This document discusses considerations for migrating from a monolithic application architecture to microservices. It outlines a three stage process: 1) separating services but keeping a shared database, 2) separating databases but still requiring synchronous access to other services' data, and 3) fully decoupled services and data using event-driven architecture. Key challenges discussed include tight coupling between initial microservices, integration testing difficulties, maintaining backward/forward compatibility, and securing communication between services. The presenter advocates for evolving the architecture gradually and investing in tooling to manage complexity.
Anypoint Monitoring - Built in Dashboards, Custom Dashboards, Alerts and Func...Anoop Ramachandran
We intend to present to you the Anypoint Monitoring capabilities such as built in dashboards, custom dashboards, event driven alerts and functional monitoring. This helps us to provide more visibilty into the integrations across your application network which helps us to ensure the reliability and stability of our services.
MuleSoft Kochi Meetup #3– Integration with Web Socketssumitahuja94
A brief agenda:
> Networking and Knowledge sharing.
> MuleSoft Latest Product Release Updates.
> Integration with Web Sockets.
> Live Demonstration
> Quiz.
ServiceNow and Gmail Integration with MuleSoft with detailed Demo
A brief agenda:
> Networking and Knowledge sharing.
> MuleSoft Latest Product Release Updates.
> Gmail Integration with MuleSoft
> ServiceNow Integration with MuleSoft
> Demo
Anypoint Monitoring - Built in Dashboards, Custom Dashboards, Alerts and Func...Anoop Ramachandran
We intend to present to you the Anypoint Monitoring capabilities such as built in dashboards, custom dashboards, event driven alerts and functional monitoring. This helps us to provide more visibilty into the integrations across your application network which helps us to ensure the reliability and stability of our services.
MuleSoft Kochi Meetup #3– Integration with Web Socketssumitahuja94
A brief agenda:
> Networking and Knowledge sharing.
> MuleSoft Latest Product Release Updates.
> Integration with Web Sockets.
> Live Demonstration
> Quiz.
ServiceNow and Gmail Integration with MuleSoft with detailed Demo
A brief agenda:
> Networking and Knowledge sharing.
> MuleSoft Latest Product Release Updates.
> Gmail Integration with MuleSoft
> ServiceNow Integration with MuleSoft
> Demo
Getting Started with MuleSoft Integrations as a Cloud Engineer. An overview of Accelerators and Composer, followed by an AWS/Salesforce/MuleSoft integration experience share by developers new to MuleSoft.
Metadata definition between flows on Studio 7 : MuleSoft Virtual Muleys MeetupsAngel Alberici
Speakers: Guillermo Reobasco - MuleSoft - Software Engineering LMTS, Agustin Daniel Marraco - MuleSoft - Software Engineering MTS
Host: Angel Alberici
Youtube: Virtual Muleys (https://www.youtube.com/c/VirtualMuleysOnline/videos)
Meetups: https://meetups.mulesoft.com/online-group-english/
Extraordinary session directly from the Engineering Team, our colleagues Guillermo Reobasco and Agustin Marraco will get you up to speed on metadata definition between flows and the approach taken in Studio 7 with Custom Metadata Assistant.
This is a hands-on session to get an overview of how “Custom Metadata Assistant” brings metadata definition between flows to the Studio 7 experience.
Agenda:
Introductions
Concepts overview and Context
What is DataSense
Metadata Definition
Studio 6 vs Studio 7 approaches
Metadata assistant
Demo
Questions and Answers
Speakers:Gonzalo Bas, Amir Khan, Ivan Z., Angel Alberici
Host: Angel Alberici
Youtube: Virtual Muleys (https://www.youtube.com/c/VirtualMuleysOnline/videos)
Session 1: Integration for Sustainability: Leveraging the Anypoint Platform in Sustainability Scenarios
https://youtu.be/0vXgNU47HyM
Session 2: new MuleSoft Tools for DevOps 2021: the Anypoint Provider for Cloudhub Automation + Terraform Template; the Governance REST gSpreadsheet and the Postman collections for MuleSoft PlatformsAPIs
https://youtu.be/tqgoFmPgl7Y
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...Angel Alberici
VirtualMuleys - March 2021 Meetup - 20210303
Speakers:
Arno A. Brugman: Operationalizing your C4E
Anu Vijayamohan: Deployment Considerations: Cloudhub, RTF, Hybrid, On-Prem, etc.)
