What is Micro Service?
Architecture style to build Autonomous, independently
deployable services collaborate together to form an application.
You must have worked on and may be created applications
without calling micro services.
How small it should be – depends
Why do we need micro service ?
Monolith – software typically all application is in a Single
Codebase.
Single
Codebase – exist in a source repository where all developers collaborate each
other.
Typically build artefact runs in a
Single
Process – build the artefact
Single
host - runs on a single host.
Single
Database – persist to
Consistent
Technology – dev env, single programming language, sdk used
Benefits of Monolith
Simplicity
One
codebase – easy to find
Deployment
– one application to replace
Nothing wrong. Then Why we need micro services? or You don’t
Micro services, Yet
Problem of scale
Many
developers , many users, many data, code base grow- difficulty in maintain (
growing complexity and accumulation of technical debt) , entangled modules (
wired here and there, although u put an effort and build a modularised app)
Deployment – single line of change need to deploy the whole
app
Risky
Usually
requires a significant downtime
But
some use modern level cloud services
Difficult to Scale – unless you make it stateless
Horizontal
scaling often not possible
More
possibility towards vertical scaling
Too
expensive , add more hardware(memory, hard disk , processor etc)
Whole
application must be scaled
Finally -
Wedded to Legacy technology
Have
to upgrade entire application to move to a newer frame work
Reduces
agility – ability introduce new practices, take advantage of innovation
Distributed monoliths
You can argue my app is not a monolith. It has few services,
just like CMP
SOA – service oriented architecture
System built as services, but
Uses a
single database
Tightly
coupled
Everything
must be deployed together (or few together)
New
features require, changes every where
This where you need to understand what micro services else
you will end up building something worse than monolith or distributed monolith
(SOA)
How are micro services better than Monoliths?
Small services
Can be owned by a team
Easier to understand
Size – small enough to be thrown
away and rewrite
Technology Choice
Adopt new
technologies - without upgrading whole
application as Monolith
Use the
right tool – for specific task
One
might use relational database where other document database
Object
oriented programming language , other functional programming language
Standardize
where it makes sense – but no hard rules, common agreement like in REST
Individual deployment – cause of loose coupling
Lower
risk – no need to upgrade, deploy entire system in one go
Minimize
down time – zero downtime
Frequent
updates
Scaling
Scale
services individually
Cost
effective – compared to monolith
Agility
Adapt
rapidly – for changing business requirements
Easier re
use
Downsides – New Challenges – Not a free lunch - whether micro services a good solution for
you
Challenges
Developer Productivity
How can we make it easy for developers to be productive
working on the system?
Do they have to download code for every single micro
service?, run individually, configured them to talk to each other, That can be
error prone and time consuming , way of easily working on a single micro
service and as well as testing in the context of whole application
Complex Interactions
Take car to avoid inefficient, chatty communications between
micro services
IF we brake application for dozens of micro services then
interactions may be complicated.
Deployment
You will need to automate the process – you will have lots
of micro services
Monitoring
We need to have a centralized place to check the logs and
monitor for problems – cause you cannot
go to each service and find logs
These are just a few
So lots of challenges – good news- you have lots of patterns
and technologies to help you to overcome these challenges
Micro services – Do not dictate on
What
technology
What type
of data base you use
What type
of communication – asynchronously or synchronously
What
authentication mechanism
Completely free to use your favourite| best programming
language, tools
Micro services Architecture(wrap up)
-
Comparisons with monoliths
-
Benefits
-
Challenges
--
Build a new app using Micro services architecture or to
migrate monolith to microservices
Need to make Important Architecture decisions upfront
You do not have start with a micro service, but possible to
evolve existing app step by step
Evolving towards micro services
-
Micro services are autonomous – which means own
its own data
-
Own their data
-
Independently deployable – clearly defined and
backward compatible public interfaces
-
Identifying micro service boundaries – very
tricky, breaking monolith, boundary to context
-
What if I have a monolith already?
