SlideShare a Scribd company logo

From on premises monolith to cloud microservices

Download as PPTX, PDF
A
Albert Lombarte

Presentation from Devops Barcelona conference on June 2019. Step by step process to migrate from a monolith to several microservices in the cloud. See with transitions at https://docs.google.com/presentation/d/10PvqjwDwBv96Ga2k0ZLrfi83NrQQnGQyLPKn0XsYC40/edit#slide=id.g585eb34422_0_592

Technology
1 of 67
From on-premises monolith to cloud microservices using a stateless API Gateway Albert Lombarte @alombarte
2019 KrakenD API Gateway2 MONOLITHInternet
2019 KrakenD API Gateway3 MONOLITH Database ? Catalog Promotions Basket Payments Orders Pricing Stock Authentication
2019 KrakenD API Gateway4 Internal communication Direct, synchronous Queues Polling Pub/Sub Service Mesh
2019 KrakenD API Gateway5 Catalog Promotions Basket Payments Orders Pricing Stock Authentication Android iOS SPA ? External consumption
2019 KrakenD API Gateway6 Photo by @voyagefervor, Instagram Service Mesh API Gateways Proxies with GW GraphQL API Managers
2019 KrakenD API Gateway7 Proxy with GW 1:1 mapping endpoint-backends - No business logic - Offload cross-cutting concerns. No aggregation Products with overlapping features GraphQL HTTP only - Single Endpoint - Allows the client to choose exactly the data in the response. E.g: you provide an API to developers out of your organization API Gateway Services aggregation - Business logic - API Contract - No coupling to backend - Offload cross-cutting concerns. Can implement the BFF pattern. Service Mesh Internal communication between services (not for the end-user). No business logic API Managers Access management (generate API Keys), billing, developer portal, usage statistics
Stateless vs Stateful
2019 KrakenD API Gateway9 Stateful
2019 KrakenD API Gateway10 Stateless
2019 KrakenD API Gateway11 A gateway is not the new monolith ★ Coordination required ★ Data synchronization ★ Datastore as source of truth ★ Complexity ★ Multi-region lag ★ Mutable configuration NON-LINEAR SCALABILITY Stateless Stateful ★ No node coordination ★ No synchronization ★ Zero complexity ★ No challenges for Multi-region ★ Declarative configuration ★ Immutable infrastructure LINEAR SCALABILITY
2019 KrakenD API Gateway12 API GW APIGW:North-southtraffic Mesh: east-west traffic
Choosing a stateless API gateway
2019 KrakenD API Gateway14 Proxy with API Gateway capabilities Catalog Promotions Basket Payments Orders Pricing Stock Authentication Android iOS SPA PROXY
2019 KrakenD API Gateway15 KrakenD API gateway to transition to microservices Catalog Promotions Basket Payments Orders Pricing Stock Authentication /frontpage { "catalog": {}, "promos": {}, "pricing": {} }
2019 KrakenD API Gateway16 Offloading shared needs Catalog Promotions Basket Payments Orders Pricing Stock Authentication Manipulation Filtering Circuit Breaker Metrics/Tracing Aggregation Security Authorization Service Discovery Encoding Logging Rate Limit Monitoring Load Balancer Pub/Sub Transport adapter Stub Data Traffic Mirroring Queues
Migration by example Step by step
2019 KrakenD API Gateway18 Migration strategies NEW functionality INCREMENTAL Migration (piece by piece, new and old) ALL IN Swap
2019 KrakenD API Gateway19 Incremental move to µservices Database Catalog Promotions Basket Payments Orders Pricing Stock Authentication
2019 KrakenD API Gateway20 Migration steps TL;DR 2 Move authorization to the GW 1 Add the gateway 3 Break a piece of the monolith 4 Aggregate the microservice 5 Deployment and Observability
Add the gateway Keep the API contract
2019 KrakenD API Gateway22 Add the gateway, as a proxy Web + API MONOLITH /foo /bar /foo /bar Proxy 1 Keep the existing API contract Forward cookies
2019 KrakenD API Gateway23 { "version": 2, "host": ["http://monolith"], "endpoints": [{ "endpoint": "/login", "output_encoding": "no-op", "headers_to_pass": ["Cookie"], "backend": [{ "url_pattern": "/login", "encoding": "no-op" }] }, {...} ] } Configuration Client -> Gateway -> Monolith (proxy) krakend.json ❯ krakend run -c krakend.json Start the server:
2019 KrakenD API Gateway24
2019 KrakenD API Gateway25 Unified interface Service 1 v1.1 XML Service 2 v3.2 JSON Service 3 v2.9 RSS 你好 Hello Привет KrakenD /v1/hello-world ➔ Automatic API generation and integration ➔ Consumers (iOS, Android, Web, Server devs) in control of the API ➔ Homogeneous consumption of data formats and encodings ➔ Reduced bandwidth and errors ➔ Increased speed ➔ Better quality of service
2019 KrakenD API Gateway26 Gateway added At this point... - The gateway is in the cloud - Plugged to the onprem monolith (VPN?) - It’s hybrid (cloud+onprem) - We defined all endpoints - Transparent for the client - Session Cookies still allowed API contract kept 1
2019 KrakenD API Gateway27 The weakest punishes the stronger When weakly typed languages harm the strongly typed ones { "id_user": 2, "alias": "bob" } Output from weakly typed lang Strongly typed { "id_user": "2", "alias": "bob" } 😱 HORROR STORIES 😱
Move the authorization to the Gateway From session cookies to JWT
2019 KrakenD API Gateway29 Add JWT-based authentication 2 MONOLITH /foo /foo
2019 KrakenD API Gateway30 Add JWT-based authentication 2 /token /login?token=1 POST MONOLITH /foo /foo signer { "id_user": "89990", "username": "jimmy" } <token> JWT Authorization: Bearer <token>
