Modern Enterprise Applications with Go - Go Day 2021

Go, the language of cloud infrastructure, is maturing into the language of modern enterprise applications. This high level presentation will speak to Go’s enterprise adoption story and how it plays a role in modernization.

Given at Google’s Open Source Live Day in San Francisco, November 4, 2021.

Transcript

Welcome to my session: Enterprise-Ready Modern Applications with Go. I’m Steve Francia. For the past decade and a half, I’ve lead industry-changing organizations focused on bringing simplicity to the chaos. As senior vice president of MongoDB I lead the development of the first non-relational database to enter mainstream use in 45 years. As chief operator at Docker, I lead the effort to simplify containers. As a side project, I created Hugo the most secure and highest performance web engine. Today I’m the Product Lead on the Go team where we’re building a modern simple cloud-native programming language. Today, I’m here to share with you how Go is helping enterprises modernize their legacy applications. The Rise of Digital Chaos. For years, one of the most talked-about topics surrounding enterprise has been digital transformation. It seems like everyone’s feeling the need to modernize their legacy applications. As technology has specialized, it has grown exponentially in complexity. Two decades ago, there may have been a dozen choices that needed to be made with, typically, two or three options. Today the amount of choices is simply staggering. Nobody can possibly begin to understand all that is required. Three quarters of CIOs say managing performance is now impossible due to the IT complexity. Security risks have seen a similar exponential expansion. It seems like every day we hear about another major breach. The historical approach to enterprise architecture doesn’t work in the digital age. If we don’t dramatically change our approach, and soon it’ll be too late. Today, I’m here to share with you what the path is. We need to modernize our enterprise applications and a lot of folks have this wrong. They have part of the picture but haven’t grasped that true modernization requires simplifying our approach not simply containerizing it. Since you may not be familiar with Go I’ll first provide a short overview of what Go is. I’ll then share with you what a modern enterprise application requires. And, lastly, I’ll share with you how Go will help you with the migration to modern enterprise applications. Along the way, I’ll share quotes from enterprises and how Go helped them. Go is a modern programming language designed by Google for Google’s problems of building and serving server-site software at scale. Google uses Go extensively for a wide range of things from our indexing platform that powers Google search to the infrastructure Google Cloud is built on. Launched a decade ago, Go has seen explosive growth. Today Go is a top 10 language with broad adoption among the world’s leading enterprises. Go follows Einstein’s maxim “Be as simple as possible, but no simpler.” As Go is designed for maximum simplicity, it is very easy to learn and work with. Go drives the balance between productivity and performance sharing the friendliness of dynamic languages like Python and the performance of compiled languages like C and Java. As a modern language, Go was designed from the very beginning with security and safety in mind. Over the past ten years, Go has developed a large and mature ecosystem. Go is loved by both developers and employers alike ranked as the number one language across many industry surveys. Go is widely loved by developers because it makes building modern software simple and secure. But what does it take to build modern enterprise applications? First of all, they must minimize risk. They must be fully modern. Adding modern components onto or alongside legacy systems introduces significantly higher risk and complexity. Instead of simplifying things, they triple the complexity. You now need to worry about multiple systems languages and integration points. Next, they must be safe. Modern applications have to be built in a way that ensures safety. According to researchers at Microsoft 70% of the security bugs the company fixes each year relate to memory safety. Google found a similar 70% of serious bugs in Chrome are memory management and safety bugs. Legacy programming languages were not designed with safety in mind because at the time there was no such thing as a cyber attack, and bits were at a premium. Our environment today is vastly different from the one legacy languages were designed for. Modern languages massively de-risk applications. They must be secure. One of the largest risks systems face is in the form of lacking security which results in leaks and attack vectors. In the constant battle for security applications need to utilize the latest encryptions and protocols. They need to run in minimal environments, with maximum isolation and minimal external dependencies. They need to not depend on legacy libraries and environments. Modern enterprise applications must adapt to business needs. One way they do this is by utilizing service-oriented APIs approaching applications with a communication-first focus which ensures that the application has the proper separation, scalability and flexibility to adapt to new businesses requirements. This approach also isolates each feature for greater flexibility and security. They must be architected to be modular and composable. Tech debt can be a technologist’s worst enemy. This hidden tax slows down all development. Traditional inheritance-based architecture creates code that is very tightly coupled, hard to maintain and hard to adapt to new requirements. This brings us to our next point it must be easily maintainable. Teams and priorities are constantly changing. We need code that is easy to understand and pick up by a constant influx of new engineers. We want applications that require minimal maintenance without constant runtime upgrades. Our final theme: Modern enterprise applications must sustain growth. They must be scalable and efficient. Data and usage has been expanding exponentially for the past five decades. With the end of Moore’s law, an increased pressure on computing costs modern enterprise applications need rapid deployment and the ability to scale up and down with ease using resources efficiently, to keep operating and management costs down. They must have a cloud-native architecture. Modern enterprise applications must take advantage of innovations in cloud computing with a cloud-native architecture. They must be designed with automation, monitoring and repair from the beginning favoring managed services. They must incorporate event-driven components also known as serverless. Event-driven features must be properly utilized to bring cost savings adaptability and efficiency to modern enterprise applications. This requires software that loads instantly with minimal resource consumption and minimal dependencies. We’re now gonna go through these requirements and highlight the ways Go will help you build modern enterprise applications. Go helps you minimize risk. Go is a truly modern language requiring a completely clean implementation keeping your application decoupled from legacy libraries. While there is risk in a re-write, it pales in comparison to the larger risk of sticking with legacy systems or, worse, maintaining both the legacy and a modern system. Go’s high learnability, productivity and