SlideShare a Scribd company logo

Twelve Factor - Designing for Change

Download as PPTX, PDF
E
Eric Wyles

How 12-Factor methodology helps you design for change, even if you aren't building SaaS or "cloud native" applications.

Software
1 of 22
Twelve-Factor Application Design Eric Wyles Lead Architect - Southwest Power Pool https://www.linkedin.com/in/ericwyles/ 1
Agenda • What is Twelve-Factor? • Why is this important? • A practical example. 2
Twelve-Factor Methodology • Originally published by Heroku in 2011. • Published as a guideline for developing “cloud-native” applications, but there are benefits even if you aren’t developing for the cloud. • Can be applied to apps written in any programming language.  It’s tells “what” to do, but not “how” to do it. • Completely documented at https://12factor.net and there is a free ebook available for download. • Describes 12 application design best practices. (The 12 Factors) 3
The Twelve Factors 4 Factor Name Description 1 Codebase One codebase tracked in revision control, many deploys. 2 Dependencies Explicitly declare and isolate dependencies. 3 Config Store config in the environment. 4 Backing Services Treat backing services as attached resources. 5 Build, release, run Strictly separate build and run stages. 6 Processes Execute the app as one or more stateless processes. 7 Port binding Export services via port binding. 8 Concurrency Scale out via the process model. 9 Disposability Maximize robustness with fast startup and graceful shutdown. 10 Dev/prod parity Keep development, staging, and production as similar as possible. 11 Logs Treat Logs as event streams 12 Admin Processes Run admin/management tasks as one-off processes.
The Twelve Factors 5 Why does this matter?
Why is this important? 6
Change • Commonly we think of changing business requirements.  Design application code to adapt to future business needs. • But there are other types of change. Some examples: • Human Changes  Reorgs  Handoffs  Reassignments • Technology Changes  Dependencies  Technology Stack  Security Patches  Infrastructure • Run-time Changes  Component Failures (Hardware or Software)  Increases and Decreases in application load  Locations of backing services 7
Some Ways To Handle Change • React to the change with manual effort. (manually take an action) • Automate the manual effort required to react to the change (automatically take an action) • Where possible Design for change  Processes (SDLC, Pipelines, etc)  Code  Environment  Etc • Following 12-factor helps design for change • Design applications and processes to be resilient to changes in order to enable change 8
Designing For Change Today we are focusing on the following three design goals in order to design for change: 1. Consistency and Repeatability 2. Loose Coupling (App/Environment) 3. Scalability and Disposability 9
• Establishing consistency and repeatability related to:  Application Codebase / Development  Application Configuration  Administrative tasks  Application dependencies  Development/Runtime environments 10 Consistency and Repeatability
• Design so that application does not need to know specific details about the underlying platform. • Design so that environment does not need to provide application specific dependencies  Directories  Configuration Files  Libraries  Etc • Design so that the administrator does not need to know application specific details in order to:  Locate log files  Start/Stop the application  Change configuration values 11 Loose Coupling (App/Environment)
• Design the application in a way that the application can be scaled up or down on demand. • Interact with resources and manage application state in a way that instances of the application tier can be created or destroyed at will and the application still functions correctly. 12 Scalability And Disposability
13 Consistency/ Repeatability Loose Coupling Scalability / Disposability Human Change Technology Change Runtime Change Factor Design Goal Change supports… enables… 1 - Codebase 2 - Dependencies 3 - Config 4 - Backing Services 5 – Build, Release, Run 6 – Processes 7 – Port Binding 8 – Concurrency 9 - Disposability 10 – Dev/Prod Parity 11 - Logs 12 – Admin Processes
A practical example 14
15 Consistency/ Repeatability Loose Coupling Human Change Technology Change Runtime Change Factor Design Goal Change supports… enables… 3 - Config Example: 3 - Config 3 – Config – Store config in the environment
16 Config – Before Twelve Factor MyApp Props.load(/u01/app/myapp/myapp.prop) File System /u01/app/myapp/myapp.propTight Coupling • Application has a hard dependency on a specific file system path • The app can only run somewhere that can supply the path  How do you run on Windows?  How do you execute from your IDE?  How do you run multiple instances with different configs? • How do you automate password changes or distribution of configuration changes?  Use case: Passwords are stored in a vault (like Cyberark) and you want to automatically rotate passwords and deliver them to applications.
17 Password Automation – Before Twelve Factor – Option 1 MyApp Props.load(/u01/app/myapp/myapp.prop) File System /u01/app/myapp/myapp.propTight Coupling ? CyberArk Fetch Password Persist Password Restart App This thing is application- specific Spackleware • Human Change: Application-specific learning curve • Technology Change: Vault and OS-specific integration. Can’t change the vault without rewriting app specific integrations.
18 Password Automation – Before Twelve Factor – Option 2 MyApp Props.load(/u01/app/myapp/myapp.prop) File System /u01/app/myapp/myapp.propTight Coupling CyberArk ? Fetch Password This is application specific tight coupling to the password vault. You can’t change the vault without changing the app. And the app still has the filesystem coupling as well.
19 Config – Twelve Factor • Application can receive config from anywhere that can supply environment variables  Can run on any OS  Can execute from any modern IDE  Can run multiple instances with different configs  The app does not need any code for finding configs. No need to bootstrap the app with config location. • Let’s revisit the password automation example now… MyApp ENV_VARIABLES
20 Password Automation –Twelve Factor ?CyberArk Fetch Password This is a generic mechanism that is application-agnostic. • Human Change: Nothing in this picture is application specific. • Human Change: Passwords can be completely unknown to humans. No need to rotate passwords in response to reorgs or reassignments. • Technology Change: If you change the vault you only need to change the integration piece and all 12-factor apps using the vault are handled. • Run-time Change: Enables password changes to be treated as run-time changes that happen automatically. They can be scheduled. MyApp ENV_VARIABLES
21 Password Automation – CyberArk/Conjur/Summon CyberArk (via Conjur) MyAppSummon ENV_VARIABLES Summon is created and maintained by CyberArk https://cyberark.github.io/summon/ Fetches secrets from a swappable provider and provides them as Environment variables to your application You execute summon as a wrapper around your app – summon launches your app after secrets are obtained Fetch Password [user@host ~]$ summon --provider conjur -f secrets.yml MyApp
Conclusion • The configuration example is just 1 example use case that pertains to 1 of the 12 factors. • If you develop, support, or maintain apps or servers, please go read https://12factor.net • Let’s have a conversation • If we follow best practices, tools already exist to help your app and administrators with common concerns/changes. 22

