Solutions Architect's Handbook

By : Saurabh Shrivastava, Neelanjali Srivastav

Solutions Architect's Handbook

By: Saurabh Shrivastava, Neelanjali Srivastav

Overview of this book

Becoming a solutions architect gives you the flexibility to work with cutting-edge technologies and define product strategies. This handbook takes you through the essential concepts, design principles and patterns, architectural considerations, and all the latest technology that you need to know to become a successful solutions architect. This book starts with a quick introduction to the fundamentals of solution architecture design principles and attributes that will assist you in understanding how solution architecture benefits software projects across enterprises. You'll learn what a cloud migration and application modernization framework looks like, and will use microservices, event-driven, cache-based, and serverless patterns to design robust architectures. You'll then explore the main pillars of architecture design, including performance, scalability, cost optimization, security, operational excellence, and DevOps. Additionally, you'll also learn advanced concepts relating to big data, machine learning, and the Internet of Things (IoT). Finally, you'll get to grips with the documentation of architecture design and the soft skills that are necessary to become a better solutions architect. By the end of this book, you'll have learned techniques to create an efficient architecture design that meets your business requirements.

Preface

Who this book is for

What this book covers

To get the most out of this book

Download the color images

Conventions used

Get in touch

Reviews

The Meaning of Solution Architecture

What is solution architecture?

Evolution of solution architecture

Why is solution architecture important?

The benefits of solution architecture

Addressing the business needs and quality of delivery

Selecting the best technology platform

Addressing solution constraints and issues

Helping in resource and cost management

Managing solution delivery and project life cycle

Addressing non-functional requirements

Solution architecture in the public cloud

What is the public cloud?

Public clouds, private clouds, and hybrid clouds

The public cloud architecture

Public cloud providers and cloud service offering

Summary

Free Chapter

Solution Architects in an Organization

Types of solution architect role

Enterprise solution architect

Infrastructure architect

Understanding a solution architect's responsibilities

Analyzing user requirements

Defining non-functional requirements

Engaging and working with stakeholders

Handling various architecture constraints

Making technology selections

Developing a proof of concept and a prototype

Designing solutions and staying through delivery

Ensuring post-launch operability and maintenance

Working as a technology evangelist

Solution architects in an agile organization

Why the Agile methodology?

