申し訳ございません。検索条件に一致するものが見つかりませんでした。

お探しのものを見つけるために、以下の項目を試してみてください。

  • キーワード検索のスペルを確認してください。
  • 入力したキーワードの同義語を使用してください。たとえば、「ソフトウェア」の代わりに「アプリケーション」を試してみてください。
  • 新しい検索を開始してください。
お問い合わせ Oracle Cloudにサインイン

Modern App Development

Modern applications are hard to get right. The tools, constraints, and possibilities are changing too fast. Oracle presents a framework for application development to simplify the architectural decision-making to build and run apps that are highly available, resilient, fully secure, and compliant using a set of design principles and technology recommendations.

Do you already know what you're looking to do? Go directly to our Architecture Library

Core requirements

Common requirements that apply to any modern application.


Security and compliance

Align security policies with industry best practices and enforce them across the layers of the app stack. Ensure the confidentiality and integrity of data. Use privilege management to identify and manage who can perform certain tasks. Make it easy to detect and diagnose security events.


Availability

Make apps available 24/7/365 with no downtime, planned or otherwise.


Scalability

Scale gracefully from tens to thousands to millions of users and handle increasing volumes of data—without needing to redesign the app in the future.


Performance

Provide the lowest latency and highest throughput required for the best possible user experience.


Agility

Rely on modern automation tools and methods for build and deployment processes. Avoid bottlenecks caused by the need for manual tasks.


Observability

Record performance metrics and monitor system performance for any degradation. Enable teams to automatically generate alarms when these measurements are outside expected boundaries.


Resiliency

When problems happen, ensure that apps recover gracefully, quickly restore lost functionality, prevent data loss, and don’t negatively impact user experience.


Cost Optimization

Run at the lowest possible total cost, balancing all the other requirements.


Portability

Ensure that application architecture adheres to open standards—which eases migration from on-premises to cloud, or across vendors.

    Design principles

    Best practices that govern application architectures.

     

    Open all Close all

  • 軽量でオープンソースのフレームワークと成熟したプログラミング言語の使用

    概要
    アプリケーションを構築するために採用するプログラミング言語、ライブラリおよびフレームワークの選択とパターンは、時間の経過とともにデリバリとメンテナンスを成功させる上で重要な役割を果たします。言語とフレームワークの選択は、ビジネスの規模、アプリケーションの運用、顧客への高品質な機能提供において長期的な影響を及ぼします。通常、言語またはフレームワークの変更にはコストがかかります。異なる言語やフレームワークのエコシステムを並行してサポートすることは、複雑さとコストが増大し、俊敏性が低下します。言語とフレームワークを選択する際には、既存のエコシステムのデリバリ速度、安定性、強み、運用準備、本番パフォーマンスなどのさまざまな要因を考慮します。

    アプリを構築する際、選択した言語やフレームワークが効果的な配信にどのように貢献しているかを検討してください。言語およびフレームワークのツールおよび設計機能が、正しいアプリケーション動作の構築、アプリケーション・コードのテスト、通常の変更の有効化および不要な変更の防止にどのように役立つかを検討します。共通のパターンと機能に投資する際に、ビジネス全体で一貫した選択を行う方法について検討します。

    サービスにはGraalVMで実行中のJava、WebインタフェースにはTypeScriptとJETを使用します。HelidonまたはMicronautを使用してマイクロサービス・アプリケーションを構築します。

    原則の詳細
    アプリケーション開発に適した、型付けされたメモリーセーフ言語を使用します。タイプセーフ言語はコンパイル時チェックによってアプリケーションの正確性に影響を受け、静的分析ツールと併用すると、多くの一般的なセキュリティと安定性の問題を排除できます。タイプセーフ言語を使用して、外部コントラクト(API仕様など)をより正確にコードにバインドしたり、バグの発生状況や影響を大幅に削減したり、包括的なテストの必要性を低減したりすることができます。また、タイプセーフ言語は、開発ツールを使用して正しくリファクタリングしやすくなり、要件の進化に伴い安全かつ厳しい変更を行うことができます。

    成熟したエコシステムにより成熟した言語を優先します。新しい言語は、その言語設計や対応するエコシステム、ライブラリの変更率が高い傾向にあります。この変化率が高いほど、テクノロジー選択のリスクの評価が難しくなり、その後の変更にコストがかかってしまいます。

    軽量で魅力的なモダン・アプリケーション・フレームワークを使用して、タスク・フォーカス(ボイラープレートやスキャフォールドに関するビジネスロジック)と柔軟性(現在と将来の機能ニーズに対応)を両立させます。ロギング、テレメトリー、セキュリティ、コンフィグレーション、REST APIの構築などの一般的なパターンなど、一般的な機能を簡単に利用できるように、常識的で議論の余地がないようなデフォルト値を提供するフレームワークを採用します。組織に適した1つのフレームワークを採用して、一般的なパターンを一般化し、チーム間のスキルの移植性を実現します。

    アプリケーション・コードとモジュールを環境から分離するフレームワークを使用して、開発環境と本番環境の間のアプリの移植性とビルド時のアプリのテストを簡素化します。

    オラクルの推奨
    プログラミング言語としてJavaを採用します。Javaは、よく使用されるアプリにとって安定した広範な機能を提供します。また、最新のアプリを開発するための信頼性の高い安定したライブラリとフレームワークを集めた健全なエコシステムを持ちます。Javaは、静的分析ツールやテスト・フレームワークによるソフトウェア・メンテナンス・コストおよび本番アプリケーションのバグのリスクなど、開発者ツールに対する優れたサポートとシンプルさと可読性にフォーカスしています。

    GraalVM JDKを使用してアプリケーションを開発および実行しましょう。GraalVM JDKは、Javaの安定性と、動的なランタイム最適化によるクラス最高のパフォーマンス、頻繁かつ積極的なセキュリティ脆弱性へのパッチ適用、Java Flight Recorderによる低コストのパフォーマンス分析・診断ツールなどを組み合わせています。