Recommended

Resilience and chaos engineering
Resilience and chaos engineeringResilience and chaos engineering
Resilience and chaos engineering
Eric Wyles
 
App Assessments Reloaded
App Assessments ReloadedApp Assessments Reloaded
App Assessments Reloaded
Ernest Mueller
 
How do you implement Continuous Delivery? Part 4: Automated Testing
How do you implement Continuous Delivery? Part 4: Automated TestingHow do you implement Continuous Delivery? Part 4: Automated Testing
How do you implement Continuous Delivery? Part 4: Automated Testing
Thoughtworks
 
Ppt of soap ui
Ppt of soap uiPpt of soap ui
Ppt of soap ui
pkslide28
 
An introduction to api testing | David Tzemach
An introduction to api testing | David TzemachAn introduction to api testing | David Tzemach
An introduction to api testing | David Tzemach
David Tzemach
 
Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)
Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)
Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)
Dinis Cruz
 
Automated testing web application
Automated testing web applicationAutomated testing web application
Automated testing web application
Kiattikhun Prathumma
 
#1 unit testing
#1 unit testing#1 unit testing
#1 unit testing
eleksdev
 

Recommended

Resilience and chaos engineering
Resilience and chaos engineeringResilience and chaos engineering
Resilience and chaos engineering
Eric Wyles
 
App Assessments Reloaded
App Assessments ReloadedApp Assessments Reloaded
App Assessments Reloaded
Ernest Mueller
 
How do you implement Continuous Delivery? Part 4: Automated Testing
How do you implement Continuous Delivery? Part 4: Automated TestingHow do you implement Continuous Delivery? Part 4: Automated Testing
How do you implement Continuous Delivery? Part 4: Automated Testing
Thoughtworks
 
