tomitribe, Payara – to deliver microservices for enterprise Java. The release of MicroProfile 1.0, announced at JavaOne 2016, consisted of three JSR-based APIs considered minimal for creating microservices: JSR-346 – Contexts and Dependency Injection (CDI); JSR-353 – Java API for JSON Processing (JSON-P); and JSR-339 – Java API for RESTful Web Services (JAX-RS).

By the time MicroProfile 1.3 was released in February 2018, eight community-based APIs, complementing the original three JSR-based APIs, were created for building more robust microservices-based applications. A fourth JSR-based API, JSR-367 – Java API for JSON Binding (JSON-B), was added with the release of MicroProfile 2.0.

Originally scheduled for a June 2020 release, MicroProfile 4.0 was delayed so that the MicroProfile Working Group could be established as mandated by the Eclipse Foundation. The working group defines the MicroProfile Specification Process and a formal Steering Committee composed of organizations and Java User Groups (JUGs), namely Atlanta JUG, IBM, Jelastic, Red Hat and Tomitribe. Other organizations and JUGs are expected to join in 2021. The MicroProfile Working Group was able to release MicroProfile 4.0 on December 23, 2020 featuring updates to all 12 core APIs and alignment with Jakarta EE 8.

The founding vendors of MicroProfile offered their own microservices frameworks, namely Open Liberty (IBM), WildFly Swarm/Thorntail (Red Hat), TomEE (Tomitribe) and Payara Micro (Payara), that ultimately supported the MicroProfile initiative.

In mid-2018, Red Hat renamed WildFly Swarm, an extension of Red Hat’s core application server, WildFly, to Thorntail to provide their microservices framework with its own identity. However, less than a year later, Red Hat released Quarkus, a “Kubernetes Native Java stack tailored for OpenJDK HotSpot and GraalVM, crafted from the best-of-breed Java libraries and standards.” Dubbed “Supersonic Subatomic Java,” Quarkus quickly gained popularity in the Java community to the point that Red Hat announced Thorntail’s end-of-life in July 2020. Quarkus joined the relatively new frameworks, Micronaut and Helidon, that were introduced to the Java community less than a year earlier. With the exception of Micronaut, all of these microservices-based frameworks support the MicroProfile initiative.

The core topics for this virtual panel are threefold: first, to discuss how microservices frameworks and building cloud-native applications have been influenced by the MicroProfile initiative. Second, to explore the approaches to developing cloud-native applications with microservices and monoliths, and also the recent trend in reverting back to monolith-based application development. And third, to debate several best practices for building microservices-based and cloud-native applications.

The post Virtual Panel: The MicroProfile Influence on Microservices Frameworks appeared first on Artificial Intelligence.

Building upon years of momentum, architects are well in the swing of transitioning from the monolith to microservices. Here are three of the top trends they’ll face in 2021.

Throughout 2020, application architects sought new design methods and tools to help ease the transition from the monolith to a distributed architecture design — and they’re not done yet. Specifically, they are looking to solve issues surrounding consistency in distributed service management, incremental migration to microservices and service granularity.

Let’s take a closer look at some of these distributed architecture trends and examine how these shifts will affect the development landscape in 2021, including the microservices design patterns and tools that are top-of-mind for architects.

The modular monolith reigns

Despite the flexibility and scaling benefits associated with microservices, this type of architecture imposes significant hurdles upfront — specifically regarding observability, inter-service communication and complex deployment cycles. As such, architects must find a way to pursue microservices design patterns while still maintaining the dependability of their existing monolith. In 2021, architects will continue to pursue the modular monolith and establish bounded context by segmenting code, limiting dependencies and isolating data stores. This allows them to introduce the desired cohesion and loose coupling found in microservices, but avoid the headaches of managing multiple runtimes and asynchronous communication.

Loose coupling becomes essential

While a microservices design patterns demand a granular separation of services and responsibilities, development teams continue to apply traditional MVC patterns that demand tight component coupling. To successfully introduce distributed architecture design, more architects should make an effort to implement hexagonal architecture patterns in 2021. This pattern allows developers to create coarse-grained services that can gradually parse individual functions into individual services, but uses proxy components to spawn these services without affecting the underlying process logic.

