App Modernization, Cloud Native, Microservices – Overview, Strategy and Techniques

Disclaimer: This blog content has been taken from my latest book:

“Cloud Native Microservices with Spring and Kubernetes”

These are important objectives for app modernization, cloud migration or containerization and building new applications from the scratch!

These are essential steps to start thinking about modernization (Cloudification). I will cover 101 high-level view of modernization strategy and techniques in bullets, will try to cover these topics in detail in my upcoming blogs! Please keep on following my blog and share your queries in “Leave a Reply” section. Thanks for reading my blog! Happy learning 🙂

What is Modern Application?

Modern application is also called cloud native application which follows 12-factor/ 15-factor principals, microservice architecture practices and containerized on cloud.

What is Cloud Native Application?

“cloud-native” a little more narrowly, to mean using open source software stack to be containerized, where each part of the app is packaged in its own container, dynamically orchestrated so each part is actively scheduled and managed to optimize resource utilization, and microservices-oriented to increase the overall agility and maintainability of applications.

The CNCF defines

According to my knowledge and experience, I think this is the magic formula of cloud native modern applications:

Cloud-native app development=  12-factor/ 15-factor principals + microservices + modern database + agile methodology + cloud platforms + containers (like Kubernetes and Docker) + devops (CI) + continuous delivery (CD)


“A cloud native app is architected specifically to run in the elastic and distributed nature required by modern cloud computing platforms,” says Mike Kavis, a managing director with consulting firm Deloitte. “These apps are loosely coupled, meaning the code is not hard-wired to any of the infrastructure components, so that the app can scale up and down on demand and embrace the concepts of immutable infrastructure. Typically, these architectures are built using microservices, but that is not a mandatory requirement.”

Because of this, you really want to have a platform-as-a-service (PaaS) model. A PaaS is not required, but it makes things a lot easier. The vast majority of cloud customers start out with infrastructure-as-a-service (IaaS), which helps abstract their apps from the underlying hardware. But PaaS adds an extra layer to abstract the underlying OS, so you can focus entirely on the business logic of your app and not worry about making OS calls.

Cloud Native Application Journey: Modernization 15 Factors Spectrum – Containerization and beyond!

A picture is worth a thousand words!

Simple app to Cloud Native journey!
Picture credit: Shaun Anderson & Joseph G Szodfridt

What is Microservice?

Microservice architecture – a variant of the service-oriented architecture (SOA) structural style – arranges an application as a collection of loosely coupled services. In a microservices architecture, services are fine-grained and the protocols are lightweight. Microservice is an independent module which can be deployed separately and easily maintained with no dependency on other microservice.

There are Microservices challenges also. Please refer my following blog for detail:

10 Challenges and Solutions for Microservices

References: Good microservice resources and patterns are available here-

To know more about Docker OCI Image, Docker Engine, Container fundamentals

Need for Application Modernization

  • High Availability
  • Containerization and platform automation to save operational cost
  • Modern Polyglot Applications development 
  • Managing heterogeneous workloads
  • Developer productivity challenges
  • Deliver applications and features faster for GTM (Go to Market)
  • Urgent H/W capacity needs
  • S/W and H/W quick updates and no outage deployment
  • Address security threats and patching
  • H/w and S/w Cost saving

Migration Strategies

  • Lift-and-Shift (Rehost)
  • Lift, Tinker and Shift (Replatform/Rebase)
  • Refactor
  • Complete Rebuild
  • Retire

Migration Techniques

  • Event storming
  • SNAP Analysis
  • DDD – Domain Driven Design
  • Self Isolated services
  • Business Driven services
  • Front end teams separation

Transition from Monolithic to Microservices

These are the important considerations when migrating from Monolithic to Microservices. We should double click on each and then try to apply these essential features of any cloud native applications and infrastructure:

Monolithic Vs Microservices
  • Scalability
  • Service Discovery
  • Load Balancing
  • Reactive Systems
  • Event Driven
  • Persistence
  • API Gateway
  • Split Apps on VM and Container
  • Cross-Cutting Concerns
  • Automation
  • Performance
  • Monitoring
  • Data Migration
  • Container support of legacy apps

Cloud Native Migration Paths

Microservice deployment on Kubernetes container with NGINX Ingress controller, Docker Hub and Helm package deployer

Disclaimer: This blog content has been taken from my latest book:

“Cloud Native Microservices with Spring and Kubernetes”