Ppt of soap ui
Ppt of soap uiPpt of soap ui
Ppt of soap ui
pkslide28
 
An introduction to api testing | David Tzemach
An introduction to api testing | David TzemachAn introduction to api testing | David Tzemach
An introduction to api testing | David Tzemach
David Tzemach
 
Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)
Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)
Start with passing tests (tdd for bugs) v0.5 (22 sep 2016)
Dinis Cruz
 
Automated testing web application
Automated testing web applicationAutomated testing web application
Automated testing web application
Kiattikhun Prathumma
 
#1 unit testing
#1 unit testing#1 unit testing
#1 unit testing
eleksdev
 
Selenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, UkraineSelenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, Ukraine
Justin Ison
 
Top 20 best automation testing tools
Top 20 best automation testing toolsTop 20 best automation testing tools
Top 20 best automation testing tools
QACraft
 
Best Practices in Mobile CI (webinar)
Best Practices in Mobile CI (webinar)Best Practices in Mobile CI (webinar)
Best Practices in Mobile CI (webinar)
Sauce Labs
 
Test automation process
Test automation processTest automation process
Test automation process
Bharathi Krishnamurthi
 
Silk Performer Presentation v1
Silk Performer Presentation v1Silk Performer Presentation v1
Silk Performer Presentation v1
Sun Technlogies
 
Uncovering breaking changes behind UI on mobile applications
Uncovering breaking changes behind UI on mobile applicationsUncovering breaking changes behind UI on mobile applications
Uncovering breaking changes behind UI on mobile applications
Kazuaki Matsuo
 
How agile performance testing helps automate and scale test processes
How agile performance testing helps automate and scale test processesHow agile performance testing helps automate and scale test processes
How agile performance testing helps automate and scale test processes
Apica
 
Automation testing
Automation testingAutomation testing
Automation testing
Biswajit Pratihari
 
Implementing Test Automation in Agile Projects
Implementing Test Automation in Agile ProjectsImplementing Test Automation in Agile Projects
Implementing Test Automation in Agile Projects
Dominik Dary
 
Level Up Your Salesforce Unit Testing
Level Up Your Salesforce Unit TestingLevel Up Your Salesforce Unit Testing
Level Up Your Salesforce Unit Testing
Gordon Bockus
 
Test Automation Architecture in Microservices
Test Automation Architecture in MicroservicesTest Automation Architecture in Microservices
Test Automation Architecture in Microservices
Alper Mermer
 
Oracle Forms Performance Testing PushToTest TestMaker JAT
Oracle Forms Performance Testing PushToTest TestMaker JATOracle Forms Performance Testing PushToTest TestMaker JAT
Oracle Forms Performance Testing PushToTest TestMaker JAT
Clever Moe
 
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan LippsMyth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
Applitools
 
Automated Exploratory Testing
Automated Exploratory TestingAutomated Exploratory Testing
Automated Exploratory Testing
Justin Ison
 
Testing NodeJS, REST APIs and MongoDB with UFT
Testing NodeJS, REST APIs and MongoDB with UFTTesting NodeJS, REST APIs and MongoDB with UFT
Testing NodeJS, REST APIs and MongoDB with UFT
Ori Bendet
 
An easy way to automate complex UI
An easy way to automate complex UIAn easy way to automate complex UI
An easy way to automate complex UI
Ivan Pashko
 
Api testing
Api testingApi testing
Api testing
Keshav Kashyap
 
Ariane 5 launcher failure - why did it happen
Ariane 5 launcher failure - why did it happenAriane 5 launcher failure - why did it happen
Ariane 5 launcher failure - why did it happen
software-engineering-book
 
Ranorex presentation
Ranorex presentationRanorex presentation
Ranorex presentation
ISsoft
 
Colorful world-of-visual-automation-testing-latest
Colorful world-of-visual-automation-testing-latestColorful world-of-visual-automation-testing-latest
Colorful world-of-visual-automation-testing-latest
Onur Baskirt
 
Technology insights: Decision Science Platform
Technology insights: Decision Science PlatformTechnology insights: Decision Science Platform
Technology insights: Decision Science Platform
Decision Science Community
 
