There is the old way of doing information systems. These applications are often referred to as monolithic applications. But what about “modern” applications? What’s so special about them? I have a good part of the answer for you, in fact, Amazon AWS comes to us with a nice explanation about what a modern application is.
Note: applications and information system will be synonyms in this article to simplify my remarks.
Let us explain somewhat what an application is. In my words, I would say that it is a set of technological components, security tools and services, computer programs coded in programming languages that manipulate data to offer a service to the user (or organization) for a specific purpose. We, people in information technology, build information systems.
WIKIPEDIA: “The Information System (IS) is an organized set of resources that collects, stores, processes and distributes information, usually through a network of computers.”
The old way of making an information system is quite simple. All of the components listed above are found in a block. Only the security component is largely outside this monolithic block.
Amazon AWS provides for monolithic applications as follows:
This has been and is still in place in many organizations. It has done “the job” and has performed proud services for many years, but its shortcomings are beginning to have more weight in the balance than these qualities. There are many such shortcomings, here are some of them:
- the slightest changes bring a lot of tests, validations, corrections here and there that make sure that these changes happen once or twice a year for many information systems;
- the data is found in monsters (in volume and complexity so in $) of databases whose maintenance and the slightest manipulation become a nightmare;
- The components of the monolith become uniquely flavoured. The programming language, the choice of data storage, the type of processing (servers), etc.. are too often combined with the singular (a language, a type of storage, etc.) for the entire block.
The modern approach called microservice could be summed up simply by “divide and rule better by using the right tool for the right need”. In fact, it is about cutting the information system into simple components that are built with the best tools/services to perform the required task. And the Holy Grail occurs when these components can be used by several information systems.
The most important advantage of modern applications in my opinion is the high velocity of implementation of changes. Because a change applies to a stand-alone component and not to the entire block. A few tests on the modified component and very small integration tests with the rest of the other components are used to conclude that a change is adequate. We are talking about the possibility of making changes by month, week… day.
Another positive point that fits in “the right tool for the right need” is the choice of programming language. Some languages are more suitable for calculations, others for procedural, etc… The modern approach to making applications allows you to choose the right language (and change it as needed) to meet the requirement of the need to meet. Also added is the choice of data storage. A relational database does not adequately address a need related to the use of time-based data, for example. So why not use the right storage for the right data type?
Having small components makes it easier to automate tests and their deployment. Imagine a component that only has the task of returning the totals of a customer’s purchases over a specified period of time. Doing an automated test on this kind of function is quite simple because the desired results are very predictable. For deployment, pushing a function and its updates into a serverless context whether it is with containers or in functions (FaaS) remains quite simple. The infra As Code (iAc) (where to make infrastructure using programming) then takes all its meaning because of its simplicity and automation.
And security in all this? Often perimeter security against a monolith background, security changes profoundly in modern applications. We see appear:
- no-trust: no one gives access to anything and access is added only to the minimum of resources (even if it comes from within the perimeter of trust);
- Security by roles: RBAC.
- Compliance validations are done at the level of the “code” used to deploy the infrastructures rather than on the components themselves;
- and the list continues to make security in the context of modern applications.
I invite you to read this document from Amazon AWS which details some of my comments.
Digital transformation has dramatically impacted the way companies deliver value and the rate at which they make changes to their products and services. Every company is becoming a technology company—companies are increasingly building products that are the technology itself or heavily influenced by technology. In order to compete in this new world, businesses must create better digital products, and they must do it at an increasingly rapid pace.https://pages.awscloud.com/rs/112-TZM-766/images/200873_AWS_MAD_ebook.pdf
Continue the discussion on your mission systems : firstname.lastname@example.org
Note : Translation made by Amazon Translate