2019 KrakenD API Gateway31 Login controller in the monolith (BEFORE) if ($user_data = $this->login($username, $password)) { // Start the session (COOKIE) startUserSession($user_data); // Set the “remind me” cookie: setRemindMeCookie($user_data['auto_login']); ... } 2
2019 KrakenD API Gateway32 Login controller in the monolith (AFTER) if ($user_data = $this->login($username, $password)) { if ($request->has('token')) { // ?token=1 return json_encode([ "access_token" => [ "aud" => "https://api.company.com", "iss" => "https://monoli.th", "sub" => $user_data->id_user, "jti" => uniqid('', true), "roles" => [$user_data->role], "exp" => time() + 1800, // 30 minutes "other_data" => $user_data->other ] ]); } else { startUserSession($user_data); setRemindMeCookie($user_data['auto_login']); //... } } 2
2019 KrakenD API Gateway33 "endpoint": "/basket", "extra_config": { "github.com/devopsfaith/krakend-jose/validator": { "alg": "HS256", "audience": ["http://api.example.com"], "roles_key": "roles", "roles": ["user", "admin"], "jwk-url": "https://monolith/jwk/symmetric.json" } }, "output_encoding": "no-op", "headers_to_pass": ["Authentication"], "backend": [{ "url_pattern": "/bar", "encoding": "no-op" }] Authorization granularity krakend.json
2019 KrakenD API Gateway34 <?php $jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiw ibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT 4fwpMeJf36POk6yJV_adQssw5c'; $token_parts = explode('.', $jwt); $user_data = json_decode(base64_decode($token_parts[1])); Retrieve “session” data from token 2 object(stdClass)#1 (3) { ["sub"]=> string(10) "1234567890" ["name"]=> string(8) "John Doe" ["iat"]=> int(1516239022) }
2019 KrakenD API Gateway35 At this point... - All desired endpoints are protected by the gateway (sign + validation) - “Authentication” header is the only needed header, but not cookies. - The monolith gets session data from token JWT tokens implemented No more sessions 2
Start chopping the monolith
2019 KrakenD API Gateway37 Where to cut the monolith? Social Tech
2019 KrakenD API Gateway38Chop your way Photo by Jason Abdilla
2019 KrakenD API Gateway39 Avoid dependencies over the network N times Cascading requests HORROR STORIES 😱
2019 KrakenD API Gateway40 Size! 4GBDocker image HORROR STORIES 😱
2019 KrakenD API Gateway41 Pick a first service to extract Catalog Promotions Basket Payments Orders Pricing Stock /login Authentication MONOLITH 3
2019 KrakenD API Gateway42 Idempotent and safe services? Gateway It’s a read operation but…. Service GET DB Read data UPDATE HORROR STORIES 😱
Aggregating and merging services
2019 KrakenD API Gateway44 Aggregation <id_product>2</id_product> <name>Devops Barcelona</name> <date fmt="Y-m-d">2019-06-04</date> { "code": "DEVOPS19", "discount": 0.15, "products": [1,2,15] } + { "id_product": 2, "name": "Devops Barcelona", "date": "2019-06-04", "code": "DEVOPS19", "discount": 0.15, "products": [1,2,15] } Aggregated } Catalog Promotions
2019 KrakenD API Gateway45 Authentication /checkout JWT token Catalog Promotions Basket Payments Orders Pricing Stock MONOLITH 4
2019 KrakenD API Gateway46 Catalog Promotions Basket Payments Orders Pricing Stock MONOLITH 4 /splash
2019 KrakenD API Gateway47 Aggregating the hard way Backends /splash x68 Screen Calls First App Launch 68 Onboarding Tour 178 Wake-up after background 208 Front Page (w/ scroll) 39 Select Category 21 Apply a Filter 30 Product detail 22 Go to basket 51 My account 92 Help 42 To Checkout 57 TOTAL DURING THE SESSION 808 HORROR STORIES 😱
2019 KrakenD API Gateway48 Manipulation/Filtering/Grouping <id_product>2</id_product> <name>Devops Barcelona</name> <date fmt="Y-m-d">2019-06-04</date> Catalog { "code": "DEVOPS19", "discount": 0.15, "products": [1,2,15] } Promotions + { "catalog": { "id_product": 2, "name": "Devops Barcelona", "date": "2019-06-04", }, "promotions": { "code": "DEVOPS19", "savediscount": 0.15, "products": [1,2,15], } } Aggregated }
2019 KrakenD API Gateway49 Avoid the “take it all” pattern Client Providing a lot of data to the client, just in case it’s needed Gateway Your 10MB, thank you HORROR STORIES 😱
2019 KrakenD API Gateway50 Directly connect to message brokers Catalog /notify Notifications QUEUE Azure Service Bus Topic 4
Deployment
2019 KrakenD API Gateway52 Simple deployment (stateless) FROM devopsfaith/krakend COPY krakend.json /etc/krakend/krakend.json + ≃ 40MB Dockerfile
2019 KrakenD API Gateway53 Deploy anywhere Orchestration Platforms
2019 KrakenD API Gateway54 Assign a KrakenD to each team (client type) Catalog Promotions Basket Payments Orders Pricing Stock Authentication Android iOS SPA
2019 KrakenD API Gateway55 Assign a KrakenD to each team (micro frontends) } } }
2019 KrakenD API Gateway56 Not necessarily the single point of entry Catalog Promotions Payments Orders Pricing Stock Authentication
Observability Visualize the entire ecosystem from a central place
2019 KrakenD API Gateway58 Enable monitoring
2019 KrakenD API Gateway59 1-click export of logging, metrics and traces
2019 KrakenD API Gateway60 Metrics and Tracer exporters for every taste
2019 KrakenD API Gateway61
2019 KrakenD API Gateway62 Repeat x N services 3 Break a piece of the monolith 4 Aggregate the microservice 5 Deployment and Observability
2019 KrakenD API Gateway63 MONOLITH Orders Pricing Stock Basket Payments Promotions Catalog MONOLITH 🎉
2019 KrakenD API Gateway64
2019 KrakenD API Gateway65 Special thanks to...
2019 KrakenD API Gateway66
2019 KrakenD API Gateway67 Questions? Let’s have a beer! @devopsfaith | @alombarte Email: albert@krakend.io Photo by Patrick Fore