Nyc mule soft_meetup_13_march_2021
Nyc mule soft_meetup_13_march_2021Nyc mule soft_meetup_13_march_2021
Nyc mule soft_meetup_13_march_2021
NeerajKumar1965
 

More Related Content

What's hot

Implementing Test Automation in Agile Projects
Implementing Test Automation in Agile ProjectsImplementing Test Automation in Agile Projects
Implementing Test Automation in Agile Projects
Dominik Dary
 
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan LippsMyth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
Applitools
 
Ranorex presentation
Ranorex presentationRanorex presentation
Ranorex presentation
ISsoft
 
Colorful world-of-visual-automation-testing-latest
Colorful world-of-visual-automation-testing-latestColorful world-of-visual-automation-testing-latest
Colorful world-of-visual-automation-testing-latest
Onur Baskirt
 

What's hot (20)

Selenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, UkraineSelenium Camp 2016 - Kiev, Ukraine
Selenium Camp 2016 - Kiev, Ukraine
 
Top 20 best automation testing tools
Top 20 best automation testing toolsTop 20 best automation testing tools
Top 20 best automation testing tools
 
Best Practices in Mobile CI (webinar)
Best Practices in Mobile CI (webinar)Best Practices in Mobile CI (webinar)
Best Practices in Mobile CI (webinar)
 
Test automation process
Test automation processTest automation process
Test automation process
 
Silk Performer Presentation v1
Silk Performer Presentation v1Silk Performer Presentation v1
Silk Performer Presentation v1
 
Uncovering breaking changes behind UI on mobile applications
Uncovering breaking changes behind UI on mobile applicationsUncovering breaking changes behind UI on mobile applications
Uncovering breaking changes behind UI on mobile applications
 
How agile performance testing helps automate and scale test processes
How agile performance testing helps automate and scale test processesHow agile performance testing helps automate and scale test processes
How agile performance testing helps automate and scale test processes
 
Automation testing
Automation testingAutomation testing
Automation testing
 
Implementing Test Automation in Agile Projects
Implementing Test Automation in Agile ProjectsImplementing Test Automation in Agile Projects
Implementing Test Automation in Agile Projects
 
Level Up Your Salesforce Unit Testing
Level Up Your Salesforce Unit TestingLevel Up Your Salesforce Unit Testing
Level Up Your Salesforce Unit Testing
 
Test Automation Architecture in Microservices
Test Automation Architecture in MicroservicesTest Automation Architecture in Microservices
Test Automation Architecture in Microservices
 
Oracle Forms Performance Testing PushToTest TestMaker JAT
Oracle Forms Performance Testing PushToTest TestMaker JATOracle Forms Performance Testing PushToTest TestMaker JAT
Oracle Forms Performance Testing PushToTest TestMaker JAT
 
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan LippsMyth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
Myth vs Reality: Understanding AI/ML for QA Automation - w/ Jonathan Lipps
 
Automated Exploratory Testing
Automated Exploratory TestingAutomated Exploratory Testing
Automated Exploratory Testing
 
Testing NodeJS, REST APIs and MongoDB with UFT
Testing NodeJS, REST APIs and MongoDB with UFTTesting NodeJS, REST APIs and MongoDB with UFT
Testing NodeJS, REST APIs and MongoDB with UFT
 
An easy way to automate complex UI
An easy way to automate complex UIAn easy way to automate complex UI
An easy way to automate complex UI
 
Api testing
Api testingApi testing
Api testing
 
Ariane 5 launcher failure - why did it happen
Ariane 5 launcher failure - why did it happenAriane 5 launcher failure - why did it happen
Ariane 5 launcher failure - why did it happen
 
Ranorex presentation
Ranorex presentationRanorex presentation
Ranorex presentation
 
Colorful world-of-visual-automation-testing-latest
Colorful world-of-visual-automation-testing-latestColorful world-of-visual-automation-testing-latest
Colorful world-of-visual-automation-testing-latest
 

Similar to Twelve Factor - Designing for Change

Tools and Recipes to Replatform Monolithic Apps to Modern Cloud Environments
Tools and Recipes to Replatform Monolithic Apps to Modern Cloud EnvironmentsTools and Recipes to Replatform Monolithic Apps to Modern Cloud Environments
Tools and Recipes to Replatform Monolithic Apps to Modern Cloud Environments
VMware Tanzu
 