-
Augment a monolith
o
Add new micro services
-
Decompose a monolith
o
Extract micro services
-
No need to start with a micro service
o
Hard to get the service boundaries at start
o
Benefits are not seen in small projects
o
Let the app grow a little and then segregate for
micro services
Micro service Own data
Avoid sharing a data store – data store per service
Limitations
-
Data base joins – in two different databases
-
Transactions – cannot update two tables in two
dbs,
o
Either use distributed transactions – very
complicated or design our application to work in a ENETUALLY CONSISTANT manner
-
Eventual Consistency
o
May have to wait a while for overall state of
the data to be fully consistent. What this means in practise, when a single
business process requires to update more than one data source, there will be a
small window of time when changes made in one data store, but not the other. So
you need to design your applications in a such a way that it handle this Temporary
Inconsistency.
o
Summary
Evolving towards Micro service
Micro service own their data
May consist of multiple processes
Should be independently deployable
Avoid breaking changes – changing APIs
Identify “Bounded Context”
for micro service boundaries
Getting boundaries right – critical factor
Micro Service Hosting
Options
-
Virtual Machines
VM per
service – can be little costly , cause there are so many
Few
services in one VM – but can be messy as each MicroService has its own requirements, frameworks, database,
performance etc.( you can imagine with running few monoliths one machine)
-
Operational challenges
-
Service Discovery
Platform as a Service
Automatic Scale out
DNS address
Load balancing
Security
Monitoring
Serverless – nano services
Containers package up applications
Portable – run any where
Easily run locally
Docker compose
Use cloud – Paas – then you need invest more, cause as micro
services grow – productivity of the developers drop
Creating New
MicroService
-
Source control
repository per micro service
o
Avoid tight coupling between services
-
Continuous Integration build
o
Run automated tests
Types of Tests
-
Unit Tests -fast to run, high code coverage
-
Service level test – Integration test, Test
single service in isolation, Mock collaborators, Invest for Framework creating
service level test
-
End to End Test – Production like env, Can be
fragile,
Micro Services templates
Standardize
Logging – all logs in a same format
Health Checks –
Configuration –
Authentication
Build scripts – use
containers, docker
Increase Productivity
Developers focus on implementation of Business logic rather
than plumbing infrastructure
Connected shared services – cloud services
Communicating between MicroServices
Asynchronous and Synchronous communication patterns
Calling MicroServices
Are there any rules, can any service can call each other
Web, Mobile etc allowed call MS directly.
There are no hard rules, but there are difficulties when
allowing free flow access and call
-
End up making Tangled dependencies
-
Making cascading failures – one MS fail, causes
to fail others as well
-
Poor performance – call to one MS ends up with
calling dozens of MS call call hops
-
Mispalce (service) boundaries
Better
-
Minimize call between MS – you can publish
through event BUS, subscribe to services via BUS
-
Promote Asynchronous call between MS
-
Front end app, Single page app, Mobile – without
coming directly use a pattern call API Gateway – will have several benifits
o
Authentication – API Gateway level, security can
handle from single point
o
Front end apps needs to know how to call
different MS
o
Decouple Front end apps with MS , backend APIs
o
Micro Services do not call each other, Instead create events
in Event Bus
Event Bus implemented in either RabbitMQ when we run locally
or Azure Service Bus when running cloud
Messages are subscribed by MS and handled Asynchronously.
So use different communication patterns, suitably as shown.
API gateway for Each level
Synchronise Communication
Eg: Retrieve information from DB, select query
This is an Asynchronous call – customers do not want to
wait.