    HelidonまたはMicronautフレームワークを使用して、APIファーストのアプローチでアプリケーションを構築します。どちらのフレームワークも、ロギング、テレメトリ、ストレージなどの一般的なアクティビティに対する一連の単純な非会話型フレームワーク選択肢に基づいて、REST APIなどの一般的なユース・ケースに対して、アプリケーションの配信時間と使いやすいパターンを大幅に短縮するスキャフォールドを提供します。どちらのフレームワークも、優れたリアクティブAPIを備えるノンブロッキングI/O、および高パフォーマンス・ネットワーク・ライブラリのサポートによる低レイテンシのサポートを通じて、高パフォーマンスのサービスを実現します。

    • エンタープライズJavaエコシステム(CDI、JAX-RS、JPAなど)と密接に連携しているアプリケーションの場合は、「Helidon」を選択します。Helidonは、MicroProfileを通じて最新のJavaエンタープライズ・パターンに対する標準ファーストのサポートにより、既存のJava EEアプリのマイクロサービスへの移植を簡素化します。
    • 既存のエンタープライズJavaエコシステムに依存しないアプリケーションには、Micronautを選択します。Micronautのコンパイル時アプリケーション・スキャフォールドは、どちらも実行時のアプリケーション・パフォーマンスを向上させ、フレームワーク・レベルのチェックを可能にします。これにより、リフレクションおよびランタイム構成に関連する多くのセキュリティおよび品質の問題を排除できます。

    HelidonとMicronautの両方ともGraalVMネイティブ・イメージ・コンパイルが組み込まれており、必要に応じてメモリー効率のよいコンパクトなアプリを構築できます。

  • APIを通じて通信するサービスとしてアプリを構築

    概要
    サービス指向のアプローチは、特定のビジネス結果の機能を提供します。APIコントラクトは、サービスと通信し、サービス間で通信するための明確で理解できるインタフェースを提供します。

    特定の機能をカプセル化した、単独でスケーラブルなサービスを備えたアプリケーションを構築することで、開発チームにとって高い俊敏性を実現します。サービスにAPIコントラクトを定義することで、チームが実装の内部詳細に依存することなく機能をコラボレーションおよび使用するために必要なメカニズムが提供されます。たとえば、開発チームが所有するサービスで、他のチームとのコードの依存関係を調整せずに実装を自由に改善できます。

    APIのコントラクト優先手法では、明確で使いやすいインタフェースを備えたサービスになります。MicronautやHelidonなどの軽量なフレームワークを使用してサービスを実装することを推奨します。デプロイメント、スケーラビリティおよびコスト効率を向上させるために、Oracle Cloud Infrastructure (OCI) Container Engine for KubernetesまたはOracle Functionsなどのサーバーレス・プラットフォームにサービスをデプロイします。Oracle API Gatewayを使用して、API記述から保護および管理されたプライベート・エンドポイントまたはパブリック・エンドポイントを作成します。

    原則の詳細
    ビジネス要件に基づいて、契約優先のアプローチを開始します。OpenAPIなどの実装に依存しない形式を使用してサービスの動作を説明します。APIをプロトタイプ化して、ステークホルダー(APIを実装するチームやAPIを使用する他のチームなど)が使用できるようにします。皆が期待どおりに動作することに同意した後、チームはサービスとそれを使用する他のサービスを実装するために並行して作業できます。

    ライフサイクルの早期において、セキュリティおよびサービス・レベルの合意(SLA)に対するポリシー施行を定義して、すべての人がサービス契約のすべての側面を明確にできるようにします。Infrastructure as Codeのアプローチを使用して、本番でのワンオフ変更を排除する自動化された反復可能な方法でデプロイメントを管理します。バージョン管理システムを使用して、コード、APIの説明およびポリシー構成を保守します。

    オラクルの推奨
    OpenAPIを使用してAPIを記述します。Terraformを使用してAPIデプロイメントのテンプレートを作成し、継続的な統合とデプロイメント(CI/CD)システムがAPIデプロイメントを管理できるようにします。変更が正しく追跡されるようにするには、GitHubなどのバージョン管理システムを使用します。

    Terraformファイルを使用して定義されるAPIデプロイメントは、コードとともにAPIポリシー構成を含めることで、Infrastructure-as-Codeアプローチに従います。Resource Managerの設定およびテンプレート機能を使用すると、デプロイメント時に環境構成を使用して、API構成のプロジェクトがCI/CDパイプラインによって自動的に適用できます。

    Oracle API Gatewayを使用して、一貫して保護され管理されている共通のエンドポイント・インフラストラクチャを提供します。

  • アプリをコンテナとしてパッケージ化してシッピング

    概要
    コンテナ は、アプリケーション・コードと依存性を1つの単位としてパッケージ化し、異なる環境間で迅速かつ確実に実行できます。従来の仮想マシンと比べて、コンテナは小規模であり、必要なリソースが少なく、開始時間を短縮できます。プラットフォームに依存せず、どこでもアプリを実行できます。

    これらのメリットを活用するには、個別のビジネス機能を実行するサービスにアプリケーションを分解してコンテナとしてパッケージ化します。レガシー・アプリケーションでは、アプリ全体をリファクタリングできるようになるまで、アプリケーションの既存の機能をコンテナ化されたコンポーネントに段階的に置き換えます。

    コンテナはコンテナ・イメージのインスタンスです。Oracle Cloud Infrastructure Registry (Container Registry)を使用してコンテナ・イメージを格納し、Oracle Cloud Infrastructure Container Engine for Kubernetes (Container Engine)を使用してコンテナを大規模に実行および管理します。これらの完全に管理されたサービスは、さまざまなOCIプラットフォーム機能と緊密に統合されており、すべてのOracle Cloudリージョンで使用でき、PCI、ISO、SOC、HIPAA、FedRAMPなどの規制基準を満たしています。

    原則の詳細
    アプリケーション・コードと依存関係を1つの実行可能ユニットにパッケージ化すると、コンテナはきわめて移植可能です。この移植性とインフラストラクチャの抽象化を組み合わせることで、コンテナはアプリケーションの運用に一貫性をもたらします。アプリケーションが物理サーバー上でオンプレミスで実行されているか、仮想マシン上のクラウドで実行されているかに関係なく、毎回同じ結果が生成されます。

