SlideShare a Scribd company logo

Microservices architecture

Download as PPTX, PDF
Daniel Foo
Daniel Foo

The document discusses the key concepts of microservices architecture including domain analysis, data management, communication between services, monitoring, and security. It describes techniques for handling data across multiple microservices like using separate databases per service or event sourcing. Communication methods like API gateways, message queues, and service registration/discovery are also outlined. The presentation provides examples of implementing microservices for a reference application and discusses important considerations for moving microservices to production.

Software
1 of 36
Microservices Architecture Presented by: Muhammad Zeeshan December 12,2018
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Microservices
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 3 Domain Analysis
MicroservicesArchitecture Data Communication Security Monitoring 4
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Data
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Bounded Context (boundaries of each microservice)
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • Shared Database • Anti-pattern • Database per service • Different service can use different storage • SQL, Elastic Search (SOLR) or NO-SQL • More databases to maintain • API Composition • Event Sourcing 7 Data techniques
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 8 • Database per service • Different service can use different storage • SQL, Elastic Search (SOLR) or NO-SQL • More databases to maintain Consistency across multiple microservices
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Service subscribe to related events in order to keep an updated view of the required data whilst avoiding bulk data transfers that are both time consuming and also resource inefficient. 9 Event Sourcing
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 10 Query data from multiple microservices
Communication 11
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 12 Service Registration - Self
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 13 Service Registration -Third party registration
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 14 Service Discovery
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Client-to-microservice communication
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Open Source .NET Core API Gateway Products with API Gateway features Azure API Gateway
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 17 API Gateway pattern
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • Authentication and authorization • Service discovery integration • Response caching • Retry policies, circuit breaker and QoS • Rate limiting and throttling • Load balancing • Logging, tracing, correlation • Headers, query strings and claims transformation • IP whitelisting Disadvantages • Coupling that tier with the internal microservices • Single point of failure • API Gateway can introduce increased response time API Gateway pattern
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Communication (Across Microservices) • Protocol • Synchronous • Asynchronous • AMQP • Receiver • Single receiver • Multiple receivers
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 20 Message-based communication – Single Receiver
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 21 Message-based communication – Multiple Receivers
Monitoring 22
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • Failover Mechanism • Circutbreaker • Health-check API Fault tolerance
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Distributed Logging Logging with correlation IDs
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • Application Insights • InfluxDB  Pull based • Prometheus  Push based • Dashboard tool such as Kibana or Grafana • Fluentd with Elasticsearch 25 Logging and auditing
Securing Microservices 26
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • User identity & access control • Use automatic security updates • Use a distributed firewall with centralized control • Use security scanners • Monitor everything Best Practices
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 28 Defence in depth Antivirus software Authentication Biometrics Demilitarized zones (DMZ) Data-centric security Encryption Key Firewalls (hardware or software) Hashing passwords Intrusion detection systems (IDS) Logging and auditing Multi-factor authentication Vulnerability scanners Timed access control Virtual private network (VPN) Sandboxing Intrusion Protection System (IPS)
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Azure KeyVault • Generate RSA key • Rotation of encryption keys used • Cancellation of a compromised communication channel • Retrying the message on a different channel or to a different node without worrying about a breach. 29 Encryption Key
ReferenceApplication 30
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 31 ReferenceApplication
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 32
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 33 Composite UI
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Going into production with a Microservices-based system: • Monitoring and health checks of the services and infrastructure. • Scalable infrastructure for the services (that is, cloud and orchestrators). • Security design and implementation at multiple levels: authentication, authorization, secrets management, secure communication, etc. • Rapid application delivery, usually with different teams focusing on different Microservices. • DevOps and CI/CD practices and infrastructure. Important aspects
© 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Next… Orchestrators
Sitecore Confidential © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Q & A

Recommended

apidays LIVE Australia 2021 - Planning Your Steps to Data Economy Using APIOp...
apidays LIVE Australia 2021 - Planning Your Steps to Data Economy Using APIOp...apidays LIVE Australia 2021 - Planning Your Steps to Data Economy Using APIOp...
apidays LIVE Australia 2021 - Planning Your Steps to Data Economy Using APIOp...
apidays
 
apidays LIVE Australia 2020 - API Value Chain by Christian Raquel
apidays LIVE Australia 2020 - API Value Chain by Christian Raquelapidays LIVE Australia 2020 - API Value Chain by Christian Raquel
apidays LIVE Australia 2020 - API Value Chain by Christian Raquel
apidays
 
apidays LIVE LONDON - Reference Architecture as Code (RaaC): A Framework to A...
apidays LIVE LONDON - Reference Architecture as Code (RaaC): A Framework to A...apidays LIVE LONDON - Reference Architecture as Code (RaaC): A Framework to A...
apidays LIVE LONDON - Reference Architecture as Code (RaaC): A Framework to A...
apidays
 
apidays LIVE Australia 2020 - Starting and Growing an API security company by...
apidays LIVE Australia 2020 - Starting and Growing an API security company by...apidays LIVE Australia 2020 - Starting and Growing an API security company by...
apidays LIVE Australia 2020 - Starting and Growing an API security company by...
apidays
 