simplicity minimized the re-write risk and often paid dividends in massively reducing both operating costs and technical debt further minimizing businesses risks. Zviad, a senior principal engineer at Dropbox, said “People become very productive in Go, very fast, “our infrastructure is built in Go today, and all the new things we build in Go.” Legacy software languages were designed for a different era where safety wasn’t prioritized, or worse, often compromised for performance. This trade-off made sense in a pre-network era but it’s created massive risk in today’s environments. Modern languages, like Go, are designed for today’s environments where safety is critical. Go is memory-safe, type-safe, and utilizes low latency garbage collection. These features alone avoid over 70% of critical bugs which result from using unsafe legacy languages. Bala, a senior director of engineering at Paypal, wrote “In our tightly-managed environments, where we run Go code, we have seen “a CPU reduction of around 10% [vs C++] with cleaner and more maintainable code.” Go has been designed to create the most secure applications minimizing risk as much as possible. Go applications compile down to a single binary without any local dependencies. It’s not uncommon to see an application built using only the standard library or only a couple of well-vetted dependencies. That dependency management uses an industry-leading, tamper-evident transparency log with built-in tooling that ensures your dependencies are exactly what you expect. Go has native encryption, which has been used to power much of the Internet including key components of Google and Cloudflare. Adopting Go means that the next Heartbleed which impacted virtually every application written in any other language won’t impact your application. Go even supports distroless containers, where there’re zero local dependencies to worry about. Go helps you adapt to business needs. Service-oriented APIs provide enhanced agility, scalability and reliability allowing your business to adapt to market and strategy changes quickly. Go’s the only language explicitly designed to build service-oriented APIs. Go has native support in the standard library for all you need to build performant and secure APIs. Including a high-performance web server. This is Go’s most common use case with over 70% of Go developers using Go for building APIs. Matt, a principal software engineer at Monzo, shared “Go is a perfect language for creating microservice architectures “the concurrency features and the language in general, has allowed the easy creation “of small and simple networked services at Monzo.” A unique feature of Go is that its application structure directly mirrors the architecture of service-oriented systems. Services are designed independently and they share nothing architectured, communicating across networks. Go applications are composed of share-nothing modules which communicate across channels, a native feature in Go. This means that both your service and your application which is composed of many services are using the same architectural pattern. The benefits of agility, independence and easy maintenance are twice as impactful for Go-based services, which maximizes your ability to adapt to business needs. There’s an additional cognitive benefit for developers of using a single architectural pattern at every level of their system. John Graham-Cumming, the CTO at Cloudfare, shared about Go “I came for the easy concurrency, I stayed for the easy composition.” Kubernetes' creator, Joe Beda, tweeted “Kubernetes' success is in part due to Go and the Go community. “Go hits the sweet spot for distributed systems software.” High maintenance costs ensure that your technology can’t properly adapt or support business needs. Go is unique among all languages as it has been designed to minimize maintenance costs. Rapidly evolving teams are common at Google and virtually all enterprises. Go’s simplicity, easy readability and single binary deployment ensures that Go’s applications have minimal maintenance and it’s relatively easy for someone new to a code base to safely maintain them. Martin, a software engineer at Trivago, spoke about this hidden benefit of Go. “Go’s simplicity and its sophisticated tooling “let us scale not only our service, but, more importantly “the process of software engineering itself. “Reducing the friction of onboarding and training someone “has a significant impact on the company’s productivity “even more so in a constantly moving environment like Trivago.” Benjamin Cane, VP and Principal Engineer at American Express also speaking at Google Open Source Live, shared “After working on Go “most of our developers don’t want to go back to other languages.” Go will help you sustain business growth. Historically, CTOs have needed to make an impossible tradeoff either choose to delay launch as the team builds the scalable application first or choose to ship a slow prototype early acknowledging that development will be delayed significantly later as adoption growth demands a re-write effectively having to choose when to be unable to support business growth. Go has eliminated this dilemma. Go is designed for Google’s scale with built-in concurrency that takes full advantage of today’s multi-core machines and cloud services. Go enables programmers to quickly develop applications that perform at scale. No re-write needed. Eric, a Software Engineering Manager at Mercado Libre, wrote “With Go, the company obviated 88% of their servers “and cut CPU on the remaining ones in half “- producing a tremendous cost-savings.” Cloud computing brings countless benefits for flexibility and efficiency critical to sustaining business growth. Go is the only modern language that has first class support on all cloud platforms. Go is designed for cloud-native applications. Over three quarters of the projects in the cloud-native computing foundation are written in Go. Go is designed for container deployment with a very small footprint compared to the ship-the-world legacy languages like Java, Python and Node. Mariano, a software engineer at Movio, blogged “Our Go microservices currently build in five seconds or less. “They test in one or two seconds, which includes integration tests. “And they can deploy new containers via Kubernetes in ten seconds or less. “The key factor here being small images.” Among all cloud benefits, serverless has the largest potential for sustaining business growth with its low cost, instant scability and expanded flexibility. Go is an ideal fit for serverless with broad support on all serverless platforms. Go has very low resource use and nearly instant startup times, especially when compared to applications written in legacy languages which utilize interpreters. Go is well supported on all serverless platforms and Google’s Cloud Run is the ideal platform for Go applications thanks to its seamless deployment. Go: simplifying the chaos. “The biggest impediment to a company’s future success is its past success” according to Dan Schulman , CEO of PayPal. Today’s business environment is defined by modern enterprises with a move-fast-and-break-things culture. Enterprises will need to embrace the process of constant transformation to remain relevant. Go provides the flexibility and performance to assist organizations with application modernization efforts. To learn more about Go, its primary use case and to read case studies of enterprises who have transformed their organizations visit go.dev. Thank you.