AN
Uploaded byAngelo Agatino Nicolosi
PPTX, PDF609 views

Microevent

The document is a presentation on microservices given by Angelo Agatino Nicolosi, Lead Software Architect at Danske Bank. It covers topics such as what microservices are, why banks want them, how to implement them, common microservices patterns, and how to secure microservices. The presentation includes diagrams illustrating microservices architectures and potential migrations from a monolithic application. It also discusses tools, practices like DevOps, and security approaches related to microservices.

Embed presentation

Downloaded 12 times
Microservices Lead Software Architect, Angelo Agatino Nicolosi September 2017
11 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
22 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A <<
33 About Angelo Agatino Nicolosi Lead Software Architect Digital Customer Experience Personal Banking IT Danske Bank DCX in numbers Around 150 employees 4 Locations - 3 Countries 10 customer facing applications 60K logons per hour 6K transfers per hour 3M + customers
44 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
55 What is a Microservice? Microservices are small, autonomous services that work together. “ ”
66 Small, independent and focused on doing one thing well Gather together those things that change for the same reason, and separate those things that change for different reasons “ ” Single Responsibility Principle Robert C. Martin
77 Small, independent and focused on doing one thing well Gather together those things that change for the same reason, and separate those things that change for different reasons “ ” Single Responsibility Principle Robert C. Martin
88 Why microservices? Because we need agility! The ability of an organization to sense environmental change and respond efficiently and effectively to that change. “ ” The ability of an organization to renew itself, adapt, change quickly, and succeed in a rapidly changing, ambiguous, turbulent environment “ ”
99 Wait a minute…
1010 Stop trying to predict what the business and technology will look like in the future Refocus resources and efforts in building a future-proof architecture.
1111 Stop trying to predict what the business and technology will look like in the future Refocus resources and efforts in building a future-proof architecture.
1212 Monolith Agility Simplicity ScalabilityPerformance Reliabilit y Deployment Testability
Where we are Microservices Agility Simplicity ScalabilityPerformance Reliabilit y Deployment Testability
1414 Tooling! Tooling! Tooling!
1515 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
1616http://martinfowler.com/bliki/BoundedContext.html By subdomain Decompose your system Anti-Corruption Layer
1717 By business capability Decompose your system Feature A Feature B Feature C
1818 Migrating from a monolith? The Thing
1919 Migrating from a monolith? The Thing API Gateway
2020 Migrating from a monolith? The Thing API Gateway MS
2121 Migrating from a monolith? The Thing API Gateway MS MS
2222 Migrating from a monolith? MS MS MS MS MSMS API Gateway
2323 Migrating from a monolith? MS MS MS MS MSMS API Gateway The Strangler pattern
2424 Microservice patterns - Packages Business Logic Business Logic Wiring 80% 20%
Application 1 Application 2 Application N Application 1 Application 2 Application N Shared Functionality1 Shared Functionality3 Shared Functionality2 Outages because of changes Large regeression tests High Complexity Loosely coupled systems Isolated changes Contained regression tests Low complexity Microservice patterns - Packages
Microservice patterns - Packages
2727 Microservice patterns – Zero-Share Architecture Don’t Repeat Your-self
2828 Microservice patterns – Zero-Share Architecture Don’t Repeat Your-self Do Repeat If Needed, K? Why so DRY?
2929 Microservice patterns – Zero-Share Architecture Project MS 1 Project MS 2 Project Shared Functionality Microservice patterns – Zero-Share Architecture MS1 MS2 Shared Projects
3030 Microservice patterns – Zero-Share Architecture Project MS 1 Project MS 2 Microservice patterns – Zero-Share Architecture MS1 MS2 Shared Libraries Package
3131 Microservice patterns – Zero-Share Architecture Project MS 1 Project MS 2 Microservice patterns – Zero-Share Architecture MS1 MS2 Shared Libraries Package Dependency Hell
3232 Microservice patterns – Zero-Share Architecture Project MS 1 Project MS 2 Microservice patterns – Zero-Share Architecture Consolidate services Project MS X
3333 Reactive Manifesto Producer Consumer Message driven Elastic Supervisor New Consumer Supervisor Consumer Consumer New Consumer New Consumer Workflow Processor Flow monitor Resiliant Responsive Microservice patterns – Self-healing systems
3434 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
3535 A microservice architecture MS MS MS MS MSMS API Gateway Independently Deployable Unit
