Challenges of Cloud Application Development

Web applications running on a cloud platform are different from applications running on-premise in many ways. A cloud based infrastructure provides many services and options to develop a scalable and highly available application which can cater to a global audience. It provides unlimited opportunities for an application to scale and match business requirements. To reap real benefits from cloud platforms, applications need to be developed using services and options provided by cloud infrastructure.

However, running applications on a cloud platform has its own challenges. These challenges can be broadly sub-divided into eight categories. This is not a fixed number. This is based on feedback collected from multiple application developers.

  1. Availability: Measured as a percentage of application uptime
  2. Data Management: Data is hosted in different locations. Eventual Consistency vs. Strong Consistency
  3. Messaging: Loose coupling between components and services, asynchronous messaging, ordering of message, and idempotency
  4. Management and Monitoring: Applications must expose runtime information for management and monitoring of the system
  5. Security: The application is exposed on the Internet, outside trusted on premise boundaries. It prevents malicious or accidental actions which can compromise security. It prevents disclosure or loss of information. Security has three sub-categories:
    • Data Security
    • Network Security
    • Identity Management
  6. Resiliency: Multi-tenancy uses shared platform services. Resiliency provides the ability to gracefully handle and recover from failures and the ability to detect failures
  7. Performance and Scalability: Responsiveness of a system. It is the ability of a system to handle increased load without any impact on performance
  8. Design and Implementation: Consistency and coherence in component design and deployment. Reusability of components

Each challenge mentioned above describes an important aspect of web applications. Developers need to handle each challenge explicitly depending upon the requirement. Public cloud vendors provide various services and features to address these issues.

Services offered by major public cloud vendors to handle challenges like availability, data management, messaging, management, monitoring, and security are:

Options provided by AWS and Azure

Category AWS Azure
Availability Autoscaling, LoadBalancing Azure Autoscale
Data Management RDS, DynamoDB, StoreSimple, Cold Store, SQL Server
Messaging SQS, SNS, SES Azure Service Bus
Management and Monitoring CloudTrail, CloudWatch, VPC Flowlogs Azure Monitor
Security Data Security KMS Key Vault
Network Security VPC, Security Groups, Network ACLs Azure Virtual Network
Identity Management AWS Directory Service, IAM Azure Active Directory
Resiliency AWS Global Infrastructure, Availability Zone Azure Regions
Performance and Scalability Compute  Services(EC2) , Container Services, CloudFront, ElastiCache, etc. VM’s, Azure Containers, Azure CDN, Azure Managed Cache, etc.

Note: Basic compute and storage services are not included in this table. This is not the complete list of services offered by AWS and Azure. This is just a high level view of services by two major service providers. There are similar services offered by other cloud providers like Rackspace, IBM BlueMix and many others.

Design and implementation of a true cloud native application is one of the major challenges faced by application developers. Challenges described above have to be kept in mind while designing the application. One of the biggest worries for cloud based applications is vendor lock-in. Applications closely integrated with specific vendor services cannot be migrated on other cloud platforms. This creates dependency on that specific cloud vendor making migration to other cloud platforms a costly affair. The solution is to develop a cloud agnostic application.

Such challenges can be handled by implementing cloud design patterns into code. There are a host of design patterns which can be used in applications. Some of the design patterns are:

  • Federated Identity: Authentication is managed by an external identity provider. A dedicated security application manages the identity. This simplifies the application
  • Gatekeeper: Dedicated host instance acting as a broker between client and services/application. Limits the attack surface of application. Additional layer of security
  • Valet Key: Restricted access to a specific resource or service. Can be implemented using a token or a key
  • Command Query Responsibility Segregation (CQRS): Segregate operations using a separate interface
  • Circuit Breaker: Handles failures gracefully. Improves stability and resiliency
  • Integration Provider: Messaging and sharing of data hosted by different providers

This is not the complete list of cloud design patterns. This link is a collection of commonly used cloud design patterns.

Developers can leverage options provided by the cloud platform and implement cloud design patterns to develop a robust, resilient and truly secure cloud hosted application. Few points to keep in mind:

  • Make your application as generic as possible
  • Make it stateless
  • Store the session information in some persistent data store
  • Don’t log onto the file system. Use a proper logging mechanism
  • Don’t code using any specific infrastructure dependency
  • Use API gateway
  • Use DevOps tool to automate deployment and configuration of your application on the cloud

Terminologies Used:

  • Cloud Native Application: Applications built to run optimally on cloud infrastructure
  • Cloud Agnostic Application: Applications which can be deployed on any public cloud. Free from vendor lock-in

[Tweet “Challenges in Cloud Application Development ~ via @CalsoftInc”]


Related Posts

MWC 23 Top Technology Trends

Mobile World Congress (MWC) is the one of the greatest and most influential connectivity events in the mobile industry where mobile device manufacturers, technology providers, and other industry stakeholders come together to showcase their latest products, services, and innovations. MWC 23 was held in Barcelona from 27 February to 2 March 2023. The event highlighted several emerging technologies and latest trends in the industry market. Read the blog to discover the top technology trends at MWC 23 and how these trends grow over the coming years!


Significance of AI to Underpin the Metaverse

The term “Metaverse” generally refers to a hypothetical future version of the internet that would be much more immersive and interactive, resembling a virtual world. Artificial intelligence (AI) is likely to play a major role in the development of the metaverse. AI could be used to create more realistic virtual environments in the future. Explore the blog to understand how can AI shape the Metaverse technology.


The 5G Uprising: Influence on Business and Telco Industry

The impact of 5G on the telecom industry is likely to be substantial and transformative, leading to new growth opportunities, increased efficiency, and improved customer experiences. Explore the blog to understand how 5G will transform business and the telecom industry.


A Guide to Choose the Right Engagement Model for IT Services

Choosing the right IT Services Engagement Model is critical to the success of any business that needs IT support, this blog helps in choosing the suitable engagement model for your business.


Introduction to IT Services Engagement Model

Choosing the right IT services engagement model is important for companies to gain multiple benefits, this blog helps gain introductory information on the engagement models.


Impact of OpenRAN on the Telecom Industry

This interesting read highlights how OpenRAN is changing the telecommunications industry and what this means for the future.


Leave a comment / Query / Feedback

Your email address will not be published. Required fields are marked *