Cloud native architecture adopts a set of guiding principles designed to exploit the strengths and bypass the limitations of the cloud. In contrast to traditional architecture, which treated changes, failures, and security threats as exceptions, cloud native architecture anticipates them as inevitable norms.
The key concepts in Figure 1-5 underpin cloud native architecture.
Figure 1-5. Cloud native architecture principles
Let’s explore each of these concepts:
Component independence
An architecture is loosely coupled when its individual system components are designed and changed independently. This arrangement allows different teams to develop separate components without delays caused by interdependencies. When deployed, components can be scaled individually. Should a component fail, the overall system remains functional.
Built-in resilience
A resilient system operates seamlessly and recovers automatically amidst underlying infrastructure changes or individual component failures. Cloud native systems are inherently designed to accommodate failure. This resilience may be achieved through running multiple instances of a component, automatic recovery of failed components, or a combination of both strategies.
Transparent observability
Given that a cloud native system encompasses multiple components, understanding system behavior and debugging issues can be complex. It is therefore crucial that the system is designed to allow a clear understanding of its state from its external outputs. This observability can be facilitated through comprehensive logging, detailed metrics, effective visualization tools, and proactive alert systems.
Declarative management
In a cloud native environment, the underlying hardware is managed by someone else, with layers of abstraction built on top to simplify operations. Cloud native systems prefer a declarative approach to management, prioritizing the desired outcome (what) over the specific steps to achieve it (how). This management style allows developers to focus more on addressing business challenges.
Zero-trust security
Given that everything on the public cloud is shared, a default stance of zero trust is essential. Cloud native systems encrypt data both at rest and in transit and rigorously verify every interaction between components.
As I explore these principles in later chapters, I will examine how various tools, technologies, and techniques can facilitate these concepts.