Our teams have confirmed that .NET Core has reached a level of maturity that makes it the default for .NET server applications. The open source .NET Core framework enables the development and deployment of .NET applications on Windows, macOS and Linux with first-class cross-platform tooling. Microsoft provides blessed Docker images which make it easy to deploy .NET Core applications in a containerized environment. Positive directions in the community and feedback from our projects indicate that .NET Core is the future for .NET development.
Since we last mentioned Kubernetes in the Radar, it has become the default solution for most of our clients when deploying containers into a cluster of machines. The alternatives didn’t capture as much mindshare, and in some cases our clients are even changing their ‘engine’ to Kubernetes. Kubernetes has become the container orchestration platform of choice for major public cloud platforms, including Microsoft's Azure Container Service and Google Cloud (see the GKE blip). And there are many useful products enriching the fast-growing Kubernetes ecosystem. Platforms that try to hide Kubernetes under an abstraction layer, however, have yet to prove themselves.
Microsoft has steadily improved Azure and today not much separates the core cloud experience provided by the major cloud providers – Amazon, Google and Microsoft. The cloud providers seem to agree and seek to differentiate themselves in other areas such as features, services and cost structure. Microsoft is the provider who shows real interest in the legal requirements of European companies. They’ve a nuanced and plausible strategy, including unique offerings such as Azure Germany and Azure Stack, which gives some certainty to European companies in anticipation of the GDPR and possible legislative changes in the United States.
Headless Content Management Systems (CMSes) are becoming a common component of digital platforms. Contentful is a modern headless CMS that our teams have successfully integrated into their development workflows. We particularly like its API-first approach and implementing CMS as Code. It supports powerful content modelling primitives as code and content model evolution scripts, which allow treating it as other data store schemas and applying evolutionary database design practices to CMS development. Other notable features that we’ve liked include inclusion of two CDNs by default to deliver media assets and JSON documents, good support for localization, and the ability — albeit with some effort — to integrate with Auth0.
EMQ is a scalable open source multiplatform MQTT broker. It’s written in Erlang/OTP for higher performance, handling millions of concurrent connections. It supports multiple protocols including MQTT, MQTT Sensor Networks, CoAP as well as WebSockets, making it suitable for both IoT and mobile devices. We’ve started using EMQ in our projects and have enjoyed its ease of installation and use, its ability to route messages to different destinations including Kafka and PostgreSQL, as well as its API-driven approach for its monitoring and configuration.
Load testing became easier with the maturity of tools such as Gatling and Locust. At the same time, elastic cloud infrastructures make it possible to simulate a large number of client instances. We're delighted to see Flood and other cloud platforms go further by leveraging these technologies. Flood IO is an SaaS load-testing service that helps to distribute and execute testing scripts across hundreds of servers in the cloud. Our teams find it simple to migrate performance testing to Flood by reusing existing Gatling scripts.
While the software development ecosystem is converging on Kubernetes as the orchestration platform for containers, running Kubernetes clusters remains operationally complex. Google Kubernetes Engine (GKE) is a managed Kubernetes solution for deploying containerized applications that alleviates the operational overhead of running and maintaining Kubernetes clusters. Our teams have had a good experience using GKE, with the platform doing the heavy lifting of applying security patches, monitoring and auto-repairing the nodes, and managing multicluster and multiregion networking. In our experience, Google's API-first approach in exposing platform capabilities, as well as using industry standards such as OAuth for service authorisation, improve the developer experience. It's important to consider that GKE is under rapid development with many of its APIs in beta release which, despite the developers' best efforts to abstract consumers from underlying changes, can impact you. We're expecting continuous improvement around maturity of infrastructure as code with Terraform on GKE and similar tools.
As Google Cloud Platform (GCP) has expanded in terms of available geographic regions and maturity of services, customers globally can now seriously consider it for their cloud strategy. In some areas, GCP has reached feature parity with its main competitor, Amazon Web Services, while in other areas it has differentiated itself — notably with accessible machine learning platforms, data engineering tools, and a workable Kubernetes as a service solution (GKE). In practice, our teams have nothing but praise for the developer experience working with the GCP tools and APIs.
In a microservice, or any other distributed architecture, one of the most common needs is to secure the services or APIs through authentication and authorization features. This is where Keycloak comes in. Keycloak is an open source identity and access management solution that makes it easy to secure applications or microservices with little to no code. It supports single sign-on, social login and standard protocols such as OpenID Connect, OAuth 2.0 and SAML out of the box. Our teams have been using this tool and plan to keep using it for the foreseeable future. But it requires a little work to set up. Because configuration happens both at initialization and at runtime through APIs, it's necessary to write scripts to ensure deployments are repeatable.
WeChat, often seen as a WhatsApp equivalent, is becoming the de facto business platform in China. Many people may not know but WeChat is also one of the most popular online payment platforms. With the app's built-in CMS and membership management, small businesses are now conducting their commerce entirely on WeChat. Through the Service Account feature, large organizations can interface their internal system to their employees. Given that more than 70 percent of Chinese people are using WeChat, it's an important consideration for businesses that want to expand into the China market.