Recommended

Microservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SREMicroservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SRE
Araf Karsh Hamid
 
Api desgin
Api desginApi desgin
Api desgin
Prabhat gangwar
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
Amazon Web Services
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Timothy McAliley
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with Confidence
David J Rosenthal
 
Event-Driven Architecture (EDA)
Event-Driven Architecture (EDA)Event-Driven Architecture (EDA)
Event-Driven Architecture (EDA)
WSO2
 
Agile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven DesignAgile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven Design
Araf Karsh Hamid
 
AWS | VPC Peering
AWS | VPC PeeringAWS | VPC Peering
AWS | VPC Peering
Mohan Reddy
 

Recommended

Microservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SREMicroservices Docker Kubernetes Istio Kanban DevOps SRE
Microservices Docker Kubernetes Istio Kanban DevOps SRE
Araf Karsh Hamid
 
Api desgin
Api desginApi desgin
Api desgin
Prabhat gangwar
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
Amazon Web Services
 
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Azure Cloud Adoption Framework + Governance - Sana Khan and Jay Kumar
Timothy McAliley
 
Migrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with ConfidenceMigrate to Microsoft Azure with Confidence
Migrate to Microsoft Azure with Confidence
David J Rosenthal
 
Event-Driven Architecture (EDA)
Event-Driven Architecture (EDA)Event-Driven Architecture (EDA)
Event-Driven Architecture (EDA)
WSO2
 
Agile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven DesignAgile, User Stories, Domain Driven Design
Agile, User Stories, Domain Driven Design
Araf Karsh Hamid
 
AWS | VPC Peering
AWS | VPC PeeringAWS | VPC Peering
AWS | VPC Peering
Mohan Reddy
 
Continuous Deployment Practices, with Production, Test and Development Enviro...
Continuous Deployment Practices, with Production, Test and Development Enviro...Continuous Deployment Practices, with Production, Test and Development Enviro...
Continuous Deployment Practices, with Production, Test and Development Enviro...
Amazon Web Services
 
Cloud Foundations
Cloud FoundationsCloud Foundations
Cloud Foundations
Amazon Web Services
 
Microservices and Amazon ECS
Microservices and Amazon ECSMicroservices and Amazon ECS
Microservices and Amazon ECS
Amazon Web Services
 
Big Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingBig Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb Sharding
Araf Karsh Hamid
 
Introduction to microservices
Introduction to microservicesIntroduction to microservices
Introduction to microservices
Paulo Gandra de Sousa
 
AWS Marketplace
AWS MarketplaceAWS Marketplace
AWS Marketplace
Amazon Web Services
 
Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture
Solace
 
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Simplilearn
 
APN & AWS Marketplace Overview: How to Build Your Business with AWS
APN & AWS Marketplace Overview: How to Build Your Business with AWS APN & AWS Marketplace Overview: How to Build Your Business with AWS
APN & AWS Marketplace Overview: How to Build Your Business with AWS
Amazon Web Services
 
Overview of the Eventuate Tram Customers and Orders application
Overview of the Eventuate Tram Customers and Orders applicationOverview of the Eventuate Tram Customers and Orders application
Overview of the Eventuate Tram Customers and Orders application
Chris Richardson
 
Cloud Migration: Azure acceleration with CAST Highlight
Cloud Migration: Azure acceleration with CAST HighlightCloud Migration: Azure acceleration with CAST Highlight
Cloud Migration: Azure acceleration with CAST Highlight
CAST
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900
thisiswali
 
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Kai Wähner
 
Microservices Architecture - Cloud Native Apps
Microservices Architecture - Cloud Native AppsMicroservices Architecture - Cloud Native Apps
Microservices Architecture - Cloud Native Apps
Araf Karsh Hamid
 
Microservices Architecture - Bangkok 2018
Microservices Architecture - Bangkok 2018Microservices Architecture - Bangkok 2018
Microservices Architecture - Bangkok 2018
Araf Karsh Hamid
 
Microservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesMicroservices Architecture & Testing Strategies
Microservices Architecture & Testing Strategies
Araf Karsh Hamid
 