Delivering Applications Continuously to Cloud
Delivering Applications Continuously to CloudDelivering Applications Continuously to Cloud
Delivering Applications Continuously to Cloud
IBM UrbanCode Products
 
DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...
DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...
DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...
Michael Elder
 

Similar to Twelve Factor - Designing for Change (20)

Technology insights: Decision Science Platform
Technology insights: Decision Science PlatformTechnology insights: Decision Science Platform
Technology insights: Decision Science Platform
 
Nyc mule soft_meetup_13_march_2021
Nyc mule soft_meetup_13_march_2021Nyc mule soft_meetup_13_march_2021
Nyc mule soft_meetup_13_march_2021
 
Tools and Recipes to Replatform Monolithic Apps to Modern Cloud Environments
Tools and Recipes to Replatform Monolithic Apps to Modern Cloud EnvironmentsTools and Recipes to Replatform Monolithic Apps to Modern Cloud Environments
Tools and Recipes to Replatform Monolithic Apps to Modern Cloud Environments
 
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...
MuleSoft Surat Virtual Meetup#16 - Anypoint Deployment Option, API and Operat...
 
Automation for the Humans
Automation for the HumansAutomation for the Humans
Automation for the Humans
 
Developer want change Ops want control - devops
Developer want change Ops want control - devopsDeveloper want change Ops want control - devops
Developer want change Ops want control - devops
 
Il paradigma DevOps e Continuous Delivery Automation
Il paradigma DevOps e Continuous Delivery Automation Il paradigma DevOps e Continuous Delivery Automation
Il paradigma DevOps e Continuous Delivery Automation
 
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data CenterMigrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
Migrate Oracle WebLogic Applications onto a Containerized Cloud Data Center
 
Continuous Database Delivery - 7/12/2018
Continuous Database Delivery - 7/12/2018Continuous Database Delivery - 7/12/2018
Continuous Database Delivery - 7/12/2018
 
A DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scaleA DevOps adoption playbook- achieving business value at scale
A DevOps adoption playbook- achieving business value at scale
 
Delivering Applications Continuously to Cloud
Delivering Applications Continuously to CloudDelivering Applications Continuously to Cloud
Delivering Applications Continuously to Cloud
 
Microservices
MicroservicesMicroservices
Microservices
 
Continuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scopeContinuous Delivery for cloud - scenarios and scope
Continuous Delivery for cloud - scenarios and scope
 
Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014Continuous Delivery to the cloud - Innovate 2014
Continuous Delivery to the cloud - Innovate 2014
 
Preparing for Neo - Singapore OutSystems User Group October 2022 Meetup
Preparing for Neo - Singapore OutSystems User Group October 2022 MeetupPreparing for Neo - Singapore OutSystems User Group October 2022 Meetup
Preparing for Neo - Singapore OutSystems User Group October 2022 Meetup
 
Clean architecture with asp.net core
Clean architecture with asp.net coreClean architecture with asp.net core
Clean architecture with asp.net core
 
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefSoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
 
DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...
DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...
DBD 2414 - Iterative Web-Based Designer for Software Defined Environments (In...
 
Il paradigma DevOps e Continuous Delivery Automation
Il paradigma DevOps e Continuous Delivery AutomationIl paradigma DevOps e Continuous Delivery Automation
Il paradigma DevOps e Continuous Delivery Automation
 
Web based, mobile enterprise applications
Web based, mobile enterprise applicationsWeb based, mobile enterprise applications
Web based, mobile enterprise applications
 

Recently uploaded

TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Call Girls In Delhi Whatsup 9873940964 Enjoy Unlimited Pleasure
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
VishalKumarJha10
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
software pro Development
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 

Recently uploaded (20)

Define the academic and professional writing..pdf
Define the academic and professional writing..pdfDefine the academic and professional writing..pdf
Define the academic and professional writing..pdf
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
The Guide to Integrating Generative AI into Unified Continuous Testing Platfo...
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS LiveVip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
Vip Call Girls Noida ➡️ Delhi ➡️ 9999965857 No Advance 24HRS Live
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...How to Choose the Right Laravel Development Partner in New York City_compress...
How to Choose the Right Laravel Development Partner in New York City_compress...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 