This blog will cover these topics:

  • Deployment of SpringBoot (Java) application on container using Kubernetes TKGI cluster
  • Run Docker Hub image on VMware TKGI cluster
  • Install and configure Helm Kubernetes package Installer
  • Install and configure NGINX Ingress controller
  • Expose micro-service as ClusterIP ingress REST API resource
  • Test and verify Microservice REST API


  • Step 1 : Create a Springboot microservice. Refer this blog series
  • Step 2 : Please follow my blog series -2: Build docker image. Use any of this build method –
    • Build docker image and store on Docker Hub or Harbor image registry. Refer this blog series.
    • Build docker OCI image using Tanzu Build Service (TBS) using Docker Hub. Refer this blog series.
  • Step 3 : Install Kubernetes cluster and switch to the K8s context where you want to deploy this docker image
  • Step 4: Install the TKGI CLI or Kubectl CLI

Create Kubernetes Deployment Configuration

Now, we need to create Kubernetes services and deployments which are required to deploy this sample microservice on K8s.

Please refer this source code for reference:

Note (Optional Step) : imagePullSecrets only required to connect with Harbor registry. It’s not required in this demo, because we are going to use Docker Hub image registry. If you are using Harbor then, you need to create a K8s secret and add this in the K8s deployment yaml script.

kubectl create secret docker-registry regcred --docker-server=<your-registry-server> --docker-username=<your-name> --docker-password=<your-pword> --docker-email=<your-email>
# Now, you can add this above secret in deploy script -
imagePullSecrets: # Only required with private image repository like Harbor,jFrog etc
        - name: regcred

1. Create ClusterIP Service:

We need to create a service on “online-store” namespace and expose on port 8010 which will expose this microservice internal to K8s cluster –

apiVersion: v1
kind: Service
  name: catalogue-service
  namespace: onlinestore-demo
  - port: 8010
    protocol: TCP
    targetPort: 8010
    app: catalogue-service-app
  sessionAffinity: None
  type: ClusterIP #internal IPs withing K8s cluster,exposed to external IP with Ingress Load balancer service
  loadBalancer: {}

2. Create Deployment

Now, create a deployment which will pull image of this micro-service from Docker-Hub image registry from login: itsrajivsrivastava/catalogue-service, which will create 3 replicas/containers of PODs and one container per POD-

apiVersion: apps/v1
kind: Deployment
  name: catalogue-service-app-deployment
  namespace: onlinestore-demo
      app: catalogue-service-app
  replicas: 3 # tells deployment to run N pods matching the template
  template: # create pods using pod definition in this template
        app: catalogue-service-app
      - name: catalogue-service-app
        image: itsrajivsrivastava/catalogue-service
        - containerPort: 8010
          name: server

Install Helm (Optional) for easy deployment on K8s Clusters

$ brew install helm

Kubernetes Ingress-nginx Controller Setup with Helm Simplified…Create and Configure Ingress

Read about Ingress-

3. Install Ingress-nginx Controller using Helm

Refer this doc for more info:

$ helm repo add ingress-nginx
$ helm install my-release ingress-nginx/ingress-nginx
#These k8s objects will be created after installing Nginx Ingress Controller-

4. Create an Ingress

Note: You need to create a DNS entry or use direct IP address of Ingress resource for host name.

apiVersion: extensions/v1beta1
kind: Ingress
  name: catalogue-service-app-ingress
  namespace: default
  - host:
      - backend:
          serviceName: catalogue-service
          servicePort: 8010
        path: /catalogue

5. Test and verify Microservice REST API

Test Nginx Ingress resource from external system terminal/Browser:

curl -v

12- Factor apps/15- Factor Apps of Modern Cloud Native application

Disclaimer: This blog content has been taken from my latest book:

“Cloud Native Microservices with Spring and Kubernetes”

A quick overview of 12 Factor Apps and newly added 3 factors for standard of cloud Native Application

I. Codebase

One codebase tracked in revision control, many deploys

II. Dependencies

Explicitly declare and isolate dependencies

III. Config

Store config in the environment

IV. Backing services

Treat backing services as attached resources

V. Build, release, run

Strictly separate build and run stages

VI. Processes

Execute the app as one or more stateless processes

VII. Port binding

Export services via port binding

VIII. Concurrency

Scale out via the process model

IX. Disposability

Maximize robustness with fast startup and graceful shutdown

X. Dev/prod parity

Keep development, staging, and production as similar as possible

XI. Logs

Treat logs as event streams

XII. Admin processes

Run admin/management tasks as one-off processes

New 3 more factors for modern applications:

