SENG3011

🌿  1.3 - Microservice Ecosystem

In this lecture

  • A revision of Service-Oriented Architecture and Microservices
  • A discussion of parts of the Microservice Ecosystem
    • How do we define and design microservices?
    • How do they communicate and interchange data?
    • How do we mange our data model in a distributed world?
    • How do we manage state?
    • What do we need to consider when designing and developing microservices?
    • How do we keep our microservices secure?

Ecosystems 🌿

SENG3011 Ecosystem 🌿

Service-Oriented Computing 🛎️

  • The era of cloud computing - a move from software as products to software as services
  • Infrastructure as a Service - physical / virtual machines to run code on is provided as a service
  • Platform as a Service - hardware and operating system are provided and accessed remotely by developers
  • Software as a Service - hardware, operating system and software are outsourced and accessed remotely and used by users
  • Platform layers and platformisation in PaaS

Monolith vs Microservices 🪨

  • Monolith: a single large application that contains the entire software solution
    • One service to rule them all
  • Microservices: A series of small-scale services that communicate with one another
    • Each service does one task well

Microservices Case Study: Netflix 📖

  • Cloudshift - from server to cloud (2008)
  • Migrate from monolith to microservices, service by service
  • Started with non customer facing; move to customer facing
  • By 2013, Netflix’s API gateway was handling two billion daily API edge requests, managed by over 500 cloud-hosted microservices
  • By 2017, its architecture consisted of over 700 loosely coupled microservices

Microservices Case Study: Netflix 📖

  • Adopting microservice architecture is a business decision as well as an engineering decision
  • Today, Netflix:
    • Makes around $8 billion a year and
    • Streams approximately six billion hours of content weekly
    • More than 220 million subscribers in 190 countries, and it continues to grow
    • Revolutionised how we consume media and started the streaming wars
  • Cloud costs per streaming start a fraction of those in the data centre

Microservices Case Study: Netflix 📖

Microservices Case Study: Uber 📖

  • Issues in business growth growth was related to a monolithic architecture:
    • More inertia to ship new features
    • More bugs and risk in deployments
    • Much harder to onboard new engineers to work on the system
    • The architecture couldn't meet the demand and popularity of the application - not scalable
  •  Architecture
    • REST API to access monolith
    • Three adapters with embedded API functions
    • Single MySQL database
    • All features in the monolith

Microservices Case Study: Uber 📖

  • One engineering team per microservice
  • Reduced coupling and dependency
  • Focus on scaling at the individual service level - address bottlenecks
  • Improved speed of development, performance, overall quality, fault tolerance
  • Need to create global standards for services to ensure compatibility and interoperability

Microservices Case Study: Uber 📖

Defining your Microservices 📡

  • Let's try an example - design WebCMS as a microservice architecture
  • System requirements (simplified)
    • Lecturers can create courses and put up content
    • Lecturers can create assessments
    • Students can view content and submit assessments
    • Tutors can mark assessments and students can view their marks
    • Enrolment data is synced from UNSW systems
  • What are your microservices?

Defining your Microservices

  • Domain driven design - modelling software to match a business domain

 

  • Conway's Law: Organisations who design systems, are constrained to produce designs which are copies of the communication structure of these organisations

Bounded Context

  • The logical boundary of a domain where particular terms and rules apply consistently
  • Are browsing and purchasing separate contexts?

Bounded Context

  • Are browsing and purchasing separate contexts?
    • Are they a single business process or different processes?
    • How much data do they share?