Distributed services, centralized management

Teams that manage distributed systems must spend considerable time repetitively performing the same management tasks for hundreds of services, such as deployments, monitoring, logging and versioning. In an effort to eliminate waste, it’s likely that teams will increasingly adopt service templates and scaffolding tools in 2021. The hope is that these tools will promote coherence across collections of microservices by providing preconfigured service designs and enforcing standardized management practices.

The post Microservices design patterns and tools to watch in 2021 appeared first on Artificial Intelligence.

The world is moving toward microservices-based applications. Service mesh is emerging as one of the main architectures to deploy and manage microservices environments, because of the benefits it brings with advanced traffic management, holistic observability and better security. Microservices communicate with each other through APIs, so securing communications between the individual services is becoming more important than ever and has to be addressed.

Mutual TLS (mTLS) secures communication between microservices in a service mesh. It uses cryptographically secure techniques to mutually authenticate individual microservices and encrypt the traffic between them.

Why mTLS?

According to Google, 90% of internet traffic is encrypted to prevent eavesdropping and man-in-the-middle attacks. Yet many cloud native application deployments today do not have encrypted communications between microservices, based on the weak assumption that traffic inside the cluster is secure and not susceptible to attacks. This is a risky assumption. Not only should communications between microservices be secured, but many regulations (like GDPR and HIPAA) also recommend end-to-end encryption to protect all data in transit.

In this era of zero-trust security, each individual microservice communication (request-response) must be authenticated, authorized and encrypted. Here’s why:

• Authentication uniquely identifies each microservice and ensures that a rogue microservice cannot access your sensitive data.
• Authorization determines which microservices can communicate with each other. You wouldn’t want the microservice that handles your company’s credit card processing to communicate with the microservice that manages the door badge reader for your office building.
• Encryption not only prevents third parties from intercepting and viewing your data in transit, but also thwarts man-in-the-middle attacks. You definitely don’t want credit card data to be visible to unauthorized entities on the network.

As companies move towards zero-trust security, mTLS provides a cryptographically secure way to authenticate, encrypt and enforce communication policies between microservices.

What Is mTLS?

Mutual TLS (or mTLS) refers to transport layer security that uses a two-way encrypted channel between the server and client. Today, mTLS is the preferred protocol for securing communications among microservices in cloud native applications.

While transport layer security (TLS) has been used to secure traffic between clients and servers on the internet for many years, it typically uses unidirectional identification — where a server presents a certificate to prove its identity to a client. A basic example of this one-way authentication is when you access your bank account online. The server sends your computer a certificate to prove it is actually the bank you are connecting to. That same certificate includes a public encryption key that is used to create a cryptographically secure encrypted link between you and the bank over which data passes.

Mutual TLS extends the client-server TLS model to include authentication of both parties. Where the bank relies on other, application-specific mechanisms to confirm a client’s identity — such as a user name and password (often accompanied by two-factor authentication) — mTLS uses x.509 certificates to identify and authenticate each microservice. Each certificate contains a public encryption key and an identity, and is signed by a trusted certificate authority who proves that the certificate represents the entity presenting it.

In mTLS, each microservice in a service mesh verifies the other’s certificate and uses the public keys to create encryption keys unique to each conversation. This enables the communications between pairs of microservices to be authenticated and encrypted.

How mTLS Works in a Service Mesh

What we have learned at Citrix, is, at a high level, the process of authenticating and establishing an encrypted channel using certificate-based mutual authentication in a service mesh involves the following steps:

1. Microservice A sends a request for the certificate of microservice B.
2. Microservice B replies with its certificate and requests the certificate of Microservice A.
3. Microservice A checks with the certificate authority that the certificate belongs to Microservice B.
4. Microservice A sends its certificate to microservice B and also shares a session encryption key (encrypted with the public key of microservice B).
5. Microservice B checks with the certificate authority that the certificate it received belongs to microservice A.
6. With both microservices mutually authenticated and a session key created, communication between them can be encrypted and sent via the secure link.