Twelve Factor - Designing for Change

  • 1. Twelve-Factor Application Design Eric Wyles Lead Architect - Southwest Power Pool https://www.linkedin.com/in/ericwyles/ 1
  • 2. Agenda • What is Twelve-Factor? • Why is this important? • A practical example. 2
  • 3. Twelve-Factor Methodology • Originally published by Heroku in 2011. • Published as a guideline for developing “cloud-native” applications, but there are benefits even if you aren’t developing for the cloud. • Can be applied to apps written in any programming language.  It’s tells “what” to do, but not “how” to do it. • Completely documented at https://12factor.net and there is a free ebook available for download. • Describes 12 application design best practices. (The 12 Factors) 3
  • 4. The Twelve Factors 4 Factor Name Description 1 Codebase One codebase tracked in revision control, many deploys. 2 Dependencies Explicitly declare and isolate dependencies. 3 Config Store config in the environment. 4 Backing Services Treat backing services as attached resources. 5 Build, release, run Strictly separate build and run stages. 6 Processes Execute the app as one or more stateless processes. 7 Port binding Export services via port binding. 8 Concurrency Scale out via the process model. 9 Disposability Maximize robustness with fast startup and graceful shutdown. 10 Dev/prod parity Keep development, staging, and production as similar as possible. 11 Logs Treat Logs as event streams 12 Admin Processes Run admin/management tasks as one-off processes.
  • 5. The Twelve Factors 5 Why does this matter?
  • 6. Why is this important? 6
  • 7. Change • Commonly we think of changing business requirements.  Design application code to adapt to future business needs. • But there are other types of change. Some examples: • Human Changes  Reorgs  Handoffs  Reassignments • Technology Changes  Dependencies  Technology Stack  Security Patches  Infrastructure • Run-time Changes  Component Failures (Hardware or Software)  Increases and Decreases in application load  Locations of backing services 7
  • 8. Some Ways To Handle Change • React to the change with manual effort. (manually take an action) • Automate the manual effort required to react to the change (automatically take an action) • Where possible Design for change  Processes (SDLC, Pipelines, etc)  Code  Environment  Etc • Following 12-factor helps design for change • Design applications and processes to be resilient to changes in order to enable change 8
  • 9. Designing For Change Today we are focusing on the following three design goals in order to design for change: 1. Consistency and Repeatability 2. Loose Coupling (App/Environment) 3. Scalability and Disposability 9
  • 10. • Establishing consistency and repeatability related to:  Application Codebase / Development  Application Configuration  Administrative tasks  Application dependencies  Development/Runtime environments 10 Consistency and Repeatability
  • 11. • Design so that application does not need to know specific details about the underlying platform. • Design so that environment does not need to provide application specific dependencies  Directories  Configuration Files  Libraries  Etc • Design so that the administrator does not need to know application specific details in order to:  Locate log files  Start/Stop the application  Change configuration values 11 Loose Coupling (App/Environment)
  • 12. • Design the application in a way that the application can be scaled up or down on demand. • Interact with resources and manage application state in a way that instances of the application tier can be created or destroyed at will and the application still functions correctly. 12 Scalability And Disposability
  • 13. 13 Consistency/ Repeatability Loose Coupling Scalability / Disposability Human Change Technology Change Runtime Change Factor Design Goal Change supports… enables… 1 - Codebase 2 - Dependencies 3 - Config 4 - Backing Services 5 – Build, Release, Run 6 – Processes 7 – Port Binding 8 – Concurrency 9 - Disposability 10 – Dev/Prod Parity 11 - Logs 12 – Admin Processes
  • 15. 15 Consistency/ Repeatability Loose Coupling Human Change Technology Change Runtime Change Factor Design Goal Change supports… enables… 3 - Config Example: 3 - Config 3 – Config – Store config in the environment
  • 16. 16 Config – Before Twelve Factor MyApp Props.load(/u01/app/myapp/myapp.prop) File System /u01/app/myapp/myapp.propTight Coupling • Application has a hard dependency on a specific file system path • The app can only run somewhere that can supply the path  How do you run on Windows?  How do you execute from your IDE?  How do you run multiple instances with different configs? • How do you automate password changes or distribution of configuration changes?  Use case: Passwords are stored in a vault (like Cyberark) and you want to automatically rotate passwords and deliver them to applications.
  • 17. 17 Password Automation – Before Twelve Factor – Option 1 MyApp Props.load(/u01/app/myapp/myapp.prop) File System /u01/app/myapp/myapp.propTight Coupling ? CyberArk Fetch Password Persist Password Restart App This thing is application- specific Spackleware • Human Change: Application-specific learning curve • Technology Change: Vault and OS-specific integration. Can’t change the vault without rewriting app specific integrations.
  • 18. 18 Password Automation – Before Twelve Factor – Option 2 MyApp Props.load(/u01/app/myapp/myapp.prop) File System /u01/app/myapp/myapp.propTight Coupling CyberArk ? Fetch Password This is application specific tight coupling to the password vault. You can’t change the vault without changing the app. And the app still has the filesystem coupling as well.
  • 19. 19 Config – Twelve Factor • Application can receive config from anywhere that can supply environment variables  Can run on any OS  Can execute from any modern IDE  Can run multiple instances with different configs  The app does not need any code for finding configs. No need to bootstrap the app with config location. • Let’s revisit the password automation example now… MyApp ENV_VARIABLES
  • 20. 20 Password Automation –Twelve Factor ?CyberArk Fetch Password This is a generic mechanism that is application-agnostic. • Human Change: Nothing in this picture is application specific. • Human Change: Passwords can be completely unknown to humans. No need to rotate passwords in response to reorgs or reassignments. • Technology Change: If you change the vault you only need to change the integration piece and all 12-factor apps using the vault are handled. • Run-time Change: Enables password changes to be treated as run-time changes that happen automatically. They can be scheduled. MyApp ENV_VARIABLES
  • 21. 21 Password Automation – CyberArk/Conjur/Summon CyberArk (via Conjur) MyAppSummon ENV_VARIABLES Summon is created and maintained by CyberArk https://cyberark.github.io/summon/ Fetches secrets from a swappable provider and provides them as Environment variables to your application You execute summon as a wrapper around your app – summon launches your app after secrets are obtained Fetch Password [user@host ~]$ summon --provider conjur -f secrets.yml MyApp
  • 22. Conclusion • The configuration example is just 1 example use case that pertains to 1 of the 12 factors. • If you develop, support, or maintain apps or servers, please go read https://12factor.net • Let’s have a conversation • If we follow best practices, tools already exist to help your app and administrators with common concerns/changes. 22

