I’ve recently posted a blog on how cloud computing would change the Systems Architect’s role in an organization, another on how the cloud changes a Database Administrator’s job, and the last post dealt with the Systems Administrator. In this post I’ll cover the changes facing the Software Developer when using the cloud.
The software developer role was the earliest adopter of cloud computing. This makes perfect sense, because the software developer has always used computing “as a service” – they (most often) don’t buy and configure servers, platforms and the like, they write code that runs on those platforms. And there’s probably not a simpler definition of a software developer to be found, but as with all simple statements, you lose fidelity and detail. I’ll offer a more complete list in a moment.
Because the software developer’s process involves designing, testing and writing code locally and then migrating it to a production environment, all of the paradigms in cloud computing – from IaaS to PaaS to SaaS – come naturally.
The Software Developer’s Role
The software developer has evolved since the earliest days of programming.The software developer not only “writes code” – there are far more tasks involved in modern systems development:
- Assisting the Business Role(s) in developing software specifications
- Planning software system components and modules
- Designing system components
- Working in teams writing classes, modules, interfaces and software endpoints
- Designing data layouts, architectures, access and other data controls
- Designing and implementing security, either programmatic, declarative, or referential
- Mixing and matching various languages, scripting and other constructs within the system
- Designing and implementing user and account security rights and restrictions
- Designing various software code tests – unit, functional, fuzz, integration, regression, performance and others
- Deploying systems
- Managing and maintaining code updates and changes
Like most of the previous roles, those tasks also unpacks into a larger set of tasks, and no single developer has exactly that same list. And like the DBA, the role is often more, or less of that list based on where the developer works. Smaller companies may include the development platform in the duties so that a developer is also a systems administrator. In larger organizations I’ve seen developers that specialized on User Interfaces, Engine Components, Data Controls or other specific areas.
How the Cloud Changes Things
The software developer role obviously has the same concerns and impacts of “the cloud” as the Systems Architect. They need to educate themselves on the options within this new option (Knowledge), try a few test solutions out (Experience) and of course work with others on various parts of the implementation (Coordination).
The big changes for a developer include three major areas: Hybrid Software Design, Security, and Distributed Computing.
Hybrid Software Design
After the PC revolution, software developers designed systems that ran primarily on a single computer. From there the industry moved to “client/server”, where most of the code still lived on the user’s workstation, and various levels of state (such as the data layer) moved to a server over fast connected lines. After than followed the Internet phase, which had less to do with HTML coding than it did with state-less architectures. While no architecture is truly stateless, there are ways of allowing the client to be in a different state than the server of the application at any one time – this is the way the Web works.
Even so, the developer often simply moved one the primary layers (such as Model, View or Controller) to the server, using the User Interface merely as the View or Presentation layer. While technically stateless, this doesn’t require a great deal of architecture change – there are various software modules that run on a server, and perhaps that connects to a remote data server. In the end, it’s still a single paradigm.
We now have the ability to run IaaS (hardware abstraction), PaaS (hardware, operating system and runtime abstraction) and SaaS (everything abstracted, API calls only) in a single environment such as Windows Azure. A single application might have a Web-based Interface Server with federated processes (using a PaaS set of roles), a database service (using a SaaS provider such as Windows Azure SQL Database), a specialized process in Linux (using an IaaS role in Windows Azure) and a translator API (from the Windows Azure Marketplace). This example involves only one vendor – Microsoft. I’ve seen applications that use multiple vendors in this same way.
Thinking this way opens up a great deal of flexibility – and complexity. Complexity isn’t evil; it’s how complicated things get done many times. The modern developer needs to understand how to build hybrid software architectures.
Resources: Hybrid Architectures with step-by-step instructions and examples: http://msdn.microsoft.com/en-us/library/hh871440.aspx and Windows Azure Hybrid Systems: http://msdn.microsoft.com/en-us/library/hh871440.aspx?AnnouncementFeed
Having a single security boundary, such as “everyone who works in my company”, is a relatively simple problem to solve. Normally the System Administrators configure and control a security provider, such as Active Directory, and developers can access that security layer programmatically. That allows for good separation of duties and role-based control.
In modern applications, clients, managers, and users both internal and external need various levels of access to the same objects, code and data. A client should be able to enter an order, a store should be able to accept the order, the credit-card company should be able to check the order and authorize payment, and the managers should be able to report on the order or change it if needed. Using role-based security across multiple domains would be impossible to maintain.
Enter “claims-based” authentication. In this paradigm, the user logs in with whatever security they use – corporate or other Active Directory, Facebook, Google, whatever. The application (using Windows Identity Foundation or WIF) can accept a “claim” from that provider, and the developer can match whatever parts of that claim they wish to the objects, code and data. And example might be useful.
Buck logs in to his corporate Active Directory (AD), and attempts to use a program based in Windows Azure. Windows Azure rejects the login silently, and is configured to check with Buck’s AD. Buck’s AD says “yes, I know Buck, and he has been granted the following claims: “partner”, “manager”, “approver”. The developer does not need to know about Buck’s AD, Buck, his login, or anything else. She simply codes the proper data access to allow “approver” to approve a sale.
This allows a lot of control, at a very fine level, without having to get into the details of each security provider. .
Resources: Overview of using claims-based Azure Security: http://adnanboz.wordpress.com/2011/02/06/claims-based-access-and-windows-azure/
Is there a difference between stateless computing, or even the hybrid programming I mentioned earlier, and “Distributed Computing”? Yes – the primary difference is latency. Even stateless code can have too small a tolerance for latency.
Dealing with slow connectivity, or breaks in connections has many impacts. One method of dealing with this is to locate data and computing of that data as closely as possible, even if this means relaxing consistency or duplicating data. Another method is to go back to a great paradigm from the past that is possible underused today is a Service Oriented Architecture. The Windows Azure Service Bus is possibly one of the fastest and easiest way to adopt cloud computing without completely rearchitecting your application.
References: Great breakdown of the thought process around a distributed architecture: http://msdn.microsoft.com/en-us/magazine/jj553517.aspx and using a Windows Azure Relay Service: http://www.windowsazure.com/en-us/develop/net/how-to-guides/service-bus-relay/