Spring Boot on Amazon Web Services with Spring Cloud AWS

SPRING BOOT
ON AMAZON WEB SERVICES
WITH SPRING CLOUD AWS
MACIEJ
WALKOWIAK
MATEJ
NEDIC

@maciejwalkowiak @matejnedic1
MACIEJ WALKOWIAK
- independent consultant
- Spring Cloud AWS Lead
- working with

https://youtube.com/springacademy

MATEJ NEDIC
- Software Engineer
- Spring Cloud AWS Core team member
- working at

SPRING CLOUD AWS

SPRING CLOUD AWS
•Created by Agim Emruli and Alain Shall
•First commit in February 2011
•Community project
•April 2020 - not a part of Spring
Cloud release train
•May 2020 - new maintainers

SPRING CLOUD AWS
MACIEJ
WALKOWIAK
MATEJ
NEDIC
EDDU
MELENDEZ

SPRING CLOUD AWS
https://github.com/awspring/spring-cloud-aws

SPRING BOOT
ON AMAZON WEB
SERVICES
WITH SPRING CLOUD AWS

Application RDBMS

EC2
•Updates
•Backups
•Security
•Scaling
•High Availability
RDS
•Updates
•Backups
•Security
•Scaling
•High Availability

EC2
•! Updates
•! Backups
•! Security
•! Scaling
•! High Availability
RDS
•✅ Updates
•✅ Backups
•✅ Security
•✅ Scaling
•✅ High Availability

EC2
•! Updates
•! Backups
•! Security
•! Scaling
•! High Availability
RDS
•✅ Updates
•✅ Backups
•✅ Security
•✅ Scaling
•✅ High Availability
#

Application RDS

Application
RDS - Primary

Application
RDS - Primary
RDS - Read Replica

Application
RDS - Primary
RDS - Read Replica
Asynchronous
Replication

Application
RDS - Primary
RDS - Read Replica
Asynchronous
Replication
Write
Read

Application
RDS - Primary
RDS - Read Replica #1
Asynchronous
Replication
Write
Read
Read
Read

spring:
datasource:
url: jdbc:postgresql://springone.c0x5be2ybrmz.eu-west-2.rds.amazonaws.com:5432/postgres
username: postgres
password: postgres

cloud:
aws:
rds:
instances:
-
db-instance-identifier: springone
database-name: postgres
username: postgres
password: postgres

cloud:
aws:
rds:
instances:
-
db-instance-identifier: springone
database-name: postgres
username: postgres
password: postgres
read-replica-support: true

@Service
class UserService {
@Transactional
void registerUser(User user) {
...
}
@Transactional(readOnly=true)
User findUser(Long id) {
...
}
}

https://vladmihalcea.com/read-write-read-only-transaction-routing-spring/

•Only Tomcat connection pool supported (will change
in 3.0)
•No Aurora support (will change in 3.0)
WHAT IS MISSING?

•Aurora support
•IAM Authentication
•RDS Proxy Support
•Secrets Manager JDBC authentication (?)
WHAT IS COMING?

MESSAGING ON AWS

Service A Service B
HTTP

Service A Service B

https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-basic-architecture.html

@Service
public class RegistrationService {
void register(Attendee attendee) {
// persist attendee, send confirmation email
}
}

@Service
public class RegistrationService {
private final QueueMessagingTemplate queueMessagingTemplate;
public RegistrationService(QueueMessagingTemplate queueMessagingTemplate)
this.queueMessagingTemplate = queueMessagingTemplate;
}
void register(Attendee attendee) {
// persist attendee, send confirmation email
queueMessagingTemplate.convertAndSend("springone-queue", attendee);
}
}

@Component
public class AttendeeListener {
private AttendeeRepository attendeeRepository;
public AttendeeListener(AttendeeRepository attendeeRepository) {
this.attendeeRepository = attendeeRepository;
}
@SqsListener("springone-queue")
void handle(Attendee attendee) {
attendeeRepository.save(attendee);
}
}

@Component
}
void handle(Attendee attendee, @Header("header-name") String header) {
}
}

@Component
}
void handle(Attendee attendee, Acknowledgment acknowledgment) {
if (...) {
acknowledgment.acknowledge();
}
}
}

@Component
}
void handle(Attendee attendee, Visibility visibility) {
if (...) {
visibility.extend(2);
}
}
}

@Component
}
@SendTo("tickets-queue")
Ticket handle(Attendee attendee) {
// return ticket
}
}

Service A Service C
Service B
SNS

Service A Service C
Service B
SNS
HTTP
HTTP
HTTP

@Component
public class SnsNotificationSender {
private final NotificationMessagingTemplate
notificationMessagingTemplate;
public SnsNotificationSender(
NotificationMessagingTemplate notificationMessagingTemplate)
{
this.notificationMessagingTemplate =
notificationMessagingTemplate;
}
public void send(String subject, String message) {
this.notificationMessagingTemplate.sendNotification(
"physicalTopicName", message, subject);
}
}

