When IoT Meets DevOps: Fostering Business Opportunities

The Internet of Things (IoT) is the new digital revolution for the near-future society, the second after the creation of the Internet itself. The software industry is converging towards the large-scale deployment of IoT devices and services, and there’s broad support from the business environment for this engineering vision. The Development and Operations (DevOps) project management methodology, with continuous delivery and integration, is the preferred approach for achieving and deploying applications to all levels of the IoT architecture. In this paper we also discuss the promising trend of associating devices with microservices, which are further encapsulated into functional packages called containers. Docker is considered the market leader in container-based service delivery, though other important software companies are promoting this concept as part of the technology solution for their IoT customers. In the experimental section we propose a three-layer IoT model, business-oriented, and distributed over multiple cloud environments, comprising the Physical, Fog/Edge, and Application layers.     Keywords: Internet-of-Things, software technologies, project management, business environment Heading

A containerized service for clustering and categorization of weather records in the cloud

This paper presents a containerized service for clustering and categorization of weather records in the cloud. This service considers a scheme of microservices and containers for organizations and end-users to manage/process weather records from the acquisition, passing through the prepossessing and processing stages, to the exhibition of results. In this service, a specialized crawler acquires records that are delivered to a microservice of distributed categorization of weather records, which performs clustering of acquired data (the temperature and precipitation) by spatiotemporal parameters. The clusters found are exhibited in a map by a geoportal where statistic microservice also produce results regression graphs on-the-fly. To evaluate the feasibility of this service, a case study based on 33 years of daily records captured by the Mexican weather station network (EMAS-CONAGUA) has been conducted. Lessons learned in this study about the performance of record acquisition, clustering processing, and mapping exhibition are described in this paper. Examples of utilization of this service revealed that end-users can analyze weather parameters in an efficient, flexible and automatic manner.This work was partially supported by the sectoral fund of research, technological development and innovation in space activities of the Mexican National Council of Science and Technology (CONACYT) and the Mexican Space Agency (AEM), project No.262891

РОЗРОБКА БЕЗПЕЧНИХ КОНТЕЙНЕРНИХ ЗАСТОСУНКІВ З МІКРОСЕРВІСНОЮ АРХІТЕКТУРОЮ

The article analyzes approaches to software development that allow creating complex container applications with a microservice architecture based on automation tools and flexible development methods. The development of cloud technologies, the global strategy of containerization, the modernization of the application architecture, and the increase in security requirements have led to a change in the application development methodology. The study aims to determine approaches to increase the speed of development, security and quality of software code of containerized applications by implementing security principles and automation tools at all stages of the life cycle. Features and development prospects of microservice applications deployed in a container environment are considered. The advantages of the container infrastructure are defined: mobility, scalability, an additional level of microservice security. Containers provide an isolated environment for running a microservices, this reduces the risk of security vulnerabilities and simplifies interaction between microservices. The article identifies the security problems of microservice applications and the main vulnerabilities associated with the use of containers. It is determined that DevSecOps methodology allows implementing modern practice of continuous integration, continuous delivery, continuous application deployment and integration of security tools at all life cycle stages. DevSecOps describes development processes, deployment and operation processes using Security as Code and Infrastructure as Code practices. The research describes the model for developing and deploying   microservice applications with containerization, defines the security domains, and the security controls for DevSecOps development pipeline. Based on this model, the main security control tools that must be used at all development and deployment pipeline stages are defined. The article proves that the considered technique regulates the implementation of given security procedures at all stages of the pipeline, allows to reduce development time and improve code quality for container applications with a microservices architecture.У статті розглянуто підходи до розробки програмного забезпечення, які дозволяють завдяки засобам автоматизації та методам гнучкої розробки створювати складні контейнерні застосунки з мікросервісною архітектурою. Розвиток хмарних технологій, глобальна стратегія контейнерізації, модернізація архітектури застосунків, підвищення вимог до безпеки призвели до зміни методології розробки програм. Метою дослідження є  визначення підходів до підвищення швидкості розробки, безпеки та якості програмного коду контейнерних застосунків шляхом впровадження принципів безпеки та інструментів автоматизації на всіх етапах життєвого циклу. Розглянуто особливості та перспективи розвитку мікросервісних застосунків, розгорнутих у контейнерному середовищі. Визначені переваги контейнерної інфраструктури: мобільність, масштабованість, додатковий рівень безпеки сервісу. Використання контейнерів забезпечує ізольоване середовище для запуску мікросервісу що зменшує ризик поширення вразливостей безпеки, спрощує взаємодію мікросервісів. У роботі визначені проблеми безпеки мікросервісних застосунків, головні вразливості, пов’язані з використанням контейнерів. Показано, що методологія DevSecOps дозволяє реалізувати сучасну практику безперервної інтеграції, доставки, розгортання застосунку та інтегрувати засоби безпеки в усі етапи життєвого циклу. DevSecOps описує процеси розробки та процеси розгортання і експлуатації програм із застосуванням практик Security as Code та Infrastructure as Code відповідно. В роботі описана модель розробки та розгортання мікросервісних застосунків з контейнеризацією, визначені області безпеки, засоби контролю безпеки кожного етапу DevSecOps розробки. На базі цієї моделі визначено головні інструменти автоматизації контролю безпеки, які необхідно використовувати на всіх етапах конвеєру розробки та розгортання. У статті показано, що розглянута методика регламентує виконання визначених процедур безпеки на всіх етапах конвеєру, дозволяє скоротити час розробки і підвищити якість коду для контейнерних застосунків з мікросервісною архітектурою