    この一貫した再現性と予測可能性を通じて、コンテナはDevOpsプロセスを簡素化し、開発チームはアプリケーションの出荷を迅速化します。プロセスレベルの分離を実現することで、コンテナは頻繁に交換されるため、ソフトウェアの脆弱性の修正に関連するプロセスを簡素化して迅速化できます。また、アプリケーションをモジュール化されたサービスに分割すると、非常に堅牢になります。個々のサービスのエラーまたは失敗は、アプリケーション全体を停止せず、アプリケーションの残りの部分とは別に各サービスを更新またはパッチ適用できます。

    コンテナには、独自のオペレーティング・システムはありません。代わりに、実行しているホストのオペレーティングシステムを共有します。その結果、コンテナは仮想マシンよりもサイズが小さく、起動が高速になります。ほとんどのコンテナ・イメージは、数GBの仮想マシンと比べて数十MBのサイズになり、起動時間も仮想マシンの起動にかかる数分ではなく数秒となります。

    Oracleの推奨
    コンテナ内のモジュール化されたサービスでアプリケーションを実行してスケーリングする最善の方法は、コンテナあたり1つのサービスのみをデプロイすることです。この方法では、サービスが相互に分離されるため、停止時間がなくなり、サービスごとに独立したスケーリングが可能になります。

    Container Engineは認定されたKubernetes準拠サービスです。Container Engineは、仮想マシン、ベア・メタル、Arm、GPUおよびHPCシェイプのサポートを受けて、開発者がさまざまなユース・ケースに対してコンテナ化されたアプリケーションを完全に最適化できるよう支援します。次のタスクには、OCIおよびコンテナ・エンジンのメカニズムを使用できます。

    • コンテナ・ワークロードを作成および管理できるユーザー向けの詳細なアクセス制御を確立します。
    • ネットワーク・ポリシーを使用して、コンテナとの間のトラフィックを制御します。
    • Kubernetesパッチおよび基盤となるホスト・オペレーティング・システムの更新に遅れずに対応します。
    • Container Engineでサポートされている最新バージョンのKubernetesを常に使用していることを確認してください。

    コンテナ・イメージをコンテナ・レジストリに格納するだけでなく、マニフェスト・リスト(複数アーキテクチャ・イメージと呼ばれる場合もあります)を格納して、ArmやAMD64などの複数のアーキテクチャをサポートできます。潜在的なセキュリティ脆弱性を識別して軽減するために、コンテナ・レジストリにアップロードされたすべてのイメージでイメージ・スキャンを有効化できます。また、コンテナ・イメージに署名して、承認済で信頼できるイメージのみがコンテナ・エンジンにデプロイされるようにする必要があります。

  • ビルド、テストおよびデプロイメントの自動化

    概要
    継続的インテグレーション(CI)および継続的デプロイメント(CD)は、開発チームが頻繁かつ確実にコード変更を提供するために使用するツール、プロシージャおよびプラクティスのセットです。CI/CDベスト・プラクティスには、コード・レビュー、ユニット・テスト、統合テスト、コード・チェックイン、ファイリング・チケット、開発およびテスト環境へのアプリケーションのデプロイなどのプロセスが含まれます。

    CI/CDを使用してアプリケーションを作成する際は、各チーム・メンバーが使用するツールと、アプリケーションを安全かつ機敏に提供するために実行するロールと職責を検討します。

    Oracle Cloud Infrastructure DevOpsサービスを使用して、DevOpsプロセスを自動化し、開発の効率性を高め、機能のリリース速度を上げます。DevOpsコード・リポジトリを使用して、コードをセキュアに格納し、ビルドをトリガーします。ビルド・ステップを自動化するにはbuild pipelinesを使用し、デプロイメント・ステップを自動化するにはデプロイメント・パイプラインを使用します。Resource Managerのサービスを使用してインフラストラクチャの作成を自動化し、最大限のセキュリティ・ゾーンを使用してデプロイメント・セキュリティを適用します。

    原則の詳細
    CI/CDは、アプリケーションの構築方法を自動化するコードの格納、統合、デプロイおよび管理のベスト・プラクティスを提供します。

    Gitベースのコード・リポジトリを使用してすべてのコード・アセットを格納し、不変のアーティファクト・サービスを使用して作成済のアセットを格納します。

    継続的インテグレーションを実装するには、すべてのコードを1日に1回以上「候補者のリリース」ブランチにマージします。コードをそのブランチにマージするときは、ビルドが自動的にトリガーされていることを確認します。ビルド・パイプラインの一部として、すべてのユニット・テストを実行し、すぐにパイプライン障害を修正してから、リリース候補ブランチでさらに開発を実行します。コードのセキュリティ・スキャンを使用して脆弱性を検出し、脆弱性の問題のあるアーティファクトは格納しません。開発を増やす前に、リリース候補ブランチのすべての脆弱性を修正してください。

    継続的なデプロイメントを実装するには、リリース候補をテスト環境に自動的にデプロイするか、またはカナリア・デプロイメントを使用します。テスト・デプロイメントに合格すると、それらを自動的に完全な本番環境にプロモートします。テスト・デプロイメントが失敗した場合は、リリース候補ブランチでさらに開発を行う前にすぐに問題を解決します。セキュリティ機能をデプロイメントの一部として使用して、権限のない脆弱なアーティファクトがインフラストラクチャにデプロイされないようにしてください。

    本番環境では、監視ツールを使用して、デプロイされたアプリケーションのヘルスを評価し、デプロイメント後の脆弱性を検出します。問題が検出された場合は、前のバージョンへの自動ロールバックを実装します。デプロイメント後の環境でセキュリティ・チェックを実行し、検出された問題をすぐに解決します。

    Oracleの推奨事項
    DevOpsサービスを使用して、クラウド・ネイティブ・アプリケーションのデプロイメントを自動化します。まず、コードをDevOpsコード・リポジトリに格納し、リリース・ブランチを作成します。リリース・ブランチに変更を加える場合は小さい単位で作業し、安定性を維持するためにブランチ内の問題を毎日調整します。次に、コード・リポジトリのトリガー機能を使用して、DevOpsビルド・パイプラインを自動的に起動します。

