By: Libby Meren, Senior Manager for OSS Evangelism, NGINX at F5
Developers, architects, and DevOps engineers are no longer satisfied with the status quo when it comes to designing and building applications. They’re tired of the challenges of porting applications from one cloud to another. And they’ve experienced the intense pressure of spinning up additional compute infrastructure quickly to meet unexpected demand.
What we’ve increasingly heard from customers and community members is that they want to build “modern apps.” That’s why we wanted to create a rock‑solid definition that incorporates all the crucial elements required. This can serve as a checklist and reference point for application development and design efforts going forward.
The four pillars of modern apps (in eight flavors)
During our research, we heard over and over again that modern apps must possess crucial attributes.We’ve broken these down into four pillars: scalability, portability, resiliency, and agility.
Pillar 1: Scalability
There are two elements of scalability: expansion of compute capacity and speed of expansion. Let’s consider them in the context of ‘fast scaling’ and ‘long scaling’:
- Fast scaling. The ability to increase an application’s capacity by 100% within five minutes. Being able to double capacity in such a short time implies that an application can quickly expand capacity to meet unforeseen increases in demand.
- Long scaling.The ability to increase an application’s capacity 10x over a year or more, without requiring a major refactoring of code or large shifts in infrastructure requirements. A modern app that can long scale is the result of clean design with loose dependencies and loose couplings to infrastructure components.
Pillar 2: Portability
Even with today’s wide use of containers, the differences between clouds—in terms of dependencies, tooling, configuration nuances, and more—make it unrealistic for organizations to expect instant portability as they try to move to a hybrid multi‑cloud architecture. A more realistic and appropriate definition of portability should encompass:
- Functional portability. The core functional elements, code, and logic of an application must remain the same regardless of the environment in which it is running. This means that your code runs cleanly inside a container without external dependencies tightly coupled to a single environment.
- Management portability.This enables your application to be monitored, secured, and observed in the same way—with the same tooling and same sets of reporting capabilities—no matter the environment.
Pillar 3: Resiliency. Resiliency in general might describe high availability with strict SLAs regarding downtime or more general reliability that leaves room for longer downtimes or time periods when an application is not required to be online and accepts eventual consistency and service delivery as sufficient.
- User‑facing resiliency. Application users, either machine or human, must never notice a performance issue or problem caused by a fault or failure of either a modern app itself or any service or infrastructure it depends on. Failures inevitably cascade, impacting even automated services and highly dependent microservices.
- Failover resiliency. A modern app is able to restore within five minutes any critical service to 100% of what is necessary to handle average workloads.Designers should think about failing over to unaffected compute resources as a key part of application design and one that is implicit in self‑healing, and environmentally aware.
Pillar 4: Agility
Application dev teams benefit from agility by quickly and easily accessing the resources they need to test and push new features. DevOps teams benefit from agility through simplified and automated checking and deployment of code and infrastructure.
- Code agility.The application itself must be designed to constantly absorb new code. In most cases, this means an application is composed of microservices and linked via APIs to enforce loose coupling and reduce intra‑application code dependencies and rigidity.
- Infrastructure agility. The ability to spin infrastructure up or down to satisfy the needs of all customers including application development teams, security teams, and DevOps teams.
The six principles of modern apps
To satisfy the Four Pillars of Modern Apps, most modern apps employ architectures following many of these six principles:
- Be platform agnostic. This means an application is built to run without any consideration of the platforms or environments where it is likely to runcontainers have become the de facto standard for platform‑agnostic runtimes.
- Prioritize open source software. Because modern apps require teams to be able to look under the hood of the code in order to design for portability and scalability, using OSS wherever possible is crucial to maintaining the modern apps ethos.
- Define everything (possible) by code. Modern apps must move at faster-than-human Automation and programmatic definition of every aspect of modern app requirements and attributes is now table stakes.
- Design with automated CI/CD as a native/default state. Modern apps are designed to take into account the eventual requirement of CI/CD automation, for code pushes, infrastructure deployment, and even security requirements.
- Practice secure development. This means testing all code as early as possible in the development process using software composition analysis (SCA), static application security testing (SAST), dynamic code analysis (DCA), and formatting checkers. For DevOps teams, this also means following security best practices.
- Widely distribute storage and infrastructure. Replicating storage and compute across multiple zones or clouds or hybrid deployments can ensure greater resiliency and scalability.
Conclusion: modern apps are both a checklist and a state of mind
Like Schrödinger’s cat, striving towards modern apps means simultaneously existing in two states.
There is the real world of the current cloud and hybrid environments, and the time and budgetary constraints under which we develop and deliver applications. And there’s the ideal world of fully automated, highly secure, completely agnostic, instantly scalable, perfect modern apps.
The reality is, of course, messy. You may be running a monolithic app that isn’t in containers, can’t double capacity in five minutes, and can’t easily be shifted to other environments without refactoring code. But that doesn’t mean the pillars and principles of modern apps laid out here won’t help you or guide you to a better state. In addition, we anticipate that as the world of technology changes and expands, we’ll have to modify our definition.
Already there are software models that don’t fit neatly into the definition: serverless computing, increasingly sophisticated low‑code/no‑code application platforms and AI‑driven security applications, CDNs with edge‑node compute capacity, and more. That’s why this definition is designed to stretch and grow along with the always‑expanding body of better technology. In its current state, we hope it can guide your quest to build applications in the best possible way for your users, developers, and all other stakeholders.