Host: Angel Alberici
Youtube: Virtual Muleys (https://www.youtube.com/c/VirtualMuleysOnline/videos)
Disclaimer: These presentations are to be used as guidelines, for a certification of your own Environments and selecting the best Deployment model for your needs you need to reach out to MuleSoft or an Approved Partner SI
c4e, center for enablement, center for excellence, cloudhub, coe, consulting, deployment, developers, mulesoft, mulesoftdevelopers, mulesoftmeetups, operational model, rtf 101
Speaker: David Guest
Host: Angel Alberici
VirtualMuleys: 63
https://meetups.mulesoft.com/events/details/mulesoft-online-group-english-presents-event-driven-architecture-with-mulesoft/
In this session, we will look at
Event-driven (Asynch) vs Synchronous
Event-Driven Infrastructure
Event-Driven Patterns
Mulesoft Implementation
#3 calicut meetup - understanding slb, dlb and web socketsJohnMathewPhilip
In this virtual-meetup session held on 28th August, 2021 by Patryk Bandurski (MuleSoft Ambassador) we cover a detailed part of SLB, DLB and Web Sockets.
Get the Message Across: Seamlessly Transport Data to Apps, AnywhereVMware Tanzu
Modern applications are built to embrace unpredictability and interconnectivity across multiple clouds, legacy systems, and datastores. So how does one avoid cobbling together a slew of purpose-specific messaging and streaming technologies? How does one ensure consistent configuration of security policies, logging, and access to their distributed applications? And how do we do all that against the backdrop of ever-shrinking development cycles?
Join Jonathan Schabowsky from Solace and Kamala Dasika from Pivotal as they discuss:
- Data distribution challenges when connecting diverse endpoints and systems
- Patterns to help normalize the chaos
- Platform and messaging attributes that are key to supporting distributed architectures
Presentesr :
Jonathan Schabowsky, Sr. Architect in the Solace Office of the CTO
Kamala Dasika, Pivotal
Getting Started with MuleSoft Integrations as a Cloud Engineer. An overview of Accelerators and Composer, followed by an AWS/Salesforce/MuleSoft integration experience share by developers new to MuleSoft.
Metadata definition between flows on Studio 7 : MuleSoft Virtual Muleys MeetupsAngel Alberici
Speakers: Guillermo Reobasco - MuleSoft - Software Engineering LMTS, Agustin Daniel Marraco - MuleSoft - Software Engineering MTS
Host: Angel Alberici
Youtube: Virtual Muleys (https://www.youtube.com/c/VirtualMuleysOnline/videos)
Meetups: https://meetups.mulesoft.com/online-group-english/
Extraordinary session directly from the Engineering Team, our colleagues Guillermo Reobasco and Agustin Marraco will get you up to speed on metadata definition between flows and the approach taken in Studio 7 with Custom Metadata Assistant.
This is a hands-on session to get an overview of how “Custom Metadata Assistant” brings metadata definition between flows to the Studio 7 experience.
Agenda:
Introductions
Concepts overview and Context
What is DataSense
Metadata Definition
Studio 6 vs Studio 7 approaches
Metadata assistant
Demo
Questions and Answers
Speakers:Gonzalo Bas, Amir Khan, Ivan Z., Angel Alberici
Host: Angel Alberici
Youtube: Virtual Muleys (https://www.youtube.com/c/VirtualMuleysOnline/videos)
Session 1: Integration for Sustainability: Leveraging the Anypoint Platform in Sustainability Scenarios
https://youtu.be/0vXgNU47HyM
Session 2: new MuleSoft Tools for DevOps 2021: the Anypoint Provider for Cloudhub Automation + Terraform Template; the Governance REST gSpreadsheet and the Postman collections for MuleSoft PlatformsAPIs
https://youtu.be/tqgoFmPgl7Y
Operationalizing your C4E VirtualMuleys & Deployment Considerations: Cloudhub...Angel Alberici
VirtualMuleys - March 2021 Meetup - 20210303
Speakers:
Arno A. Brugman: Operationalizing your C4E
Anu Vijayamohan: Deployment Considerations: Cloudhub, RTF, Hybrid, On-Prem, etc.)
Host: Angel Alberici
Youtube: Virtual Muleys (https://www.youtube.com/c/VirtualMuleysOnline/videos)
Disclaimer: These presentations are to be used as guidelines, for a certification of your own Environments and selecting the best Deployment model for your needs you need to reach out to MuleSoft or an Approved Partner SI
c4e, center for enablement, center for excellence, cloudhub, coe, consulting, deployment, developers, mulesoft, mulesoftdevelopers, mulesoftmeetups, operational model, rtf 101
Speaker: David Guest
Host: Angel Alberici
VirtualMuleys: 63
https://meetups.mulesoft.com/events/details/mulesoft-online-group-english-presents-event-driven-architecture-with-mulesoft/
In this session, we will look at
Event-driven (Asynch) vs Synchronous
Event-Driven Infrastructure
Event-Driven Patterns
Mulesoft Implementation
#3 calicut meetup - understanding slb, dlb and web socketsJohnMathewPhilip
In this virtual-meetup session held on 28th August, 2021 by Patryk Bandurski (MuleSoft Ambassador) we cover a detailed part of SLB, DLB and Web Sockets.
Get the Message Across: Seamlessly Transport Data to Apps, AnywhereVMware Tanzu
Modern applications are built to embrace unpredictability and interconnectivity across multiple clouds, legacy systems, and datastores. So how does one avoid cobbling together a slew of purpose-specific messaging and streaming technologies? How does one ensure consistent configuration of security policies, logging, and access to their distributed applications? And how do we do all that against the backdrop of ever-shrinking development cycles?
Join Jonathan Schabowsky from Solace and Kamala Dasika from Pivotal as they discuss:
- Data distribution challenges when connecting diverse endpoints and systems
- Patterns to help normalize the chaos
- Platform and messaging attributes that are key to supporting distributed architectures
Presentesr :
Jonathan Schabowsky, Sr. Architect in the Solace Office of the CTO
Kamala Dasika, Pivotal
apidays LIVE Australia 2020 - The Evolution of APIs: Events and the AsyncAPI ...apidays
apidays LIVE Australia 2020 - Building Business Ecosystems
The Evolution of APIs: Events and the AsyncAPI specification
Aaron Lee, Developer Advocate, CTO Team at Solace
Content presented at the inaugural MuleSoft Meetup Singapore hosted by WhiteSky Labs in March 2019.
Key topics covered during the event:
1. Introduction to API-Led Integration and MuleSoft
2. Overview of MuleSoft Anypoint Version 4
ngStockholm #8 at NetEnt - Micro Frontend ArchitectureIshaan Puniani
Micro frontend ngstockholm#8@netent
A brief about, How we are de-coupling Add-on features from the main application that makes the developer's life easy.
Implement a Universal Data Distribution Architecture to Manage All Streaming ...Timothy Spann
Implement a Universal Data Distribution Architecture to Manage All Streaming Data
Cloudera Partner SkillUp
Tim Spann
Principal Developer Advocate in Data In Motion for Cloudera
tspann@cloudera.com
using apache nifi, apache kafka and apache flink in a hybrid environment
cloudera dataflow
cloudera streams messaging manager
cloudera sql streams builder
A New Approach to Continuous Monitoring in the CloudNETSCOUT
In this #CLUS 2019 session, you will learn how NETSCOUT’s smart data platform enables continuous monitoring in hybrid cloud environments to minimize risk and accelerate customer migration to the Cloud. You will review real-life examples of how businesses optimized their Cloud migration gaining visibility and deep insights, in both physical and virtual worlds, to maintain continuity and security of the services throughout the migration process.