3636 A microservice architecture – The reporting microservice MS MS MS MS MSMS API Gateway R
3737 A microservice architecture – The reporting microservice MS MS MS MS MSMS API Gateway R Thight-coupling!
3838 API Gateway A microservice architecture – The reporting microservice MS MS MS MS MSMS API Gateway R God-Service!
3939 A microservice architecture – The reporting microservice MS MS MS MS MSMS API Gateway R Sync-Pull (Slow)
4040 Controller of business process may roll back A microservice architecture – The reporting microservice MS MS MS MS MSMS API Gateway R Event-Driven The Saga pattern Eventual Consistency
4141 Microservice patterns – Smart endpoints, dumb pipes MS MS MS MS MS MS
4242 Microservice patterns – Smart endpoints, dumb pipes MS MS MS MS MS MS ESB
4343 Microservice patterns – Smart endpoints, dumb pipes MS MS MS MS MS MS
4444 Microservice patterns – Smart endpoints, dumb pipes Be conservative in what you do, be liberal in what you accept from others. “ ” Tolerant Reader Pattern John Postel
4545 Microservice patterns – Complex queries AccountsTransactions API Gateway Account Balance 123456789 5678 DKK 098765432 678 DKK 1. Get all the accounts2. Get all transactions for each account and calculate balance Very complex application
4646 Microservice patterns – Complex queries AccountsTransactions API Gateway Account Balance 123456789 5678 DKK 098765432 678 DKK New materialized view 1. Command (new payment) 3. Update materialized view 2. Emit event 4. Query CQRS
4747 Microservice patterns – Complex queries AccountsTransactions API Gateway Event Store Event sourcing • Complete Rebuild • Temporal Query • Event Replay • Possibility of persisting state in memory
4848 Microservice patterns – What happens when something breaks? AccountsTransactions API Gateway Circuit breaker Accounts Flow Monitor
4949 Microservice patterns – What happens when something breaks? APIGateway MS MS MS MS MS MS MS MS MS MS MS MS MS MS Logging Monitoring Centralized Logging Centralized Monitoring
5050 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
5151 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
You need… Rapid Provisioning
You need… Rapid and Safe Application Deployment
You need… Devops culture
5555 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
5656 NIST Cyber Security Framework
5757 • A compromise of a single point often means compromise of the entire application or network • Authentication requirements are global in scope • Security is often difficult to tailor Monolithic AppSec vs Microservices AppSec The Thing • building and operating are well understood and a ‘known known’ • the architecture is often relatively simple • well-established existing culture and responsibilities around development, business and compliance, etc. MS MS MS MS • Single responsibility principle • exposed attack surface is typically reduced • services can be independently patched • easier to apply the principle of least privilege and service- specific tailored security • cultural changes may be required for successful operation (such as DevOps and DevOpsSec) • a good understanding of the overall system functionality is required • legacy systems are not easily adapted • complexity (at scale) breeds insecurity
5858 Defense in Depth APIGateway MS MS MS MS MS MS MS MS MS MS MS MS MS
5959 Practicalities: Build a secure edge Single point of entry
6060 Practicalities: Do not allow unwanted network communication Single point of entry Microsegment of network
6161 Practicalities: Use always TLS and whenever possible Mutal Authentication over TLS Single point of entry Microsegment of network Mutual Auth over TLS
6262 Practicalities: Use always TLS and whenever possible Mutal Authentication over TLS Single point of entry Dynamic and Static Security Analysis Mutual Auth over TLS Check-in Build TestDeploy Microsegment of network
6363 Practicalities: Use always TLS and whenever possible Mutal Authentication over TLS Single point of entry Dynamic and Static Security Analysis Mutual Auth over TLS Check-in Build TestDeploy Microsegment of network
6464 Centralize Logging and Monitoring in order to analyse data APIGateway MS MS MS MS MS MS MS MS MS MS MS MS MS MS Logging Monitoring Centralized Logging Centralized Monitoring
6565 The Confused Deputy problem APIGateway UserInf o AuthN 1. AuthN as Eve 2. Request Alice Information
6666 JWT: Authorization in distributed systems
6767 The Confused Deputy problem APIGateway UserInf o AuthN AuthZ 1. AuthN as Eve 2. Request Alice Information JWT JWT
6868 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
6969 https://github.com/DanskeBank/MicroEvent MicroEvent – Coding! 27.09.2017
7070 Agenda What is a µservice? We want it! How can we get it? How does it look like? How do we work with µservices? How do we secure µservices? Coding! Q&A About Final Q&A
7171 https://dk.linkedin.com/in/anicolosi …any questions ? Don’t hesitate to contact me:

More Related Content

PDF
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...
byapidays
 
PPTX
Pragmatic approach to Microservice Architecture: Role of Middleware
byAsanka Abeysinghe
 
DOCX
Santosh Shukla-microservices-java-spring boot
bySantoshShukla46
 
PPTX
Extreme DevOps in Fintech
byAngelo Agatino Nicolosi
 
PDF
BUILD with Microsoft - Radu Stefan
byITCamp
 
PDF
Agile integration: Decomposing the monolith
byJudy Breedlove
 
PDF
Case Study of Financial Web System Development and Operations with Oracle Web...
byArshal Ameen
 
PPTX
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...
byapidays
 
apidays LIVE Paris 2021 - Synchronous Communication Patterns by Sébastien Ber...
byapidays
 
Pragmatic approach to Microservice Architecture: Role of Middleware
byAsanka Abeysinghe
 
Santosh Shukla-microservices-java-spring boot
bySantoshShukla46
 
Extreme DevOps in Fintech
byAngelo Agatino Nicolosi
 
BUILD with Microsoft - Radu Stefan
byITCamp
 
Agile integration: Decomposing the monolith
byJudy Breedlove
 
Case Study of Financial Web System Development and Operations with Oracle Web...
byArshal Ameen
 
apidays LIVE New York 2021 - Supercharge microservices with Service Mesh by S...
byapidays
 

What's hot

PDF
Devoxxma-API centric microservices Architecture
byChristina Lin
 
PDF
The Role of Integration in Microservice Architecture (MSA)
byAsanka Abeysinghe
 
PDF
Building an Integrated Supply Chain for APIs
byAsanka Abeysinghe
 
PPTX
Built on Pulsar: A Commercial Consent Management System for 80 Million Citizens
byStreamNative
 
PDF
Agile integration: Decomposing the monolith
byJudy Breedlove
 
PDF
The Microsoft Cloud and Server Strategy - Ben Armstrong
byITCamp
 
PPTX
From Commit to Production in 10 Minutes… at a Century Old Insurance Company
byVMware Tanzu
 
PDF
Modern App Architecture - Microservices, API Friendly
byDevOps Indonesia
 
PDF
Testing your PowerShell code with Pester - Florin Loghiade
byITCamp
 
PDF
[WSO2Con EU 2018] Enabling Agile Integration Teams
byWSO2
 
PDF
What we Learned from Sunburst with Zero Trust
byAndrew Harris
 
PDF
apidays LIVE Paris 2021 - Designing Sustainable APIs by Adrien Nortain, Zenika
byapidays
 
PDF
apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...
byapidays
 
PDF
The Vision of Computer Vision: The bold promise of teaching computers to unde...
byITCamp
 
PDF
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
byWSO2
 
PDF
The Future of Cloud Native Apps - Chicago Intro
byJudy Breedlove
 
PDF
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...
byapidays
 
PDF
APIDays SF 2019: Managing multiple api stacks on serverless
byAlexander Graebe
 
PDF
Message based microservices architectures driven with docker
byDocker, Inc.
 
Devoxxma-API centric microservices Architecture
byChristina Lin
 
The Role of Integration in Microservice Architecture (MSA)
byAsanka Abeysinghe
 
Building an Integrated Supply Chain for APIs
byAsanka Abeysinghe
 
Built on Pulsar: A Commercial Consent Management System for 80 Million Citizens
byStreamNative
 
Agile integration: Decomposing the monolith
byJudy Breedlove
 
The Microsoft Cloud and Server Strategy - Ben Armstrong
byITCamp
 
From Commit to Production in 10 Minutes… at a Century Old Insurance Company
byVMware Tanzu
 
Modern App Architecture - Microservices, API Friendly
byDevOps Indonesia
 
Testing your PowerShell code with Pester - Florin Loghiade
byITCamp
 
[WSO2Con EU 2018] Enabling Agile Integration Teams
byWSO2
 
What we Learned from Sunburst with Zero Trust
byAndrew Harris
 
apidays LIVE Paris 2021 - Designing Sustainable APIs by Adrien Nortain, Zenika
byapidays
 
apidays LIVE London 2021 - API Security in Highly Volatile Threat Landscapes ...
byapidays
 