The Role of the Service Mesh Control Plane for mTLS

Istio is perhaps the most well-known, feature-rich and mature service mesh control plane that provides secure service-to-service communication, without the need for any application code changes. From an mTLS perspective, Istio and all service mesh control planes must offer:

• A certificate authority that handles certificate signing and management.
• A configuration API server that distributes communication policies (such as authentication policies, authorization policies and secure naming information) to the proxies.

The control plane distributes the certificates and authorization policies to the sidecars. When two microservices need to communicate, the sidecars establish a secure proxy-proxy link and are responsible for encrypting the traffic through it.

The Role of Sidecars for mTLS

While it is possible to define communication security policies and carry out authentication and encryption in the application microservices themselves, it requires implementing authentication mechanisms, defining authorization policies, and traffic encryption in the code of each microservice.

This is inefficient because you must write these into each and every microservice, you must update it when the application changes, and you need to test it on every release to ensure that the new code does not break the communication. This can be a burden on developers, leads to errors and prevents them from focusing on code that implements business logic. In a service mesh, the overhead of securing communications is offloaded to sidecars proxies, like Citrix ADC CPX or Envoy, that sit alongside each microservice.

When two microservices need to communicate, it is the sidecars that establish the mTLS connection through which encrypted traffic will flow. The sidecars exchange certificates and authenticate each other with the certificate authority. They check the authorization policies in the configuration pushed by the control plane, to see if the microservices are allowed to communicate. If they are, the sidecars will establish a secure link using a generated session key, so that all the data between the microservices will be encrypted. The actual microservice application code itself is not affected. Sidecars, therefore, make application development agile and more efficient.

Why Non-mTLS Communication Is Still Important

Sometimes it is important for microservices to communicate with external sources or microservices that may not have mTLS enabled, or may not be part of the same mTLS ecosystem. In these cases, data must be sent in plain text over an unencrypted and/or unauthenticated channel.

Microservices may need to make or receive API calls to other applications, which may be owned by a different app team who are not in a position to enable mTLS — or even an external third party. Similarly, microservices may need to send telemetry data to a non-mTLS observability stack — after all, every SRE needs telemetry data to gain visibility for root cause analysis and troubleshooting.

Furthermore, as multicluster deployments become more popular, there will be an increase in the number of mTLS “mismatches” — as some clusters will have it enabled and others not.

Investigate your environment for where a microservice may need to accept both mTLS and non-mTLS traffic, so you can plan proactively.

Implementing mTLS in a Service Mesh

There are many service mesh control planes with varying levels of maturity and unique features. When it comes to mTLS, all service meshes work on the same principles to secure communications between microservices. Many service meshes offer a solid mTLS baseline, but they differ in their overall capability and the way they are deployed. You need to be aware of how your chosen service mesh control plane implements mTLS and what features are implemented by default, or you risk breaking your applications.

Istio, for example, is advanced and flexible with its mTLS implementation. It offers granular levels to define the extent of your mTLS deployment. Mutual TLS can be set specific to a service, across a namespace, or over the entire service mesh — obviously, Istio selects the narrowest matching policy for each service.

This granularity enables you to assign namespace ownership to different organizational groups and lets them define their own mTLS settings. That said, each group needs to be mindful of the level of mTLS restriction they deploy — especially for microservices that communicate externally.

Watch Out for mTLS Defaults: Don’t Break Your Application While Trying to Secure It

You should pay attention to how your service mesh implements mTLS by default. Istio supports three mTLS modes that enable you to control how microservices communicate in a service mesh:

1. Permissive: Proxies will accept both mTLS and plain text traffic.
2. Strict: Proxies accept only mTLS traffic.
3. Disable: Mutual TLS is disabled.

Sensibly, Istio configures each proxy to use mTLS in permissive mode by default, which allows a service to accept both plain text and mutual TLS traffic. This flexibility is a best practice for all service mesh implementations because it lets microservices accept non-mTLS traffic from other sources so that you do not break the applications.

Permissive mode helps you get started with mTLS with less risk of breaking your applications because you can deploy, test communications and tighten security incrementally. This is extremely useful during workload migrations, because it allows microservices that cannot use mutual TLS to be moved into the mesh and still communicate.