apidays LIVE Paris - Data with a mission: a COVID-19 API case study by Matt M...apidays
apidays LIVE Paris - Responding to the New Normal with APIs for Business, People and Society
December 8, 9 & 10, 2020
Data with a mission: a COVID-19 API case study
Matt McLarty, Global Leader of API Strategy at MuleSoft
Sanjna Verma, Product Manager at Salesforce
apidays LIVE Australia 2020 - Data with a Mission by Matt McLarty apidays
apidays LIVE Australia 2020 - Building Business Ecosystems
Data with a Mission: A COVID-19 API Case Study
Matt McLarty, Global Leader, API Strategy & Sanjna Verma, Product Manager at MuleSoft
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Distilling the monolith to microservices journey at CMG
1. Distilling the monolith to
microservices journey
Oct 13, 2020
Sanjay Nagaraj Buchi Reddy
CTO/Co-Founder,Traceable Platform Engineering
Lead,Traceable
2. 2
About the Speakers
Agenda
Evolution: Monolith to Microservices
Microservices migration by the Book
Considerations when migrating from a
monolith to microservices
“Successful software gets changed”
- Fred Brooks from ‘No Silver Bullet’
HYPERTRACE_
3. 3
The Traceable Team
Creators of Traceable & Hypertrace
TEAM PROFILE_
● Founded 2019
● Series A funding via Unusual Ventures
● 32 Engineers & Domain Experts across San
Francisco Bay Area and India
● 150+ Years of Combined DevSecOps Experience
● Team Hails from companies such as AppDynamics,
Inmobi, Wallarm, IDF, Amazon, Informatica &
Redis Labs
● Hypertrace released as open source project
July 2020
Sanjay Nagaraj
Buchi Reddy
CTO/Co-Founder,Traceable
VP Engineering,AppDynamics
Platform Engineering Lead,Traceable
Director of Engg, Data Platform,
AppDynamics
Jyoti Bansal
CEO/Co-Founder,Traceable
CEO/Co-Founder,Harness.io
CEO/Founder,AppDynamics
5. Security gaps new in Microservices
5
Single source of logs from the
monolith
Difficult to trace root-cause
analysis across systems
Release every 3-6 months;
firewall and WAF rules developed
over years
Pace of development much
higher than the pace of security
Most threats are network or
legacy static OWASP
Existing tools are ineffective
against emerging threats
Monolothic systems and multi-
page apps.
Proliferation of APIs with poor
lifecycle management
Microservices
Monolithic
MODERN SECURITY_
For almost half of those adopting
microservices, security is a top
concern.
7. Evolution: From Monolith to Microservices
7
Stages:
● Start with Monolith
1. Microservices, but with Tight Coupling
2. Microservices with Loosely Coupled Services, but Temporal Data
3. Microservices with Loosely Coupled Services AND Decoupled Data
8. Start: Monolith
8
Database 1
Application
Status
● All code in one application service
● In-process calls to other modules
Pros
● Fewer moving parts. Less complex
● Simpler deployment & management
● Fewer failure points
Cons
● Teams can’t deploy services independently
● Teams can’t use different languages, versions
● Can’t scale parts independently
● Single point of failure
9. 1. Microservices, but with Tight Coupling
9
Database 1
Application
Progress
● Separated the services, but database
is still shared
Pros
● Teams can deploy services
independently
● Teams can use different languages
and versions
Cons
● Must be careful not to overwrite data or
schema owned by other services
● Tight coupling because each service is
dependent on each other
10. 2. Microservices with Loose Coupling, but Temporal Data
10
Progress
● Completely separated the
databases. so each service has its
own databases. None are shared.
Pros
● Can deploy services AND database
changes independently
Cons
● You must access other services
data via synchronous APIs
● Still ‘tight coupling’ because each
service requires the other services
data
Database 1 Database 2
Application
11. 3. Microservices with Loose Coupling AND Nontemporal
11
Progress
● Event-driven Architecture
● Each Service maintains a local query
view of external data
Pros
● Fast access to data
● All data needed is local
Cons
● Data duplication
● Local data is eventually consistent
Database 1 Database 2
Application
13. Migrating to Microservices: Build pain points
13
● Need fairly new ways to build, version, package artifacts
○ Be ready to invest in a lot of *new* build tooling
● Components are often too tightly coupled
○ Start small and have a plan; baby steps are the key
○ First create modularity within the monolith
○ Re-architect parts of the system?