  • API First
  • Telemetry
  • Security , Authentication and Authorization (A&A)

13. API First

API first suggests to start API designing first and expose all cloud native micro-services thru REST API endpoints. Try to follow best REST API practices, set API contract like request, response payload, API name, security and arguments. In modern applications cloud native apps are exposed and integrated thru APIs. Use API Gateways to follow these standards. I like Spring Cloud Gateway open-source to implement code centric API standards, its faster, lightweight and easily configurable by the developers.

14. Telemetry

Add advance feature of monitor hundreds and thousands of micro-services apps, containers, environment. It’s very important to monitor logging, disk space usage, memory consumption, performance, and so on. Based on these telemetry data platform can scale, self-heal and manage alerts for end users and platform operators. Analytics can be done using Machine learning and based on that any organization can derive to future business strategy!

15. Security , Authentication and Authorization (A&A)

Security of microservice cloud native application is Super Important. Security is a major concern in modern era, where hackers are really smart to steal confidential and critical information. Make sure almost all security policies are in place at H/W, N/W and S/W. These are very high level important security measure.

  • DOS, DDOS protection
  • API should be secured using A&A – API token, RBAC, OAuth
  • Web content should be exposed externally on HTTPS
  • Network should have firewall protection
  • API request/response payloads should be encrypted
  • Firewall and router level security should be in place
  • Database protection
  • MFA (Mutii-factor authentication)

Create a Microservice using SpringBoot, dockerize and run on Docker

Disclaimer: This blog content has been taken from my latest book:

“Cloud Native Microservices with Spring and Kubernetes”

In this blog, we will create a simple Microservice using SpringBoot and Java. We will create docker file of this microservice using Maven, deploy and run on Docker using Docker Desktop on local machine.

Note: This POC has been done on Mac machine.

You can also try on Windows machine with a small configuration.


  1. Install Docker Desktop
  2. Install Java
  3. Install Maven
  4. Install Git
  5. Install Homebrew


We will first create a SpringBoot project from and download this project on local machine.

Step 2:

Add required dependencies by clicking on the button ” Add Dependencies”. In my case, I have selected:

  1. Spring Data
  2. Spring Micrometer
  3. Spring Data JPA
  4. Lombok
  5. H2 in-memory database
  6. Spring Boot DevTools

Note: Refer this pom.xml file for dependencies and Maven plugins and repositories:

Step 3:

Download this project artefact on your system by clicking on the “Generate” button. It will have initial template, Maven style directory structure, POM.xml with all required dependencies and default application.yaml configuration file which is required SpringBoot with main class file.

Step 4:

Export this project as a Maven project in your IDE (Eclipse, STS, InelliJ etc). I love STS IDE and same will be demonstrated here. You can right click on “Project Explorer” window and select “Export” and select project folder which you have downloaded from Spring Initialiser portal. You are set to write business code and additional configuration for Dockerization.

Step 5:

Create a controller “” for your SpringBoot application and add your REST API endpoint definition. Create these REST APIs:

  1. /cataloguedisplay
  2. /catalogue

Step 6:

Create a model Catalogue.Java class to persist Catalogue data model (hard-coded) into local H2 database in-memory. I have used Lombak to avoid writing getters, setters and avoid other overrides methods.

Step 7:

Create repository ““and command line Runner “” to persist product catalogue data to H2 database.

Step 8:

Create SpringBoot application configuration file application.yml and add custom available port, otherwise it will take default 8080.

    name: catalogue-service
      ddl-auto: update
      enabled: true
      show-details: always
        include: '*'
        include: '*'
  port : 8010
    path: /docs
    path: /swagger

Step 9:

Create unit test class to test basic functionality during build time.

Step 10:

Create a docker file with same name Dockerfile and add these configuration to convert this Java/Jar artefact to docker container. Docker follow step by step, please refer all the comments:

# Docker Image name: catalogue-service-app-demo

# Use the official image as a parent image.
FROM openjdk:8-jdk-alpine

# Creates a mount point with the specified name 

# variable that users can pass at build-time to the builder with the docker build command 

# Add files into docker image
ADD ${JAR_FILE} app.jar

# Allows you to configure a container that will run as an executable
ENTRYPOINT ["java","","-jar","/app.jar"]

Step: 11

 Install Docker Desktop:

Install Docker Desktop. The docker CLI requires the Docker daemon, so you’ll need to have that installed and running locally.

