Welcome!

Microservices Expo Authors: Elizabeth White, Pat Romanski, Thanh Tran, Liz McMillan, JP Morgenthal

Related Topics: Containers Expo Blog, Microservices Expo, Microsoft Cloud, API Journal, Agile Computing, Wearables, Apache

Containers Expo Blog: Article

Web Application Lifecycle Maintenance

A ten-point tune-up check list

Like an automobile, a web application needs occasional maintenance and management over its life cycle. Although it doesn't need oil changes, it will probably need version upgrades. There may not be manufacturer recalls, but sometimes servers fail or hang. An application doesn't need to be washed and detailed, but it does need to be backed up. And both cars and applications need occasional performance tuning.

This article provides a complete list of the system management functions that need to be performed on a standard architecture web application, with a particular emphasis on doing so in an Infrastructure-as-a-Service environment.

1. Evaluation
Anyone who has implemented an application without sufficient evaluation, only to realize too late that it does not solve the business problem, will understand why evaluation is part of the application lifecycle.

Evaluation is facilitated with two primary components: information about the application and a try-before-you-buy capability. Many questions about an application can be answered efficiently with basic feature and function information, and ideally a competitive comparison from several similar applications will give visibility to their strengths and weaknesses. But these are prerequisites rather than substitutes for actually trying and using the product. Ideally, a "test drive" will not require any setup or configuration, since the goal is only to determine whether it meets your needs. You want to spend your evaluation time using the software, not learning how to deploy and configure it.

2. Deployment
Deployment is the tip of the system management iceberg - it is the most visible procedure because you cannot even get started without it.

Automating a deployment has many benefits, even if it is superficially a one-time deployment, because the automation script provides documentation and a kind of checklist to ensure that configuration details are handled properly the next time. If the upgrade is performed by re-deploying to a new server entirely, (this is much easier with virtual machines and cloud servers), then the upgrade process is just a matter of re-running the automation.

Another benefit of automating deployments is that best practices are made repeatable and documented, thereby reducing the chance of human error.

3. Backup
As soon as you begin to use your application, you should begin backing up the data it stores in a location that is both physically and logically separate from the primary data store.

Ideally, a backup contains the minimum unique data necessary to reproduce the state of the system. This keeps the cost of transporting and storing the backups low, which in turn encourages a higher backup frequency.  However, sometimes this minimization should be traded off against the amount of time required to restore the system to working order.

4. Monitoring
Applications and servers fail or bog down unpredictably. Persistent automated monitoring, with appropriate forms of notification (email, text message) frees you from having to explicitly check on the status of the application, but still ensures that you hear about problems when they happen, rather than when they are reported by users hours later.

Importantly, applications must be monitored at the application level - by robotic access through the application itself. It is common for servers and virtual machines to seem perfectly fine while the application is unresponsive. Remember that users and customers do not care about "server uptime" - they just want to use the application or site.

Deeper monitoring can signal trends that suggest that an imminent failure before it happens. For example, by tracking memory utilization and number of web server processes, a monitoring system may be able to predict that a server is about to overload. This type of deeper monitoring can also be useful for automated scaling procedures.

5. Job Scheduling
Many applications have scheduled jobs in addition to monitoring and backups: data rollups, log file archiving, end-of-day reporting.

If the application has this requirement, there must be an easy, flexible, and reliable method of scheduling and automatically performing these jobs. It is common to use cron or Windows Task Scheduler for these procedures, and as long as these tools are accessible this is a workable solution. Even better is an off-server job scheduling mechanism, so that the status of the server and application does not affect whether the job runs and whether failure notifications can be delivered.

6. Upgrades
Most application software and its supporting technology stack are subject to occasional version upgrades and patches.

It is extremely convenient to be able to easily duplicate the entire application environment and perform the upgrade first on a copy. Running manual or automated tests to confirm that the upgrade worked can improve reliability. If the upgrade failed, because (for example) a step was left out or a configuration change conflicts with the new version, the duplicate environment can be used to check and repair these issues and the upgrade process repeated until it works properly. This best practice minimizes the downtime associated with the upgrade.

7. Recovery
Many environments assume that backups will only rarely be used, so accessing them is expensive and possibly time-consuming. In an IaaS environment, with the right tools, it can be relatively easy to retrieve and restore backups to either a production system or to a copy.

Obviously, when a server or application does fail, the first thing to try is to restore the operation of the application in place.  The next thing to try is deploying a new application environment, then restoring a backup or turning a replication slave into the master. The former will result in a loss of data based on how long ago the backup was performed. The latter will typically result in only the very last transaction being lost.  DNS entries must be updated.