○ Re-write a service?
● Intimidated to break down some parts
○ Evolve slowly: Monolith → tight coupling → temporal coupling → fully decoupled
● Integration testing is harder
○ Mocking services FTW
14. Migrating to Microservices: Build pain points
14
● Functionality is often broken
○ Start caring about backward and forward compatibility
○ Test the API and data format compatibility in the CI
○ Resiliency
○ Idempotency?
○ Mocks needed for integration testing
○ Automated testing as guardrails
○ Continuous end-to-end product feature validation
● No control over what Docker images or OS are used
○ Common base images, security controls, standards
○ Standards around service user, accounts, etc
15. Migrating to Microservices: Maintenance pain points
15
● Deploying and managing multiple services isn’t as simple
○ Have (pick) a framework to orchestrate multiple services at scale
○ Pick service packaging model, versioning
● Impossible to debug a broken deployment
○ Continuously deliver to reduce payload
○ Canary or B/G deployment
○ Tooling to surface issues easily
● Old school APM tools aren’t enough to monitor
○ Welcome to distributed tracing!
○ Use Hypertrace (shameless promotion)
● Logs aren’t in single place
○ Invest in a logging solution
16. Migrating to Microservices: Security posture
16
● Service to service communication isn’t as secure anymore
○ Secure service to service communication
○ Embrace a service mesh and mTLS, if it makes sense
○ Zero-touch certificate management and rotation
● Larger attack surface for your APIs
○ Invest in proper security tools to detect security attacks and protect
○ Shift left
● AuthN & AuthZ can’t be enforced in a single place now
○ Centralized Auth servers or distributed?
○ Latency is super critical
○ Distributed policy rollout
17. Microservices: Are you overdoing them?
17
● Too many microservices
○ Mini services?
○ API inventory tools
○ Service discovery tools
● Too many repositories
○ Unless you’re Google, you have separate repositories. Tooling to easily
work across repos
○ Consider macro repos
● Who should own the on-call issues?
○ Automate alert routing and trivial triaging
○ RCA tools
○ SLAs, SLOs
19. Hypertrace provides observability into your
application architecture. It includes global, service
and backend dashboards, allowing teams fast
insight into service level objectives.
Hypertrace & OpenTelemetry
19
● Collect distributed traces
● Enrich your tracing data
● Visualize real-time activity
Deploy Using:
http://hypertrace.orgMore at:
Hypertrace Supports Tracers and Agents:
Thank you all for taking the time. Buchi and I will share some of the lessons we learnt in our own journeys in microservices.
At traceable, we are enabling application security for your cloud-native applications. We are combining the power of distributed tracing and machine learning to help our customers discover and understand the security posture of their Applications and Protect those applications. We also enable investigation of potential attacks with insights from the distributed trace data.
Over the years we have seen the migration of monolithic services to Microservices. The rapid adoption of K8S has further enabled the migration. The applications are becoming distributed API driven and mobile driven and exposing the business logic directly to the outside world. The biggest problems with these complex architectures is in understanding the performance, security and business impact.
Since traceables goal is to help our customers protect their applications. Let me take security as an example in the world of microservices and discuss why it is a concern for a majority of security practitioners as they adopt microservices.
Having introduced traceable and the problem we set out to solve. Let us take a step back and start to think about the migration to microservices and some of the challenges with it and learnings on our end.
Thanks Buchi. As we discussed Microservices is hard and takes a lot of effort to operate them. At traceable we recognized this and internally we were using a distributed tracing platform to build application security solutions for our customers. We decided that what we were using ourselves can be helpful for the broader microservices community and hence we open sourced the project called Hypertrace. One of the best things that happend in the tracing community was the formation of Opentelemetry as a project. OpenTelemetry provides a single set of APIs, libraries, agents, and collector services to capture distributed traces and metrics from your application. We fully support otel with hypertrace. We hope with hypertrace we are doing our part in enhancing the use of distributed tracing with your microservices