    単一のDevOpsビルド・パイプラインを使用して、トリガー・コード・リポジトリに関連付けられているすべてのアーティファクトを構築します。ビルドが失敗した場合、完了するまで承認を待機するようにビルド・パイプラインを構成します。承認リクエストは、作成をトリガーしたコミッターに移動し、新しいコードコミットで問題を解決してから、ビルドの完了を承認する必要があります。ビルドが成功するには、アーティファクトをOracle Cloud Infrastructureアーティファクト・レジストリ・サービスに自動的に配信し、DevOpsデプロイメント・パイプラインを自動的にトリガーするように、ビルド・パイプラインを構成します。

    Resource Managerを使用して、すべてのインフラストラクチャ環境を最大セキュリティ・ゾーンで作成し、デプロイメント・セキュリティを自動的に取得します。Resource Managerを使用すると、Infrastructure as Codeを使用して、すべてのリージョンにわたり一貫した方法でインフラストラクチャ作成を自動化できます。その後、DevOpsデプロイメント・パイプラインを構成して、セキュリティ・ゾーンで作成したリソースに常にデプロイできます。

    単一のビルド・パイプラインから作成されたすべてのアーティファクトをデプロイする単一のDevOpsデプロイメント・パイプラインを作成します。デプロイメント環境のOCIリージョン、可用性ドメインおよびフォルト・ドメインを編成します。パイプラインをカナリア、ローリング、ブルーグリーンのいずれかのデプロイメント戦略で設定し、テストを自動的に起動するように設定します。アプリケーションおよびインフラストラクチャでOCI MonitoringおよびApplication Performance Monitoringを有効にして、問題を検出します。

    問題が検出されず、正常にテストが完了した場合は、アーティファクトがすべての本番環境に完全にデプロイされるまで、デプロイメント戦略の次の環境にアーティファクトを自動的にデプロイするようにデプロイメント・パイプラインを構成します。本番環境にデプロイする場合は、可用性ドメイン内のすべてのフォルト・ドメインに1つずつデプロイするようにパイプラインを構成します。リージョンの各可用性ドメインに一度に1つずつデプロイし、最後に各リージョンに1つずつデプロイします。アプリケーションおよびインフラストラクチャ上でOCI MonitoringおよびApplication Performance Monitoringを使用して、問題を迅速に検出します。アラートを設定し、デプロイメント中に重要なメトリックが突然削除された場合、デプロイメントが自動的に失敗し、前のバージョンへのロールバックがトリガーされます。

  • Use fully managed services to eliminate complexity in app development, runtimes, and data management

    Overview
    Managed services let you focus on creating value for your customers by making it easy to develop and by handling security, operations, and maintenance of your data and applications. They also abstract the underlying infrastructure and resource management. You benefit from highly available, up-to-date secure services that can be scaled to meet the needs of your applications. And you get best-in-class solutions without needing expertise in each domain to build and operate your apps.

    Reduce complexity in data management by storing your data in Oracle Autonomous Database for transactions and data warehouse workloads, and in Oracle Cloud Infrastructure storage services for object, file, block, and archive storage. These services are highly available and cost-optimized with high performance. Autonomous Database offers in-memory, NoSQL, and SQL databases with an autonomous advantage to reduce management overhead.

    Use Oracle Application Express (APEX) to quickly build low-code apps, and use Oracle Functions to create, run, and scale apps that run for short durations. These services significantly enhance productivity for developers, incorporate security in the framework, and provide code instrumentation and tracing to easily debug apps.

    Principle details
    Use managed services to develop and run apps and store data. Managed services offer the expertise of seasoned professionals managing your data and apps without the need for human intervention to maintain or operate.

    Managed services abstract the complexity of the underlying components, making it easy to store and retrieve data, or to create and run apps. They integrate with tool sets that enable automated building, testing, and deployment of apps. Managed services improve productivity and help you quickly get your apps ready for customer consumption.

    Managed services centralize and automate various infrastructure management tasks, removing human error and the need for specialized skills. The underlying platforms are kept up-to-date and secure, and they let you monitor and track modifications or access, which ensures the confidentiality and integrity of your apps and data.

    Managed services are highly available and scalable, which makes it easy to meet the needs of your app, and you pay only for what you use. You can start small and scale without experiencing any degradation in performance or service reliability as the needs of your business grow.

    Use managed services to create highly available, scalable, agile, resilient, and performant applications with security, compliance, and resiliency.

    Oracle recommendations
    Use purpose-built managed services to ensure high availability, reliability, and security. We offer various managed services to meet the needs of your app development. We recommend the following services:

    • Oracle Applications Express (APEX) to develop modern, data-driven applications. APEX is a low-code development platform that is fully responsive and offers automated management, consistent high performance, automatic scaling, and easy administration.
    • Oracle Functions to create, run, and scale applications in a secure and isolated manner without managing any infrastructure. Functions integrates with several OCI platform services and SaaS applications, making it easy to create apps.
    • Oracle Cloud Infrastructure Object Storage to safely and securely store or retrieve data. OCI Object Storage is a high-scale, high performance storage platform that offers reliable and cost-efficient data durability. OCI Object Storage can store an unlimited amount of unstructured data of any content.
    • Oracle Autonomous Database to manage data for data warehousing or transaction processing. Autonomous Database is a self-driving, self-securing, self-repairing database that can instantly scale to meet the needs of mission-critical transaction processing, JSON documents, or mixed transactions.
    • Oracle Cloud Observability and Management Platform services integrate with all the preceding services to enable visibility into logs, metrics, and events.

    These services are elastic, and the underlying infrastructure is managed and patched to ensure that your sensitive apps remain protected.

  • Keep the app tier stateless

    Overview
    Keep the application tier stateless, and preserve the state of the application in an external persistence store. Use as few persistence stores as possible—ideally one to ensure data consistency.

    Examples of the state include the user session (such as the page a user was on or the size and items in a shopping cart), data caches, user preferences, personalization, messages exchanged between services, position in a multiple-step workflow, and app deployment and runtime configuration.

    Application state is typically stored in various artifacts and formats such as serialized objects, JSON or XML documents, text files, and security stores. This state is often spread out across multiple persistent stores or even local node disks, which can result in the state getting lost or out of sync after failures. Restoring a service from a backup or in a different region after a disaster is difficult when the state is spread out. Not only must all the states be identified and restored, they often must be brought to a consistent point in time.