Agile manifesto

Agile process and terminology

Sprint ceremonies

Agile tools and terms

Agile versus waterfall

Agile architecture

Summary

Attributes of the Solution Architecture

Scalability and elasticity

The capacity dilemma in scaling

Scaling your architecture

Static content scaling

Server fleet elasticity

Database scaling

High availability and resiliency

Fault tolerance and redundancy

Disaster recovery and business continuity

Extensibility and reusability

Usability and accessibility

Portability and interoperability

Operational excellence and maintainability

Security and compliance

Authentication and authorization

Web security

Network security

Infrastructure security

Data security

Cost optimization and budget

Summary

Principles of Solution Architecture Design

Scaling workload

Predictive scaling

Reactive scaling

Building resilient architecture

Design for performance

Using replaceable resources

Creating immutable infrastructure

Canary testing

Think loose coupling

Think service not server

Using the right storage for the right need

Think data-driven design

Overcoming constraints

Adding security everywhere

Automating everything

Summary

Cloud Migration and Hybrid Cloud Architecture Design

Benefits of cloud-native architecture

Creating a cloud migration strategy

Lift and Shift migration

Rehost

Replatform

Relocate

Cloud-native approach

Refactor

Repurchase

Retain or retire

Retain

Retire

Steps for cloud migration

Discovering your workload

Analyzing the information

Creating migration plan

Designing the application

Performing application migration to the cloud

Data migration

Server migration

Integration, validation, and cutover

Live migration cutover

Operating cloud application

Application optimization in the cloud

Creating a hybrid cloud architecture

Designing a cloud-native architecture

Popular public cloud choices

Summary

Further reading

Solution Architecture Design Patterns

Building an n-tier layered architecture

The web layer

The application layer

The database layer

Creating multi-tenant SaaS-based architecture

Building stateless and stateful architecture designs

Understanding SOA

SOAP web service architecture

RESTful web service architecture

Building an SOA-based e-commerce website architecture

Building a serverless architecture

Creating a microservice architecture

Real-time voting application reference architecture

Building queue-based architecture

Queuing chain pattern

Job observer pattern

Creating event-driven architecture

Publisher/subscriber model

Event stream model

Building cache-based architecture

Cache distribution pattern in a three-tier web architecture

Rename distribution pattern

Cache proxy pattern

Rewrite proxy pattern

App caching pattern

Memcached versus Redis

Understanding the circuit breaker pattern

Implementing the bulkheads pattern

Creating a floating IP pattern

Deploying an application with a container

The benefit of containers

Container deployment

Database handling in application architecture

High-availability database pattern

Avoiding anti-patterns in solution architecture

Summary

Performance Considerations

Design principles for architecture performance

Technology selection for performance optimization

Making a computational choice

Selecting the server instance

Working with containers

Docker

Kubernetes

Going serverless

Choosing storage

Working with block storage and storage area network

Working with file storage and network area storage (NAS)

Working with object storage and the cloud data storage

Choosing the database

Online transactional processing (OLTP)

Nonrelational databases (NoSQL)

Online analytical processing (OLAP)

Building a data search functionality

Making the networking choice

Defining a DNS routing strategy

Implementing a load balancer

Applying autoscaling

Managing performance monitoring

Summary

Security Considerations

Designing principles for architectural security

Implementing authentication and authorization control

Applying security everywhere

Reducing blast radius

Monitoring and auditing everything all the time

Automating everything

Protecting data

Preparing a response

Selecting technology for architectural security

User identity and access management

FIM and SSO

Kerberos

Amazon Web Services (AWS) Directory Service

Security Assertion Markup Language (SAML)

OAuth and OpenID Connect (OIDC)

Handling web security

Web app security vulnerabilities

Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks

SQLi attacks

XSS attacks

Cross-Site Request Forgery (CSRF) attacks

Buffer overflow and memory corruption attacks

Web security mitigation

Web Application Firewall (WAF)

DDoS mitigation

Securing an application and its infrastructure

Application and operating system hardening

Software vulnerabilities and secure code

Network, firewall, and trusted boundary

IDS/IPS

Encryption key management

Envelope encryption

AWS Key Management Service (KMS)

HSM

Data encryption at rest and in transit

Security and compliance certifications

The cloud's shared security responsibility model

Summary

Architectural Reliability Considerations

Design principles for architectural reliability

Making systems self-healing

Applying automation

Creating a distributed system

Monitoring capacity

Performing recovery validation

Technology selection for architecture reliability

Planning the RTO and RPO

Replicating data

Synchronous versus asynchronous replication

Replication methods

Planning disaster recovery

Applying best practices for disaster recovery

Improving reliability with the cloud

Summary

Operational Excellence Considerations

Designing principles for operational excellence

Automating the operation

Making incremental and reversible changes

Predicting failures and responding

Learning from the mistake and refining

Keeping operation's runbook updated

Selecting technologies for operational excellence

Planning for operational excellence

IT Asset Management (ITAM)

Configuration management

The functioning of operational excellence

Monitoring system health

Infrastructure monitoring

Application monitoring

Platform monitoring

Log monitoring

Security monitoring

Handling alerts and incident response

Improving operational excellence

ITOA

RCA

Auditing and reporting

Achieving operational excellence in the public cloud

Summary

Cost Considerations

Design principles for cost optimization

Calculating the total cost of ownership

Planning the budget and forecast

Managing demand and service catalogs

Keeping track of expenditure

Continuous cost optimization

Techniques for cost optimization

Reducing architectural complexity

Increasing IT efficiency

Applying standardization and governance

Monitoring cost usage and report

Cost optimization in the public cloud

Summary

DevOps and Solution Architecture Framework

Introducing DevOps

Understanding the benefits of DevOps

Understanding the components of DevOps

CI/CD

Continuous monitoring and improvement

IaC

Configuration management (CM)

