Book Image

Solutions Architect's Handbook

By : Saurabh Shrivastava, Neelanjali Srivastav
Book Image

Solutions Architect's Handbook

By: Saurabh Shrivastava, Neelanjali Srivastav

Overview of this book

Becoming a solutions architect gives you the flexibility to work with cutting-edge technologies and define product strategies. This handbook takes you through the essential concepts, design principles and patterns, architectural considerations, and all the latest technology that you need to know to become a successful solutions architect. This book starts with a quick introduction to the fundamentals of solution architecture design principles and attributes that will assist you in understanding how solution architecture benefits software projects across enterprises. You'll learn what a cloud migration and application modernization framework looks like, and will use microservices, event-driven, cache-based, and serverless patterns to design robust architectures. You'll then explore the main pillars of architecture design, including performance, scalability, cost optimization, security, operational excellence, and DevOps. Additionally, you'll also learn advanced concepts relating to big data, machine learning, and the Internet of Things (IoT). Finally, you'll get to grips with the documentation of architecture design and the soft skills that are necessary to become a better solutions architect. By the end of this book, you'll have learned techniques to create an efficient architecture design that meets your business requirements.

Related Content you might be interested in

Current Title:

Small book image
Solutions Architect's Handbook
Saurabh Shrivastava | Neelanjali Srivastav
Mar, 2020 | 490 pages
Small book image
Optimizing Your Modernization Journey with AWS
Mridula Grandhi
Jul, 2023 | 418 pages
Small book image
AWS for Solutions Architects
Neelanjali Srivastav | Alberto Artasanchez | Imtiaz Sayed | Saurabh Shrivastava
Apr, 2023 | 692 pages
Small book image
Hybrid Cloud Infrastructure and Operations Explained
Mansura Habiba
Aug, 2022 | 344 pages
Table of Contents (18 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
Download the color images
Conventions used
Get in touch
Reviews
1
The Meaning of Solution Architecture
The Meaning of Solution Architecture
What is solution architecture?
Evolution of solution architecture
Why is solution architecture important?
The benefits of solution architecture
Addressing the business needs and quality of delivery
Selecting the best technology platform
Addressing solution constraints and issues
Helping in resource and cost management
Managing solution delivery and project life cycle
Addressing non-functional requirements
Solution architecture in the public cloud
What is the public cloud?
Public clouds, private clouds, and hybrid clouds
The public cloud architecture
Public cloud providers and cloud service offering
Summary
Free Chapter
2
Solution Architects in an Organization
Solution Architects in an Organization
Types of solution architect role
Enterprise solution architect
Solution architect
Technical architect
Cloud architect
Architect evangelist
Infrastructure architect
Network architect
Data architect
Security architect
DevOps architect
Understanding a solution architect's responsibilities
Analyzing user requirements
Defining non-functional requirements
Engaging and working with stakeholders
Handling various architecture constraints
Making technology selections
Developing a proof of concept and a prototype
Designing solutions and staying through delivery
Ensuring post-launch operability and maintenance
Working as a technology evangelist
Solution architects in an agile organization
Why the Agile methodology?
Agile manifesto
Agile process and terminology
Sprint ceremonies
Agile tools and terms
Agile versus waterfall
Agile architecture
Summary
3
Attributes of the Solution Architecture
Attributes of the Solution Architecture
Scalability and elasticity
The capacity dilemma in scaling
Scaling your architecture
Static content scaling
Server fleet elasticity
Database scaling
High availability and resiliency
Fault tolerance and redundancy
Disaster recovery and business continuity
Extensibility and reusability
Usability and accessibility
Portability and interoperability
Operational excellence and maintainability
Security and compliance
Authentication and authorization
Web security
Network security
Infrastructure security
Data security
Cost optimization and budget
Summary
4
Principles of Solution Architecture Design
Principles of Solution Architecture Design
Scaling workload
Predictive scaling
Reactive scaling
Building resilient architecture
Design for performance
Using replaceable resources
Creating immutable infrastructure
Canary testing
Think loose coupling
Think service not server
Using the right storage for the right need
Think data-driven design
Overcoming constraints
Adding security everywhere
Automating everything
Summary
5
Cloud Migration and Hybrid Cloud Architecture Design
Cloud Migration and Hybrid Cloud Architecture Design
Benefits of cloud-native architecture
Creating a cloud migration strategy
Lift and Shift migration
Rehost
Replatform
Relocate
Cloud-native approach
Refactor
Repurchase
Retain or retire
Retain
Retire
Steps for cloud migration
Discovering your workload
Analyzing the information
Creating migration plan
Designing the application
Performing application migration to the cloud
Data migration
Server migration
Integration, validation, and cutover
Live migration cutover
Operating cloud application
Application optimization in the cloud
Creating a hybrid cloud architecture
Designing a cloud-native architecture
Popular public cloud choices
Summary
Further reading
6
Solution Architecture Design Patterns
Solution Architecture Design Patterns
Building an n-tier layered architecture
The web layer
The application layer
The database layer
Creating multi-tenant SaaS-based architecture
Building stateless and stateful architecture designs
Understanding SOA
SOAP web service architecture
RESTful web service architecture
Building an SOA-based e-commerce website architecture
Building a serverless architecture
Creating a microservice architecture
Real-time voting application reference architecture
Building queue-based architecture
Queuing chain pattern
Job observer pattern
Creating event-driven architecture
Publisher/subscriber model
Event stream model
Building cache-based architecture
Cache distribution pattern in a three-tier web architecture
Rename distribution pattern
Cache proxy pattern
Rewrite proxy pattern
App caching pattern
Memcached versus Redis
Understanding the circuit breaker pattern
Implementing the bulkheads pattern
Creating a floating IP pattern
Deploying an application with a container
The benefit of containers
Container deployment
Database handling in application architecture
High-availability database pattern
Avoiding anti-patterns in solution architecture
Summary
7
Performance Considerations
Performance Considerations