Be aware that permissive mode is a great default, but it does actually weaken your security posture because it opens a door for plain text communication with other sources. While it may be tempting to implement strict mTLS from the start because it is more secure, it is a strategy that requires meticulous planning, full visibility, and analysis of your communication flows. There are many things that can break applications when you move to strict mode. For example:

• Microservices without sidecars will not complete an mTLS handshake; you may have to add a sidecar to those microservices without one.
• Incorrect naming of service ports will cause sidecars to reject mTLS requests; pay extra attention to Istio’s precise naming convention of $protocol-$service.

Be Aware of mTLS Differences in Various Service Mesh Control Planes

Of course, Istio is not the only service mesh to offer mTLS to secure communications — others offer similar functionality, but there are differences.

Red Hat OpenShift is based on the Istio control plane and has similar mTLS features, including granular implementation and Permissive mode by default, but replaces the underlying BoringSSL with OpenSSL.

LinkerD also offers mTLS, which by default is automatically enabled for HTTP-based communication between meshed pods via the LinkerD proxies. While LinkerD acknowledges some gaps in its mTLS offering, the latest 2.9 release addresses some of them and extends mTLS protection to all TCP connections — which is a big step on the road to zero-trust communications.

In the Kuma service mesh, mTLS is not enabled by default. When it is enabled, every connection between data plane proxies is denied by default. While this is a laudable security stance, it does mean that you have to explicitly allow connection using the TrafficPermissions feature. That said, Kuma lacks the breadth of features for secure communications that Istio offers and it will take some development for Kuma to catch up.

Amazon Web Services‘ AWS App Mesh also supports encryption between microservices. You can use AWS Certificate Manager or bring your own. AWS App Mesh supports “strict” and “permissive” modes.

Meeting Your mTLS Requirement

Mutual TLS is a critical component of zero-trust networking and is vital to secure the communications between the microservices in your service mesh. Implementation, however, is not entirely straightforward. You need to be aware that microservices often communicate with non-mTLS entities and you should make allowances accordingly. You should choose the communication mode carefully by weighing convenience versus security. Lastly, whichever service mesh control plane you choose, pay attention to the specific implementation for mTLS — they are not all the same.

Proper planning prevents poor performance. It’s no different for mutual TLS.

The post Mutual TLS: Securing Microservices in Service Mesh appeared first on Artificial Intelligence.

DriveNets Ltd., a startup developing a software container-based networking platform for carriers, today announced that it has raised $208 million in funding at a valuation exceeding $1 billion. 

D1 Capital Partners led the round with participation from Atreides Management as well as returning DriveNets backers Bessemer and Pitango. The last two firms have made “significant follow-on investments,” according to the startup. Bessemer and Pitango previously jointly led a $110 million funding round for DriveNets in early 2019.

Israel-based DriveNets provides a software platform that carriers and cloud providers can use to manage their networks. AT&T, one of the largest carriers in the U.S., disclosed late last year that it has adopted the platform to help manage its data traffic. DriveNets is hoping to use the new $208 million in funding to expand geographically and win deals with additional service providers around the world.

Large organizations such as carriers traditionally built their networks using pricey proprietary appliances that combine hardware and software in a single integrated package. DriveNets’ networking platform, in contrast, doesn’t come as part of a traditional appliance but can be deployed on low-cost commodity gear that’s more affordable than proprietary hardware. The result, DriveNets says, is a reduction in infrastructure expenses for customers.

The startup implemented its platform as a set of container-based microservices to allow for efficient scaling. When carriers using DriveNets’ platform need more capacity to meet user demand, they simply add more commodity networking gear to their network. The equipment comes from hardware makers that DriveNets itself certifies and the startup also trains the channel partners charged with setting up the hardware at carriers’ sites.

After the deployment is complete, a carrier can deploy its own custom networking applications on top of the platform. The startup says the platform allows customers to run, among other things, core routing applications, which are the applications responsible for managing the most important and highest capacity data routes in a carrier’s network. Those data routes are collectively often referred to as the internet backbone.

Customers can also use DriveNets’ software to build other kinds of applications, such as services to handle so-called edge provider routing. That’s a process wherein a carrier forwards data traffic to another internet provider, which is often necessary to enable connections between devices far apart from each other.