@Controller
@RequestMapping("/springone-topic")
public class NotificationController {
@NotificationSubscriptionMapping
public void handleSubscriptionMessage(NotificationStatus status) {
//We subscribe to start receive the message
status.confirmSubscription();
}
@NotificationMessageMapping
public void handleNotificationMessage(@NotificationSubject String subject,
@NotificationMessage String message) {
// ...
}
@NotificationUnsubscribeConfirmationMapping
public void handleUnsubscribeMessage(NotificationStatus status) {
//e.g. the client has been unsubscribed and we want to "re-subscribe"
status.confirmSubscription();
}
}

•Performance …
•Reactive support
•Spring Cloud Stream SQS (?)
WHAT IS COMING?

STORING CONFIGURATION WITH
SECRETS MANAGER
AND
PARAMETER STORE

https://cloud.spring.io/spring-cloud-config/reference/html/
Service A
Service B
Service C

Service A
Service B
Service C
Spring Cloud Config

Service A
Service B
Service C
Spring Cloud Config
DB
File
System
Vault
Git

But what if your
storage for properties
goes down?

AWS PARAMETER STORE

Service A Service B
Parameter store

spring.config.import=aws-parameterstore:/config/spring/
spring.config.import=optional:aws-parameterstore:/config/common/;/config/urls/
spring:
config:
import:
- aws-parameterstore:/config/spring/
- optional:aws-parameterstore:/config/common/;/config/urls/

@Value("${message}") String message;
spring.cloud.config.server.git.refreshRate=${refresh}

AWS SECRETS MANAGER

Parameter store
Secret Manager

Service A
Parameter store
Secret Manager

Service A
RDS
Parameter store
Secret Manager

spring.config.import=aws-secretmanager:/secret/db/prod/url
spring.config.import=optional:aws-secretmanager:/secret/common
spring.datasoruce.url=${url}

Parameter Store
• Type: Supports
StringList,String,
SecureString.
• 4KB char max
• Can’t be referenced cross
account
• Can’t rotate secrets
• Cheaper
Secret manager
• Can be referenced cross
account
• Automatic Secret rotation
• More expensive
• Can store more characters 10kb
• Built in password generator
• Supports secret cross region
replication

•Secret rotation support
•Refreshing context on parameter and secret change
WHAT IS COMING?

OTHER SUPPORTED SERVICES
•S3
•EC2 metadata
•Cloud Watch
•ElastiCache (Redis & Memcached)
•SES (Simple Email Service)
•Cloud Formation

WHEN SPRING CLOUD AWS IS NOT ENOUGH
•Spring Cloud Stream Kinesis Binder
https://github.com/spring-cloud/spring-cloud-stream-binder-aws-kinesis
•Spring Integration AWS
https://github.com/spring-projects/spring-integration-aws
•Spring Cloud Config Server
https://github.com/spring-cloud/spring-cloud-config
•Spring Data DynamoDB
https://github.com/boostchicken/spring-data-dynamodb

•AWS SDK:
•AWS SDK v1
•AWS SDK v2

•AWS SDK v2
•$ GraalVM Native Image compatible
•$ Non Blocking - Spring WebFlux friendly!
•$ Pluggable HTTP client
•$ Does not conflict with SDK v1
•% Still no feature parity with 1.x

TESTING

TESTING WITH LOCALSTACK

version: '3.1'
services:
localstack:
image: localstack/localstack:latest
environment:
- SERVICES=sqs,s3
ports:
- ‘4566:4566'
- ‘4571:4571’
volumes:
- "${TEMPDIR:-/tmp/localstack}:/tmp/localstack"
- "/var/run/docker.sock:/var/run/docker.sock"
LOCALSTACK

