If you can't read please download the document
Upload
tricode
View
108
Download
1
Embed Size (px)
Citation preview
Monolithic to Microservices
Architecture
LAZO APOSTOLOVSKIJAVA DEVELOPER @ TRICODE MACEDONIA
What is Monolithic Architecture?
Monolithic Architecture drawbacks?
Huge code base
Hard to manage
Difficult Continuous Integration
Difficult application Scaling
And so on...
What are Microservices?
What are Microservices?
Microservices are
small, focused, autonomous
services that work together.
What are Microservices?
Small and focused on doing one thing onlyExample: Service
weather information for given location
Independent between
Deployed by itself on different hosts
Exposing API interface for clients
Benefits of Microservices
Mixed Technology can be used
That fits needs of that microservice.
Resilience
If one node fails, others continue to work and isolate the problem.
Ease of Deployment
On code change, only affected part can be redeployed faster.
Composability
Microservice can be used for different purposes, and from different applications.
Replaceable
Easier to replace, delete or rewrite is much easier on small functionality.
What Makes a Good Service?
3 things
What Makes a Good Service?
Loose CouplingWhole point is to make changes to one service and
deploy it.
High CohesionRelated behavior is located on one place.
Shared and hidden modelsShare only minimum information to customer, and hide internal implementation.
From where to start?
Always start from
Monolith Application
and
split later.
Splitting the Monolith
Why to split the monolith?
Why to split the monolith?
Code base is huge to manage
Some part will change frequently
We need to deploy new changes fast
Some data need additional protection around
Different technology should be used
Splitting is complex and will cost you a lot, if you not do it right.
Where to start?
From existing monolith
Detect functionality boundaries
Separate to modules first
Extract as stand alone microservices
That is about code.
But what about database?
Splitting database
Isolate data in separate tables first
Break foreign key relations
If all good move it to another database
Extract code in microservice
If fail merge it all back and rethink
Deal with...
Static data (enumerations)
Copy or put it in configuration
Shared data (different functionality use same data)
Can be separated as different microservice too
Transactions (no transactions anymore)
Different ways to handle this. Try again later or abort
everything.
T E S T I N G
Tests are important
TESTING
Unit tests
Have a lot of them
Acceptance tests
Check if its implemented like it should
Performance tests
How system can handle the load
Exploration tests
Finding the way to break the system
TESTING
Service tests
Stub and mock external services
Test service in isolation
Test without user interface
End-to-end tests
Testing all together
Slow and tricky to manage
Its hard to locate the problem
Developer's team write tests by itself!
Testing microservice into production.
How to do it?
In production
all that go wrong
will go wrong.
Minimize the impact with 2 basic approaches.
Minimize the impact
Blue / Green deployment.
Minimize the impact
Canary deployment
Microservices integration
Get it wrong, and disaster awaits.
Integration tips.
Integration
Avoid braking changes!
Consumers should be able to use service until they are ready to
switch.
Versioning
Microservices are changing constantly
Internal changes do not affect consumers.
Changes should not prevent consumers use service.
Small changes and Breaking changes.
Dealing with small changes.
New field is added
Unused field is removed
Consumer read only what is needed
Use flexible technology JSON or XML.
Dealing with breaking changes
Need to be avoided
Support old version for a whileGive consumers time to
switch
Two parallel service instance (easy way)Balance between them
Expose both version under same instanceAdding complexity need to be avoided
Integration
Make service simple for Consumers
Use common communication protocol. Json for example.
Integration
Hide internal implementation details
Consumers should not know what is happening inside
microservice.
Integration
The Shared database
Integration
Interface the customer instead
Consumers should not know what is happening inside
microservice.
Orchestration
and
Choreography
Orchestration and Choreography
For example
When some event happen we need to:
Send confirmation email
Send order from warehouse
Update finance department
This can be done on two ways.
Orchestration
Synchronous tasks execution
One microservice delegate execution
If mastermind service fails, all process stops
Its slow
Easier to guarantee consistency
Choreography
Asynchronous tasks execution
Every microservice is responsible for his job
Its faster because all executions are parallel
If some microservice fails others will complete
Additional retry mechanisms
Microservices monitoring
Why we need it?
Microservices monitoring
Single service, Single Server
Nagios is your friend
Microservices monitoring
Single service, Multiple Servers
Nagios + Logstash for logs aggregation
Microservices monitoring
Multiple services, Multiple Servers
Nagios + Logstash + Kibana for visual monitoring
Metrics can help a lot
What hardware we need
How much resources we need for one service instance to
run
Do we need new host
If old one cannot provide us with enough power
When we need to scale
Scale only in peak times
How much we need to scale
Scale just enough to serve clients
Tools
Graphite, Kibana, Varnish
System security
SSO (Single-Sign-On)
Service to service Authentication
Allow everything inside perimeter
If attacker penetrate the security, all services are vulnerable
HTTP(S) basic protocol between services.
Communication between services also need to be secured.
Client certificates
Hard to manage, good data encryption
API Keys
Shared public key between
HMAC
Guaranties integrity of request
Database protection
Encrypt database data
Encrypted data is useless for attacker
Some database offer integrated encryption
Encrypt sensitive data in database
AES, DSC
Good algorithms to use
Other protection inside perimeter
Firewall
Block suspicious requests
Intrusion detection
Monitor for suspicious activity
Network segregation
Separate sensitive data in separate network
Operating system
Apply security Patch regularly
This topic is huge,
but this is all for now.
Any questions?