Explaining API Integration: How Does API Integration work?
Explaining API Integration: How Does API Integration work?Explaining API Integration: How Does API Integration work?
Explaining API Integration: How Does API Integration work?
DavidAltmen
 
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays
 
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices Deployments
Apigee | Google Cloud
 

Recommended

apidays LIVE Australia 2021 - Planning Your Steps to Data Economy Using APIOp...
apidays LIVE Australia 2021 - Planning Your Steps to Data Economy Using APIOp...apidays LIVE Australia 2021 - Planning Your Steps to Data Economy Using APIOp...
apidays LIVE Australia 2021 - Planning Your Steps to Data Economy Using APIOp...
apidays
 
apidays LIVE Australia 2020 - API Value Chain by Christian Raquel
apidays LIVE Australia 2020 - API Value Chain by Christian Raquelapidays LIVE Australia 2020 - API Value Chain by Christian Raquel
apidays LIVE Australia 2020 - API Value Chain by Christian Raquel
apidays
 
apidays LIVE LONDON - Reference Architecture as Code (RaaC): A Framework to A...
apidays LIVE LONDON - Reference Architecture as Code (RaaC): A Framework to A...apidays LIVE LONDON - Reference Architecture as Code (RaaC): A Framework to A...
apidays LIVE LONDON - Reference Architecture as Code (RaaC): A Framework to A...
apidays
 
apidays LIVE Australia 2020 - Starting and Growing an API security company by...
apidays LIVE Australia 2020 - Starting and Growing an API security company by...apidays LIVE Australia 2020 - Starting and Growing an API security company by...
apidays LIVE Australia 2020 - Starting and Growing an API security company by...
apidays
 
Explaining API Integration: How Does API Integration work?
Explaining API Integration: How Does API Integration work?Explaining API Integration: How Does API Integration work?
Explaining API Integration: How Does API Integration work?
DavidAltmen
 
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays LIVE New York 2021 - API Automation For DevOps at Scale by Rod Cope, ...
apidays
 
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays LIVE Australia 2020 - Growing an API Culture by Liz Douglass & Saul C...
apidays
 
Managing the Complexity of Microservices Deployments
Managing the Complexity of Microservices DeploymentsManaging the Complexity of Microservices Deployments
Managing the Complexity of Microservices Deployments
Apigee | Google Cloud
 
APIdays Zurich 2019 - The Three Pillars of API Strategy Erik Wilde, GoodAPI
APIdays Zurich 2019 - The Three Pillars of API Strategy Erik Wilde, GoodAPIAPIdays Zurich 2019 - The Three Pillars of API Strategy Erik Wilde, GoodAPI
APIdays Zurich 2019 - The Three Pillars of API Strategy Erik Wilde, GoodAPI
apidays
 
Apigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee Edge: Intro to Microgateway
Apigee Edge: Intro to Microgateway
Apigee | Google Cloud
 
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...
apidays
 
apidays LIVE Australia 2021 - Opening Talk by Saul Caganoff, Deloitte
apidays LIVE Australia 2021 - Opening Talk by Saul Caganoff, Deloitteapidays LIVE Australia 2021 - Opening Talk by Saul Caganoff, Deloitte
apidays LIVE Australia 2021 - Opening Talk by Saul Caganoff, Deloitte
apidays
 
Vizag Virtual Meetup #7: Trending API Topics for 2022
Vizag Virtual Meetup #7: Trending API Topics for 2022Vizag Virtual Meetup #7: Trending API Topics for 2022
Vizag Virtual Meetup #7: Trending API Topics for 2022
Ravi Tamada
 
apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...
apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...
apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...
apidays
 
API-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & IntegrationAPI-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & Integration
Apigee | Google Cloud
 
The Progression of APIs and Microservices - Photon Infotech
The Progression of APIs and Microservices - Photon InfotechThe Progression of APIs and Microservices - Photon Infotech
The Progression of APIs and Microservices - Photon Infotech
Photon
 