The Vision of Computer Vision: The bold promise of teaching computers to unde...
byITCamp
 
[APIdays INTERFACE 2021] Now that we have K8s, can we stop re-inventing API p...
byWSO2
 
The Future of Cloud Native Apps - Chicago Intro
byJudy Breedlove
 
apidays LIVE Paris 2021 - Detecting and Protecting PII by Rob Dickinson, Resu...
byapidays
 
APIDays SF 2019: Managing multiple api stacks on serverless
byAlexander Graebe
 
Message based microservices architectures driven with docker
byDocker, Inc.
 

Similar to Microevent

PDF
Understanding MicroSERVICE Architecture with Java & Spring Boot
byKashif Ali Siddiqui
 
PDF
Microservices for Enterprises
byKasun Indrasiri
 
PDF
Introduction to Microservices Architecture - SECCOMP 2020
byRodrigo Antonialli
 
PPTX
Introduction to Microservices
byMahmoudZidan41
 
PDF
Building microservices on azure
byVaibhav Gujral
 
PDF
What Is Microservices Architecture and How Does It Benefit App Development.pdf
byDina G
 
PPTX
Microservice's in detailed
byMohammed Fazuluddin
 
PPTX
Microservice intro
byramesh_sharma
 
PDF
Microservices: Where do they fit within a rapidly evolving integration archit...
byKim Clark
 
PDF
Enterprise Integration in Cloud Native Microservices Architectures
byCrishantha Nanayakkara
 
PDF
[WSO2Con EU 2017] Microservices for Enterprises
byWSO2
 
PDF
Microservices in Practice
byKasun Indrasiri
 
PDF
170215 msa intro
bySonic leigh
 
PDF
API’s and Micro Services 0.5
byRichard Hudson
 
PDF
20141210 - Microservice Container
byJamie (Taka) Wang
 
PDF
Protecting microservices using secure design patterns 1.0
byTrupti Shiralkar, CISSP
 
PPTX
Microservices: Lessons from the Trenches
byGregory Beamer
 
PPTX
Software Architectures, Week 3 - Microservice-based Architectures
byAngelos Kapsimanis
 
PPTX
Pragmatic Microservices
byRandy Shoup
 
PDF
Microservices for Architects - Atlanta 2018-03-28
byDerek Ashmore
 
Understanding MicroSERVICE Architecture with Java & Spring Boot
byKashif Ali Siddiqui
 
Microservices for Enterprises
byKasun Indrasiri
 
Introduction to Microservices Architecture - SECCOMP 2020
byRodrigo Antonialli
 
Introduction to Microservices
byMahmoudZidan41
 
Building microservices on azure
byVaibhav Gujral
 
What Is Microservices Architecture and How Does It Benefit App Development.pdf
byDina G
 
Microservice's in detailed
byMohammed Fazuluddin
 
Microservice intro
byramesh_sharma
 
Microservices: Where do they fit within a rapidly evolving integration archit...
byKim Clark
 
Enterprise Integration in Cloud Native Microservices Architectures
byCrishantha Nanayakkara
 
[WSO2Con EU 2017] Microservices for Enterprises
byWSO2
 
Microservices in Practice
byKasun Indrasiri
 
170215 msa intro
bySonic leigh
 
API’s and Micro Services 0.5
byRichard Hudson
 
20141210 - Microservice Container
byJamie (Taka) Wang
 
Protecting microservices using secure design patterns 1.0
byTrupti Shiralkar, CISSP
 
Microservices: Lessons from the Trenches
byGregory Beamer
 
Software Architectures, Week 3 - Microservice-based Architectures
byAngelos Kapsimanis
 
Pragmatic Microservices
byRandy Shoup
 
Microservices for Architects - Atlanta 2018-03-28
byDerek Ashmore
 

Recently uploaded

PDF
Yes, we put AI agents in production. No, don't try this at home
byMarie-Alice Blete
 
PDF
Performance Benchmarking Strategies for AI/HPC/EdgeAI
byDanny Jiang
 
PPTX
Hospital Management System Project- 220180107010.pptx
bypravjo279
 
PDF
Finite Automata With Output - Moore and Mealy Machines definitions and Solved...
byNileshPardeshi28
 