    As a result, the application state should be stored in a few (ideally one) external persistence stores. Keeping the state external to the app itself lets you make the app easily recoverable after failures. Keeping the app itself stateless simplifies its lifecycle management—patching becomes only a matter of replacing the executable . The state should be automatically restored so that users can continue where they left off if, for example, the user closes the app, the app goes through a lifecycle event (such as getting restarted or patched), or the apps fails over to a different instance, availability domain, or region.

    For apps that use a database, use the database to also store the application state. A database provides better availability, integrity, and security than other alternatives. Ideally, use a converged database—which can store different formats—to store all application state artifacts. Using a converged database instead of multiple single-purpose data stores also lets you easily achieve and maintain consistency among all the application states.

    Oracle Database is an ideal fit for this purpose. It stores different formats, offers active-active high availability within and across regions, and provides the highest level of security and data integrity.

    Note: Although it’s permissible to store cached state in the app, the app must be designed to use the database as the source of truth and be able to recreate its state from the database.

    For apps that don’t use a database, consider other durable persistence stores such as Oracle Cloud Infrastructure Object Storage to store the state. If the application state can’t be kept in a single data store, design the app to store the state in multiple data stores that can be kept in sync and recovered as a consistent unit after failure.

    Principle details
    Losing the application state can result in loss of data, app malfunction, a suboptimal user experience—and sometimes, complete app failure.

    If the application state is stored solely on local file systems or in the memory of a single host, then it might get lost if the app experiences planned or unplanned outages, such as restarts or localized disk failures.

    If the application state is stored across multiple persistence stores such as external file systems, message stores, object stores, multiple databases, or elastic block storage, then it’s possible for the different data stores to get out of sync and result in state inconsistencies. Apps must also implement transactions, joins, and idempotency to ensure data consistency when the state needs to be updated as a unit.

    State data scattered across multiple stores also creates more opportunities for security vulnerabilities. Lifecycle operations—such as adding and removing nodes, patching, backup and recovery, and replication for disaster and recovery—become extremely complex and require special consideration to keep state consistency across different stores. Applications need to rely on additional capabilities of application containers—such as clustering, session state replication, transaction management, separate storage for transaction and messaging logs, special network configuration, and reliance on external storage solutions.

    As a result, a better approach is to store all the state and app data in a single database if possible. Data stays consistent in a single store and is easier to manage.

    With this approach, application instances can be replaced. This especially helps with modern app architectures such as elastic microservices or ephemeral instances where an instance exists only for serving a single or a few requests. Adding a node is simplified because a new node can get the latest copy of the state—and removing a node doesn’t result in losing the state entirely. Patches can be applied in a rolling fashion just by replacing the executables. A node can be restored from backups and acquire the state from database. State can be consistently replicated as a unit to different regions for disaster recovery. Having a consistent state in different regions can ensure there won’’t be any app functional issues after a failover or switchover.

    Oracle Database provides predictable performance, so storing application state in it doesn’t result in-app performance degradation.

    Following are some suggestions for storing state in Oracle Database.

    • User session object state: Use JSON, object/relation mapping such as JPA, or relational tables.
    • Local data caches: For data cached in the application tier, the source of truth should be database. The caches should be rebuilt at application startup time or as needed. Updates to the caches should use the write-behind method, which updates the back end database, and other instances of cache in application instances should be notified of the changes so that the caches can be refreshed.
    • Application configuration data: These are artifacts such as connection endpoints, limits, logging levels, log destinations, and port numbers that are typically stored as JSON documents, XML files, or properties files. Use the appropriate data type to store this data in a database.
    • Interprocess communication or remote process calls: Typically, application microservices and components communicate with each other by using messages. Use Oracle Database transaction queues to make such messages durable and to take advantage of capabilities such as publish-subscribe, once-and-only-once delivery, guaranteed delivery, and in-order delivery to ensure that messages survive and are processed if an application outage occurs.
    • Text (such as audit log records): Applications generate log files such as audit logs and diagnostic logs. Storing log data in a centralized repository lets you mine logs, identify security breaches, and diagnose and troubleshoot app issues faster. Use Oracle Text functionality to centrally store such logs.
    • Performance monitoring: Applications generate metrics or time-series data for performance monitoring purposes. For meaningful use of such data, a correlation is needed with other types of data. Storing such data in a database enables easier correlation with transactional data and helps you diagnose issues faster. User Oracle Database time-series data or JSON data functionality to store such data.
    • Workflow state: Some workflow engines store application state locally, and the failover of such workflows can result in a lost state. Use the workflow engine in the database to avoid such issues. At minimum, configure workflow engines to use the database as a persistence store for its state.
  • Use converged database with full-featured support across all data

    Overview
    For your application’s data tier, use databases that natively support different types of data, such as JSON, relational, graph, and spatial. Take advantage of database functionality to simplify app logic. For example, use SQL for queries, joins, and analysis; use transactions to guarantee consistency and isolation; and use built-in machine-learning algorithms and analytics capabilities to avoid unnecessary data transfers. To protect sensitive data, use the database’s security features and access control, and use replication to improve the availability, scalability, and resiliency of your apps.

    Oracle Autonomous Database provides full consistency and ACID transaction guarantees across all data types. It also provides built-in machine-learning algorithms and fast queries over large volumes of data.

    Use Oracle Autonomous Database as your app’s data tier. Apply the "data-first" principle, and store data in the format that provides the most benefit for your app. Use SQL to analyze and aggregate across different types of data, and apply cohesive data access and governance rules across all the data.

    Principle details
    Use multimodel, converged databases to store different types of data such as JSON documents, property graphs, and relational data. Advanced multimodel databases offer full-featured support for any kind of data stored in the database. You can store a new JSON document, insert relational rows, and update a property graph all within the same ACID transaction. You can use SQL statements to join, filter, and aggregate across these different types of data, which provides strong consistency and concurrency guarantees that you’re accustomed to from relational databases. Along with offering this rich set of features, multimodel databases can also be used as single-purpose data stores that can be accessed by using natural APIs other than SQL , such as REST APIs, document store APIs, and graph APIs.