AWS Fargate is a recent entry into the docker-as-a-service space, currently limited to the US-East-1 region. For teams using AWS Elastic Container Service (ECS), AWS Fargate is a good alternative without having to manage, provision and configure any underlying EC2 instances or clusters. Fargate allows defining (ECS or EKS – ECS for Kubernetes) tasks as a Fargate type, and they will run on the AWS Fargate infrastructure. If you like the focus on business functionality that AWS Lambda gives you, Fargate is the closest you can get when applications can't be deployed as single functions.
Azure Service Fabric is a distributed systems platform built for microservices and containers. It can act as a PaaS with its reliable services, or like a container orchestrator with its ability to manage containers. What distinguishes Service Fabric though are programming models such as Reliable Actors built on top of reliable services. When it comes to IoT use cases, for example, Reliable Actors offers some compelling advantages — in addition to the reliability and platform benefits of being on Service Fabric, you also get its state management and replication capabilities. In keeping with continued focus on open source software (OSS), Microsoft will be transitioning Service Fabric to an open development process on Github. All this makes Azure Service Fabric worth trialling — particularly for organizations who are invested in the .NET framework.
Cloud computing brings significant benefits over self-hosted virtualized solutions but sometimes data simply cannot leave an organization’s premises, usually for latency or regulatory reasons. For European companies, the current political climate also raises more concerns about placing data in the hands of US-based entities. With Azure Stack, Microsoft adds an interesting offering as a middle ground between full-featured public clouds and simple on-premises virtualization: a slimmed-down version of the software that runs Microsoft’s Azure Global cloud is combined with a rack of preconfigured commodity hardware from the usual suspects like HP and Lenovo, providing an organization with the core Azure experience on premises. By default, support is split between Microsoft and the hardware vendors (and they promise to cooperate), but system integrators can offer complete Azure Stack solutions, too.
Cloud Spanner is a fully managed relational database service offering high availability and strong consistency without compromising latency. Google has been working on a globally distributed database called Spanner for quite some time. It has recently released the service to the outside world as Cloud Spanner. You can scale your database instance from one to thousands of nodes across the globe without worrying about data consistency. By levering TrueTime, a highly available and distributed clock, Cloud Spanner provides strong consistency for reads and snapshots. You can use standard SQL to read data from Cloud Spanner, but for write operations you have to use their RPC API. Although not all services would require a global-scale distributed database, the general availability of Cloud Spanner is a big shift in the way we think about databases. And its design is influencing open source products such as CockroachDB.
After thorough exploration, R3, an important player in the blockchain space, realized that blockchain doesn't fit their purpose well, so they created Corda. Corda is a distributed ledger technology (DLT) platform focused on the financial field. R3 have a very clear value proposition and know that their problem requires a pragmatic technology approach. This matches our own experience; current blockchain solutions may not be the reasonable choice for some business cases, due to mining costs and operational inefficiency. Although the development experience we have on Corda thus far has not been the smoothest, APIs are still unstable after v1.0 release, we expect to see the DLT space mature further.
Cosmos DB is Microsoft's globally distributed, multimodel database service, which became generally available earlier this year. While most modern NoSQL databases offer tunable consistency, Cosmos DB makes it a first-class citizen and offers five different consistency models. It's worth highlighting that it also supports multiple models — key value, document, column family and graph — all of which map to its internal data model, called atom-record-sequence (ARS). One interesting aspect of Cosmos DB is that it offers service level agreements (SLAs) on its latency, throughput, consistency and availability. With its wide range of applicability, it has set a high standard for other cloud vendors to match.
As AR and VR continue to gain traction, we continue to explore tools with which we can create immersive virtual worlds. Our positive experience with Unity, one of the two major gaming engines, led us to feature it in previous Radars. We still like Unity but are also excited about Godot, a relatively new entrant to the field. Godot is open source software and although not as fully featured as the big commercial engines, it comes with a more modern software design and less clutter. Offering C# and Python further lowers the barrier to entry for developers outside the gaming industry. Godot version 3, released earlier this year, adds support for VR and support for AR is on the horizon.
Most people may know the "Internet of money" through Bitcoin. In fact, this idea can be traced to the early stages of the Web. HTTP even reserved a status code for digital payment. The challenging part of this idea is to transfer value between different ledgers in different entities. Blockchain technology promotes this idea through building a distributed shared ledger. The current challenge is how to achieve interoperability between different blockchain ledgers and interoperability with traditional centralized ledgers. Interledger is a protocol to connect different ledgers. This protocol uses connectors and a cryptographic mechanism such as HTLC to route secure payments across ledgers. It’s not hard to join the payment network through its suites. Interledger was first initiated by Ripple and is now steadily developed by a W3C community group.