DriveNets positions its platform’s application capabilities as a way to ease 5G rollouts. For the telecommunications sector, a key benefit of 5G is that the technology can enable carriers to bring new revenue-generating offerings to market, such as  edge hosting services and highly customized internet packages tailored to specific customers’ needs. Providing such features requires deploying a fleet of network applications to manage the behind-the-scenes operational details. 

DriveNets has raised more than $320 million from investors to date.

The idea of replacing proprietary systems with lower-cost commodity gear is also gaining traction in other parts of the telecommunications market. Historically, the antennas and base stations that connect subscribers’ devices to carrier networks used proprietary computing hardware to process the incoming data traffic. Using a technology known as vRAN, carriers are now replacing that hardware with commodity servers capable of performing the task more efficiently.

The post DriveNets reels in $208M for its container-based carrier networking platform appeared first on Artificial Intelligence.

StackRox today added additional DevSecOps workflow capabilities to its security platform that runs natively on Kubernetes platforms.

IT teams can now identify vulnerabilities in active software dependencies during runtime and scan for vulnerabilities in container images that have no base operating system.

Remediation efforts can now be prioritized based on vulnerability scores. The StackRox Kubernetes Security Platform surfaces recommendations so teams can identify the most efficient and effective course of action for threat remediation. They can also track mean time to remediation and refine and improve procedures and processes as teams gain DevSecOps expertise.

In addition, the StackRox Kubernetes Security Platform can now discover vulnerabilities in container images within .NET Core and ASP.NET Core frameworks.

Finally, StackRox has added integration with AWS Security Hub, Google Artifact Registry, Splunk and Red Hat OpenShift Admission Controller. Red Hat announced earlier this month it is acquiring StackRox . After the acquisition is completed, the StackRox portfolio of container security software will be made available as open source software.

David Van Everen, vice president of marketing for StackRox, says integration with platforms IT organizations rely on to manage application development and IT infrastructure is critical, because it surfaces container security insights within an existing workflow rather than requiring IT teams to log into a separate platform.

In general, Van Everen says the “shift left” of application security responsibility occurs at a time when organizations are also embracing microservices, built using containers, to build and deploy cloud-native applications. That shift is creating a unique opportunity for those organizations to embrace DevSecOps best practices, as the processes for building those types of applications are still being defined, Van Everen says. The goal is to enable organizations to continuously apply and enforce security policies as those applications are constructed and deployed, Van Everen says.

IT organizations making that transition should foster increased collaboration between developers and cybersecurity teams, Van Everen says. Kubernetes, by default, is insecure, so it’s up to each organization to learn what controls need to be applied, he says.

The StackRox Kubernetes Security Platform runs natively on Kubernetes, which Van Everen says eliminates the need to rely on proxies or container sidecars that are cumbersome to deploy and manage. However, securing Kubernetes platforms remains a specialized skill that IT organizations need to acquire, Van Everen says.

Significant progress is being made toward achieving DevSecOps, Van Everen says, but most organizations are still a long way from completely embedding security workflows within their DevOps processes. The challenge in the context of a Kubernetes environment is enabling IT teams to achieve that goal with the least amount of friction, Van Everen says.

The shift to DevSecOps will soon require security to be embedded within those workflows. As organizations embrace microservices to drive digital business transformation, initiatives that rely on platforms such as Kubernetes will find the security stakes are too high to ignore.

The post StackRox Adds Workflows to Advance DevSecOps on Kubernetes appeared first on Artificial Intelligence.

This market report plots an intentional review of macroeconomic signs, parent affiliations, and new startup adventures. The report gives the customers data identified with classes, for instance, augmentation, divisions, and locales, expose type, and applications. This market report exhibits the rapidly creating conditions, the top dimension appearing at do genuine execution and settle on worthwhile decisions for advancement and prospering ahead. This market report speaks to a precise methodology of key data that would be given to customers who are searching for it. This report can guide the client to choose the correct strides in basic leadership and key plans that can be useful in the market.

