Before we jump into the world of Microservices, let's spend some time understanding the fundamentals. As it involves, a multitude of technologies, it's easy to lose track. If you think, you are already aware of the fundamentals, associated patterns, and frameworks, you can skip it and move to the series directly.
The new architecture pattern is been adopted by almost all sizes of organizations, be it small, medium, or large. Organizations have started realizing the value of it. In spite of such widespread adoption of this pattern, it's unfortunate, there is no consistent definition of Microservices.
Spring Cloud Config is one of the Spring Cloud Projects. This is directly mapped to one of the important patterns of Microservice Architecture — Centralized Configuration Service. This provides the means to centralize and manage the externalized configurations across different applications/services in a distributed system.
We will walk through this topic in the following steps
I have also published a video on this topic. Do check it out, especially if you are not into reading much :)
Configurations increase the flexibility of our applications(services). We…
Spring Cloud Gateway provides a library to build an API Gateway. This is the preferred gateway implementation provided by Spring Cloud. It's built with Spring 5, Spring Boot 2, and Project Reactor.
To understand the offerings of Spring Cloud Gateway we must understand the API Gateway pattern in detail. Let's assume, we are implementing the microservices architecture for our e-commerce system. One of the microservices in the system is Product Catalog Service, which is responsible to manage product lifecycle through — create, update, delete, and get operations. Let’s go through some common scenarios, we might come across —
As the name suggests, the pattern derives its inspiration from the electrical switches, which are designed to protect an electrical circuit from damage, caused by excess current from an overload.
When a particular microservice or resource is not responding, this pattern helps in registering the fault, switching off the communication, and restoring it back when the service is ready to serve the requests. This helps the microservice ecosystem in multiple ways —
The very first step in developing microservices is to model them. This helps in defining the scope of the microservices. There is a lot at stake at this first step. Improper modeling can lead to serious disasters in software development.
The process is not trivial, I must say. There are many grey areas indeed! Thankfully we have the fundamental principles, which promise us to guide in this journey. The three magic principles, I am going to talk about is —
I know the discussion is going to be a bit theoretical. But believe me…
There are at least a dozen threat modeling methodologies in the market. In this article, I am trying to gauge the popularity of them.
Here is the list of methodologies, I am considering for my assessment —
As the topic is very wide, I do not intend to distract you with the details. Rather, I am covering the bare minimum on this topic here. Just good enough for you to start on the journey of Spring Boot Microservices. This is an exercise-driven article and I have segregated them into four areas. Each of these areas is mapped to the phases of the development lifecycle, which we all are accustomed to.
Microservices Architecture has changed the way applications used to be built, developed, tested, deployed, monitored, and secured. We do not have a single entry point to the system now. The monolith is broken into multiple microservices. In this article, we are going to address the top ten security threats for microservices based on OWASP — API Security Top Ten.
Open Web Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. OWASP has many projects, web-application security being the most popular. My focus lies with their…
Broken Authentication is the second most severe threat when it comes to OWASP API Security Threats. Microservices Architecture has changed the rules of authentication and authorization to a great extent. We must understand the dynamics, scope, and issues of this threat and address it during our design and development. I am going to cover the topic in four parts —
Technology Evangelist | Microservices Architecture, Cloud Technologies, Enterprise Softwares