Create a Docker Hub account on and get set go!

You can create docker images locally, then you have choice to push images to Docker Hub cloud SAAS or set a local Harbor private repository for security reason

Step: 12

Create docker image inside project folder by using Maven build tool. It will download all the dependent libraries from public Maven Central repository and Docker hub SAAS portals. You can use your private image registry and local library repo using Sonatype Nexus or other tools.

cd catalogue-service

#Build a docker image using Maven
mvn clean install dockerfile:build

#List all Docker images:
docker image ls

#Show a breakdown of the various layers in the image:
docker image history catalogue-service:latest

Step: 13

Now, we can runt the application on Docker and expose on the same port which we have defined inside the application.yml

Running a Container Docker Image:

docker run -p 8010:8010 itsrajivsrivastava/catalogue-service:latest

Step: 14

Now, test application by –


Try to check if service’s health is good:


My CKAD Certification experience: Tips and tricks

I have passed CKAD (Certifies Kubernetes Application Developer) exam in June’2020! It was really a race against time! It’s a fast pace, online coding exam!
In this blog, I will share my exam experience, hope it will be helpful for you.

It’s an open book exam, however you can only browse Kubernetes official website and their related blogs. You can’t Google search and find the answers. You can copy and paste YAML based code from K8s official portal only.

Exam Prepration

I have started preparation with CKAD Udemy online course of Mumshad Mannambeth. It’s an awesome online tutorial with real lab environment, where you will be given readymade Kubernetes cluster lab KodeKloud platfrom, It’s superb! Here, you can write code in K8s yaml files and run instantly without any K8s cluster configuration. It’s also creates K8s resources for you and also validates your answers.

Other Resources:

It would be great to setup a MiniKube or Kind ( Kubernetes in Docker) K8s cluster on your laptop/computer to practice more questions. I have used these resources to practice the exam-

D-Day (Exam-Day):

It’s a tough exam where you have to read, understand, code and verify in 6 minutes. There will be 19 questions and passing marks are 67%. It’ very difficult to complete all the questions in 2 hours. These are tips I have followed to do time management:

It’s 2 hours online coding exam where a human exam proctor will keep an eye on you for this duration by looking at you thru Web Camera and your monitor screen thru screen sharing!

Tips to save time and attempt most of the questios:

  • Practice, practice, practice so that your finger remembers popular commands and syntax!
  • Don’t try to create YAML file manually during exam! Use Kubectl imperative commands to generate yaml. Export yaml file by –dry-run -o yaml>pod.yaml and then edit this YAML file in vi editor. Once, you are confident, then save
  • They provide vim/nano. I prefer vi, it’s simple.
  • Always verify K8s objects status and logs after K8s object creating command. It will give you confidence!
  • Hit easy questions with high weight first: >10% and get back later for question with weight: 2–3% or those questions which are big and complex, and you are not sure.
  • Use exam console’s NotePad to track all your questions. Write all questions in new rows and write weightage and mark if you have completed. You can also click on a button to mark your questions which you want to return later. You can also shuffle easy and high score questions on the top and low marks and complex questions at the bottom. e.g: Here d means “done”
    • 1-13-d
    • 2-9-d
    • 3-7-p
  • Save important bookmarks and use as boomark tool bar to save time in searching bookmark links. You can download this bookmark which I have used from Github.
  • Create aliases before starting the exam and save it on Notebook which will be provided on exam console. You can’t use your personal Notepad or any copy-paste from your local computer to exam console browser’s windows. I have just used these aliases:
$ alias k=kubectl
$ alias kx="kubectl config current-context"
$ alias kn="kubectl config use-context"
$ alias kall="kubectl get all"
$ alias kc="kubectl create -f"

All the best!

About Founder – Rajiv Srivastava

Rajiv Srivastava is the founder of, which is a cloud-native modern application blog site for cloud-native developers, architects, and enthusiasts who are interested in end-to-end design and development of cloud-based modern applications by using build, run, monitor, secure, and manage approaches with modern technologies.

He is working as a Principal Engineer & Architect (Application Modernization Cloud Native Solution Architect) with Wells Fargo, a blogger, author, a passionate technologist, Java/Spring/Kubernetes developer, and architect.