Managing Sensitive Information in an API and Microservices World
Managing Sensitive Information in an API and Microservices WorldManaging Sensitive Information in an API and Microservices World
Managing Sensitive Information in an API and Microservices World
Apigee | Google Cloud
 
Modernize Service-Oriented Architecture with APIs
Modernize Service-Oriented Architecture with APIsModernize Service-Oriented Architecture with APIs
Modernize Service-Oriented Architecture with APIs
Apigee | Google Cloud
 
apidays LIVE Paris 2021 - API Terms of Service by Benjamin Jean & Célya Gruso...
apidays LIVE Paris 2021 - API Terms of Service by Benjamin Jean & Célya Gruso...apidays LIVE Paris 2021 - API Terms of Service by Benjamin Jean & Célya Gruso...
apidays LIVE Paris 2021 - API Terms of Service by Benjamin Jean & Célya Gruso...
apidays
 
apidays LIVE London 2021 - Quantum Duality of “API as a business” and “API as...
apidays LIVE London 2021 - Quantum Duality of “API as a business” and “API as...apidays LIVE London 2021 - Quantum Duality of “API as a business” and “API as...
apidays LIVE London 2021 - Quantum Duality of “API as a business” and “API as...
apidays
 
apidays LIVE Paris - Lessons learnt supporting developers by Mathieu Pincovai
apidays LIVE Paris - Lessons learnt supporting developers by Mathieu Pincovaiapidays LIVE Paris - Lessons learnt supporting developers by Mathieu Pincovai
apidays LIVE Paris - Lessons learnt supporting developers by Mathieu Pincovai
apidays
 
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays
 
CWIN17 Toulouse / Mulesoft and airbus accelerating digital transformation thr...
CWIN17 Toulouse / Mulesoft and airbus accelerating digital transformation thr...CWIN17 Toulouse / Mulesoft and airbus accelerating digital transformation thr...
CWIN17 Toulouse / Mulesoft and airbus accelerating digital transformation thr...
Capgemini
 
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
apidays
 
Why API Management is Not Enough
Why API Management is Not EnoughWhy API Management is Not Enough
Why API Management is Not Enough
Apigee | Google Cloud
 
APIs at Scale - The Hyperconnected Enterprise
APIs at Scale - The Hyperconnected EnterpriseAPIs at Scale - The Hyperconnected Enterprise
APIs at Scale - The Hyperconnected Enterprise
Axway
 
apidays LIVE Helsinki & North - Bye bye to the insurance monolith - case Eule...
apidays LIVE Helsinki & North - Bye bye to the insurance monolith - case Eule...apidays LIVE Helsinki & North - Bye bye to the insurance monolith - case Eule...
apidays LIVE Helsinki & North - Bye bye to the insurance monolith - case Eule...
apidays
 
How APIs are transforming large enterprises
How APIs are transforming large enterprisesHow APIs are transforming large enterprises
How APIs are transforming large enterprises
Rogue Wave Software
 
world's fastest delivery pipeline for Sitecore on Azure
world's fastest delivery pipeline for Sitecore on Azureworld's fastest delivery pipeline for Sitecore on Azure
world's fastest delivery pipeline for Sitecore on Azure
Bas Lijten
 
Johannes Zijlstra - Sitecore 9 and GDPR
Johannes Zijlstra - Sitecore 9 and GDPRJohannes Zijlstra - Sitecore 9 and GDPR
Johannes Zijlstra - Sitecore 9 and GDPR
Sagittarius
 

More Related Content

What's hot

Why API Management is Not Enough
Why API Management is Not EnoughWhy API Management is Not Enough
Why API Management is Not Enough
Apigee | Google Cloud
 

What's hot (20)

APIdays Zurich 2019 - The Three Pillars of API Strategy Erik Wilde, GoodAPI
APIdays Zurich 2019 - The Three Pillars of API Strategy Erik Wilde, GoodAPIAPIdays Zurich 2019 - The Three Pillars of API Strategy Erik Wilde, GoodAPI
APIdays Zurich 2019 - The Three Pillars of API Strategy Erik Wilde, GoodAPI
 
Apigee Edge: Intro to Microgateway
Apigee Edge: Intro to MicrogatewayApigee Edge: Intro to Microgateway
Apigee Edge: Intro to Microgateway
 
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...
apidays LIVE Paris 2021 - API data sharing legal practices for public sector ...
 
apidays LIVE Australia 2021 - Opening Talk by Saul Caganoff, Deloitte
apidays LIVE Australia 2021 - Opening Talk by Saul Caganoff, Deloitteapidays LIVE Australia 2021 - Opening Talk by Saul Caganoff, Deloitte
apidays LIVE Australia 2021 - Opening Talk by Saul Caganoff, Deloitte
 
Vizag Virtual Meetup #7: Trending API Topics for 2022
Vizag Virtual Meetup #7: Trending API Topics for 2022Vizag Virtual Meetup #7: Trending API Topics for 2022
Vizag Virtual Meetup #7: Trending API Topics for 2022
 
apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...
apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...
apidays LIVE London 2021 - Tech adoption in finance and banking by Christina ...
 