Why Microservices
Why MicroservicesWhy Microservices
Why Microservices
Amazon Web Services
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
AWS User Group Bengaluru
 
Event driven microservices
Event driven microservicesEvent driven microservices
Event driven microservices
Anthony Martin
 
APIs: The Glue of Microservices - Introduction to the Cell-based Architecture
APIs: The Glue of Microservices - Introduction to the Cell-based ArchitectureAPIs: The Glue of Microservices - Introduction to the Cell-based Architecture
APIs: The Glue of Microservices - Introduction to the Cell-based Architecture
WSO2
 
apidays LIVE Australia 2020 - From micro to macro-coordination through domain...
apidays LIVE Australia 2020 - From micro to macro-coordination through domain...apidays LIVE Australia 2020 - From micro to macro-coordination through domain...
apidays LIVE Australia 2020 - From micro to macro-coordination through domain...
apidays
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service Mesh
Ram Vennam
 

More Related Content

What's hot

Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Simplilearn
 
Cloud Migration: Azure acceleration with CAST Highlight
Cloud Migration: Azure acceleration with CAST HighlightCloud Migration: Azure acceleration with CAST Highlight
Cloud Migration: Azure acceleration with CAST Highlight
CAST
 
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Kai Wähner
 

What's hot (20)

Continuous Deployment Practices, with Production, Test and Development Enviro...
Continuous Deployment Practices, with Production, Test and Development Enviro...Continuous Deployment Practices, with Production, Test and Development Enviro...
Continuous Deployment Practices, with Production, Test and Development Enviro...
 
Cloud Foundations
Cloud FoundationsCloud Foundations
Cloud Foundations
 
Microservices and Amazon ECS
Microservices and Amazon ECSMicroservices and Amazon ECS
Microservices and Amazon ECS
 
Big Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb ShardingBig Data Redis Mongodb Dynamodb Sharding
Big Data Redis Mongodb Dynamodb Sharding
 
Introduction to microservices
Introduction to microservicesIntroduction to microservices
Introduction to microservices
 
AWS Marketplace
AWS MarketplaceAWS Marketplace
AWS Marketplace
 
Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture Introduction to Event-Driven Architecture
Introduction to Event-Driven Architecture
 
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
Cloud Computing For Beginners | Cloud Computing Explained | Cloud Computing T...
 
APN & AWS Marketplace Overview: How to Build Your Business with AWS
APN & AWS Marketplace Overview: How to Build Your Business with AWS APN & AWS Marketplace Overview: How to Build Your Business with AWS
APN & AWS Marketplace Overview: How to Build Your Business with AWS
 
Overview of the Eventuate Tram Customers and Orders application
Overview of the Eventuate Tram Customers and Orders applicationOverview of the Eventuate Tram Customers and Orders application
Overview of the Eventuate Tram Customers and Orders application
 
Cloud Migration: Azure acceleration with CAST Highlight
Cloud Migration: Azure acceleration with CAST HighlightCloud Migration: Azure acceleration with CAST Highlight
Cloud Migration: Azure acceleration with CAST Highlight
 
Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900Azure Fundamentals || AZ-900
Azure Fundamentals || AZ-900
 
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...Open API and API Management - Introduction and Comparison of Products: TIBCO ...
Open API and API Management - Introduction and Comparison of Products: TIBCO ...
 
Microservices Architecture - Cloud Native Apps
Microservices Architecture - Cloud Native AppsMicroservices Architecture - Cloud Native Apps
Microservices Architecture - Cloud Native Apps
 
Microservices Architecture - Bangkok 2018
Microservices Architecture - Bangkok 2018Microservices Architecture - Bangkok 2018
Microservices Architecture - Bangkok 2018
 
Microservices Architecture & Testing Strategies
Microservices Architecture & Testing StrategiesMicroservices Architecture & Testing Strategies
Microservices Architecture & Testing Strategies
 
Why Microservices
Why MicroservicesWhy Microservices
Why Microservices
 
Cloud Security
Cloud SecurityCloud Security
Cloud Security
 
Event driven microservices
Event driven microservicesEvent driven microservices
Event driven microservices
 
APIs: The Glue of Microservices - Introduction to the Cell-based Architecture
APIs: The Glue of Microservices - Introduction to the Cell-based ArchitectureAPIs: The Glue of Microservices - Introduction to the Cell-based Architecture
APIs: The Glue of Microservices - Introduction to the Cell-based Architecture
 

Similar to From on premises monolith to cloud microservices

NDC London 2017 - The Data Dichotomy- Rethinking Data and Services with Streams
NDC London 2017 - The Data Dichotomy- Rethinking Data and Services with StreamsNDC London 2017 - The Data Dichotomy- Rethinking Data and Services with Streams
NDC London 2017 - The Data Dichotomy- Rethinking Data and Services with Streams
Ben Stopford
 
EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?
confluent
 
New Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQLNew Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQL
confluent
 

Similar to From on premises monolith to cloud microservices (20)

apidays LIVE Australia 2020 - From micro to macro-coordination through domain...
apidays LIVE Australia 2020 - From micro to macro-coordination through domain...apidays LIVE Australia 2020 - From micro to macro-coordination through domain...
apidays LIVE Australia 2020 - From micro to macro-coordination through domain...
 