He has 16+ years of work experience in development and design solution architecture. He has expertise in modern application, cloud migration, Kubernetes platform, event sourcing architecture, NodeJS, Tanzu, cloud, docker, API Gateway, Service Mesh, CI/CD, containerization, GCP, AWS, open-sources, distributed, serverless, Microservices, REST APIs, Spring, Caching, Kafka, RabbitMQ, SQL/No-SQL, MongoDB, ElasticSearch, enterprise integration, unit/integration and performance testing, code profiling, etc.

Location: He is based in Gurgaon (New Delhi NCR) India


  1. TOGAF 9 certified enterprise architect
  2. AWS Certified Solution Architect Associate, 2021
  3. Certified Kubernetes Application developer (CKAD), 2020
  4. Sun Certified Java Professional (SCJP, 2006
  5. Other Certifications: ElasticSearch, Spring Cloud data Flow, ITIL, Six Sigma White, SNIA etc.

Work Experience:

He has worked with these companies from past 15+ yrs:

  • Wells Fargo (Current Company)
  • VMware
  • GlobalLogic
  • Wipro
  • Infogain
  • COLT
  • Sapient
  • Dell EMC

He has worked with these clients:

  • Kohls, USA
  • Apple, USA
  • Fedex, USA
  • AT&T, USA
  • Sprint Telecom, USA
  • Commercial clients etc.


  • PGP Cloud Computing from Caltech (California Institute of Technology, USA) in 2022.
  • MCA (Masters of Computer Applications/Master of Computer Science) from Bangalore University, India in 2004.
  • BCA (Bachelors of Computer Applications.
  • DST (Diploma in Software Technology) from CMC Ltd.

Skill Set and hand on technical expertise:

Experience in cloud migration, app modernization, Tazu products, Core Java, JEE, SpringBoot (Cloud, DI/IOC, MVC, AOP,Integration, REST Web Services, Security), Kubernetes, Redis, Kafka, RabbitMQ, framework, ArgoCD, Docker, Harbor, Docker Concourse,Grafana, Prometheus, JProfiler, Cucumber, Hibernate, JMS,Tomcat, ElasicSearch, MongoDB, MySQL, EFK, Splunk.

Domain Expertise:

  • E-Commerce/Retail applications.
  • Order management (Telecom)
  • Search Engine
  • Storage domains
  • Technical: Cloud, No-SQL and Storage.

Book Author

His Technical Social profile:



Work Profile:

# A passionate technologist, a cloud-native application solution architect and API/Microservices developer, blogger, from a rich development background of Java, Python, NodeJS, SpringBoot, REST API, Caching, messaging, No-SQL and MicroServices, Event sourcing architecture, Integration Architecture, unit , integration testing, GCP, AWS, Tanzu products, cloud architecture and open source technologies.
# Overall 16+ years of software of development, designing, and implementing Distributed, Cloud-native -based microservices, Client-Server, and Web-based enterprise applications using Java, Microservices, and open source technologies for B2B, B2C projects enterprise-grade production applications.
# 5+ years of cloud and microservice experience in AWS, GCP, OpenShift (PAAS), Cloud Foundry (PAAS).
# 6+ years of deep eCommerce experience for USA’s top 5 companies – Apple and Kohls and exposure of online shopping, cart checkout, catalog, retail orders, inventory, MDM, product launch, mobile commerce, omnichannel, wallet and promotions, fraud detection, security issues of eCommerce apps etc.
# Excel in building quick Proof Of Concepts (POC), Proof of Technology (POT).
# Cloud migration of Java enterprise application, Kubernetes on-prem, private and public cloud (AWS,GCP) using Micro-Services architecture. CI/CD pipeline. Design new cloud applications
# Design Patterns and Methodologies: Good Understanding of MicroServices architecture, GOF patterns, Core Java/J2EE Patterns, OOPS, MVC. Agile, SDLC,TDD in multi-project implementations.


Step by Step: Create a SpringBoot Microservice, dockerize, run on docker and deploy on Kubernetes

Disclaimer: This blog content has been taken from my latest book:

“Cloud Native Microservices with Spring and Kubernetes”

This blog has simple step by step info to build, containerize and run a microservice. I have written detail separate blogs for all the following steps. This blog is just an index or reference to those blogs at one place: