Microservices with Spring Boot

12,595 views

Published on

A talk introducing Microservices with Spring Boot

Published in: Technology

Microservices with Spring Boot

  1. 1. Josh Long (⻰龙之春) @starbuxman jlong@gopivotal.com slideshare.net/joshlong github.com/joshlong http://spring.io 
 MICROSERVICES BOOTIFUL
  2. 2. @starbuxman Spring Developer Advocate Josh Long (⻰龙之春) @starbuxman josh.long@springsource.com| Jean Claude van Damme! Java mascot Duke some thing’s I’ve authored...
  3. 3. @starbuxman
  4. 4. @starbuxman
  5. 5. @starbuxman
  6. 6. @starbuxman WEB Controllers, REST,
 WebSocket INTEGRATION Channels, Adapters,
 Filters, Transformers BATCH Jobs, Steps,
 Readers, Writers BIG DATA Ingestion, Export,
 Orchestration, Hadoop DATA NON-RELATIONALRELATIONAL CORE GROOVYFRAMEWORK SECURITY REACTOR GRAILS Full-stack, Web XD Stream, Taps, Jobs BOOT Bootable, Minimal, Ops-Ready
  7. 7. @starbuxman Microservices - just SOA redux? 
 
 What does the DRY principle, microservices, SOA, and Unix command line tools have in common? 
 
 They promote singly-focused*, loosely-connected systems In object-oriented programming, the single responsibility principle states that every class should have a single responsibility, and that responsibility should be entirely encapsulated by the class. All its services should be narrowly aligned with that responsibility.! * http://en.wikipedia.org/wiki/Single_responsibility_principle
  8. 8. @starbuxman Singly focused? 
 
 Do as little as possible. Express and expose a service, isolated and encapsulated. 
 

  9. 9. @starbuxman How do you expose a service? 
 How do you do so simply?

  10. 10. Title Text @starbuxman …when somebody says SOAP is “SIMPLE”
  11. 11. @starbuxman REST has no hard and fast rules. REST is an architectural style, not a standard. REST uses Headers to describe requests & responses REST embraces HTTP verbs. (DRY)
  12. 12. @starbuxman status codes convey the result of the server’s attempt to satisfy the request. 
 
 Categories: 1xx: informational
 2xx: success
 3xx: redirection
 4xx: client error 
 5xx: server error 

  13. 13. @starbuxman The Richardson Maturity Model is a way to grade your API according to the REST constraints with 4 levels of increasing compliance ! http://martinfowler.com/articles/richardsonMaturityModel.html
  14. 14. @starbuxman The Richardson Maturity Model 
 
 Level 0: swamp of POX
 http://martinfowler.com/articles/richardsonMaturityModel.html Uses HTTP mainly as a tunnel through one URI
 e.g., SOAP, XML-RPC
 
 Usually features on HTTP verb (POST)

  15. 15. @starbuxman The Richardson Maturity Model 
 
 Level 1: resources
 http://martinfowler.com/articles/richardsonMaturityModel.html Multiple URIs to distinguish related nouns 
 e.g., /articles/1, /articles/2, vs. just /articles
 

  16. 16. @starbuxman The Richardson Maturity Model 
 
 Level 2: HTTP verbs
 http://martinfowler.com/articles/richardsonMaturityModel.html leverage transport-native properties to enhance service 
 e.g., HTTP GET and PUT and DELETE and POST
 
 Uses idiomatic HTTP controls like status codes, headers 

  17. 17. Demonstration Our first @RestController
  18. 18. Demonstration What about headers and status codes??
  19. 19. @starbuxman The Richardson Maturity Model 
 
 Level 3: Hypermedia Controls (aka, HATEOAS)
 http://martinfowler.com/articles/richardsonMaturityModel.html No a priori knowledge of service required
 Navigation options are provided by service and hypermedia controls
 
 Promotes longevity through a uniform interface
 

  20. 20. @starbuxman Links provide possible navigations from a given resource ! Links are dynamic, based on resource state. ! <link href=“http://...:8080/users/232/customers” 
 rel= “customers”/>
  21. 21. Demonstration Working with Hypermedia and 
 Spring HATEOAS
  22. 22. @starbuxman Security is hard. Don’t reinvent the wheel! ! Things to worry about when developing web applications? EVERYTHING ! (cross-site scripting, session fixation, identification, authorization, and authentication, encryption, and SO much more.)
  23. 23. @starbuxman Usernames and Passwords ! If you can trust the client to keep a secret like a password, then it can send the password using: 
 ...HTTP Basic - passwords are sent plaintext! ... HTTP Digest - hashed passwords, but still plaintext. 
 SSL/TLS encryption helps prevent man-in-the-middle attacks
  24. 24. @starbuxman Tim Bray says: Passwords don’t scale ! Too easy to compromise. ! Updating all your clients whenever you change your password would be a nightmare! !
  25. 25. @starbuxman OAuth is a way for one (automated) client to securely identify itself to another service ! Assumes a user context: ! “I authorize $CLIENTX to act on $USER_Y’s behalf” ! OAuth is a way of authorizing a client with particular access (scopes) !
  26. 26. @starbuxman
  27. 27. @starbuxman
  28. 28. @starbuxman
  29. 29. Demonstration OAuth
  30. 30. @starbuxman So, SSL/TLS is...? ! an implementation of public key cryptography: ! ! ! public key cryptography only works because we all agree to trust well known root CAs so trust! wow
  31. 31. @starbuxman SSL/TLS is used routinely to verify the identify of servers. ! Normally, the client confirms the server, but the server rarely requires the client to transmit a certificate. ! It’s easy enough to setup SSL/TLS on your web server. !
  32. 32. @starbuxman from “Release It!”: feature complete != production ready ! A microservice needs to be able to slot into a system’s monitoring, management, and other infrastructure ! How do you add health checks? ! JMX support? Analytics like Graphite?
  33. 33. Demonstration Designing (or configuring!) for production
  34. 34. @starbuxman What about routing? Load balancing? Enter the smart service host, or, PaaS ! You don’t want to handle this in your code. ! You could build a platform that handles these things for you like Netflix, Foursquare, eBay, Google and others did. ! Or you could simply use a Platform-as-a-Service, like 
 Cloud Foundry, Heroku, OpenShift, or Azure SPRING WORKS WELL IN THE CLOUD
  35. 35. @starbuxman Questions? References spring.io github.com/joshlong/bookmarks github.com/joshlong/boot-it-up github.com/joshlong/boot-examples docs.spring.io/spring-boot/ ! Josh Long (⻰龙之春) @starbuxman jlong@gopivotal.com slideshare.net/joshlong github.com/joshlong http://spring.io

×