API-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & IntegrationAPI-first, going beyond SOA, ESB & Integration
API-first, going beyond SOA, ESB & Integration
 
The Progression of APIs and Microservices - Photon Infotech
The Progression of APIs and Microservices - Photon InfotechThe Progression of APIs and Microservices - Photon Infotech
The Progression of APIs and Microservices - Photon Infotech
 
Managing Sensitive Information in an API and Microservices World
Managing Sensitive Information in an API and Microservices WorldManaging Sensitive Information in an API and Microservices World
Managing Sensitive Information in an API and Microservices World
 
Modernize Service-Oriented Architecture with APIs
Modernize Service-Oriented Architecture with APIsModernize Service-Oriented Architecture with APIs
Modernize Service-Oriented Architecture with APIs
 
apidays LIVE Paris 2021 - API Terms of Service by Benjamin Jean & Célya Gruso...
apidays LIVE Paris 2021 - API Terms of Service by Benjamin Jean & Célya Gruso...apidays LIVE Paris 2021 - API Terms of Service by Benjamin Jean & Célya Gruso...
apidays LIVE Paris 2021 - API Terms of Service by Benjamin Jean & Célya Gruso...
 
apidays LIVE London 2021 - Quantum Duality of “API as a business” and “API as...
apidays LIVE London 2021 - Quantum Duality of “API as a business” and “API as...apidays LIVE London 2021 - Quantum Duality of “API as a business” and “API as...
apidays LIVE London 2021 - Quantum Duality of “API as a business” and “API as...
 
apidays LIVE Paris - Lessons learnt supporting developers by Mathieu Pincovai
apidays LIVE Paris - Lessons learnt supporting developers by Mathieu Pincovaiapidays LIVE Paris - Lessons learnt supporting developers by Mathieu Pincovai
apidays LIVE Paris - Lessons learnt supporting developers by Mathieu Pincovai
 
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
apidays LIVE Singapore 2021 - Protecting the API ecosystem by Omaru Maruatona...
 
CWIN17 Toulouse / Mulesoft and airbus accelerating digital transformation thr...
CWIN17 Toulouse / Mulesoft and airbus accelerating digital transformation thr...CWIN17 Toulouse / Mulesoft and airbus accelerating digital transformation thr...
CWIN17 Toulouse / Mulesoft and airbus accelerating digital transformation thr...
 
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
INTERFACE, by apidays - How APIs are making innovation exponential by Shaile...
 
Why API Management is Not Enough
Why API Management is Not EnoughWhy API Management is Not Enough
Why API Management is Not Enough
 
APIs at Scale - The Hyperconnected Enterprise
APIs at Scale - The Hyperconnected EnterpriseAPIs at Scale - The Hyperconnected Enterprise
APIs at Scale - The Hyperconnected Enterprise
 
apidays LIVE Helsinki & North - Bye bye to the insurance monolith - case Eule...
apidays LIVE Helsinki & North - Bye bye to the insurance monolith - case Eule...apidays LIVE Helsinki & North - Bye bye to the insurance monolith - case Eule...
apidays LIVE Helsinki & North - Bye bye to the insurance monolith - case Eule...
 
How APIs are transforming large enterprises
How APIs are transforming large enterprisesHow APIs are transforming large enterprises
How APIs are transforming large enterprises
 

Similar to Microservices architecture

Introducing the Sitecore Commerce 9 Connector for Microsoft D365
Introducing the Sitecore Commerce 9 Connector for Microsoft D365Introducing the Sitecore Commerce 9 Connector for Microsoft D365
Introducing the Sitecore Commerce 9 Connector for Microsoft D365
Dean Thrasher
 

Similar to Microservices architecture (20)

world's fastest delivery pipeline for Sitecore on Azure
world's fastest delivery pipeline for Sitecore on Azureworld's fastest delivery pipeline for Sitecore on Azure
world's fastest delivery pipeline for Sitecore on Azure
 
