Click here to load reader
Upload
greg-liebowitz
View
121
Download
1
Embed Size (px)
Citation preview
Cloud / Microservices / DevOps
Architecture Considerationso Strategic Goals and Visiono Architectural Principles to guide developmento Defining boundaries of modules / microservices
Declaring a bounded context Chattiness / coupling Expressiveness of model Feature roadmap
o Design and Delivery Practices Required Standards Monitoring Interfaces Architectural Safety Reusable Service Archetypes / Code Libraries
o Iteration – redoing code to become more elegant, vs. striving for a perfect solution from the start. Not to be confused with slicing, as in Agile.
Cloudo Programmable infrastructure that you can introspect and make strong
assertions abouto On-demand capacityo Built on commodity hardware/softwareo Competition between cloud platforms is driving down cost
Penalty of lock-in is outweighed by cost reduction curve
Service Design Best Practiceso Loose Couplingo High Cohesiono Bounded Contextso Single-Responsibility Principleo Stateless to support horizontal scalabilityo Hide implementation details
Service Integrationo Technology-agnostic APIs
JSON / XML Protocol Buffers REST and HATEOAS
Spring abstractionso Request/Response vs. Asynchronous Event-Based Communication
Choreographed architecture preferred over Orchestration Inform each part of the system through message bus
o Versioning Semantic Versioning (MAJOR, MINOR, PATCH) Version in endpoint URL Version in request header
o API Gateways
Portability layer for forwards/backwards compatibilityo Strangler Pattern
Abstraction layer on top of legacy systemso Discovery and Coordination
Netflix Eureka Optimized for AWS Placed behind AWS ELB Mid-tier round-robin load balancer Optional Sidecar for non-JVM apps
Consul DNS ZooKeeper Metadata in AWS
Testingo Unit Tests / TDD
Spocko Service Tests – Mock/Stub downstream collaboratorso Consumer-Driven Testso End-to-End Testso Testing in Production
Blue/Green Deployment Canary Releases Rolling Upgrades A/B Testing
Indeed Proctor Feature Toggles
o MTBF / MTTR
Deploymento Continuous Integrationo Build Pipelineo Images as Artifacts / Immutable Servers
Docker containers Spin up new instance instead of modifying existing. “Cattle” vs. “Pet” servers Ephemeral infrastructure
o Environment Definitionso Rollout Plano Rollback Plan
Logging of audit metadata to reverse actionso AWS CloudFormation
Securityo SSO Gateway / Identity Providero Service-to-Service Auth.
oAuth 2.0 / JSON Web Token (JWT) Network Segmentation HTTP(S) Basic
X.509 API Keys
o Multi-tenancyo Concerns
Man-in-the-Middle attack Confused Deputy Problem
Scalingo Circuit Breakerso Bulkheadso Idempotencyo Immutable Data Structureso Load Balancingo Worker-based systemso Data Access Strategies
Scaling for reads Scaling for writes Caching CQRS / Event Sourcing
Explicitly modeling events and state change Derive current state from series of events Actor model
o CAP Theorem Sacrificing Consistency Sacrificing Availability Sacrificing Partition Tolerance
Monitoringo Failure Detectiono Performance Degradation Detection
Latency Throughput Utilization
o Capacity Planningo User Interactiono Intrusion Detectiono Process Miningo Tools
Icinga / Nagios Graphite / Grafana Logstash Splunk / ElasticSearch AWS CloudWatch
Netflix Architectureo Disk inside EC2 instanceso Triple-replicated Cassandrao Ribbon/Karyono Eureka instance in each availability zone
ZooKeeper “too consistent” API versioning
o Hystrix circuit breakerso Customer-facing apps optimized for ‘AP’o Business apps optimized for ‘CA’o Security Monkey
NoSQL - “Not only SQL”o Cassandrao MongoDBo Couchbaseo Neo4j