    A key advantage of using a multimodel database is reusability. Although data might be of different types and shapes, the underlying technology to manage that data doesn’t have to change. This means that you don't have to learn a separate database technology and understand how to use and tune it for each type of data. And because the technology is the same, app code doesn't have to be rewritten. You can reuse existing app code and frameworks, rather than having to start from scratch, which provides faster time to market. Also, multimodel databases improve app resiliency by reducing data fragmentation, thus making backups and recovery easier.

    Use the database's data processing capabilities to avoid copying data out of the database. Doing so improves performance by minimizing network roundtrips, and improves data security and freshness.

    Oracle recommendations
    Use Oracle Autonomous Database, a multimodel converged database, to store, manage, and analyze all your data. Ease the maintenance of your app by using views to expose the data in tables, so that the underlying schema can be changed without affecting existing apps. Use edition-based redefinition to enable upgrading your app with no downtime. Use Oracle Data Safe to implement and evaluate security controls, mask sensitive data, and audit data accesses. Use Oracle Data Guard as a highly scalable read cache for your data, and to maintain a consistent backup for disaster recovery.

    Leverage Autonomous Database's rich set of built-in data processing capabilities to improve performance and enhance security by avoiding unnecessary data copies. Use Oracle Machine Learning for your application's ML and AI needs, including data preparation, model building and management, and inference. Use Oracle Text to search through textual data, leveraging built-in capabilities such as fuzzy search and indexing. Use Oracle Database advanced queuing (AQ) for asynchronous messaging to achieve low-overhead transactional semantics across messaging and other database operations.

    Oracle Autonomous Database performs operational tasks with no impact or interruption to the workload. Complex compensational logic for the data tier doesn’t have to be put into the app itself to handle scaling or failover scenarios. The database manages resources such as CPU and storage independently and provides elastic bi-directional scalability for all of them. Resources can be scaled fully online without having to restart the database in a different “shape”.

  • Instrument end-to-end monitoring and tracing

    Overview
    Developers, administrators, and security officers must maintain an authoritative and timely understanding of an application’s health, performance, operational state, and possible security incidents. This understanding ensures that an app’s function and performance meet expectations during the test and production lifecycle, and can also streamline incident diagnosis and application recovery. Comprehensive monitoring also allows intelligent and automated integration with tools to dynamically adjust resource capacity and coordinate responses to unexpected events. Comprehensive end-to-end monitoring and tracing should be straightforward to implement and manage without adding complexity to an app environment.

    Oracle has created cloud platforms and services to enable end-to-end monitoring and tracing while minimizing the development and administrative overhead of traditional solutions. The following OCI services help you consolidate your logging, monitoring, and tracing across the environments that host your apps: Logging, Monitoring, Logging Analytics; Application Performance Monitoring; OS Management; Database Management; and Java Management. These fully managed services are integrated with common OCI infrastructure resources and also provide supported mechanisms to integrate your custom app resources.

    Principle details
    The way we build software has changed. When we built monolithic applications, all the ways that they could fail were known. With the move to microservices, apps can fail in more numerous and unpredictable ways because of the many interactions between the app’s different components. Even the infrastructure that an app runs on is elastic and might exist for only hours, minutes, or seconds. So having a clear, accurate, and timely understanding of an app’s operational state and history is not just about measuring an end user's experience—it’s also about being able to quickly identify and respond to increasingly complex issues. You might also need to maintain compliance with regional or national jurisdictions, which might require the ability to generate, on demand, detailed activity reports or attestations about the handling of specific sensitive data elements.

    Starting with development, you need to build comprehensive monitoring capabilities into your apps that remain consistent throughout the app lifecycle. These capabilities should be straightforward to implement and manage without adding complexity to the development, test, and deployment processes. Where possible, adopt solutions that extend to accommodate the diversity of platforms that you currently use and might deploy in the future.

    Monitoring solutions should be compatible with third-party tools in general and align with your environment’s administrative tools in particular. It’s important to maintain design flexibility and avoid vendor lock-in.

    Oracle recommendations
    Beginning with the development process, integrate monitoring and tracing frameworks with your app stack. OCI services are designed to provide out of the box support for monitoring, such as the Monitoring Service. Also, many OCI services can be extended to your app components by using a consistent deployment and management experience through supported APIs and SDKs. For example, you can add automated monitoring metric collection or log capture with centralized storage for all your virtual machines and apps.

    During development and testing, configure services to collect only basic debugging or performance testing information. As the app approaches production deployment, increase the scope, frequency, and traceability of information collected by making simple updates to existing configuration parameters.

    Adopt fully managed, scalable services that deliver the features you need without undue integration or administrative overhead. Managed services let you offload the engineering, management, and typically higher costs of running solutions that don’t align with your core business. The OS Management and Java Management services can increase app availability while reducing administrative costs.

    Use robust, centralized data collection for your entire cloud tenancy environment, to provide a single location for analysis, coordinated investigation, and alert generation. Service Connector Hub enables flexible, consistent, and customizable responses to events. Logging Analytics enables efficient analysis and investigation of all your cloud (and external) event logging systems. You can also use Service Connector Hub, Oracle Functions, and Oracle Notifications to transform ingested metrics and logs into actionable alerts. And you can take advantage of our integrations with third-party products and services, such as Splunk and Grafana.

  • Eliminate single point of failure through automated data replication and failure recovery

    Overview
    Despite the reliability of modern cloud hardware, disks, machines, and networks fail. Even entire data centers can become unavailable because of disasters such as fires, earthquakes, floods, and hurricanes. For your application to achieve high availability, you must ensure that the data on which the app depends remains available when failures occur. The key to the high availability of data is replication. Data replication across machines and the use of redundant networking protects you against routine machine and network failures. Using active-active replication provides better resource use and higher availability. And replicating your data across geographical regions protects against disasters.