Johannes Zijlstra - Sitecore 9 and GDPR
Johannes Zijlstra - Sitecore 9 and GDPRJohannes Zijlstra - Sitecore 9 and GDPR
Johannes Zijlstra - Sitecore 9 and GDPR
 
An Intro to Sitecore 9 & GDPR Compliancy
An Intro to Sitecore 9 & GDPR CompliancyAn Intro to Sitecore 9 & GDPR Compliancy
An Intro to Sitecore 9 & GDPR Compliancy
 
How to architect your E-commerce shop using Helix
How to architect your E-commerce shop using HelixHow to architect your E-commerce shop using Helix
How to architect your E-commerce shop using Helix
 
Sitecore: Session recommendation engine
Sitecore: Session recommendation engineSitecore: Session recommendation engine
Sitecore: Session recommendation engine
 
Getting Started: Personalization
Getting Started: PersonalizationGetting Started: Personalization
Getting Started: Personalization
 
Sitecore Experience Commerce Architecture
Sitecore Experience Commerce ArchitectureSitecore Experience Commerce Architecture
Sitecore Experience Commerce Architecture
 
Empowering Your Users: Maximizing the Content Management Experience
Empowering Your Users: Maximizing the Content Management ExperienceEmpowering Your Users: Maximizing the Content Management Experience
Empowering Your Users: Maximizing the Content Management Experience
 
Sitecore loves containers
Sitecore loves containersSitecore loves containers
Sitecore loves containers
 
Sitecore Symposium 2018 - Getting Value Out of Your Data
Sitecore Symposium 2018 - Getting Value Out of Your DataSitecore Symposium 2018 - Getting Value Out of Your Data
Sitecore Symposium 2018 - Getting Value Out of Your Data
 
Finding Value in Your Data: Sitecore Analytics
Finding Value in Your Data: Sitecore AnalyticsFinding Value in Your Data: Sitecore Analytics
Finding Value in Your Data: Sitecore Analytics
 
Automate Everything!
Automate Everything!Automate Everything!
Automate Everything!
 
Meet your new best friend: The Sitecore rules engine
Meet your new best friend: The Sitecore rules engineMeet your new best friend: The Sitecore rules engine
Meet your new best friend: The Sitecore rules engine
 
Sitecore on containers and AKS
Sitecore on containers and AKSSitecore on containers and AKS
Sitecore on containers and AKS
 
Introducing the Sitecore Commerce 9 Connector for Microsoft D365
Introducing the Sitecore Commerce 9 Connector for Microsoft D365Introducing the Sitecore Commerce 9 Connector for Microsoft D365
Introducing the Sitecore Commerce 9 Connector for Microsoft D365
 
Sitecores' Cortex
Sitecores' CortexSitecores' Cortex
Sitecores' Cortex
 
Sitecore Commerce and Helix
Sitecore Commerce and HelixSitecore Commerce and Helix
Sitecore Commerce and Helix
 
Top 10 Open Source Technologies In 2018 | Trending Technologies 2018 | Edureka
Top 10 Open Source Technologies In 2018 | Trending Technologies 2018 | EdurekaTop 10 Open Source Technologies In 2018 | Trending Technologies 2018 | Edureka
Top 10 Open Source Technologies In 2018 | Trending Technologies 2018 | Edureka
 
Track 4 - How the avalanche of available customer data can help create more e...
Track 4 - How the avalanche of available customer data can help create more e...Track 4 - How the avalanche of available customer data can help create more e...
Track 4 - How the avalanche of available customer data can help create more e...
 
JAMStack
JAMStackJAMStack
JAMStack
 

Recently uploaded

W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
Presentation.STUDIO
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
masabamasaba
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
shinachiaurasa2
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
VictorSzoltysek
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
9953056974 Low Rate Call Girls In Saket, Delhi NCR
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
VictoriaMetrics
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
masabamasaba
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 

Recently uploaded (20)

Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
Crypto Cloud Review - How To Earn Up To $500 Per DAY Of Bitcoin 100% On AutoP...
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
AI & Machine Learning Presentation Template
AI & Machine Learning Presentation TemplateAI & Machine Learning Presentation Template
AI & Machine Learning Presentation Template
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa%in tembisa+277-882-255-28 abortion pills for sale in tembisa
%in tembisa+277-882-255-28 abortion pills for sale in tembisa
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
%in kaalfontein+277-882-255-28 abortion pills for sale in kaalfontein
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 