Sometimes, a server failure is actually a consequence of an entire data center experiencing downtime.  In this case, it becomes clear why the backups must be kept offsite. The attempt to deploy a new application will fail in the original data center, so it must be performed elsewhere.

Ideally, a management system will provide the optional ability to sequence and automate all these procedures in connection with the monitoring. This can minimize downtime and avoid the need to have staff on call 24x7.

8. Scaling
The cost of frequently changing resources to match load must be weighed against the cost of having excess resources for some time. Burst scaling is much less common and substantially more challenging to handle well.

In single server application deployments, scaling consists of redeploying the application on a server with more memory and/or compute resources. Multi-server deployments are scaled by adding or removing servers from a homogeneous horizontally scalable tier, usually a web tier and possibly a separate application server tier.

In addition to deploying fully configured web or application servers, they must be properly added to (or removed from) a load balancer queue, and this must be done in a way that does not affect active connections. Thus, whether these scale changes are initiated manually or dynamically in response to monitoring output, it is crucial that the deployment (or un-deployment) of resources be automated to avoid configuration errors and to ensure a transparent user experience on the production environment.

9. Tuning
Sometimes application deployments can be tuned to perform better independent of resource scaling.  Typically this involves changing configuration parameters and restarting the web server or rebooting the server.

If system management for the application is largely automated, any manual changes need to be reflected in the automated deployment procedures to ensure that they are reflected in later re-deployments (including restoring backups, deploy from scratch upgrades, and the like). A very sophisticated management system might actually perform tuning automatically based on load and performance characteristics of the application. However, this is unusual because it is typically very application-specific.

10. Utility Management
Many application deployments include utility software that provides, for example, security, log analysis, caching, or email delivery. These utilities are often more challenging to install even than the technology stack or the application itself, and configuring them to connect to the application is almost always tricky. Consequently, a compatibility matrix along with automated deployment procedures to allow independent installation of each utility is an enormous time-saver. Automated removal of these utilities is also crucial, as it can be even more difficult than installation.

Conclusion
We have seen that there are numerous system management activities to be performed in a typical web application deployment. Accomplishing these tasks manually is relatively burdensome and requires a fair amount of skill. In the Infrastructure-as-a-Service world, most of these procedures can be automated or automated with manual initiation; and, further, they can be performed in ways that are more reliable and testable than in a bare-iron data center. With an appropriate IT Process Automation system, a single-tenant application deployment in the cloud can be almost as easy as Software-as-a-Service, but without the attendant loss of control and flexibility.

More Stories By Dave Jilk

Dave Jilk has an extensive business and technical background in both the software industry and the Internet. He currently serves as CEO of Standing Cloud, Inc., a Boulder-based provider of cloud-based application management solutions that he cofounded in 2009.

Dave is a serial software entrepreneur who also founded Wideforce Systems, a service similar to and pre-dating Amazon Mechanical Turk; and eCortex, a University of Colorado licensee that builds neural network brain models for defense and intelligence research programs. He was also CEO of Xaffire, Inc., a developer of web application management software; an Associate Partner at SOFTBANK Venture Capital (now Mobius); and CEO of GO Software, Inc.