The Current And Future State Of Service Mesh
The Current And Future State Of Service MeshThe Current And Future State Of Service Mesh
The Current And Future State Of Service Mesh
 
Contribution day guide. MLEU 2019
Contribution day guide. MLEU 2019Contribution day guide. MLEU 2019
Contribution day guide. MLEU 2019
 
NDC London 2017 - The Data Dichotomy- Rethinking Data and Services with Streams
NDC London 2017 - The Data Dichotomy- Rethinking Data and Services with StreamsNDC London 2017 - The Data Dichotomy- Rethinking Data and Services with Streams
NDC London 2017 - The Data Dichotomy- Rethinking Data and Services with Streams
 
EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?EDA Meets Data Engineering – What's the Big Deal?
EDA Meets Data Engineering – What's the Big Deal?
 
Resilient and Adaptable Systems with Cloud Native APIs
Resilient and Adaptable Systems with Cloud Native APIsResilient and Adaptable Systems with Cloud Native APIs
Resilient and Adaptable Systems with Cloud Native APIs
 
testupload
testuploadtestupload
testupload
 
Breizhcamp - Application update in a Kubernetes World
Breizhcamp - Application update in a Kubernetes WorldBreizhcamp - Application update in a Kubernetes World
Breizhcamp - Application update in a Kubernetes World
 
[WSO2 Integration Summit Stuttgart 2019] Decentralizing APIs for Agile Busine...
[WSO2 Integration Summit Stuttgart 2019] Decentralizing APIs for Agile Busine...[WSO2 Integration Summit Stuttgart 2019] Decentralizing APIs for Agile Busine...
[WSO2 Integration Summit Stuttgart 2019] Decentralizing APIs for Agile Busine...
 
[WSO2 Integration Summit Madrid 2019] Identity and Access Management in an AP...
[WSO2 Integration Summit Madrid 2019] Identity and Access Management in an AP...[WSO2 Integration Summit Madrid 2019] Identity and Access Management in an AP...
[WSO2 Integration Summit Madrid 2019] Identity and Access Management in an AP...
 
New Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQLNew Approaches for Fraud Detection on Apache Kafka and KSQL
New Approaches for Fraud Detection on Apache Kafka and KSQL
 
Consuming GRIN GLOBAL Webservices
Consuming GRIN GLOBAL WebservicesConsuming GRIN GLOBAL Webservices
Consuming GRIN GLOBAL Webservices
 
Psd2 challenges
Psd2 challenges Psd2 challenges
Psd2 challenges
 
IoT Sensor Sensibility - Hull Digital - C4Di - Feb 2016
IoT Sensor Sensibility - Hull Digital - C4Di - Feb 2016IoT Sensor Sensibility - Hull Digital - C4Di - Feb 2016
IoT Sensor Sensibility - Hull Digital - C4Di - Feb 2016
 
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Decentralizing APIs f...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Decentralizing APIs f...WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Decentralizing APIs f...
WSO2 - Yenlo Integration Summit Stuttgart 15 May 2019 - Decentralizing APIs f...
 
5 Things I Wish I'd Known about Microservices
5 Things I Wish I'd Known about Microservices5 Things I Wish I'd Known about Microservices
5 Things I Wish I'd Known about Microservices
 
Using the GSMA OneAPI Gateway
Using the GSMA OneAPI GatewayUsing the GSMA OneAPI Gateway
Using the GSMA OneAPI Gateway
 
Automatic Ingress in Kubernetes
Automatic Ingress in KubernetesAutomatic Ingress in Kubernetes
Automatic Ingress in Kubernetes
 
Web Authentication API
Web Authentication APIWeb Authentication API
Web Authentication API
 
BIG IoT Marketplace & API
BIG IoT Marketplace & APIBIG IoT Marketplace & API
BIG IoT Marketplace & API
 

Recently uploaded

Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
CzechDreamin
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
CzechDreamin
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
Expeed Software
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 

Recently uploaded (20)

IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024IoT Analytics Company Presentation May 2024
IoT Analytics Company Presentation May 2024
 
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
Integrating Telephony Systems with Salesforce: Insights and Considerations, B...
 
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
SOQL 201 for Admins & Developers: Slice & Dice Your Org’s Data With Aggregate...
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
Behind the Scenes From the Manager's Chair: Decoding the Secrets of Successfu...
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya HalderCustom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
Custom Approval Process: A New Perspective, Pavel Hrbacek & Anindya Halder
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 

