Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Josh Long (⻰龙之春)
@starbuxman
jlong@gopivotal.com
slideshare.net/joshlong
github.com/joshlong
http://spring.io


MICROSERVI...
@starbuxman
Spring Developer Advocate
Josh Long (⻰龙之春)
@starbuxman josh.long@springsource.com|
Jean Claude
van Damme! Java...
@starbuxman
@starbuxman
@starbuxman
@starbuxman
WEB
Controllers, REST,

WebSocket
INTEGRATION
Channels, Adapters,

Filters, Transformers
BATCH
Jobs, Steps,

R...
@starbuxman
Microservices - just SOA redux? 



What does the DRY principle, microservices, SOA, and
Unix command line too...
@starbuxman
Singly focused? 



Do as little as possible.
Express and expose a service, isolated and
encapsulated. 



@starbuxman
How do you expose a service? 

How do you do so simply?

Title Text
@starbuxman
…when somebody
says SOAP is
“SIMPLE”
@starbuxman
REST has no hard and fast rules.
REST is an architectural style, not a standard.
REST uses Headers to describe...
@starbuxman
status codes convey the result of the server’s attempt to
satisfy the request. 



Categories:
1xx: informatio...
@starbuxman
The Richardson Maturity Model is a way to grade your
API according to the REST constraints with 4 levels of
in...
@starbuxman
The Richardson Maturity Model 



Level 0: swamp of POX

http://martinfowler.com/articles/richardsonMaturityMo...
@starbuxman
The Richardson Maturity Model 



Level 1: resources

http://martinfowler.com/articles/richardsonMaturityModel...
@starbuxman
The Richardson Maturity Model 



Level 2: HTTP verbs

http://martinfowler.com/articles/richardsonMaturityMode...
Demonstration
Our first @RestController
Demonstration
What about headers and status codes??
@starbuxman
The Richardson Maturity Model 



Level 3: Hypermedia Controls (aka, HATEOAS)

http://martinfowler.com/article...
@starbuxman
Links provide possible navigations from a given resource
!
Links are dynamic, based on resource state.
!
<link...
Demonstration
Working with Hypermedia and 

Spring HATEOAS
@starbuxman
Security is hard. Don’t reinvent
the wheel!
!
Things to worry about when developing
web applications? EVERYTHI...
@starbuxman
Usernames and Passwords
!
If you can trust the client to keep a secret like a password, then it
can send the p...
@starbuxman
Tim Bray says: Passwords don’t scale
!
Too easy to compromise.
!
Updating all your clients whenever you change...
@starbuxman
OAuth is a way for one (automated) client to securely identify
itself to another service
!
Assumes a user cont...
@starbuxman
@starbuxman
@starbuxman
Demonstration
OAuth
@starbuxman
So, SSL/TLS is...?
!
an implementation of public key
cryptography:
!
!
!
public key cryptography only works be...
@starbuxman
SSL/TLS is used routinely to verify the identify of servers.
!
Normally, the client confirms the server, but t...
@starbuxman
from “Release It!”: feature complete != production ready
!
A microservice needs to be able to slot into a syst...
Demonstration
Designing (or configuring!) for production
@starbuxman
What about routing? Load balancing? Enter the smart
service host, or, PaaS
!
You don’t want to handle this in ...
@starbuxman
Questions?
References
spring.io
github.com/joshlong/bookmarks
github.com/joshlong/boot-it-up
github.com/joshlo...
Upcoming SlideShare
Loading in …5
×

Microservices with Spring Boot

14,761 views

Published on

A talk introducing Microservices with Spring Boot

Published in: Technology
  • Be the first to comment

Microservices with Spring Boot

  1. 1. Josh Long (⻰龙之春) @starbuxman jlong@gopivotal.com slideshare.net/joshlong github.com/joshlong http://spring.io 
 MICROSERVICES BOOTIFUL
  2. 2. @starbuxman Spring Developer Advocate Josh Long (⻰龙之春) @starbuxman josh.long@springsource.com| Jean Claude van Damme! Java mascot Duke some thing’s I’ve authored...
  3. 3. @starbuxman
  4. 4. @starbuxman
  5. 5. @starbuxman
  6. 6. @starbuxman WEB Controllers, REST,
 WebSocket INTEGRATION Channels, Adapters,
 Filters, Transformers BATCH Jobs, Steps,
 Readers, Writers BIG DATA Ingestion, Export,
 Orchestration, Hadoop DATA NON-RELATIONALRELATIONAL CORE GROOVYFRAMEWORK SECURITY REACTOR GRAILS Full-stack, Web XD Stream, Taps, Jobs BOOT Bootable, Minimal, Ops-Ready
  7. 7. @starbuxman Microservices - just SOA redux? 
 
 What does the DRY principle, microservices, SOA, and Unix command line tools have in common? 
 
 They promote singly-focused*, loosely-connected systems In object-oriented programming, the single responsibility principle states that every class should have a single responsibility, and that responsibility should be entirely encapsulated by the class. All its services should be narrowly aligned with that responsibility.! * http://en.wikipedia.org/wiki/Single_responsibility_principle
  8. 8. @starbuxman Singly focused? 
 