Development of secure containerized applications with a microservices architecture

У статті розглянуто підходи до розробки програмного забезпечення, які дозволяють завдяки засобам автоматизації та методам гнучкої розробки створювати складні контейнерні застосунки з мікросервісною архітектурою. Розвиток хмарних технологій, глобальна стратегія контейнерізації, модернізація архітектури застосунків, підвищення вимог до безпеки призвели до зміни методології розробки програм. Метою дослідження є визначення підходів до підвищення швидкості розробки, безпеки та якості програмного коду контейнерних застосунків шляхом впровадження принципів безпеки та інструментів автоматизації на всіх етапах життєвого циклу. Розглянуто особливості та перспективи розвитку мікросервісних застосунків, розгорнутих у контейнерному середовищі. Визначені переваги контейнерної інфраструктури:мобільність, масштабованість, додатковий рівень безпеки сервісу. Використання контейнерів забезпечує ізольоване середовище для запуску мікросервісу що зменшує ризик поширення вразливостей безпеки, спрощує взаємодію мікросервісів. У роботі визначені проблеми безпеки мікросервісних застосунків, головні вразливості, пов’язані з використанням контейнерів. Показано, що методологія DevSecOpsдозволяє реалізувати сучасну практику безперервної інтеграції, доставки, розгортання застосунку та інтегрувати засоби безпеки в усі етапи життєвого циклу. DevSecOpsописує процеси розробки та процеси розгортання і експлуатації програм із застосуванням практик SecurityasCodeтаInfrastructureasCodeвідповідно.В роботі описана модельрозробки та розгортання мікросервісних застосунків з контейнеризацією, визначені області безпеки, засоби контролю безпеки кожного етапу DevSecOpsрозробки. На базі цієї моделі визначено головні інструменти автоматизації контролю безпеки, які необхідно використовувати на всіх етапах конвеєру розробки та розгортання. У статті показано, що розглянута методика регламентує виконання визначених процедур безпеки на всіх етапах конвеєру, дозволяє скоротити час розробки і підвищити якість коду для контейнерних застосунків з мікросервісною архітектурою.The article analyzes approaches to software development that allow creating complex container applications with a microservice architecture based on automation tools and flexible development methods.The development of cloud technologies, the global strategy of containerization, the modernization of the application architecture, and the increase in security requirements have led to a change in the application development methodology.The study aims to determine approaches to increase the speed of development, security and quality of software code of containerized applications by implementing security principles and automation tools at all stages of the life cycle.Features and development prospects of microservice applications deployed in a container environment are considered. The advantages of the container infrastructure are defined: mobility, scalability, an additional level of microservice security.Containers provide an isolated environment for running a microservices, this reduces the risk of security vulnerabilities and simplifies interaction between microservices. The article identifies the security problems of microservice applications and the main vulnerabilities associated with the use of containers. It is determined that DevSecOps methodology allows implementing modern practice of continuous integration, continuous delivery, continuous application deployment and integration of security tools at all lifecycle stages.DevSecOps describes development processes, deployment and operation processes using Security as Code and Infrastructure as Code practices. The research describes the model for developingand deploying microservice applications with containerization, defines the security domains, and the security controls for DevSecOps development pipeline. Based on this model, the main security control tools that must be used at all development and deployment pipeline stages are defined. The article proves that the considered technique regulates the implementation of given security procedures at all stages of the pipeline, allows to reduce development time and improve code quality for container applications with a microservices architectur