    Oracle Cloud Infrastructure offers an array of storage services—from Block Volumes, Object Storage, and File Storage to Autonomous Database and Vault—that replicate data within and across regions to ensure the durability and availability of data when routine failures and disasters occur. Using these managed services gives you highly available data while freeing you from building and maintaining your own expensive storage infrastructure. Oracle Autonomous Database, Data Guard, and GoldenGate provide active-active hardware and software replication for high availability as well as zero-downtime patching and upgrades.

    Principle details
    Data replication faces two key challenges: consistency of data across replicas and independence of failures.

    To achieve high availability and durability, typically data is replicated across a minimum of three copies. Keeping all the copies in sync is a problem, and algorithms such as Paxos are the key to doing it. Over time, however, disks fail and some copies might disappear, and you have to create new copies to meet availability requirements.

    Replicated systems can function in two different modes: active-passive and active-active. In active-passive mode, there is a single primary replica and one or more secondary replicas. Only the primary replica participates in-app data processing. In the active-active mode, all replicas participate in data processing. This mode leads to better resource use and higher availability because no primary-secondary failover is needed.

    Replication relies on the independent failure of replicas. Machine or disk failures are typically independent, but network or power failures might take out a whole group of machines. To ensure high availability, multiple replicas of data must not become unavailable when a power outage occurs. To protect against such incidents, network and power infrastructure should be redundant, and data replicas must be carefully placed across different units that can’t fail together.

    To ensure the integrity and security of your data, data must be checksummed, encrypted, and access-controlled. Checksums protect data against silent software and hardware corruption; encryption protects against data theft and leakage; and access control protects against unauthorized access.

    Oracle recommendations
    Use Oracle Autonomous Database, Data Guard, and GoldenGate for high availability database use cases. All these systems provide high availability and efficient resource use through active-active data storage and processing.

    OCI data centers are carefully engineered to eliminate single points of catastrophic failure. A typical data center or availability domain contains multiple independent failure units known as fault domains. Two independent fault domains can’t fail together. Similarly, a single region might have multiple availability domains, which are geographically separated to ensure that two of them can’t fail at the same time.

    Use OCI storage services such as Block Volumes, Object Storage, and File Storage to replicate data across fault and availability domains at all times so that no single failure impacts the availability of your app data. Use Container Engine for Kubernetes to ensure that your app instances are deployed across fault and availability domains to automatically take advantage of the resilient fault isolation patterns built into OCI.

    To protect against disaster scenarios that can take out entire regions, use the cross-region replication capabilities provided by GoldenGate, Object Storage, and Block Volumes, which satisfy your availability and compliance requirements. Use the Vault service to store and replicate your keys so that your apps can continue to access your encrypted data. In disaster scenarios, use the OCI DNS service to failover your app from one region to another.

  • Implement a defense-in-depth approach to secure apps and data

    Overview
    Securing customer data in applications is critical. Developers need access to simple and prescriptive security controls to secure their apps, rather than having to manually configure a complicated set of security controls which could be error-prone. Automated security controls eliminate human error which is a root cause of many security incidents, and help developers secure their apps and data without requiring them to become security experts. Easy-to-use automated security controls must be implemented in all stages of the application lifecycle, including development, build, test, deployment, and runtime. Security must verify users, permissions, and access policies at each step in the process and ensure that access is granted only when appropriate. Security restrictions must detect security issues that are introduced early in the software development lifecycle. Early detection ensures that the app is deployed in production with security architecture best practices and that operational security issues caused by misconfigurations or disclosed vulnerabilities are detected and mitigated.

    Oracle Cloud Infrastructure offers multiple automated security services to secure apps and customer data. Use Web Application Firewall (WAF) to limit traffic from unknown locations or Tor nodes. Enforce the principle of minimum reachability to endpoint isolation by using the network security groups feature in OCI virtual cloud networks (VCNs). Launch apps in a secure-by-default configuration by using Security Zones. Use Identity and Access Management (IAM) for an identity-first approach to security that enables easy onboarding and management of users, strong and contextual authentication mechanisms, and restrictive access permissions. Monitor for security misconfigurations and anomalous actions by using Cloud Guard. Use Vulnerability Scanning to periodically scan instances and containers for known security issues. Use Vault to securely store encryption keys used to encrypt app data, and credentials used by the app.

    Principle details
    Apps must be accessed securely. Here are some specific ways that you can secure an app through its lifecycle:

    • Use well-known best practices and technologies, such as network firewalls to prevent unintended exposure to the internet through public buckets or internet access, TLS certificates for endpoints, and so on.
    • Address security misconfigurations and vulnerabilities which are the primary causes for app security issues.
    • Apply auditing and security monitoring to detect and remediate security issues during operations.
    • Use strong and contextual authentication technologies, such as multifactor authentication (MFA), to secure access into the app.
    • Enforce the policy of least privilege to restrict access to only what is needed for each user.
    • Secure the credentials used to authenticate app components, such as API keys, passwords, and tokens.
    • Encrypt at rest all the customer data stored in the application.
    • Secure encryption keys and restrict access to keys only to those authorized by the app owner.

    Oracle recommendations
    Use maximum security zones for compartments with private subnets. Ensure that operator access to any compute instances in private subnets goes through the OCI Bastion service.

    Use OCI IAM on the front end to authenticate users with strong authentication methods while maintaining an optimal user experience through context-aware adaptive security, optional social or federated logon, or passwordless authentication (depending on requirements). Support regulatory requirements by enabling users to manage their consent for terms-of-use and by supporting data residency requirements.

    Use OCI IAM on the backend to restrict access to app components as needed. Enforce authentication for administrators through strong MFA options. Enforce strong security policies that allow access only through explicitly granted permissions. Separate responsibilities so that access is limited to those who need it.

    Use built-in security principals to authorize compute instances to perform actions on other OCI services. If you must use app passwords, store the passwords in secrets and rotate them every three months through automation.

    Enable Cloud Guard and resolve or accept and disable all problems. Enable notification on drift and treat new problems with urgency.

    Enable Data Safe to secure Oracle databases by monitoring users and access. Data Safe also scans the databases for security best practices and alerts on divergences.

    Periodically scan instances and containers for known security issues by using the Vulnerability Scanning service. Encrypt data-at-rest with keys stored in the Vault service, backed by hardware security modules (HSMs). Prefer to use separate encryption keys for each service, but align Vault entities with compartments. Rotate master encryption keys at least annually and data keys every three months. Use a private vault in production, and replicate keys in secondary regions. Create backups and store them in Object Storage in a separate region.