Design principles for architecture performance
Reducing latency
Improving throughput
Handling concurrency
Apply caching
Technology selection for performance optimization
Making a computational choice
Selecting the server instance
Working with containers
Docker
Kubernetes
Going serverless
Choosing storage
Working with block storage and storage area network
Working with file storage and network area storage (NAS)
Working with object storage and the cloud data storage
Choosing the database
Online transactional processing (OLTP)
Nonrelational databases (NoSQL)
Online analytical processing (OLAP)
Building a data search functionality
Making the networking choice
Defining a DNS routing strategy
Implementing a load balancer
Applying autoscaling
Managing performance monitoring
Summary
8
Security Considerations
Security Considerations
Designing principles for architectural security
Implementing authentication and authorization control
Applying security everywhere
Reducing blast radius
Monitoring and auditing everything all the time
Automating everything
Protecting data
Preparing a response
Selecting technology for architectural security
User identity and access management
FIM and SSO
Kerberos
AD
Amazon Web Services (AWS) Directory Service
Security Assertion Markup Language (SAML)
OAuth and OpenID Connect (OIDC)
Handling web security
Web app security vulnerabilities
Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks
SQLi attacks
XSS attacks
Cross-Site Request Forgery (CSRF) attacks
Buffer overflow and memory corruption attacks
Web security mitigation
Web Application Firewall (WAF)
DDoS mitigation
Securing an application and its infrastructure
Application and operating system hardening
Software vulnerabilities and secure code
Network, firewall, and trusted boundary
IDS/IPS
Host-based IDS
Network-based IDS
Data security
Data classification
Data encryption
Encryption key management
Envelope encryption
AWS Key Management Service (KMS)
HSM
Data encryption at rest and in transit
Security and compliance certifications
The cloud's shared security responsibility model
Summary
9
Architectural Reliability Considerations
Architectural Reliability Considerations
Design principles for architectural reliability
Making systems self-healing
Applying automation
Creating a distributed system
Monitoring capacity
Performing recovery validation
Technology selection for architecture reliability
Planning the RTO and RPO
Replicating data
Synchronous versus asynchronous replication
Replication methods
Planning disaster recovery
Backup and restore
Pilot light
Warm standby
Multi-site
Applying best practices for disaster recovery
Improving reliability with the cloud
Summary
10
Operational Excellence Considerations
Operational Excellence Considerations
Designing principles for operational excellence
Automating the operation
Making incremental and reversible changes
Predicting failures and responding
Learning from the mistake and refining
Keeping operation's runbook updated
Selecting technologies for operational excellence
Planning for operational excellence
IT Asset Management (ITAM)
Configuration management
The functioning of operational excellence
Monitoring system health
Infrastructure monitoring
Application monitoring
Platform monitoring
Log monitoring
Security monitoring
Handling alerts and incident response
Improving operational excellence
ITOA
RCA
Auditing and reporting
Achieving operational excellence in the public cloud
Summary
11
Cost Considerations
Cost Considerations
Design principles for cost optimization
Calculating the total cost of ownership
Planning the budget and forecast
Managing demand and service catalogs
Keeping track of expenditure
Continuous cost optimization
Techniques for cost optimization
Reducing architectural complexity
Increasing IT efficiency
Applying standardization and governance
Monitoring cost usage and report
Cost optimization in the public cloud
Summary
12
DevOps and Solution Architecture Framework
DevOps and Solution Architecture Framework
Introducing DevOps
Understanding the benefits of DevOps
Understanding the components of DevOps
CI/CD
Continuous monitoring and improvement
IaC
Configuration management (CM)
Introducing DevSecOps
Combining DevSecOps and CI/CD
Implementing a CD strategy
In-place deployment
Rolling deployment
Blue-green deployment
Red-black deployment
Immutable deployment
Implementing continuous testing in the CI/CD pipeline
A/B testing
Using DevOps tools for CI/CD
Code editor
Source code management
CI server
Code deployment
Code pipeline
Implementing DevOps best practices
Summary
13
Data Engineering and Machine Learning
Data Engineering and Machine Learning
What is big data architecture?
Designing big data processing pipelines
Data ingestion
Technology choices for data ingestion
Ingesting data to the cloud
Storing data
Technology choices for data storage
Structured data stores
Relational databases
Data warehousing
NoSQL databases
SQL versus NoSQL databases
Types of NoSQL data store
Search data stores
Unstructured data stores
Data lakes
Processing data and performing analytics
Technology choices for data processing and analysis
Visualizing data
Technology choices for data visualization
Understanding IoT
What is ML?
Working with data science and ML
Evaluating ML models – overfitting versus underfitting
Understanding supervised and unsupervised ML
Summary
14
Architecting Legacy Systems
Architecting Legacy Systems
Learning the challenges of legacy systems
Difficulty in keeping up with user demand
Higher cost of maintenance and update
Shortage of skills and documentation
Vulnerable to corporate security issues
Incompatibility with other systems
Defining a strategy for system modernization
Benefits of system modernization
Assessment of a legacy application
Defining the modernization approach
Documentation and support
Looking at legacy system modernization techniques
Encapsulation, rehosting, and re-platforming
Refactoring and rearchitecting
Redesigning and replacing
Defining a cloud migration strategy for legacy systems
Summary
15
Solution Architecture Document
Solution Architecture Document
Purpose of the SAD
Views of the SAD
Structure of the SAD
Solution overview
Business context
Conceptual solution overview
Solution architecture
Solution delivery
Solution management
Appendix section of SAD
IT procurement documentation for a solution architecture
Summary
16
Learning Soft Skills to Become a Better Solution Architect
Learning Soft Skills to Become a Better Solution Architect
Acquiring pre-sales skills
Presenting to C-level executives
Taking ownership and accountability
Defining strategy execution and OKRs
Thinking big
Being flexible and adaptable
Design thinking
Being a builder by engaging in coding hands-on
Becoming better with continuous learning
Being a mentor to others
Becoming a technology evangelist and thought leader
Summary
17
Other Books You May Enjoy
Other Books You May Enjoy
Leave a review - let other readers know what you think