From on premises monolith to cloud microservices

  • 1. From on-premises monolith to cloud microservices using a stateless API Gateway Albert Lombarte @alombarte
  • 2. 2019 KrakenD API Gateway2 MONOLITHInternet
  • 3. 2019 KrakenD API Gateway3 MONOLITH Database ? Catalog Promotions Basket Payments Orders Pricing Stock Authentication
  • 4. 2019 KrakenD API Gateway4 Internal communication Direct, synchronous Queues Polling Pub/Sub Service Mesh
  • 5. 2019 KrakenD API Gateway5 Catalog Promotions Basket Payments Orders Pricing Stock Authentication Android iOS SPA ? External consumption
  • 6. 2019 KrakenD API Gateway6 Photo by @voyagefervor, Instagram Service Mesh API Gateways Proxies with GW GraphQL API Managers
  • 7. 2019 KrakenD API Gateway7 Proxy with GW 1:1 mapping endpoint-backends - No business logic - Offload cross-cutting concerns. No aggregation Products with overlapping features GraphQL HTTP only - Single Endpoint - Allows the client to choose exactly the data in the response. E.g: you provide an API to developers out of your organization API Gateway Services aggregation - Business logic - API Contract - No coupling to backend - Offload cross-cutting concerns. Can implement the BFF pattern. Service Mesh Internal communication between services (not for the end-user). No business logic API Managers Access management (generate API Keys), billing, developer portal, usage statistics
  • 9. 2019 KrakenD API Gateway9 Stateful
  • 10. 2019 KrakenD API Gateway10 Stateless
  • 11. 2019 KrakenD API Gateway11 A gateway is not the new monolith ★ Coordination required ★ Data synchronization ★ Datastore as source of truth ★ Complexity ★ Multi-region lag ★ Mutable configuration NON-LINEAR SCALABILITY Stateless Stateful ★ No node coordination ★ No synchronization ★ Zero complexity ★ No challenges for Multi-region ★ Declarative configuration ★ Immutable infrastructure LINEAR SCALABILITY
  • 12. 2019 KrakenD API Gateway12 API GW APIGW:North-southtraffic Mesh: east-west traffic
  • 13. Choosing a stateless API gateway
  • 14. 2019 KrakenD API Gateway14 Proxy with API Gateway capabilities Catalog Promotions Basket Payments Orders Pricing Stock Authentication Android iOS SPA PROXY
  • 15. 2019 KrakenD API Gateway15 KrakenD API gateway to transition to microservices Catalog Promotions Basket Payments Orders Pricing Stock Authentication /frontpage { "catalog": {}, "promos": {}, "pricing": {} }
  • 16. 2019 KrakenD API Gateway16 Offloading shared needs Catalog Promotions Basket Payments Orders Pricing Stock Authentication Manipulation Filtering Circuit Breaker Metrics/Tracing Aggregation Security Authorization Service Discovery Encoding Logging Rate Limit Monitoring Load Balancer Pub/Sub Transport adapter Stub Data Traffic Mirroring Queues
  • 18. 2019 KrakenD API Gateway18 Migration strategies NEW functionality INCREMENTAL Migration (piece by piece, new and old) ALL IN Swap
  • 19. 2019 KrakenD API Gateway19 Incremental move to µservices Database Catalog Promotions Basket Payments Orders Pricing Stock Authentication
  • 20. 2019 KrakenD API Gateway20 Migration steps TL;DR 2 Move authorization to the GW 1 Add the gateway 3 Break a piece of the monolith 4 Aggregate the microservice 5 Deployment and Observability
  • 21. Add the gateway Keep the API contract
  • 22. 2019 KrakenD API Gateway22 Add the gateway, as a proxy Web + API MONOLITH /foo /bar /foo /bar Proxy 1 Keep the existing API contract Forward cookies
  • 23. 2019 KrakenD API Gateway23 { "version": 2, "host": ["http://monolith"], "endpoints": [{ "endpoint": "/login", "output_encoding": "no-op", "headers_to_pass": ["Cookie"], "backend": [{ "url_pattern": "/login", "encoding": "no-op" }] }, {...} ] } Configuration Client -> Gateway -> Monolith (proxy) krakend.json ❯ krakend run -c krakend.json Start the server:
  • 24. 2019 KrakenD API Gateway24
  • 25. 2019 KrakenD API Gateway25 Unified interface Service 1 v1.1 XML Service 2 v3.2 JSON Service 3 v2.9 RSS 你好 Hello Привет KrakenD /v1/hello-world ➔ Automatic API generation and integration ➔ Consumers (iOS, Android, Web, Server devs) in control of the API ➔ Homogeneous consumption of data formats and encodings ➔ Reduced bandwidth and errors ➔ Increased speed ➔ Better quality of service
  • 26. 2019 KrakenD API Gateway26 Gateway added At this point... - The gateway is in the cloud - Plugged to the onprem monolith (VPN?) - It’s hybrid (cloud+onprem) - We defined all endpoints - Transparent for the client - Session Cookies still allowed API contract kept 1
  • 27. 2019 KrakenD API Gateway27 The weakest punishes the stronger When weakly typed languages harm the strongly typed ones { "id_user": 2, "alias": "bob" } Output from weakly typed lang Strongly typed { "id_user": "2", "alias": "bob" } 😱 HORROR STORIES 😱
  • 28. Move the authorization to the Gateway From session cookies to JWT
  • 29. 2019 KrakenD API Gateway29 Add JWT-based authentication 2 MONOLITH /foo /foo
  • 30. 2019 KrakenD API Gateway30 Add JWT-based authentication 2 /token /login?token=1 POST MONOLITH /foo /foo signer { "id_user": "89990", "username": "jimmy" } <token> JWT Authorization: Bearer <token>
  • 31. 2019 KrakenD API Gateway31 Login controller in the monolith (BEFORE) if ($user_data = $this->login($username, $password)) { // Start the session (COOKIE) startUserSession($user_data); // Set the “remind me” cookie: setRemindMeCookie($user_data['auto_login']); ... } 2