SoK: Security of Microservice Applications: A Practitioners' Perspective on Challenges and Best Practices

Cloud-based application deployment is becoming increasingly popular among businesses, thanks to the emergence of microservices. However, securing such architectures is a challenging task since traditional security concepts cannot be directly applied to microservice architectures due to their distributed nature. The situation is exacerbated by the scattered nature of guidelines and best practices advocated by practitioners and organizations in this field. This research paper we aim to shay light over the current microservice security discussions hidden within Grey Literature (GL) sources. Particularly, we identify the challenges that arise when securing microservice architectures, as well as solutions recommended by practitioners to address these issues. For this, we conducted a systematic GL study on the challenges and best practices of microservice security present in the Internet with the goal of capturing relevant discussions in blogs, white papers, and standards. We collected 312 GL sources from which 57 were rigorously classified and analyzed. This analysis on the one hand validated past academic literature studies in the area of microservice security, but it also identified improvements to existing methodologies pointing towards future research directions.Comment: Accepted at the 17th International Conference on Availability, Reliability and Security (ARES 2022

Microservice Transition and its Granularity Problem: A Systematic Mapping Study

Microservices have gained wide recognition and acceptance in software industries as an emerging architectural style for autonomic, scalable, and more reliable computing. The transition to microservices has been highly motivated by the need for better alignment of technical design decisions with improving value potentials of architectures. Despite microservices' popularity, research still lacks disciplined understanding of transition and consensus on the principles and activities underlying "micro-ing" architectures. In this paper, we report on a systematic mapping study that consolidates various views, approaches and activities that commonly assist in the transition to microservices. The study aims to provide a better understanding of the transition; it also contributes a working definition of the transition and technical activities underlying it. We term the transition and technical activities leading to microservice architectures as microservitization. We then shed light on a fundamental problem of microservitization: microservice granularity and reasoning about its adaptation as first-class entities. This study reviews state-of-the-art and -practice related to reasoning about microservice granularity; it reviews modelling approaches, aspects considered, guidelines and processes used to reason about microservice granularity. This study identifies opportunities for future research and development related to reasoning about microservice granularity.Comment: 36 pages including references, 6 figures, and 3 table

Cloud-Native Application Development: Tools, Techniques, And Case Studies

Building, delivering, and managing existing applications in cloud processing environments is known as the "cloud native" product approach. In order to meet customer demands, modern enterprises must create incredibly flexible, versatile, and adaptive systems that they can update quickly. In order to achieve this, they employ modern tools and processes that inherently facilitate the development of applications on cloud infrastructure. These cloud-native innovations give adopters a creative advantage by enabling rapid and continuous adjustments to applications without compromising service delivery. Organisations that adopt the cloud-native methodology might avoid investing in the acquisition and maintenance of costly physical infrastructure. Long-term reserve money is subsequently put to good use. The cost of money for developing cloud-native systems may also benefit the customers

Docker &It’s Containerization: Popular Evolving Technology and rise of Microservices

Traditional software development processes usually result in relatively large teams working on a single, monolithic deployment artifact. It is evident that the application is going to grow in size with an increase in the number of services offered. This might become overwhelming for developers to build and maintain the application codebase and there is a problem that sometimes the application works on the developer system and the same does not work on the testing environment so for this, we tried to work with virtual machines before but unless they have a very powerful and expensive infrastructure.VM supports hardware virtualization. That feels like it is a physical machine in which you can boot any OS. In hypervisor-based virtualization, the virtual machine is not a complete operating system instance but its partial instance of the operating system and hypervisor allows multiple operating systems to share a single hardware host. In this virtualization, every virtual machine (VM) needs a complete operating-system installation including a kernel which makes it massive. The proposed system highlights the role of Container-based virtualization and Docker in shaping the future of Microservice Architecture. Docker is an open-source platform that can be used for building, distributing, and running applications in a portable, lightweight runtime and packaging tool, known as Docker Engine. It also provides Docker Hub, which is a cloud service for sharing applications. Costs can be reduced by replacing the traditional virtual machines with docker containers. Microservices and containers are the modern way of building large, independent, and manageable applications. The adoption of containers will continue to grow and the majority of Microservice applications will be built on the containers in the future