Microservices architecture

  • 2. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Microservices
  • 3. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 3 Domain Analysis
  • 5. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Data
  • 6. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Bounded Context (boundaries of each microservice)
  • 7. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • Shared Database • Anti-pattern • Database per service • Different service can use different storage • SQL, Elastic Search (SOLR) or NO-SQL • More databases to maintain • API Composition • Event Sourcing 7 Data techniques
  • 8. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 8 • Database per service • Different service can use different storage • SQL, Elastic Search (SOLR) or NO-SQL • More databases to maintain Consistency across multiple microservices
  • 9. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Service subscribe to related events in order to keep an updated view of the required data whilst avoiding bulk data transfers that are both time consuming and also resource inefficient. 9 Event Sourcing
  • 10. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 10 Query data from multiple microservices
  • 12. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 12 Service Registration - Self
  • 13. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 13 Service Registration -Third party registration
  • 14. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 14 Service Discovery
  • 15. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Client-to-microservice communication
  • 16. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Open Source .NET Core API Gateway Products with API Gateway features Azure API Gateway
  • 17. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 17 API Gateway pattern
  • 18. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • Authentication and authorization • Service discovery integration • Response caching • Retry policies, circuit breaker and QoS • Rate limiting and throttling • Load balancing • Logging, tracing, correlation • Headers, query strings and claims transformation • IP whitelisting Disadvantages • Coupling that tier with the internal microservices • Single point of failure • API Gateway can introduce increased response time API Gateway pattern
  • 19. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Communication (Across Microservices) • Protocol • Synchronous • Asynchronous • AMQP • Receiver • Single receiver • Multiple receivers
  • 20. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 20 Message-based communication – Single Receiver
  • 21. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 21 Message-based communication – Multiple Receivers
  • 23. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • Failover Mechanism • Circutbreaker • Health-check API Fault tolerance
  • 24. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Distributed Logging Logging with correlation IDs
  • 25. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • Application Insights • InfluxDB  Pull based • Prometheus  Push based • Dashboard tool such as Kibana or Grafana • Fluentd with Elasticsearch 25 Logging and auditing
  • 27. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. • User identity & access control • Use automatic security updates • Use a distributed firewall with centralized control • Use security scanners • Monitor everything Best Practices
  • 28. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 28 Defence in depth Antivirus software Authentication Biometrics Demilitarized zones (DMZ) Data-centric security Encryption Key Firewalls (hardware or software) Hashing passwords Intrusion detection systems (IDS) Logging and auditing Multi-factor authentication Vulnerability scanners Timed access control Virtual private network (VPN) Sandboxing Intrusion Protection System (IPS)
  • 29. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Azure KeyVault • Generate RSA key • Rotation of encryption keys used • Cancellation of a compromised communication channel • Retrying the message on a different channel or to a different node without worrying about a breach. 29 Encryption Key
  • 31. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 31 ReferenceApplication
  • 32. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 32
  • 33. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. 33 Composite UI
  • 34. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Going into production with a Microservices-based system: • Monitoring and health checks of the services and infrastructure. • Scalable infrastructure for the services (that is, cloud and orchestrators). • Security design and implementation at multiple levels: authentication, authorization, secrets management, secure communication, etc. • Rapid application delivery, usually with different teams focusing on different Microservices. • DevOps and CI/CD practices and infrastructure. Important aspects
  • 35. © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Next… Orchestrators
  • 36. Sitecore Confidential © 2001-2017 Sitecore Corporation A/S. All rights reserved. Sitecore® and Own the Experience® are registered trademarksof Sitecore Corporation A/S. All other brand and product names are the property of their respective owners. Q & A

