5. LIMITATIONS OF MONOLITHIC ARCHITECTURE
• Lots of challenges to manage services right now
• Large code base
• Many Components, no clear ownership
• Quick adaptation to different business needs
• Long deployment cycles
• Auto scaling and healing
• Managing the config of the environments
6. MONOLITHIC TO MICROSERVICES
• YAGNI (You Aren't Gonna Need It)
• Exposing new restful apis to front-end
• Current API project count in backend : 40+ and growing
7. MICROSERVICES
Front-End (React App)
Apı Gateway
LB
Apı Gateway
1
Apı Gateway
2
Settlement
Reporting API
1
Settlement
Reporting API
2
Payment
Reporting API
1
Payment
Reporting API
2
Merchant
API 2
Merchant
API 1
Confing
Server LB
Confing
Server 1
Confing
Server 2
Discovery
Server 1
Discovery
Server 1
Auth
Server 1
Auth
Server 1
Elastic
searchRedisMySql
Bitbucket
(Config Repo)
13. API GATEWAY / BACKEND FOR FRONTEND
• An edge service, gatekeeper for micro services
• Adapter layer for specific devices
• Some services might not be friendly
• Another component to make holy available
14. MICROSERVICES
Front-End (React App)
Apı Gateway
LB
Apı Gateway
1
Apı Gateway
2
Settlement
Reporting API
1
Settlement
Reporting API
2
Payment
Reporting API
1
Payment
Reporting API
2
Merchant
API 2
Merchant
API 1
Confing
Server LB
Confing
Server 1
Confing
Server 2
Discovery
Server 1
Discovery
Server 1
Auth
Server 1
Auth
Server 1
Elastic
searchRedisMySql
Bitbucket
(Config Repo)
15. NETFLIX ZUUL
• Easy setup
• Used by many tech companies in production
• Rate limiting or logging filters vs.
• Authentication
• Smart Load Balancing
• Attack Detection & Prevention
• Difficult to manage timeout with gateway and apis together
• Keep business logic out of gateway :)
20. SERVICE DISCOVERY
• Number of service instances and locations
changes dynamically (on-demand scalability)
• So hard to manage lots of microservices in a
cloud native world with DNS and Load
Balancers
• Maintains registry of client with metadata (host,
port, name)
• Client heartbeats
21. • Client code is simpler just a request to
the router
• Router is another component to install,
configure and make highly available
• More network hops are required than
client-side
• AWS Elastic Load Balancer is an example
SERVER SIDE DISCOVERY
22. • Client code is simpler just a request to
the router
• Router is another component to install,
configure and make highly available
• More network hops are required than
client-side
• AWS Elastic Load Balancer is an example
CLIENT SIDE DISCOVERY
23. MICROSERVICES
Front-End (React App)
Apı Gateway
LB
Apı Gateway
1
Apı Gateway
2
Settlement
Reporting API
1
Settlement
Reporting API
2
Payment
Reporting API
1
Payment
Reporting API
2
Merchant
API 2
Merchant
API 1
Confing
Server LB
Confing
Server 1
Confing
Server 2
Discovery
Server 1
Discovery
Server 1
Auth
Server 1
Auth
Server 1
Elastic
searchRedisMySql
Bitbucket
(Config Repo)
24. • Uses client-side discovery
• Provides rest api to query service
instances
• All nodes sync with eventually consistent
approach
NETFLIX EUREKA
Register : register at startup
Fetch Registry : provide client-side registry cache
Heartbeat : heartbeat every 30 seconds
26. WHY WE CHOOSE EUREKA
• Easy setup
• Rest based service registry
• Support replication
• Caches on client
• Fast but not consistent
• Discovery server client interface (abstraction)
27. CHALLANGES IN REGISTERING EUREKA
• Client Registration
• Server Response Cache
• Client Cache Refresh
• LoadBalancer Refresh
28. • Declarative rest client with interfaces
• It makes writing web service clients easier (no implementation code)
• @FeignClient annotation
• Spring Cloud will implement it at run-time
• Uses ribbon load balancer and hystrix circuit breaker
• No more implements client projects
•
FEIGN CLIENT
29. RIBBON
• Client side load balancer
• Load Balancing Algorithms
• Fault Tolerance
• Eureka, Hystrix
• Good set of configuration
37. • Need a token-based approach to talk to front-
end
• Need to authenticate a single request in all
microservices
• Authorize requests according to user
permissions
•
AUTHENTICATION & AUTHORIZATION
38. MICROSERVICES
Front-End (React App)
Apı Gateway
LB
Apı Gateway
1
Apı Gateway
2
Settlement
Reporting API
1
Settlement
Reporting API
2
Payment
Reporting API
1
Payment
Reporting API
2
Merchant
API 2
Merchant
API 1
Confing
Server LB
Confing
Server 1
Confing
Server 2
Discovery
Server 1
Discovery
Server 1
Auth
Server 1
Auth
Server 1
Elastic
searchRedisMySql
Bitbucket
(Config Repo)
39. • Open standard authorization protocol
specification
• Enables access without sharing credentials
•
OAUTH2
• Used by many tech companies
• Support Single Sign-On
•
40. • An open standard for securely sending
information between parties
• Consists 3 parts. Header, payload(claims)
and the signature xxxxx.yyyyy.zzzzz
• Encoded not encrypted
• JWTs can be signed using a secret (with the
HMACSHA256 algorithm) or a public/private
key pair using RSA.
• Stateless authentication
• Customize token
JWT (JSON WEB TOKEN )