Introducing DevSecOps

Combining DevSecOps and CI/CD

Implementing a CD strategy

In-place deployment

Rolling deployment

Blue-green deployment

Red-black deployment

Immutable deployment

Implementing continuous testing in the CI/CD pipeline

A/B testing

Using DevOps tools for CI/CD

Code editor

Source code management

CI server

Code deployment

Code pipeline

Implementing DevOps best practices

Summary

Data Engineering and Machine Learning

What is big data architecture?

Designing big data processing pipelines

Data ingestion

Technology choices for data ingestion

Ingesting data to the cloud

Storing data

Technology choices for data storage

Structured data stores

Relational databases

Data warehousing

NoSQL databases

SQL versus NoSQL databases

Types of NoSQL data store

Search data stores

Unstructured data stores

Data lakes

Processing data and performing analytics

Technology choices for data processing and analysis

Visualizing data

Technology choices for data visualization

Understanding IoT

What is ML?

Working with data science and ML

Evaluating ML models – overfitting versus underfitting

Understanding supervised and unsupervised ML

Summary

Architecting Legacy Systems

Learning the challenges of legacy systems

Difficulty in keeping up with user demand

Higher cost of maintenance and update

Shortage of skills and documentation

Vulnerable to corporate security issues

Incompatibility with other systems

Defining a strategy for system modernization

Benefits of system modernization

Assessment of a legacy application

Defining the modernization approach

Documentation and support

Looking at legacy system modernization techniques

Encapsulation, rehosting, and re-platforming

Refactoring and rearchitecting

Redesigning and replacing

Defining a cloud migration strategy for legacy systems

Summary

Solution Architecture Document

Conceptual solution overview

Solution architecture

Solution delivery

Solution management

Appendix section of SAD

IT procurement documentation for a solution architecture

Summary

Learning Soft Skills to Become a Better Solution Architect

Acquiring pre-sales skills

Presenting to C-level executives

Taking ownership and accountability

Defining strategy execution and OKRs

Thinking big

Being flexible and adaptable

Design thinking

Being a builder by engaging in coding hands-on

Becoming better with continuous learning

Being a mentor to others

Becoming a technology evangelist and thought leader

Summary

Other Books You May Enjoy

Leave a review - let other readers know what you think

Customer Reviews

5 star

4 star

3 star

2 star

1 star

Security Assertion Markup Language (SAML)

Earlier in this section, under FIM and SSO, you learned about IdPs and SPs. To access a service, the user gets validated from the IdP, which in-turn has a trusted relationship with the SP. SAML is one of the mechanisms to establish a trusted relationship between an IdP and an SP. SAML uses extensible markup language (XML) to standardize communication between an IdP and an SP. SAML enables SSO, so users can use a single credential to access multiple applications.

A SAML assertion is an XML document that the IdP sends to the SP with user authorization. The following diagram illustrates the flow of the SAML assertion:

User authentication using SAML

As mentioned in the preceding diagram, the following steps are taken to implement user authentication using SAML:

A user sends a request to access the service—for example, the Salesforce CRM application—as a service provider.
The service provider (a CRM application) sends a SAML request...

Solutions Architect's Handbook

By : Saurabh Shrivastava, Neelanjali Srivastav

Solutions Architect's Handbook

By: Saurabh Shrivastava, Neelanjali Srivastav

Overview of this book

Related Content you might be interested in

Current Title:

Solutions Architect's Handbook

Optimizing Your Modernization Journey with AWS

AWS for Solutions Architects

Hybrid Cloud Infrastructure and Operations Explained

Security Assertion Markup Language (SAML)