PDF
Performance_Metrics_Evolution_DannyJiang
byDanny Jiang
 
PPTX
The Most Dangerous Asset in Your Plant Is the One You Ignore | CXO Guide to H...
byMaintWiz Technologies Private Limited
 
PPTX
Atlassian for the New Age: Efficiency, Alignment & Collaboration at Scale
byAnanyaBanerjee57
 
PDF
UNIT02_TRE_GEOMETRIC DESIGN.pdf_________
byAaquib Ansari
 
PDF
Branches of AI – perception, reasoning, learning, and action.pdf
byVyankateshBhaurkar1
 
PDF
Foundations of AI and ML - Mechanical Engineering Perspectives.pdf
byVyankateshBhaurkar1
 
PDF
Foundations and evolution of Artificial Intelligence - Mechanical Engineering...
byvyankatesh1
 
PPT
OMRS for Railway people of Mechanical department
byArun Kumar Sharma
 
PPT
5.1 Basic concept and hierarchy.ppt1234564
byChetansingh768231
 
PDF
graph graph graph theory Graph presentation .pdf
bygeekcooder2020
 
PPTX
Power Circuit Breakers and Substations .pptx
byJawadAmjad16
 
PPTX
HVAC_Design_Course_Mech_Engineering.pptx
bysabermona665
 
PDF
SURAJIT PARAMANIK_ME_3RD_THERMODYNAMICS.pdf
byastikparamanik1970
 
PPTX
Why Hydraulic Flushing Should Never Be Skipped Before Commissioning
byNeometrix_Engineering_Pvt_Ltd
 
PPTX
Calculation of Water Hardness and softening.pptx
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
PPTX
Steam Turbines basicsproperties power plant-1.pptx
byAjitParwani
 
Yes, we put AI agents in production. No, don't try this at home
byMarie-Alice Blete
 
Performance Benchmarking Strategies for AI/HPC/EdgeAI
byDanny Jiang
 
Hospital Management System Project- 220180107010.pptx
bypravjo279
 
Finite Automata With Output - Moore and Mealy Machines definitions and Solved...
byNileshPardeshi28
 
Performance_Metrics_Evolution_DannyJiang
byDanny Jiang
 
The Most Dangerous Asset in Your Plant Is the One You Ignore | CXO Guide to H...
byMaintWiz Technologies Private Limited
 
Atlassian for the New Age: Efficiency, Alignment & Collaboration at Scale
byAnanyaBanerjee57
 
UNIT02_TRE_GEOMETRIC DESIGN.pdf_________
byAaquib Ansari
 
Branches of AI – perception, reasoning, learning, and action.pdf
byVyankateshBhaurkar1
 
Foundations of AI and ML - Mechanical Engineering Perspectives.pdf
byVyankateshBhaurkar1
 
Foundations and evolution of Artificial Intelligence - Mechanical Engineering...
byvyankatesh1
 
OMRS for Railway people of Mechanical department
byArun Kumar Sharma
 
5.1 Basic concept and hierarchy.ppt1234564
byChetansingh768231
 
graph graph graph theory Graph presentation .pdf
bygeekcooder2020
 
Power Circuit Breakers and Substations .pptx
byJawadAmjad16
 
HVAC_Design_Course_Mech_Engineering.pptx
bysabermona665
 
SURAJIT PARAMANIK_ME_3RD_THERMODYNAMICS.pdf
byastikparamanik1970
 
Why Hydraulic Flushing Should Never Be Skipped Before Commissioning
byNeometrix_Engineering_Pvt_Ltd
 
Calculation of Water Hardness and softening.pptx
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
Steam Turbines basicsproperties power plant-1.pptx
byAjitParwani
 

Microevent

Editor's Notes

  • #15 Make it better through tooling!
  • #26 Wiring = RabbitMQ instead of ZeroMQ, Cassandra instead of SQL, and so on Results from our experience
  • #35 Message driven: loose coupling, independence, grow with the business with no change to existing functionalities Elastic: scaling Resilient: faults do not scare us. Apply back pressure to ensure scaling will be always on time. Responsive: All this together creates a responsive system This is a self healing system and we can build this today.
  • #54 Extra: A/B Testing, Canary releases, Blue/Green deployments
  • #55 Extra: A/B Testing, Canary releases, Blue/Green deployments
  • #56 Extra: A/B Testing, Canary releases, Blue/Green deployments