  • 32. 2019 KrakenD API Gateway32 Login controller in the monolith (AFTER) if ($user_data = $this->login($username, $password)) { if ($request->has('token')) { // ?token=1 return json_encode([ "access_token" => [ "aud" => "https://api.company.com", "iss" => "https://monoli.th", "sub" => $user_data->id_user, "jti" => uniqid('', true), "roles" => [$user_data->role], "exp" => time() + 1800, // 30 minutes "other_data" => $user_data->other ] ]); } else { startUserSession($user_data); setRemindMeCookie($user_data['auto_login']); //... } } 2
  • 33. 2019 KrakenD API Gateway33 "endpoint": "/basket", "extra_config": { "github.com/devopsfaith/krakend-jose/validator": { "alg": "HS256", "audience": ["http://api.example.com"], "roles_key": "roles", "roles": ["user", "admin"], "jwk-url": "https://monolith/jwk/symmetric.json" } }, "output_encoding": "no-op", "headers_to_pass": ["Authentication"], "backend": [{ "url_pattern": "/bar", "encoding": "no-op" }] Authorization granularity krakend.json
  • 34. 2019 KrakenD API Gateway34 <?php $jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiw ibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT 4fwpMeJf36POk6yJV_adQssw5c'; $token_parts = explode('.', $jwt); $user_data = json_decode(base64_decode($token_parts[1])); Retrieve “session” data from token 2 object(stdClass)#1 (3) { ["sub"]=> string(10) "1234567890" ["name"]=> string(8) "John Doe" ["iat"]=> int(1516239022) }
  • 35. 2019 KrakenD API Gateway35 At this point... - All desired endpoints are protected by the gateway (sign + validation) - “Authentication” header is the only needed header, but not cookies. - The monolith gets session data from token JWT tokens implemented No more sessions 2
  • 36. Start chopping the monolith
  • 37. 2019 KrakenD API Gateway37 Where to cut the monolith? Social Tech
  • 38. 2019 KrakenD API Gateway38Chop your way Photo by Jason Abdilla
  • 39. 2019 KrakenD API Gateway39 Avoid dependencies over the network N times Cascading requests HORROR STORIES 😱
  • 40. 2019 KrakenD API Gateway40 Size! 4GBDocker image HORROR STORIES 😱
  • 41. 2019 KrakenD API Gateway41 Pick a first service to extract Catalog Promotions Basket Payments Orders Pricing Stock /login Authentication MONOLITH 3
  • 42. 2019 KrakenD API Gateway42 Idempotent and safe services? Gateway It’s a read operation but…. Service GET DB Read data UPDATE HORROR STORIES 😱
  • 44. 2019 KrakenD API Gateway44 Aggregation <id_product>2</id_product> <name>Devops Barcelona</name> <date fmt="Y-m-d">2019-06-04</date> { "code": "DEVOPS19", "discount": 0.15, "products": [1,2,15] } + { "id_product": 2, "name": "Devops Barcelona", "date": "2019-06-04", "code": "DEVOPS19", "discount": 0.15, "products": [1,2,15] } Aggregated } Catalog Promotions
  • 45. 2019 KrakenD API Gateway45 Authentication /checkout JWT token Catalog Promotions Basket Payments Orders Pricing Stock MONOLITH 4
  • 46. 2019 KrakenD API Gateway46 Catalog Promotions Basket Payments Orders Pricing Stock MONOLITH 4 /splash
  • 47. 2019 KrakenD API Gateway47 Aggregating the hard way Backends /splash x68 Screen Calls First App Launch 68 Onboarding Tour 178 Wake-up after background 208 Front Page (w/ scroll) 39 Select Category 21 Apply a Filter 30 Product detail 22 Go to basket 51 My account 92 Help 42 To Checkout 57 TOTAL DURING THE SESSION 808 HORROR STORIES 😱
  • 48. 2019 KrakenD API Gateway48 Manipulation/Filtering/Grouping <id_product>2</id_product> <name>Devops Barcelona</name> <date fmt="Y-m-d">2019-06-04</date> Catalog { "code": "DEVOPS19", "discount": 0.15, "products": [1,2,15] } Promotions + { "catalog": { "id_product": 2, "name": "Devops Barcelona", "date": "2019-06-04", }, "promotions": { "code": "DEVOPS19", "savediscount": 0.15, "products": [1,2,15], } } Aggregated }
  • 49. 2019 KrakenD API Gateway49 Avoid the “take it all” pattern Client Providing a lot of data to the client, just in case it’s needed Gateway Your 10MB, thank you HORROR STORIES 😱
  • 50. 2019 KrakenD API Gateway50 Directly connect to message brokers Catalog /notify Notifications QUEUE Azure Service Bus Topic 4
  • 52. 2019 KrakenD API Gateway52 Simple deployment (stateless) FROM devopsfaith/krakend COPY krakend.json /etc/krakend/krakend.json + ≃ 40MB Dockerfile
  • 53. 2019 KrakenD API Gateway53 Deploy anywhere Orchestration Platforms
  • 54. 2019 KrakenD API Gateway54 Assign a KrakenD to each team (client type) Catalog Promotions Basket Payments Orders Pricing Stock Authentication Android iOS SPA
  • 55. 2019 KrakenD API Gateway55 Assign a KrakenD to each team (micro frontends) } } }
  • 56. 2019 KrakenD API Gateway56 Not necessarily the single point of entry Catalog Promotions Payments Orders Pricing Stock Authentication
  • 57. Observability Visualize the entire ecosystem from a central place
  • 58. 2019 KrakenD API Gateway58 Enable monitoring
  • 59. 2019 KrakenD API Gateway59 1-click export of logging, metrics and traces
  • 60. 2019 KrakenD API Gateway60 Metrics and Tracer exporters for every taste
  • 61. 2019 KrakenD API Gateway61
  • 62. 2019 KrakenD API Gateway62 Repeat x N services 3 Break a piece of the monolith 4 Aggregate the microservice 5 Deployment and Observability
  • 63. 2019 KrakenD API Gateway63 MONOLITH Orders Pricing Stock Basket Payments Promotions Catalog MONOLITH 🎉
  • 64. 2019 KrakenD API Gateway64
  • 65. 2019 KrakenD API Gateway65 Special thanks to...
  • 66. 2019 KrakenD API Gateway66
  • 67. 2019 KrakenD API Gateway67 Questions? Let’s have a beer! @devopsfaith | @alombarte Email: albert@krakend.io Photo by Patrick Fore