Editor's Notes

  1. As the name implies, a microservices architecture is an approach to building a server application as a set of small services. That means a microservices architecture is mainly oriented to the back-end, although the approach is also being used for the front-end. Each service runs in its own process and communicates with other processes using protocols such as HTTP/HTTPS, WebSockets, or AMQP. Each microservice implements a specific end-to-end domain or business capability within a certain context boundary, and each must be developed autonomously and be deployable independently. Finally, each microservice should own its related domain data model and domain logic (sovereignty and decentralized data management) and could be based on different data storage technologies (SQL, NoSQL) and different programming languages.
  2. Start with a bounded context. In general, the functionality in a microservice should not span more than one bounded context. By definition, a bounded context marks the boundary of a particular domain model. If you find that a microservice mixes different domain models together, that's a sign that you may need to go back and refine your domain analysis. Next, look at the aggregates in your domain model. Aggregates are often good candidates for microservices. A well-designed aggregate exhibits many of the characteristics of a well-designed microservice, such as: An aggregate is derived from business requirements, rather than technical concerns such as data access or messaging. An aggregate should have high functional cohesion. An aggregate is a boundary of persistence. Aggregates should be loosely coupled. Domain services are also good candidates for microservices. Domain services are stateless operations across multiple aggregates. A typical example is a workflow that involves several microservices. We'll see an example of this in the Drone Delivery application. Finally, consider non-functional requirements. Look at factors such as team size, data types, technologies, scalability requirements, availability requirements, and security requirements. These factors may lead you to further decompose a microservice into two or more smaller services, or do the opposite and combine several microservices into one.
  3. Approaches to managing data There is no single approach that's correct in all cases, but here are some general guidelines for managing data in a microservices architecture. Embrace eventual consistency where possible. Understand the places in the system where you need strong consistency or ACID transactions, and the places where eventual consistency is acceptable. When you need strong consistency guarantees, one service may represent the source of truth for a given entity, which is exposed through an API. Other services might hold their own copy of the data, or a subset of the data, that is eventually consistent with the master data but not considered the source of truth. For example, imagine an e-commerce system with a customer order service and a recommendation service. The recommendation service might listen to events from the order service, but if a customer requests a refund, it is the order service, not the recommendation service, that has the complete transaction history. For transactions, use patterns such as Scheduler Agent Supervisor and Compensating Transaction to keep data consistent across several services. You may need to store an additional piece of data that captures the state of a unit of work that spans multiple services, to avoid partial failure among multiple services. For example, keep a work item on a durable queue while a multi-step transaction is in progress. Store only the data that a service needs. A service might only need a subset of information about a domain entity. For example, in the Shipping bounded context, we need to know which customer is associated to a particular delivery. But we don't need the customer's billing address — that's managed by the Accounts bounded context. Thinking carefully about the domain, and using a DDD approach, can help here. Consider whether your services are coherent and loosely coupled. If two services are continually exchanging information with each other, resulting in chatty APIs, you may need to redraw your service boundaries, by merging two services or refactoring their functionality. Use an event driven architecture style. In this architecture style, a service publishes an event when there are changes to its public models or entities. Interested services can subscribe to these events. For example, another service could use the events to construct a materialized view of the data that is more suitable for querying. A service that owns events should publish a schema that can be used to automate serializing and deserializing the events, to avoid tight coupling between publishers and subscribers. Consider JSON schema or a framework like Microsoft Bond, Protobuf, or Avro. At high scale, events can become a bottleneck on the system, so consider using aggregation or batching to reduce the total load.
  4. An important rule for microservices architecture is that each microservice must own its domain data and logic. Just as a full application owns its logic and data, so must each microservice own its logic and data under an autonomous lifecycle, with independent deployment per microservice. This means that the conceptual model of the domain will differ between subsystems or microservices. Consider enterprise applications, where customer relationship management (CRM) applications, transactional purchase subsystems, and customer support subsystems each call on unique customer entity attributes and data, and where each employs a different Bounded Context (BC). This principle is similar in Domain-driven design (DDD), where each Bounded Context or autonomous subsystem or service must own its domain model (data plus logic and behavior). Each DDD Bounded Context correlates to one business microservice (one or several services). (We expand on this point about the Bounded Context pattern in the next section.)
  5. Bounded Context is a central pattern in Domain-Driven Design. It is the focus of DDD's strategic design section which is all about dealing with large models and teams. DDD deals with large models by dividing them into different Bounded Contexts and being explicit about their interrelationships. This principle is similar in Domain-driven design (DDD), where each Bounded Context or autonomous subsystem or service must own its domain model (data plus logic and behavior). Each DDD Bounded Context correlates to one business microservice (one or several services). (We expand on this point about the Bounded Context pattern in the next section.)
  6. Define a view database, which is a read-only replica that is designed to support that query. The application keeps the replica up to data by subscribing to Domain events published by the service that own the data.