Security architect

Security should be the top priority for any organization. There are multiple instances when large and well-established organizations went out of business due to a security breach. Organizations not only lose customer trust but also experience legal complications due to security incidents. There are various industry compliance certifications, such as Organizational Security (SOC2), Finance Data (PCI), and HealthCare data (HIPPA), that are in place to ensure organization and customer data security, which a company needs to adhere to as per the nature of their application.

Looking at the critical nature of security, organizations need to research and design the most robust security architecture for their projects, and that's where a security architect is necessary. A security architect works closely with all groups and solution architects to make sure security is a high priority. A security architect's responsibilities include the following:

  • Designing and deploying the implementation of the network and computer security in the organization.
  • Understanding the company's technology, and information systems, and safeguarding the security of the computers in the organization.
  • Working with a variety of settings, such as securing company networks and websites.
  • Planning vulnerability testing, risk analysis, and security audits.
  • Reviewing and approving the installation of a firewall, VPN, and router, and scanning the server.
  • Testing final security processes and making sure they work as expected.
  • Providing technical guidance to the security teams.
  • Making sure applications comply with industry standards as required.
  • Making sure data is secure with the required accessibility and encryption.

Security architects are expected to understand, design, and guide all aspects of security related to data, network, infrastructure, and applications with a variety of tools and techniques. You will learn more about security and compliance in Chapter 8, Security Considerations.

Previous Section
End of Section 11
Next Section