$ docker-compose up
localstack_1 |
localstack_1 | __ _______ __ __
localstack_1 | / / ____ _________ _/ / ___// /_____ ______/ /__
localstack_1 | / / / __ / ___/ __ `/ /__ / __/ __ `/ ___/ //_/
localstack_1 | / /___/ /_/ / /__/ /_/ / /___/ / /_/ /_/ / /__/ ,<
localstack_1 | /_____/____/___/__,_/_//____/__/__,_/___/_/|_|
localstack_1 |
localstack_1 | & LocalStack CLI 0.12.17.3
localstack_1 |
localstack_1 | [16:23:49] starting LocalStack in host mode & localstack.py:101
localstack_1 | ──────────────── LocalStack Runtime Log (press CTRL-C to quit) ─────────────────
localstack_1 | 2021-09-01 16:23:50,722 INFO success: infra entered RUNNING state, process has stayed up for > than 1 seconds (startsecs)
localstack_1 |
localstack_1 | LocalStack version: 0.12.17.3
localstack_1 | LocalStack Docker container id: 67fb82278492
localstack_1 | LocalStack build date: 2021-09-01
localstack_1 | LocalStack build git hash: 637d9bfa
localstack_1 |
localstack_1 | Starting edge router (https port 4566)...
localstack_1 | Starting mock S3 service on http port 4566 ...
localstack_1 | 2021-09-01T16:23:54:INFO:localstack.multiserver: Starting multi API server process on port 44089
localstack_1 | [2021-09-01 16:23:54 +0000] [21] [INFO] Running on https://0.0.0.0:4566 (CTRL + C to quit)
localstack_1 | 2021-09-01T16:23:54:INFO:hypercorn.error: Running on https://0.0.0.0:4566 (CTRL + C to quit)
localstack_1 | [2021-09-01 16:23:54 +0000] [21] [INFO] Running on http://0.0.0.0:44089 (CTRL + C to quit)
localstack_1 | 2021-09-01T16:23:54:INFO:hypercorn.error: Running on http://0.0.0.0:44089 (CTRL + C to quit)
localstack_1 | Waiting for all LocalStack services to be ready
localstack_1 | Starting mock SQS service on http port 4566 ...
localstack_1 | Ready.
LOCALSTACK

$ aws sqs create-queue --queue-name “hello-springone" --endpoint-url http://localhost:4566
LOCALSTACK

LOCALSTACK
{
"QueueUrl": "http://localhost:4566/000000000000/hello-springone"
}

LOCALSTACK
{
}
$ aws sqs list-queues --endpoint-url http://localhost:4566

LOCALSTACK
{
}
$ aws sqs list-queues --endpoint-url http://localhost:4566
{
"QueueUrls": [
"http://localhost:4566/000000000000/testqueue",
"http://localhost:4566/000000000000/hello-springone"
]
}

cloud.aws.sqs.endpoint: http://localhost:4566
LOCALSTACK
cloud.aws.sns.endpoint: http://localhost:4566

@SpringBootTest
@Testcontainers
class DemoApplicationTests {
@Container
static LocalStackContainer localstack =
new LocalStackContainer(DockerImageName.parse("localstack/localstack:0.12.17"))
.withServices(LocalStackContainer.Service.SQS);
@DynamicPropertySource
static void localstackProperties(DynamicPropertyRegistry registry) {
registry.add("clous.aws.sqs.endpoint",
() -> localstack.getEndpointOverride(LocalStackContainer.Service.SQS));
}
// ..
}
LOCALSTACK

LOCALSTACK
• ACM
• API Gateway
• CloudFormation
• CloudWatch
• CloudWatch Logs
• DynamoDB
• DynamoDB Streams
• EC2
• Elasticsearch Service
• EventBridge
(CloudWatch Events)
• Firehose
• IAM
• Kinesis
• KMS
• Lambda
• Redshift
• STS
• Route53
• S3
• SecretsManager
• SES
• SNS
• SQS
• SSM
• StepFunctions

LOCALSTACK
• Amplify
• API Gateway V2
(WebSockets support)
• AppConfig
• Application
AutoScaling
• AppSync
• Athena
• Backup
• Batch
• CloudFront
• CloudTrail
• CodeCommit
• Cognito
• CostExplorer
• DocumentDB
• ECR/ECS/EKS
• ElastiCache
• ElasticBeanstalk
• ELB/ELBv2
• EMR
• Glacier / S3 Select
• Glue
• IAM Security Policy
Enforcement
• IoT
• Kinesis Data Analytics
• Lambda Layers &
Container Images

LOCALSTACK
https://localstack.dev

FUTURE

•Migrate from AWS SDK v1 to AWS SDK v2
•CloudMap integration (PR ready)
•Spring Data Dynamo DB (?)
•Drop support for: ElastiCache, CloudFormation
•Improve startup times
•GraalVM Native Image compatibility
FUTURE  SPRING CLOUD AWS 3.X

SPRING CLOUD AWS
SAMPLES

https://github.com/awspring/spring-cloud-aws/tree/2.3.x/spring-cloud-aws-samples

https://stratospheric.dev/
BJÖRN WILMSMANN
PHILIP RIECKS
TOM HOMBERGS

THANK YOU!

Spring Boot on Amazon Web Services with Spring Cloud AWS

More Related Content

What's hot

Similar to Spring Boot on Amazon Web Services with Spring Cloud AWS

More from VMware Tanzu

Recently uploaded

Spring Boot on Amazon Web Services with Spring Cloud AWS