Principle 7: Prepare for failure

Design your services and components to cope with failure. Any single component failure should not impact the overall service.

When designing Cloud Solutions ensure that the load is spread in a way that will cater for failure. The extent of the spread will depend on the criticality of the service as more spread equates to higher cost.

Use Load Balancers effectively to separate stateless micro-services from each other.

 

 

Principle 5: Measure Everything

Every Cloud Service should be measured and logged

In order to ensure that costs are kept to a minimum it should be possible at all times to know all there is to know about each service. Its important to realize that  when using elastic virtual servers, the logs could be deleted when the server is deleted. Therefore servers should log all data centrally in a way that can be readily interrogated.

  • Log everything. Modern Cloud Services provide detailed logs. Collect them ALL. These include Application Logs, Infrastructure Logs and Security Logs!
  • Good elasticity depends on having accurate usage data.
  • Failing to measure is a sure fire way to waste money.
  • Set alerts on services based on the metrics expected and your design.
  • Use Tags properly. Your 1st tag for each item should be Cost_Centre. Tagging Taxonomy is important to save future headaches.
  • A good logging tool is essential for intelligent interpretation.

Principle 4: Security Everywhere

Seriously – Every interaction with Cloud Services should be handled in a secure fashion

  • Data should be encrypted in transit and at rest.
  • All Cloud connections should be secure.
  • Work on the principle of Least Privilege Access.
  • Consider Security as part of your CI / CD Pipeline.
  • Don’t leave security to be the responsibility of a specialized team.
  • Consider each of the Cloud Security Alliance “Treacherous 12” threats

For more detail check out this blog.

 

Principle 3: Infrastructure as Code

Build everything as Code

Why?

All Cloud services worthy of the name can be used or accessed using their API.  By calling this API via code we can benefit from:

  • Faster Deployments. Deploying both the application and the infrastructure using code can dramatically speed up deployment and lead to Continuous Deployment
  • Reduce Error. Version controlled, repeatable scripts remove opportunities for human error. Auditing, which is essential to many companies success, is also made much easier.
  • Automatic Configuration. We can use script based tools such as Ansible to control and configure our whole Cloud environment.

Principle 2: Automate Everything

Everything you build should be both automated and repeatable

Why?

What if your infrastructure breaks? What if there is a disaster? Rebuilding can take considerable time. If your solution is built from repeatable code then recovery can also be automated.

Chunks of well crafted repeatable code can be pieced together to form more complex solutions, saving time in the long run.

Continuous Deployment which is a pillar of agile entities can only be achieved with automation.

A complete and well defined automated solution creates a perfect staging environment, protecting your production environment without the need for human change control.