HTTP
-
Industry Standard
-
Can take advantage
o
Standardize approach
o
Caching – standard error codes
o
Payloads -JSON {native format of javascript,
support by many, easy}, XML
o
-
Implement APIs as a set of resources (RESTful
APIS)
o
Eg: Catalog Item, Order {Information as
resources}
-
Use standard HTTP methods
o
GET to retrieve, PUT
-
Good use of HTTP status Codes
-
Media Type headers (Content Type)
Rest is a big Topic. This is just a little
Asynchronous Communication
When we cannot expect
user to wait until everything is finished.
Communication over HTTP
Send status code “Accepted” rather than “OK” – then user can
check the status later
Callback – MS itself reports back when task is complete.
Client can register for callback URL , on which they like to receive
notification
Via Messaging
With registering to even BUS, others subscribe (rather than
calling directly)
1.
Simply creates a message and sends to “Message
Broker” – which acts as Intermediator.
2.
Other MSs subscribe to those messages
Act as an Intermediator , decouples micro services
completely.
Advantage for scaling – eg:If unprocessed messages growing,
you can simply scale out that MS with multiple instances.
Many “ServerLess” platforms does this automatically.
With containers also possible with configuring cluster of
services| containers
Message Types
-
Commands
-
Events
Command is an request to performed on particular action eg:
send a email
Events – something has happened, In Past Tense, several
actions might need to occur as result of that event eg: OrderPlaced ( charging
credit card, sending confirmation mail, checking on stock levels..)
RabbitMQ, Azure Service BUS
https://www.enterpriseintegrationpatterns.com/
Resilient Communication Patterns
We cannot expect service to be run 100% without error and
failure
Implement retry with backoff
First
attempt fail, wait little while – If second fail wait for more … back off
IF too
many attempts made – their can be denial of service attacks
Circuit breaker
Sit
between client and server
Passes
call through (circuit breaker is “closed”)
If enough
errors are detected, blocks further calls (circuit breaker is open)
After
time out – allows some calls to through, to see the problem has been resolved.
If OK – circuit close else open
Simple ,
but powerful – many have implemented – just use
Caching
Fallback to cache data, if service is unavailable
Messaging resilience ( Message Broker)
Inherent support for resilience
Idempotent
If
calling twice with same message will have same effect as call in once.
Eg: In e commerce sample app – we should have good check to
make sure for a order process multiple times – make sure ship once, charge once
for credit card
3.
You receive a message and partly processed and
something happens. As a result you receive it again.
Service Discovery
To MS to communicate
with each other – each should have an address
How to find and keep track
Service registry
When you need to communicate to MS, ask service registry –
where is that MS
Service Registry – typically distributed among all the
machines in the cluster. Which makes easy to contact service registry.
Service Discovery – Alternatives
DNS
If you using cloud – you automatically get DNS and plus load
balancing
If use Container such as Kubernetes
Built in
DNS – no need to know the IP address of each container , just need to know the
name of the service you need to call MS. It willtake care of routing traffic to
container you are running the service. Load balancing, if necessary.
So to handle challenges are much more easier – if you host
MS in modern platform
Securing Micro Services
You may use HTTPS – (TLS – Transport Layer with certificates
issues by trusted party), but it does not mean secure. You need to Authenticate
the user.
Authentication Option
-
Basic Authentication – User name and pass
Problem is every MS need to securely store passwords – need
best practises, better hashing etc
-
API key – (key per client , key management)
-
Client certificate (public key cryptography-
prove caller identity, but quite difficult to keep install and manage)
Is there a better way, one of the most promising approaches
– Identity server
Authorization server – takes care of the complexity of
authentication and authorization
1.
Client Authenticate with identity server by
sending credentials
2.
Identity server returns an access token (which
got limited life time)
3.
Access token in authorization header – to MS
(these are signed by public key cruptography helping the to verify )
4.
Verify Access token with Identity server
Here One service has the job of
Authentication
users and Managing their credentials securely.
Cause IS
implemented using Industry standard (OAuth 2.0 & OpenID connect) you don’t
have to write. You can make use of a third party solution. Writing IS is a lot
of work.
No comments:
Post a Comment