Dave earned a Bachelor of Science degree in Computer Science from the Massachusetts Institute of Technology.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@MicroservicesExpo Stories
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
Many banks and financial institutions are experimenting with containers in development environments, but when will they move into production? Containers are seen as the key to achieving the ultimate in information technology flexibility and agility. Containers work on both public and private clouds, and make it easy to build and deploy applications. The challenge for regulated industries is the cost and complexity of container security compliance. VM security compliance is already challenging, ...
While there has been much ado about interoperability, there are still no real solutions, same as last year and the year before that. The large EHR vendors who continue to dominate the market still maintain that interoperability is all but solved, still can't connect EHRs across the continuum causing frustration by providers and a disservice to patients. The ONC pays lip service to the problem, but that is about it. It is time for the healthcare industry to consider alternatives like middleware w...
The pace of innovation, vendor lock-in, production sustainability, cost-effectiveness, and managing risk… In his session at 18th Cloud Expo, Dan Choquette, Founder of RackN, will discuss how CIOs are challenged finding the balance of finding the right tools, technology and operational model that serves the business the best. He will discuss how clouds, open source software and infrastructure solutions have benefits but also drawbacks and how workload and operational portability between vendors...
I have an article in the recently released “DZone Guide to Building and Deploying Applications on the Cloud” entitled “Fullstack Engineering in the Age of Hybrid Cloud”. In this article I discuss the need and skills of a Fullstack Engineer with relation to troubleshooting and repairing complex, distributed hybrid cloud applications. My recent experiences with troubleshooting issues with my Docker WordPress container only reinforce the details I wrote about in this piece. Without my comprehensive...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit y...
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
IoT generates lots of temporal data. But how do you unlock its value? How do you coordinate the diverse moving parts that must come together when developing your IoT product? What are the key challenges addressed by Data as a Service? How does cloud computing underlie and connect the notions of Digital and DevOps What is the impact of the API economy? What is the business imperative for Cognitive Computing? Get all these questions and hundreds more like them answered at the 18th Cloud Expo...
Cloud-based NCLC (No-code/low code) application builder platforms empower everyone in the organization to quickly build applications and executable processes that broaden access, deepen collaboration, and enhance transparency for all team members. Line of business owners (LOBO) and operations managers know best their part of the business and their processes. IT departments are beginning to leverage NCLC platforms to empower and enable LOBOs to lead the innovation, transform the organization, an...
@DevOpsSummit taking place June 7-9, 2016 at Javits Center, New York City, and Nov 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 18th International @CloudExpo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world.
SYS-CON Events announced today the Docker Meets Kubernetes – Intro into the Kubernetes World, being held June 9, 2016, in conjunction with 18th Cloud Expo | @ThingsExpo, at the Javits Center in New York, NY. Register for 'Docker Meets Kubernetes Workshop' Here! This workshop led by Sebastian Scheele, co-founder of Loodse, introduces participants to Kubernetes (container orchestration). Through a combination of instructor-led presentations, demonstrations, and hands-on labs, participants learn ...
Just last week a senior Hybris consultant shared the story of a customer engagement on which he was working. This customer had problems, serious problems. We’re talking about response times far beyond the most liberal acceptable standard. They were unable to solve the issue in their eCommerce platform – specifically Hybris. Although the eCommerce project was delivered by a system integrator / implementation partner, the vendor still gets involved when things go really wrong. After all, the vendo...
The initial debate is over: Any enterprise with a serious commitment to IT is migrating to the cloud. But things are not so simple. There is a complex mix of on-premises, colocated, and public-cloud deployments. In this power panel at 18th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists will look at the present state of cloud from the C-level view, and how great companies and rock star executives can use cloud computing to meet their most ambitious and disruptive business ...
Agile teams report the lowest rate of measuring non-functional requirements. What does this mean for the evolution of quality in this era of Continuous Everything? To explore how the rise of SDLC acceleration trends such as Agile, DevOps, and Continuous Delivery are impacting software quality, Parasoft conducted a survey about measuring and monitoring non-functional requirements (NFRs). Here's a glimpse at what we discovered and what it means for the evolution of quality in this era of Continuo...
You might already know them from theagileadmin.com, but let me introduce you to two of the leading minds in the Rugged DevOps movement: James Wickett and Ernest Mueller. Both James and Ernest are active leaders in the DevOps space, in addition to helping organize events such as DevOpsDays Austinand LASCON. Our conversation covered a lot of bases from the founding of Rugged DevOps to aligning organizational silos to lessons learned from W. Edwards Demings.
When I talk about driving innovation with self-organizing teams, I emphasize that such self-organization includes expecting the participants to organize their own teams, give themselves their own goals, and determine for themselves how to measure their success. In contrast, the definition of skunkworks points out that members of such teams are “usually specially selected.” Good thing he added the word usually – because specially selecting such teams throws a wrench in the entire works, limiting...
As AT&Ts VP of Domain 2.0 architecture writes one aspect of their Domain 2.0 strategy is a goal to embrace a Microservices Application Architecture. One page 9 they describe how these envisage them fitting into the ECOMP architecture: "The initial steps of the recipes include a homing and placement task using constraints specified in the requests. ‘Homing and Placement' are micro-services involving orchestration, inventory, and controllers responsible for infrastructure, network, and applicati...
Application development and delivery methods have undergone radical changes in recent years to improve scalability and resiliency. Container images are the new build and deployment artifacts that are used to ship and run software. While startups have long been comfortable experimenting with and embracing new technologies, even large enterprises are now re-architecting their software systems so that they can benefit from container-enabled micro services architectures. With the launch of DC/OS, w...
SYS-CON Events announced today TechTarget has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. TechTarget is the Web’s leading destination for serious technology buyers researching and making enterprise technology decisions. Its extensive global networ...
Earlier this week, we hosted a Continuous Discussion (#c9d9) on Continuous Delivery (CD) automation and orchestration, featuring expert panelists Dondee Tan, Test Architect at Alaska Air, Taco Bakker, a LEAN Six Sigma black belt focusing on CD, and our own Sam Fell and Anders Wallgren. During this episode, we discussed the differences between CD automation and orchestration, their challenges with setting up CD pipelines and some of the common chokepoints, as well as some best practices and tips...