Docker images have become the valuta franca in the cloud and container platform world. Although on the path to vendor-neutral standardisation (e.g. with OCI also being in Docker Hub for a year now), developers for now have settled on plain Docker as de-facto standard due to the vast ecosystem of base images and dependency images which speed up the rapid prototyping of complex scalable applications. From a production-grade DevOps perspective, a key concern is then to be assured that the containers used are of high quality, not infected by security vulnerabilities, and still containing the latest features available. In this blog post, a novel approach to visualise the situation around a particular container image is presented.
The MAO-MAO research collaboration aims to provide metrics, analytics and quality control for microservice artefacts of all kinds, including but not limited to, Docker containers, Helm charts and AWS Lambda functions. As such, an integral part of prior research has been the various periodic data collection experiments, gathering metadata and conducting automatic code analysis.
However, the ambition of the project to collect data consistently, combined with the need for the collaborators to be able to use each other’s tools and access each other’s data, have created a need for a collaboration framework and distributed execution platform.
In response to this need, we present the first release of the MAO Orchestrator, a tool designed to run these experiments in a smart way and on a schedule, within a federated cluster across research sites. As a plus, there is nothing implementation-wise tying it to the existing assessment tools, so it is reusable for any use-case that requires collaboratively running periodic experiments.
When cloud application developers are working with docker-compose to combine multiple microservices into a single manageable entity, they can make some easy mistakes. To prevent these mistakes, they can rely on internal validation logic, which however does not catch many of the typical issues. Therefore, researchers at the Service Prototyping Lab at Zurich University of Applied Sciences wrote a dedicated quality check and assessment tool targeting developers, but also students trying to learn the technology, which has a wider range of checks. The DCValidator tool is available as a web application (see demo instance) or command-line interface. This blog post describes how to check that docker-compose files are free of issues.
From September 15 to 20, TU Dresden’s GRK 1907 hosted the summer-school on “Development, Deployment, and Runtime of Context-Aware Software Systems”, with 3 days of invited talks and discussion among professors, students and experts in the field at the world-renown Schloss Dagstuhl, followed by 2 days of on-premises hands-on practical sessions. SPLab Team member Panos Gkikopoulos was there to attend and to present a poster of his PhD work based on MAO, though only got to experience the Dagstuhl part due to a busy schedule.
Our work in the Service Prototyping Lab at Zurich University of Applied Sciences consists of applied research, prototype development and conveying knowledge to industry. In this context, we have worked hard over the previous two years to gather educational and hands-on material, including our own contributions, for increasingly valuable tutorials. From single lectures to half-day and eventually full-day tutorials, we aim at both technology enthusiasts and experienced engineers who are open for new ideas and sometimes surprising facts. In this reflective blog post, we report on this week’s experience of giving the full-day tutorial on microservice artefact observation and quality assessment.
As reported before, we investigate quality characteristics of decentralised applications in analogy to the usual assessment of microservice artefacts. We are happy to report on how we shared the intermediate results at the most recent Azure Blockchain meetup in Zurich, apart from reporting on the event itself.
The Service Prototyping Lab will offer three in-depth presentations and hands-on sessions on several of its research topics and recent results in September and October. We hope to demonstrate valuable work and get feedback for our future research.
FI, September 2-4, 2019: «Summer School on Software Evolution: From Monolithic to Cloud-Native» @ Inforte Tampere – More information
CH, September 10, 2019: «Datengestützte Qualitätsanalyse von Microservice-Artefakten in der Softwareentwicklung» @ CH Open Workshop Days Rapperswil (in German with co-instructor support in English) – More information
DE, October 25, 2015: «CI/CD-integrated quality assessment of microservice implementation artefacts» @ Software QS-Tag Frankfurt – More information
Looking into a possible post-cloud world, we see mentions of different computing paradigms, many of them based on decentralised structures to overcome scalability and user control limitations. Among them is blockchain-as-a-service (BCaaS or BaaS), mimicking the platform-as-a-service (PaaS) user experience for both application providers and consumers. In PaaS, providers first sign up and subscribe to the platform, then design and build their applications and deploy them to the platform where it is executing either permanently or upon incoming network requests or other event triggers. Additionally, developers may advertise their apps at technology-specific hubs such as AWS SAR or Helm Hub. Consumers then adhere to the application terms, which might require a sign-up at the provider site, before being able to invoke and make use of the application.
The Serverless Application Repository by Amazon Web Services (AWS SAR) is, in simplified terms, a marketplace for Lambda functions. You can speed up application development by building on the functions (or function compositions) provided by it, and you can share your own functions with other cloud application developers. AWS SAR was launched over a year ago. In the Service Prototyping Lab at Zurich University of Applied Sciences, we are investigating better ways of building applications for cloud and post-cloud environments. Consequently, we did a full year observation of AWS SAR to find out what’s in it and what’s going on. Read on for some interesting excerpts and findings and for accessing the study document.