 Do as little as possible. Express and expose a service, isolated and encapsulated. 
 

  9. 9. @starbuxman How do you expose a service? 
 How do you do so simply?

  10. 10. Title Text @starbuxman …when somebody says SOAP is “SIMPLE”
  11. 11. @starbuxman REST has no hard and fast rules. REST is an architectural style, not a standard. REST uses Headers to describe requests & responses REST embraces HTTP verbs. (DRY)
  12. 12. @starbuxman status codes convey the result of the server’s attempt to satisfy the request. 
 
 Categories: 1xx: informational
 2xx: success
 3xx: redirection
 4xx: client error 
 5xx: server error 

  13. 13. @starbuxman The Richardson Maturity Model is a way to grade your API according to the REST constraints with 4 levels of increasing compliance ! http://martinfowler.com/articles/richardsonMaturityModel.html
  14. 14. @starbuxman The Richardson Maturity Model 
 
 Level 0: swamp of POX
 http://martinfowler.com/articles/richardsonMaturityModel.html Uses HTTP mainly as a tunnel through one URI
 e.g., SOAP, XML-RPC
 
 Usually features on HTTP verb (POST)

  15. 15. @starbuxman The Richardson Maturity Model 
 
 Level 1: resources
 http://martinfowler.com/articles/richardsonMaturityModel.html Multiple URIs to distinguish related nouns 
 e.g., /articles/1, /articles/2, vs. just /articles
 

  16. 16. @starbuxman The Richardson Maturity Model 
 
 Level 2: HTTP verbs
 http://martinfowler.com/articles/richardsonMaturityModel.html leverage transport-native properties to enhance service 
 e.g., HTTP GET and PUT and DELETE and POST
 
 Uses idiomatic HTTP controls like status codes, headers 

  17. 17. Demonstration Our first @RestController
  18. 18. Demonstration What about headers and status codes??
  19. 19. @starbuxman The Richardson Maturity Model 
 
 Level 3: Hypermedia Controls (aka, HATEOAS)
 http://martinfowler.com/articles/richardsonMaturityModel.html No a priori knowledge of service required
 Navigation options are provided by service and hypermedia controls
 
 Promotes longevity through a uniform interface
 

  20. 20. @starbuxman Links provide possible navigations from a given resource ! Links are dynamic, based on resource state. ! <link href=“http://...:8080/users/232/customers” 
 rel= “customers”/>
  21. 21. Demonstration Working with Hypermedia and 
 Spring HATEOAS
  22. 22. @starbuxman Security is hard. Don’t reinvent the wheel! ! Things to worry about when developing web applications? EVERYTHING ! (cross-site scripting, session fixation, identification, authorization, and authentication, encryption, and SO much more.)
  23. 23. @starbuxman Usernames and Passwords ! If you can trust the client to keep a secret like a password, then it can send the password using: 
 ...HTTP Basic - passwords are sent plaintext! ... HTTP Digest - hashed passwords, but still plaintext. 
 SSL/TLS encryption helps prevent man-in-the-middle attacks
  24. 24. @starbuxman Tim Bray says: Passwords don’t scale ! Too easy to compromise. ! Updating all your clients whenever you change your password would be a nightmare! !
  25. 25. @starbuxman OAuth is a way for one (automated) client to securely identify itself to another service ! Assumes a user context: ! “I authorize $CLIENTX to act on $USER_Y’s behalf” ! OAuth is a way of authorizing a client with particular access (scopes) !
  26. 26. @starbuxman
  27. 27. @starbuxman
  28. 28. @starbuxman
  29. 29. Demonstration OAuth
  30. 30. @starbuxman So, SSL/TLS is...? ! an implementation of public key cryptography: ! ! ! public key cryptography only works because we all agree to trust well known root CAs so trust! wow
  31. 31. @starbuxman SSL/TLS is used routinely to verify the identify of servers. ! Normally, the client confirms the server, but the server rarely requires the client to transmit a certificate. ! It’s easy enough to setup SSL/TLS on your web server. !
  32. 32. @starbuxman from “Release It!”: feature complete != production ready ! A microservice needs to be able to slot into a system’s monitoring, management, and other infrastructure ! How do you add health checks? ! JMX support? Analytics like Graphite?
  33. 33. Demonstration Designing (or configuring!) for production
  34. 34. @starbuxman What about routing? Load balancing? Enter the smart service host, or, PaaS ! You don’t want to handle this in your code. ! You could build a platform that handles these things for you like Netflix, Foursquare, eBay, Google and others did. ! Or you could simply use a Platform-as-a-Service, like 
 Cloud Foundry, Heroku, OpenShift, or Azure SPRING WORKS WELL IN THE CLOUD
  35. 35. @starbuxman Questions? References spring.io github.com/joshlong/bookmarks github.com/joshlong/boot-it-up github.com/joshlong/boot-examples docs.spring.io/spring-boot/ ! Josh Long (⻰龙之春) @starbuxman jlong@gopivotal.com slideshare.net/joshlong github.com/joshlong http://spring.io

×