This market research report joins the latest mechanical overhauls and new releases to interface with the clients to design, settle on smart business decisions, and complete their future required executions. The report focuses more on current business and developments, future framework changes, and opportunities and trends that the market is experiencing or going to experience. The report additionally portrays the primary players and how they perform in the market all through. It reveals insight into their financials, SWOT analysis, review, significant and late improvements, developments, and so on

Cloud microservices market is expected to grow at a CAGR of 21.7% in the forecast period of 2020 to 2027. Data Bridge Market Research report on cloud microservices market provides analysis and insights regarding the various factors expected to be prevalent throughout the forecasted period while providing their impacts on the market’s growth.

The global cloud microservices market accounted for USD 631.1 million in 2017 and is projected to grow at a CAGR of 24.1% forecast to 2025.

The renowned players in cloud microservices market are

• Amazon Web Services, Inc.,
• CA Technologies.,
• IBM,
• Microsoft,
• Infosys Limited,
• NGINX Inc.,
• Oracle,
• Pivotal Software, Inc.,
• Syntel, Inc.,
• Gurock,

Marlabs Inc., RapidValue Solutions, Kontena, Inc., Macaw Software Inc.,  UNIFYED.,  Idexcel, Inc. and among others.

The titled segments and sub-section of the market are illuminated below:

• The global cloud microservices market is based on component, organization size, deployment mode, vertical and geographical segments.
• Based on component, the global cloud microservices market is segmented into platform and services. Service is sub segmented into consulting services, integration services, training, support, and maintenance services.
• Based on organization size, the global cloud microservices market is segmented into large enterprises  and small and medium-sized enterprises.
• Based on Deployment Mode, the global cloud microservices market is segmented into public cloud, private cloud and hybrid cloud.
• Based on vertical, the global cloud microservices market is segmented into retail and ecommerce, healthcare, media and entertainment, banking, financial services, and insurance, IT AND ITes, government, transportation and logistics, manufacturing, telecommunication and others).

The regions that have been considered in the study are:

North America

Europe

Asia Pacific

Latin America

Middle East and Africa

The report is inclusive of all the information that is valuable for market entrants. This will enhance the ability of the user to foresee trends and make beneficial and informed decisions. The report is also available for customization according to the requests of the user. These help in detailing the report around the regions or participants that comes under the users’ concern and targets.

Key Coverage of Report:

Total addressable market

Regional analysis [North America, Europe, Asia Pacific, Latin America, Middle East & Africa]

Country-wise market segmentation

Market size breakdown by the product/ service types

Market size breakdown by application/industry verticals/ end-users

Market share and revenue/sales of the key players in the market

Production capacity of prominent players

Market Trends like emerging technologies/products/start-ups, SWOT Analysis, Porter’s Five Forces, and others.

Pricing Trend Analysis

Brand wise ranking of the key market players worldwide

Sales Forecast:

The report contains historical revenue and volume that backing information about the market capacity, and it helps to evaluate conjecture numbers for key areas in the Cloud Microservices market. Additionally, it includes a share of each segment of the Cloud Microservices market, giving methodical information about types and applications of the market.

Reasons for Buying Cloud Microservices Market Report

This report gives a forward-looking prospect of various factors driving or restraining market growth.

It renders an in-depth analysis for changing competitive dynamics.

It presents a detailed analysis of changing competition dynamics and puts you ahead of competitors.

It gives a six-year forecast evaluated on the basis of how the market is predicted to grow.

It assists in making informed business decisions by performing a pin-point analysis of market segments and by having complete insights of the Cloud Microservices market.

This report helps the readers understand key product segments and their future.

Which emerging technologies are believed to impact the Cloud Microservices market performance?

Which regulations that will impact the industry?

Who are the most prominent vendors and how much market share do they occupy?

What are the latest technologies or discoveries influencing the Cloud Microservices market growth worldwide?

(**NOTE: Our analysts monitoring the situation across the globe explains that the market will generate remunerative prospects for producers post COVID-19 crisis. The report aims to provide an additional illustration of the latest scenario, economic slowdown, and COVID-19 impact on the overall industry.)

About Data Bridge Market Research:

An absolute way to forecast what future holds is to comprehend the trend today!