    For TLS, use certificates for load balancers and use autorotation. Enable WAF on every load balancer that serves HTTPS content. Enable Oracle-managed rules and tune for false positives. Limit traffic from countries that you don't do business with through geo-IP access rules. Use threat intelligence in WAF to block Tor nodes.

    Enable Netflow logging on every VCN. Monitor DNS logging for cryptomining activity or command and control (C&C) server activity.

Architecture patterns

Opinionated patterns with recommended technologies choices.


Web or mobile applications

Web applications typically contain a front end which is what users see, and a back end which has the business logic. In response to a user or API request, a web application interacts with the API or with data stored in a file system, object storage, block storage, or database. The application must support different clients, such as browsers and mobile devices, and interact with other systems and apps by using APIs.

Messaging

Messaging solutions connect application components—including existing on-premises systems—to cloud solutions. This can enable data transfer as part of a well-defined distributed processing pipeline, or for publication of messages to multiple independent downstream systems that evolve independently.

Event-driven

In the cloud, an event is any significant occurrence or change in a system. The core tenets of an event-driven architecture are capture, communicate, process, and persist events. When building an event-driven application on Oracle Cloud Infrastructure (OCI), you can subscribe to changes in your cloud resources and to events generated by your application. This enables you to respond to them in near real-time. Most modern apps built with microservices rely on an event-driven architecture.

Big data and analytics

Big data is a set of capabilities and patterns that enables you to manage, collect, store, catalog, prepare, process, and analyze all data types (unstructured, semi-structured, and structured)—whether they come from sources such as databases, videos, forms, documents, log files, web pages, or images. Oracle's big data capabilities span various services and tools so that you can begin your big data journey based on your skills and preferences.

Machine learning (ML) and AI

Data scientists and ML engineers don’t want to spend time provisioning, upgrading, patching, and securing infrastructure. They want to build, train, deploy, and monitor models that impact the business. A machine-learning platform should be fully managed and allow them to perform all these steps in the model development lifecycle.

SaaS extensions

Oracle Fusion Cloud, the enterprise software as a service (SaaS) offering from Oracle, spans solutions for areas such as HCM, ERP, SCM, and CX. It provides extensive functionality, but sometimes organizations want to create customized UI and business processes that extend that functionality. These extension apps integrate with information from Oracle Fusion Cloud, use the same security layer, and often “mash up” data from other systems, delivering a user experience that seamlessly integrates with Oracle Cloud Apps.

Low-code

Low-code platforms are well suited for building opportunistic applications in collaboration with business stakeholders; building data reporting and analysis apps; extending SaaS apps; and modernizing legacy applications. Every line of code has a cost associated with it—to author it, maintain it, debug it, upgrade it, and secure it. Oracle Application Express (APEX) helps developers avoid these costs by providing high-level components and common design patterns through an intuitive and graphical development experience.

Data-centric

Data-centric applications are core to modern enterprises, which routinely collect vast amounts and varieties of operational data from business systems and devices, running billions of transactions per day. Data integrity and data consistency across all data is key to the business, and databases have traditionally simplified these data-centric operations.

    Technology recommendations

    A list of recommended technologies for modern applications validated using feedback gathered from Oracle customers.

     

    Open all Close all

  • Languages and frameworks

    Oracle recommends using Java as your development language. Use Helidon or Micronaut framework to benefit from low-cost access to common cross-cutting requirements like tracing integration, logging, application scaffolding, and GraalVM to run applications faster and scale better with reduced CPU and memory requirements. GraalVM Enterprise Edition’s optimizing compiler accelerates application performance by up to 55% without any code changes.

  • DevOps

    Oracle Cloud Infrastructure (OCI) DevOps service enables continuous development (CD) automation, deployment history, conditional deployment, and rollbacks. The fully-managed terraform-based Oracle Cloud Infrastructure (OCI) Resource Manager helps you automate infrastructure creation at scale. For version control of artifacts, use the OCI Artifact Registry.

  • Application development

    OCI API Gateway helps validate, rate-limit, and cache incoming API requests. It serves as a common point of policy enforcement and shields consumers from backend implementations. Use the OCI Load Balancing service to provide automated traffic distribution from one entry point to multiple servers reachable from your virtual cloud network (VCN). For container orchestration, the Oracle Container Engine for Kubernetes (OKE) provides industry-leading cluster provisioning times, and predictable and consistent performance of Gen-2 infrastructure. It supports rich compute shapes—HPC, GPU, ARM, Flex, bare metal, and VM—to support a variety of applications. Use OCI Container Registry (OCIR) to store and share container images and enable the OCI Vulnerability Scanning Service for container image security. For code that runs for short durations, Oracle Cloud Functions provides a serverless platform that lets developers create, run, and scale applications without managing any infrastructure.

  • Autonomous database

    Oracle Autonomous Database is highly recommended for storing application state and data. It provides full consistency and atomicity, consistency, isolation, and durability (ACID) transaction guarantees across all data types. Use Oracle Data Guard for high availability (HA) and disaster recovery (DR). Use OCI Cloud Storage services for block, file, or object storage across availability and fault domains.

  • Security and governance

    Oracle recommends using Oracle Web Application Firewall (WAF) to limit traffic from unknown locations, nodes, and virtual cloud network (VCN) security groups to enforce the minimum reachability principle and to provide endpoint isolation. The Oracle Security Zone service enables compartments creation for infrastructure resources that are secure by default, as part of a preventative mechanism to secure applications. Choose OCI Identity and Access Management (IAM) for strong authentication and security policies for access control. Use Oracle Cloud Guard to monitor for misconfigurations and anomalous activity.

  • Observability and management

    OCI Monitoring service provides metrics and alarms to monitor resources both actively and passively. Log Analytics gives you deep analytics capabilities into logs that span application and infrastructure data. Choose APM for deep visibility into the performance of your application. For Java applications, use Java Management Service, which enables you to monitor and manage your Java runtimes using telemetry data from the Java Virtual Machine (JVM).

Technology and platform recommendations