Editor's Notes

  1. From on-premises monolith to cloud microservices BEST VIEWED IN PRESENTATION MODE TO UNDERSTAND TRANSITIONS SLACK: https://invite.slack.golangbridge.org/ → #krakend channel
  2. The LOGIC needs to persist its state in an external DATA, that is queried by all nodes. It’s the SOURCE OF TRUTH Scaling the Gateway means scaling a database. WHEN we go to multiple regions, this data needs to be synchronized. The gateway does not work without a DB
  3. In a STATELESS gateway everything needed to provide the service, lives inside the configuration of the application and there is no need of centralization and shared state (database). Every node only knows about its own state and it does not need to know about the other nodes
  4. Because a GW is a piece usually in the middle of your backend consumption is too tempting to do certain stuff. We think that a gateway cannot be the new monolith and shouldn’t have centralization.
  5. API GATEWAY -> Connects EXTERNAL TRAFFIC with INTERNAL SERVICES. As it can provide AGGREGATED consumption of services for the client is also associated to the BACKEND FOR FRONTEND SERVICE MESH → Internal communication
  6. A proxy might solve some of these SHARED problems (cross-cutting concerns), like security, rate limiting or circuit breaking. (HAPROXY, NGINX PLUS) ** A Proxy ADDS ROUTING capabilities. We can have a group of URLs pointint to a specific service But the problem of this approach is this is a 1 to 1 . ONE-SERVICE-CONSUMED-AT-A-TIME The clients are totally COUPLED to the Backend. Specially inconvenient for Mobile apps that cannot change the contract at wil once they are published in the AppStore or GooglePlay All these proxies call themselves API GATEWAYS or even API Managers! There is a lot of controversy on the term, thanks to marketing
  7. BUT A PROXY IS NOT SUITABLE FOR A MICROSERVICES MIGRATION, AS IT IS UNABLE TO AGGREGATE SOURCES The term “traditional api gw” is sometimes used to stateful api gw. The API Gateway can implement the BFF because you build it while thinking about the needs of the client app.
  8. Add the gateway keeping the API contract, as proxy - backward compatibility Microservices do not need to implement security - Replace cookies, use JWT Chop the monolith and create a microservice Use the gateway to aggreagate the services. The client won’t notice anything Traces, loging and metrics Go to 3 until monolith disappears
  9. Put the krakend in the cloud, to face problems for being in a different network from the beginning (connection) We put the gateway as proxy (not a GW yet) We make sure we forward all cookies, as our example monolith uses them We replicate all the endpoints of the monolith in the GW. Backwards compatibility: Keep the contract Test and Change DNS When we have this, the client doesn’t know that we added a GW
  10. KEEP SHORT TOKENS REFRESH TOKEN can be handled automatically, many libraries do it already.
  11. The Social aspect usually weights more than the technical Social = What is the size of your team, and their experience with MS? Growing plans (x4)? Responsibilities? Tech = Domain of the components, dependencies BTW components, latency constraints, persistence model
  12. When designing the microservices and how to extract them is very important to not create dependencies over the network
  13. Heavy artifacts!
  14. A good first candidate is usually the authentication service
  15. A request method is considered "idempotent" when multiple identical requests have the same effect. Request methods should be "safe" when theri semantics are essentially read-only; i.e., the client does not request, and does not expect, any state change
  16. DEVELOPER FOCUSES ON FUNCTIONALITY
  17. A lot of this calls are due to drag and drop SDKs
  18. More with: Flatmap DSL Language, Martian Lua Scripts
  19. Aggregation is done automatically but filter out those attributes that you don’t need The gateway can be very fast, but if you pack the entire Internet in the response it won’t be a good experience.
  20. Deploying a stateless GW is very easy as there is no persistence associated. As there is only a configuration file, all you need to do is to COPY the file in your immutable container. Doing a Blue/green deployment is very easy and superfast as the artifact is so small, and the nodes start without coordination.
  21. It’s very important that such a complicated Grafana
  22. Zipkin example
  23. Instana (enteprise subscription) and Zipkin
  24. REPEAT THE OPERATION WITH ANOTHER SERVICE: Move to a microservice Aggregate in the gateway with its corresponding use cases
  25. IN MANY CASES, the effort of going fully to microservices is too high. You can keep your REDUCED MONOLITH as another service, preferably now inside the cloud
  26. 2'5 YEARS AGO we built from scratch an extensible API Gateway. We LEARNED the hard way. Doing consultancy all this time helped us improve and grow our product with the real problems of the companies, at a crazy rythm. - We provide today an open source project that brings all the Enterprise features at no cost. - We are provably the only company in Barcelona developing 100% in Go. In late 2016 we decided to repeat to create a Gateway for the public audience and started running in production
  27. Numbers from 1st June 2019