This is my list of cloud native tools. Companies that leverage the full suite of tools can often deliver faster, with less friction and lower development and maintenance costs.
Are we missing anything? Let me know!
Microservices scope product functionality into units that can be individually deployed. For example, in traditional pre-cloud-native deployments, it was common to have a single website service that managed APIs and customer interactions. With microservices, you would decompose this website into multiple services, such as a checkout service and a user service. Then, you could develop, deploy, and scale these services individually.\
Additionally, microservices are often stateless, and leveraging twelve-factor applications allows companies to take advantage of the flexibility that cloud native tooling offers.
Continuous Integration / Continuous Deployment (CI/CD) is an infrastructure component that supports automatic test execution (and optionally deployments) in response to version control events such as pull requests and merges. CI/CD enables companies to implement quality gates such as unit tests, static analysis, or security analysis. Ultimately, CI/CD is a foundational tool in the cloud native ecosystem that can lead to substantial engineering efficiencies and reduced error counts.
Containers are at the heart of cloud native ecosystems and enable unmatched velocity and quality gains by simplifying developer operations. Using containers with tools like Docker, teams can specify their system dependencies while providing a uniform and generic execution layer. This layer enables infrastructure teams to operate a single infrastructure, such as a container orchestrator, like Kubernetes. Engineering teams can store container images in a container registry, which in most cases, also provides vulnerability analysis and fine-grained access control. Popular services for this are as Docker Hub, Google Container Registry, or Quay.
Container orchestrators are tools for launching and managing large numbers of containers and remove the need for language-specific or team-specific deployment strategies. They allow users to specify a container image or group of images and some configuration. Finally, the orchestrators take these specifications and translate them into running workloads.\
Container orchestrators enable infrastructure teams to maintain a single infrastructure component, which can execute any container that adheres to the OCI specification.
Infrastructure as code is a strategy that puts cloud configuration under version control. Companies often manage their cloud resources manually by configuring them through an admin panel. Manual configuration, however, makes it hard to keep track of changes. Infrastructure as code addresses this by defining cloud resources as code and putting them under version control. Changes are made in the infrastructure config in code and promoted through the company's deployment process, which can include peer reviews, CI, and CD. Version control provides an audit log that shows who has changed which resources and when.
Secret management is essential for cloud native solutions but is often neglected at smaller scales. Secrets are anything private, such as passwords, private keys, and API credentials. At the very least, secrets should be encrypted and stored in configuration. Mature solutions enable temporary database credentials or rotating credentials to be issued, making secret management even more secure. Finding a fitting solution for secret management is vital for cloud native applications since containerized services scale horizontally and may be scheduled on many different machines. Ultimately, organizations that ignore secret management could increase the surface area for credential leakage.
Secure communication over TLS is not only best practice but a must-have. This is especially important in container-based solutions because many different services may run on the same physical machine. Without encryption, an attacker who gains access to the host's network could read all traffic between these services. At the very least, it becomes untenable to manually update certificates for cloud native deployments, which is why some sort of automated solution is essential.
- Protocols like gRPC, HTTP/2, and Websockets
- Dynamic configuration
- Mutual TLS
- Resiliency primitives, such as rate limiting and circuit breaking
- Visibility in the form of metrics
Logging is a foundational pillar of observability. Logging is often very familiar and accessible to teams, making it a great starting place to introduce observability. Logs are essential to understanding what is happening in systems. Cloud native tools emphasize time series for metrics, since they are more cost-effective than logs to store. However, logs are an invaluable tool for debugging, and some systems are only observable through them, which makes logging a requirement.
Monitoring systems store important events as a time series. Monitoring data is aggregated, which means that you don't store all events. This makes it cost-effective for cloud native systems, and is essential for understanding the state of cloud native systems and answering these questions:
- How many operations are occurring?
- What is the result of the operations (success, failure, or status codes)?
- How long do operations take?
- What are the counts of important resources such as queue depths or thread pools?
You can assign different dimensions to monitoring metrics to drill into performance on an individual machine, operating system, version, etc.
Alerting makes logs and metrics actionable, notifies operators of system issues, and pairs well with time series metrics. For example, alerts can notify teams when there is an increase in HTTP 500 status codes or when request duration increases. Alerting is essential for cloud native systems. Without alerts, you don't get notified of incidents, which in the worst case means that companies don't know that there have been problems.
Cloud native technologies reduce the overhead in launching and scaling services. As a result, teams often launch more services than they did pre-cloud. Tracing enables teams to monitor communication between services and makes it easy to visualize an entire end-user transaction and each stage in that transaction. When performance issues arise, teams can see what service errors are occurring and how long each phase of the transaction is taking. Tracing is a next level observation and debugging tool that can significantly reduce downtime by allowing teams to debug issues faster.
Service meshes are the Swiss army knife of cloud networking. They can provide dynamic routing, load balancing, service discovery, networking policies, and resiliency primitives such as circuit breakers, retries, and deadlines. Service meshes are an evolution in load balancing for cloud native architectures.
Cloud native tools help companies stay competitive by increasing both quality and availability while decreasing time to market.
Companies that choose the right tools can maintain competitive advantages through increased delivery speed and agility.
Adopting cloud native technologies may seem daunting, but just remember that beginning with a single technology can already provide considerable benefits.
Kentaro is CEO and Solutions Architect at Coder Society. With his in-depth knowledge of software development and cloud technologies, Kentaro often takes on the lead engineer's role. His analytical, organized, and people-oriented nature makes him an apt advisor on software projects and flexible staffing.
We are a network of 150+ tech freelancers developing custom software solutions for leading companies on-site and remotely.
If you need help getting started with your cloud native journey, check out what we can do.