As the name suggests, the pattern derives its inspiration from the electrical switches, which are designed to protect an electrical circuit from damage, caused by excess current from an overload.
When a particular microservice or resource is not responding, this pattern helps in registering the fault, switching off the communication, and restoring it back when the service is ready to serve the requests. This helps the microservice ecosystem in multiple ways —
Spring Cloud Gateway provides a library to build an API Gateway. This is the preferred gateway implementation provided by Spring Cloud. It's built with Spring 5, Spring Boot 2, and Project Reactor.
To understand the offerings of Spring Cloud Gateway we must understand the API Gateway pattern in detail. Let's assume, we are implementing the microservices architecture for our e-commerce system. One of the microservices in the system is Product Catalog Service, which is responsible to manage product lifecycle through — create, update, delete, and get operations. Let’s go through some common scenarios, we might come across —
There are at least a dozen threat modeling methodologies in the market. In this article, I am trying to gauge the popularity of them.
Here is the list of methodologies, I am considering for my assessment —
As the topic is very wide, I do not intend to distract you with the details. Rather, I am covering the bare minimum on this topic here. Just good enough for you to start on the journey of Spring Boot Microservices. This is an exercise-driven article and I have segregated them into four areas. Each of these areas is mapped to the phases of the development lifecycle, which we all are accustomed to.
Microservices Architecture has changed the way applications used to be built, developed, tested, deployed, monitored, and secured. We do not have a single entry point to the system now. The monolith is broken into multiple microservices. In this article, we are going to address the top ten security threats for microservices based on OWASP — API Security Top Ten.
Open Web Application Security Project (OWASP) is an online community that produces freely-available articles, methodologies, documentation, tools, and technologies in the field of web application security. OWASP has many projects, web-application security being the most popular. My focus lies with their other project API Security, which deals with the vulnerabilities and security risks of Application Programming Interfaces (APIs). …
Broken Authentication is the second most severe threat when it comes to OWASP API Security Threats. Microservices Architecture has changed the rules of authentication and authorization to a great extent. We must understand the dynamics, scope, and issues of this threat and address it during our design and development. I am going to cover the topic in four parts —
The unique proposition of Service Mesh does not lie in “what it offers” instead “how it achieves it”. It solves the problems, originated in the microservices architecture, with a different and mature perspective. It offers the platform where the non-functional concerns related to service interactions, are managed more efficiently. It ensures these operational concerns are not coupled together with the business logic, as was the case with earlier solutions.
We already discussed multiple microservice patterns as part of our spring-boot learning series including Service Discovery, Load Balancing, API Gateway, Circuit Breaker, and many others. Before moving further, I assume, you have a basic understanding of these patterns. We will be discussing and referring to them throughout this article. If you do not have the background on them, it will be difficult to understand “What Service Mesh offers”. …
A container is a standard unit of software that packages up code and all its dependencies so the application runs quickly and reliably from one computing environment to another. A Docker container image is a lightweight, standalone, executable package of software that includes everything needed to run an application: code, runtime, system tools, system libraries and settings.
This is very similar to the package we build for Spring Boot Microservices. Our Spring Boot applications are packaged as Jar files which assume that the runtime environment has Java installed. Containers are packaged in such a way that they can run directly at operating system level. This helps to isolate the bundled softwares from its environment and ensure that they work uniformly. …
I started my journey on Medium a year back with the hope that it could be my retirement plan. Soon I realized, I am a misfit. None of my stories crossed more than 10 views. I always assumed the story will fly on its own. If there is a quality in my content, it will click automatically. I did not bother about curation or the Medium publications at that point of time.
Its only a few months back, when I started exploring the platform with more sincerity. The unusual high number of views on the story, which is neither curated nor published, is nothing less than the magic. …
When I started on Spring Boot Microservices, I wondered what additional benefits Kubernetes or Docker will bring on the table. If I can deploy my Spring Boot Microservice independently, why do I bother about the additional frameworks or technologies. I was wrong!
As I progressed in the microservices world, the mystery of this topic unfolded. Soon I understood the advantages of these technologies. I truly believe Containers and Kubernetes are the must to have technologies in the “Microservices World”. It does not matter whether you are developing the services in Spring Boot, Node or Python, you are going to love the duo. With this article, I am trying to share my understanding on this topic. …