In this article, we will learn the fundamentals of one of the must pattern in the Microservices world — Circuit Breaker. We will do the sample implementation based on Spring Boot, Spring Cloud & Resilience4j. This is the sixth part of our Spring Boot Microservices series.
What is Circuit Breaker?
As the name suggests, the pattern derives its inspiration from the electrical switches, which are designed to protect an electrical circuit from damage, caused by excess current from an overload.
When a particular microservice or resource is not responding, this pattern helps in registering the fault, switching off the communication, and restoring it back when the service is ready to serve the requests. This helps the microservice ecosystem in multiple ways —
- It handles the service failure and exits gracefully
- It helps in reducing the overload on the service, which is already stressed
- It stops the spread of failure across…
In this article, we will try to understand the fundamentals of Spring Cloud Gateway which represents one of the most important patterns in the Microservices Architecture — API Gateway. We will create sample implementations based on Spring Boot & Spring Cloud Gateway. This is the fifth part of our Spring Boot Microservices series.
API Gateway
Spring Cloud Gateway provides a library to build an API Gateway. This is the preferred gateway implementation provided by Spring Cloud. It's built with Spring 5, Spring Boot 2, and Project Reactor.
To understand the offerings of Spring Cloud Gateway we must understand the API Gateway pattern in detail. Let's assume, we are implementing the microservices architecture for our e-commerce system. One of the microservices in the system is Product Catalog Service, which is responsible to manage product lifecycle through — create, update, delete, and get operations. Let’s go through some common scenarios, we might come across —
Scenario 1 — Multiple Versions of Service
There are at least a dozen threat modeling methodologies in the market. In this article, I am trying to gauge the popularity of them.
The Methodologies
Here is the list of methodologies, I am considering for my assessment —
- Attack Tree — This is one of the oldest methodologies which can be applied to a wide set of industries. It's based on conceptual diagrams showing how an asset, or target, might be attacked.
- OCTAVE — This approach is driven by operational risk and security practices and not technology. …
In this article, we will develop our first microservice based on the spring-boot framework and the fundamentals of microservices architecture. This is exercise-driven and segregated into four areas — Design, Development, Test, and Deploy.
As the topic is very wide, I do not intend to distract you with the details. Rather, I am covering the bare minimum on this topic here. Just good enough for you to start on the journey of Spring Boot Microservices. This is an exercise-driven article and I have segregated them into four areas. Each of these areas is mapped to the phases of the development lifecycle, which we all are accustomed to.
- Designing First MicroService — We will conceptualize and define our first Microservice here based on the typical characteristics of Microservices and Spring Boot.
- Developing First MicroService —…
In this article, I am capturing the top ten security threats for microservices based on OWASP — Top Ten. We will look into the definition, example scenarios, and solutions for each of these threats.
Overview
Microservices Architecture has changed the way applications used to be built, developed, tested, deployed, monitored, and secured. We do not have a single entry point to the system now. The monolith is broken into multiple microservices. In this article, we are going to address the top ten security threats for microservices based on OWASP — API Security Top Ten.
Open Web Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. OWASP has many projects, web-application security being the most popular. My focus lies with their…
In this article, we are going to decode one of the OWASP Security Threats — “Broken Authentication”, in the context of Microservices Architecture. We will discuss the threat along with the solutions from multiple aspects including o-auth, API gateway, service-service communication, etc.
Broken Authentication is the second most severe threat when it comes to OWASP API Security Threats. Microservices Architecture has changed the rules of authentication and authorization to a great extent. We must understand the dynamics, scope, and issues of this threat and address it during our design and development. I am going to cover the topic in four parts —
- Authentication Flows — In this section, we will understand the authentication and associated flows. This will help in defining the scope and boundaries of this threat.
- Authentication Flows in Microservices — In this section, we will understand how the authentication…
Service interactions in the microservices world deal with many non-functional concerns — service discovery, load balancing, fault tolerance, etc. Service Mesh provides the platform to manage these concerns in a more efficient and cleaner way. In this article, we will understand the framework in more detail along with a sample implementation based on Istio and Spring Boot. This is the 9th part of our learning series on Spring Boot Microservices.
Why do we need Service Mesh?
The unique proposition of Service Mesh does not lie in “what it offers” instead “how it achieves it”. It solves the problems, originated in the microservices architecture, with a different and mature perspective. It offers the platform where the non-functional concerns related to service interactions, are managed more efficiently. It ensures these operational concerns are not coupled together with the business logic, as was the case with earlier solutions.
We already discussed multiple microservice patterns as part of our spring-boot learning series including Service Discovery, Load Balancing, API Gateway, Circuit Breaker, and many others. Before moving further, I assume, you…
In this article, we will understand the advantages of containerizing Spring Boot Microservices. We will also do sample implementation, based on Docker and Spring Boot. This is the 7th part of our series — Spring Boot Microservices — Learning through examples
This is very similar to the package we build for Spring Boot Microservices. Our Spring Boot applications are packaged as Jar files which assume that the runtime environment has Java installed. Containers are packaged in such a way that they can run directly…
It was neither curated by the Medium team nor published by any Medium Publication. This is an article about a story of mine, which crossed 1000+ views recently, attributed to my amateur blogging maneuver.
I started my journey on Medium a year back with the hope that it could be my retirement plan. Soon I realized, I am a misfit. None of my stories crossed more than 10 views. I always assumed the story will fly on its own. If there is a quality in my content, it will click automatically. I did not bother about curation or the Medium publications at that point of time.
Its only a few months back, when I started exploring the platform with more sincerity. The unusual high number of views on the story, which is neither curated…
In this article, we will understand the advantages of adopting Kubernetes for the Spring Boot Microservices. We will look into the evolution of deployment models and understand why Containerization is so critical for enterprises. To understand the benefits in the real world, we will also do sample implementation, based on Kubernetes and Docker along with our Spring Boot based Microservices. This is the 8th part of our series — Spring Boot Microservices — Learning through examples
When I started on Spring Boot Microservices, I wondered what additional benefits Kubernetes or Docker will bring on the table. If I can deploy my Spring Boot Microservice independently, why do I bother about the additional frameworks or technologies. I was wrong!
As I progressed in the microservices world, the mystery of this topic unfolded. Soon I understood the advantages of these technologies. I truly believe Containers and Kubernetes are the must to have technologies in the “Microservices World”. It does not matter whether you are developing the services in Spring Boot, Node or Python, you are going to love…
Lal Verma
Technology Evangelist | Microservices Architecture, Cloud Technologies, Enterprise Softwares