  7. Consider the following questions when developing a large application based on microservices: • How can client apps minimize the number of requests to the backend and reduce chatty communication to multiple microservices? Interacting with multiple microservices to build a single UI screen increases the number of roundtrips across the Internet. This increases latency and complexity on the UI side. Ideally, responses should be efficiently aggregated in the server side—this reduces latency, since multiple pieces of data come back in parallel and some UI can show data as soon as it is ready. • How can you handle cross-cutting concerns such as authorization, data transformations, and dynamic request dispatching? Implementing security and cross-cutting concerns like security and authorization on every microservice can require significant development effort. A possible approach is to have those services within the Docker host or internal cluster, in order to restrict direct access to them from the outside, and to implement those cross-cutting concerns in a centralized place, like an API Gateway. • How can client apps communicate with services that use non-Internet-friendly protocols? Protocols used on the server side (like AMQP or binary protocols) are usually not supported in client apps. Therefore, requests must be performed through protocols like HTTP/HTTPS and translated to the other protocols afterwards. A man-in-the-middle approach can help in this situation. • How can you shape a façade especially made for mobile apps? The API of multiple microservices might not be well designed for the needs of different client applications. For instance, the needs of a mobile app might be different than the needs of a web app. For mobile apps, you might need to optimize even further so that data responses can be more efficient. You might do this by aggregating data from multiple microservices and returning a single set of data, and sometimes eliminating any data in the response that is not needed by the mobile app. And, of course, you might compress that data. Again, a façade or API in between the mobile app and the microservices can be convenient for this scenario.
  8. Cross-cutting concerns or gateway offloading. Depending on the features offered by each API Gateway product, you can offload functionality from individual microservices to the gateway which will simplify the implementation of each microservice by consolidating cross-cutting concerns into one tier. This is especially convenient for specialized features that can be complex to implement properly in every internal microservice such as the following functionality. • Authentication and authorization • Service discovery integration • Response caching • Retry policies, circuit breaker and QoS • Rate limiting and throttling • Load balancing • Logging, tracing, correlation • Headers, query strings and claims transformation • IP whitelisting
  9. Communication types Client and services can communicate through many different types of communication, each one targeting a different scenario and goals. Initially, those types of communications can be classified in two axes. The first axis is defining if the protocol is synchronous or asynchronous: Synchronous protocol. HTTP is a synchronous protocol. The client sends a request and waits for a response from the service. That is independent of the client code execution that could be synchronous (thread is blocked) or asynchronous (thread is not blocked, and the response will reach a callback eventually). The important point here is that the protocol (HTTP/HTTPS) is synchronous and the client code can only continue its task when it receives the HTTP server response. Asynchronous protocol. Other protocols like AMQP (a protocol supported by many operating systems and cloud environments) use asynchronous messages. The client code or message sender usually does not wait for a response. It just sends the message as when sending a message to a RabbitMQ queue or any other message broker. The second axis is defining if the communication has a single receiver or multiple receivers: Single receiver. Each request must be processed by exactly one receiver or service. An example of this communication is the Command pattern. Multiple receivers. Each request can be processed by zero to multiple receivers. This type of communication must be asynchronous. An example is the publish/subscribe mechanism used in patterns like Event-driven architecture. This is based on an event-bus interface or message broker when propagating data updates between multiple microservices through events; it is usually implemented through a service bus or similar artifact like Azure Service Bus by using topics and subscriptions.
  10. An important point is that you might want to communicate to multiple microservices that are subscribed to the same event. To do so, you can use publish/subscribe messaging based on event-driven communication. This publish/subscribe mechanism is not exclusive to the microservice architecture. It is similar to the way Bounded Contexts in DDD should communicate, or to the way you propagate updates from the write database to the read database in the Command and Query Responsibility Segregation (CQRS) architecture pattern. The goal is to have eventual consistency between multiple data sources across your distributed system. Your implementation will determine what protocol to use for event-driven, message-based communications. AMQP can help achieve reliable queued communication. When you use an event bus, you might want to use an abstraction level (like an event bus interface) based on a related implementation in classes with code using the API from a message broker like RabbitMQ or a service bus like Azure Service Bus with Topics. Alternatively, you might want to use a higher-level service bus like NServiceBus, MassTransit, or Brighter to articulate your event bus and publish/subscribe system.
  11. In microservices architecture when a request come in, it will go through a series microservies What if the middle of services break down.
  12. We are going to use Eg like Sitecore, we forced to change our password after 3 months. This allows the cancellation of a compromised communication channel, rotation of the encryption keys used and retrying the message on a different channel or to a different node without worrying about a breach. https://devops.com/building-a-solid-foundation-for-microservices-security/ I couldn’t find any famework to do this, is like key management services that sole purpose to serve the key
  13. Easy to get started sample reference microservice and container based application. Cross-platform on Linux and Windows Docker Containers, powered by .NET Core 2.1, Docker engine and optionally Azure, Kubernetes or Service Fabric. Supports Visual Studio 2017, VS for Mac and CLI based environments with Docker CLI, dotnet CLI, VS Code or any other … https://github.com/dotnet-architecture/eShopOnContainers