Data Bridge set forth itself as an unconventional and neoteric Market research and consulting firm with unparalleled level of resilience and integrated approaches. We are determined to unearth the best market opportunities and foster efficient information for your business to thrive in the market. Data Bridge endeavors to provide appropriate solutions to the complex business challenges and initiates an effortless decision-making process. Data bridge is an aftermath of sheer wisdom and experience which was formulated and framed in the year 2015 in Pune.

The post Global Cloud Microservices Market Recent Study of Business Strategies and Latest Rising Trend appeared first on Artificial Intelligence.

An effective microservices logging strategy can hinge on the size and scale of the system in question. For example, a microservices-oriented architecture composed of 20 microservices is less of a logging burden when compared to one composed of 200 microservices.

Developers who hope to introduce a successful microservices logging strategy need to craft a plan that lays out where the logging takes place and how it affects other areas of the system. Typical logging can stress a system in three ways: I/O, storage and analytic computation on the CPU.

Before a team deploys a microservices logging strategy, it must consider the potential stresses on the system, and what it might mean to additional development. Let’s examine ways to alleviate system stresses and some alternatives to traditional microservices logging strategies.

Log data on the machine

The easiest way to introduce logging on a microservices-oriented architecture is to have each microservice collect and store its logging data on the machine where it runs. This is probably the easiest and simplest approach to logging, but it’s also one fraught with danger.

Storage on a local machine significantly reduces I/O latency because all the activity takes place at a singular location. There are few, if any, trips out to the network. While logging data on the local machine helps improve performance, there is a tradeoff.

Increased storage places a significantly higher burden on the host machine’s CPU. Higher levels of activity result in more logging, which in turn creates more log data stored in the system and raises CPU utilization levels. A host machine can be maxed out in no time under this scenario.

Luckily, there are alternatives to this microservices logging strategy.

Logging services

A logging service can help alleviate concerns of CPU utilization and reduced I/O latency.

A logging system’s main benefit is that the storage and work is moved off the system and onto third-party resources. All the microservice needs to do is take a trip out to the network to send log entries.

While this doesn’t seem like a big deal on smaller architectures, it can be problematic if there are 200 microservices that run in a high-availability, multi-replica environment. In a situation like this, many trips to the network from many origins can cause a bottleneck and bring other network communication to a grinding halt.

In this case, there is another alternative that developer teams should consider.

The collector strategy

A collector strategy essentially shifts how log entries are sent in and out of the network.

Instead of sending each log entry out to a logging service, they are sent to a central collector that resides on a machine elsewhere. In most cases this machine is at least in the same data center of the microservices-oriented architecture. In a best-case scenario, the machine is located on the same data center rack that hosts the other microservices components.

Cloud-hosted microservices users will have to consult with their provider on identifying the best place to host the collector.

The collector does as its name implies. It collects all the log entries emitted from the architecture and then forwards the entries onto a logging service at a prescribed interval. Once the entries arrive, the collector flushes the old log entries from the system to backup storage.

One major benefit to this microservices logging strategy is that the collector absorbs the network latency incurred when it sends the log entries onto the logging service. Also, because the collector is close to the other components of the microservices-oriented architecture, it reduces latency between the architecture and the collector.

However, there are still risks associated with a log collector. For example, if the central log collector fails, all logging activity comes to a standstill.

So, how can developers avoid this risk?

Collector clusters

Developers can create a cluster of collectors that resides behind a common load-balancer to alleviate failed central log collector concerns.

A benefit of the load-balanced log collector strategy is that if one collector fails, the others will remain operational and allow logging to continue. But there is a tradeoff.

This strategy requires a team to support a set of collectors on their network, and in turn, adds more expenses related to the increase of virtual machines. Also, the logging environment becomes more complex and requires more legwork from other microservices in the environment.

Overall, the main crux of the microservices logging conundrum is scale. If you run a smaller architecture without a lot of logging, keep the logging activity on the same microservices elements. However, if you run an architecture with a lot of microservices, a more sophisticated logging strategy makes more sense, despite some potential drawbacks with cost and storage.

The post What makes an effective microservices logging strategy? appeared first on Artificial Intelligence.

It’s not unusual for developers and architects who jump into microservices for the first time to “want it all” in terms of performance, uptime and resiliency. After all, these are the goals that drive a software team’s decision to pursue this type of architecture design. The unfortunate truth is that trying to create an application that perfectly embodies all of these traits will eventually steer them to failure.