Editor's Notes

  1. When things aren’t repeatable, any change or reaction to change is risky. Litmus test -How often do you troubleshoot problems that “work in the other environment?” -Are your deployments risky? -Are there deployment steps other than installing the application? -Does a production change give you anxiety? -How hard would it be for someone from another team to learn your deployments and configs? (12-factor can bring uniformity to cross cutting concerns across teams)
  2. When things are tightly coupled, unrelated changes have a ripple effect on each other… Litmus Test If a person changes teams, how much ramp up time is required for them to learn application-specific deployment steps or dependencies? (learning the couplings) How much do changes happening to the filesystem or OS outside of your app directly affect the function of your app? (examples apache web server and jboss web server…. Same binaries/deployables can behave different ways)
  3. When things aren’t scalable or disposable, a lot of manual effort is Litmus Test(s) Does your application rely on sticky HTTP sessions? Does your application store any state or data on the local OS? Would it create adverse effects or destabilize your app if instances were added or removed with no notice?
  4. Now, tying it all back to the 12 factors from 12factor.net… Each factor supports one or more of the design goals. Meeting each of the design goals enables us to handle different types of change. Next, we will dive into a specific example.
  5. Factor #3 says to store configuration in the environment. This literally means environment variables. If you follow the lines on the previous slide, I’ve asserted that storing config in the environment ultimately enables: Human Change Technology Change Runtime Change. How does storing config in the environment enable change any more than storing in a config file?