Much of the power of sophisticated IDEs comes from their ability to parse a program into an abstract syntax tree (AST) and then use that AST for program analysis and manipulation. This supports features such as autocomplete, finding callers and refactoring. Language servers pull this capability into a process that allows any text editor to access an API to work with the AST. Microsoft has led the creation of the Language Server Protocol (LSP), harvested from their OmniSharp and TypeScript Server projects. Any editor that uses this protocol can work with any language that has an LSP-compliant server. This means we can keep using our favorite editors without forgoing the rich text editing modes of many languages — much to the delight of our Emacs addicts.
LoRaWAN is a low-power wide-area network, designed for low-power consumption and communication over long distances using low bitrates. It provides for communication between devices and gateways, which can then forward the data to, for example, applications or servers. A typical usage is for a distributed set of sensors, or for Internet of Things (IoT) devices, for which long battery life and long-range communication is a must. LoRaWAN addresses two of the key problems with attempting to use normal Wi-Fi for such applications: range and power consumption. There are several implementations, a notable one being The Things Network, a free, open source implementation.
With an accelerated growth of connected embedded devices and wider accessibility of hardware, Mongoose OS fills a noticeable gap for embedded software developers: the gap between Arduino firmware suitable for prototyping and bare-metal microcontrollers' native SDKs. Mongoose OS is a microcontroller operating system that comes with a set of libraries and a development framework to support typical Internet of Things (IoT) applications with connectivity to generic MQTT servers and popular IoT cloud platforms such as Google Cloud IoT Core and AWS IoT by default. In fact, Google recommends a Mongoose starter kit for its Cloud IoT Core. We’ve had a seamless experience using Mongoose OS in our embedded projects building connected workspaces. We especially liked its built-in security at the individual device level and OTA firmware updates, among other features. At the time of writing, only a limited number of microcontrollers and boards are supported with more popular ARM-based microcontrollers still under development.
We like simple tools that solve one problem really well, and Netlify fits this description nicely. You can create static website content, check it into GitHub and then quickly and easily get your site live and available. There is a CLI available to control the process; content delivery networks (CDNs) are supported; it can work alongside tools such as Grunt; and, most importantly, Netlify supports HTTPS.
Machine-learning models are starting to creep into everyday business applications. When enough training data is available, these algorithms can address problems that might have previously required complex statistical models or heuristics. As we move from experimental use to production, we need a reliable way to host and deploy the models that can be accessed remotely and scale with the number of consumers. TensorFlow Serving addresses part of that problem by exposing a remote gRPC interface to an exported model; this allows a trained model to be deployed in a variety of ways. TensorFlow Serving also accepts a stream of models to incorporate continuous training updates, and its authors maintain a Dockerfile to ease the deployment process. Presumably, the choice of gRPC is to be consistent with the TensorFlow execution model; however, we’re generally wary of protocols that require code generation and native bindings.
TICK Stack is a platform composed of open source components which makes collection, storage, graphing and alerting on-time series data such as metrics and events easy. The components of the TICK Stack are: Telegraf, a server agent for collecting and reporting metrics; InfluxDB, a high-performance time series database; Chronograf, a user interface for the platform; and Kapacitor, a data-processing engine that can process, stream and batch data from InfluxDB. Unlike Prometheus, which is based on the Pull model, the TICK Stack is based on the Push model of collecting data. The heart of the system is the InfluxDB component which is one of the best time series databases. This stack is backed by InfluxData and needs the enterprise version for features such as DB clustering, but it’s still a fairly good choice for monitoring. We’re using it in a few places in production and have had good experiences with it.
Web Bluetooth allows us to control any Bluetooth Low Energy device directly from the browser. This allows us to target scenarios that previously could only be solved with a native app. The specification is published by the Web Bluetooth Community Group and describes an API to discover and communicate with devices over the Bluetooth 4 wireless standard. Right now, Chrome is the only major browser which currently supports this specification. With Physical Web and Web Bluetooth, we now have other avenues for getting users to interact with devices without them having to install yet another app on their phone. This is an exciting space which is worth keeping an eye on.
Microsoft is catching up in the container space with Windows Containers enabling running Windows applications as containers on Windows-based environments. At the time of writing, Microsoft provides two Windows OS images as Docker containers — Windows Server 2016 Server Core and Windows Server 2016 Nano Server — that can run as a Windows Server Container with Docker. Our teams have started using Windows containers in scenarios where build agents and similar containers have been working successfully. Microsoft is aware that there’s room for improvements such as decreasing the large image sizes and enriching ecosystem support and documentation.
We remain concerned about business logic and process orchestration implemented in middleware, especially where it requires expert skills and tooling while creating single points of scaling and control. Vendors in the highly competitive API gateway market are continuing this trend by adding features through which they attempt to differentiate their products. This results in overambitious API gateway products whose functionality — on top of what is essentially a reverse proxy — encourages designs that continue to be difficult to test and deploy. API gateways do provide utility in dealing with some specific concerns — such as authentication and rate limiting — but any domain smarts should live in applications or services.