This phenomenon is summed up in something called the CAP theorem, which states that a distributed system can deliver only two of the three overarching goals of microservices design: consistency, availability and partition tolerance. According to CAP, not only is it impossible to “have it all” — you may even struggle to deliver more than one of these qualities at a time.

When it comes to microservices, the CAP theorem seems to pose an unsolvable problem. Which of these three things can you afford to trade away? However, the essential point is that you don’t have a choice. You’ll have to face that fact when it comes to your design stage, and you’ll need to think carefully about the type of application you’re building, as well as its most essential needs.

In this article, we’ll review the basics of how the CAP theorem applies to microservices, and then examine the concepts and guidelines you can follow when it’s time to make a decision.

CAP theory and microservices

Let’s start by reviewing the three qualities CAP specifically refers to:

• Consistency means that all clients see the same data at the same time, no matter the path of their request. This is critical for applications that do frequent updates.
• Availability means that all functioning application components will return a valid response, even if they are down. This is particularly important if an application’s user population has a low tolerance for outages (such as a retail portal).
• Partition tolerance means that the application will operate even during a network failure that results in lost or delayed messages between services. This comes into play for applications that integrate with a large number of distributed, independent components.

Databases often sit at the center of the CAP problem. Microservices often rely on NoSQL databases, since they’re designed to scale horizontally and support distributed application processes. And, partition tolerance is a “must have” in these types of systems because they are so sensitive to failure.

You can certainly design these kinds of databases for consistency and partition tolerance, or even for availability and partitioning. But designing for consistency and availability just isn’t an option.

The PACELC theorem

This prohibitive requirement for partition-tolerance in distributed systems gave rise to what is known as the PACELC theorem, a sibling to the CAP theorem. The acronym PACELC stands for “if partitioned, then availability and consistency; else, latency and consistency.” In other words: If there is a partition, the distributed system must trade availability for consistency; if not, the choice is between latency and consistency.

Designing your applications specifically to avoid partitioning problems in a distributed system will force you to sacrifice either availability or user experience to retain operational consistency. However, the key term here is “operational” — while latency is a primary concern during normal operations, a failure can quickly make availability the overall priority. So, why not create models for both scenarios?

It may help to frame CAP concepts in both “normal” and “fault” modes, provided that faults in a distributed system are essentially inevitable. This enables you to create two database and microservices implementation models: one that handles normal operation, and another that kicks in during failures. For example, you can design your database to optimize consistency during a partition failure, and then continue to focus on mitigating latency during normal operation.

Applying PACELC to microservices

If we use PACELC rather than “pure CAP” to define databases, we can classify them according to how they make the trades.

• In PACELC terms, relational database management systems and NoSQL databases that implement ACID (atomicity, consistency, isolation, urability) are designed to assure consistency, classifying them as PC/EC. Typical business applications, like human resources apps and ticketing systems, will likely use this model, particularly if there are multiple users using different component instances. Google’s Bigtable database is a good example of this.
• In-memory databases like MongoDB and Hazelcast fit into a PA/EC model, which is best suited for things like e-commerce apps, which need high availability even during network or component failures.
• Real-time applications, such as IoT systems, fit into the PC/EL model that databases like PNUTS provide. This is the case in any application where consistency across replications is critical.
• Database systems based on the PA/EL model, such as Dynamo and Cassandra, are best for real-time applications that don’t experience frequent updates, since consistency will be less of an issue.

Know the tradeoffs

The bottom line is this: It’s critical to know exactly what you’re trading in a PACELC-guided application, and to know which scenarios call for which sacrifice. Here are three things to remember when making your decision:

• Consistency is most valuable where many users update the same data elements.
• Availability is critical for applications involving consumers (who get frustrated easily) and also for some IoT applications.
• Latency is most likely critical for real-time and IoT applications where processing delays must be kept to a minimum.

Make your database choice wisely. Then, design your microservices workflows and framework to ensure you don’t compromise your goals.

The post The CAP theorem, and how it applies to microservices appeared first on Artificial Intelligence.