Microservice Design Principles 🎨

  • SOLID principles still stand - microservices are simply OO classes on a larger scale
  • Low coupling 
    • Services should have minimal coupling with other services
    • Services should not depend on the implementation of other services
    • Services should not reuse components from other services, to avoid dependencies
  • High cohesion
    • Services are cohesive business processes
    • Services form a bounded context

Gluing services together:

Choreography & Orchestration 🧵

  • Choreography - microservices work independently, but co-ordinate with one another using cues or events
    • Method of control of the saga / workflow is determined by a predefined set of cues/events
  • Orchestration - microservices are controlled by a single orchestrator or conductor service
    • Centralised control of the workflow

Choreography Example

Orchestration Example

Choreography & Orchestration: Trade-offs 🧵

  • Choreography
    • Loosely coupled 😃
    • Easy to adapt 😃
    • Additional overhead to monitor the state of the process 😓
  • Orchestration
    • Tightly coupled 😓
    • Single point of failure 😓
    • More difficult to change 😓
    • Easier to monitor process state 😃

Separating the data model 🔹

  • Single database or distributed database?
  • Trade-offs 😓
    • Databases often don't scale very well
    • Distributing databases creates more complexity
    • Single points of failure

Separating the data model 🔹

  • Replication - data copied across multiple machines
    • Scale database to cope with load
    • Improved fault tolerance
    • Locate database closer to end users
  • Partitioning - split the data of a system onto multiple nodes, called partitions
  • Independent databases - each microservice has its own database

Dealing with distributed computing 🚎

  • When we break up services into individual nodes on a network, we have to deal with problems in distributed computing
  • Network reliability - you can't guarantee that the network is reliable
    • Exponential backoff - a technique to manage inter-service request failures


 

Dealing with distributed computing 🚎

  • Network latency - it takes time for packets to travel across the wire
  • Bandwidth isn't infinite
  • The locked room problem - no guarantee the network is secure

Dealing with distributed computing 🚎

 

  • Reliability - how often does your software succeed and how often does it break/fail?
  • Fault tolerance - when software fails, what steps are in place to recover?
  • Death, taxes and computer system failure are all inevitable to some degree - Howard and LeBlanc
  • Individual computers fail all the time - spread the risk of failure over multiple computers - backups

Data Interchange: Sync vs Async 🔊

 

  • Synchronous communication: Request and immediate response between services
  • Technologies
    • REST endpoints
    • GraphQL
    • gRPC
  • Trade-offs 😓
    • Increased coupling 😓

Data Interchange: Sync vs Async 🔊

 

  • Asynchronous communication
    • Request + delayed response (promises)
    • Event-driven architecture
  • Producers, consumers and streams
  • Technologies
    • Apache Kafka
    • Amazon SQS
    • Amazon SNS
  • Trade-offs
    • Loosely coupled 😃
    • Easy to add/remove services 😃
    • More overhead to setup 😓
    • How do we keep our data model accurate? 😓

Data Interchange and Accuracy 🔊

 

  • Byzantine Generals Problem
    • n generals agree on a plan
    • Can only communicate via messenger
    • Messenger may be delayed / lost
    • Some generals are traitors - pretend to not receive message/send dishonest messages
  • Validate format of received messages
  • Sanitise inputs
  • Retrieve data from multiple sources

Data Interchange and Accuracy 🔊

 

  • Idempotency - what happens when a consumer receives the same message twice?
  • Eventual Consistency - data updates take time to propagate between services
    • Reads can be stale
    • Writes can cause conflicts - need to manage this!
    • Single sources of truth?

Eventual Consistency in Action: UNSW Systems

Stateful vs Stateless Architecture 🏛️

 

  • Two types of microservices: container and lambda
  • Containerised Microservices
    • Container as a Service (CaaS)
    • In AWS, provisioned by ECS
    • A continually running instance in a container
    • Allows for persistence within the service 
    • More expensive, since it is continually active
    • Useful for heavy and continuous computation (e.g. processing a data stream) 
    • More control over the running environment of the business logic 

Stateful vs Stateless Architecture 🏛️

 

  • Lambda Microservices
    • Function as a Service (FaaS)
    • In AWS, provisioned using lambda functions
    • A series of lambda functions that take input and produce output
    • Lambdas can also have side effects (e.g. updating a stateful component, such as S3 bucket / cache)
    • Grouped under a common API Gateway
    • Multiple/concurrent invocation is independent
    • Only active when the function is called - pay-as-you-go on AWS
    • Suitable when workload is small, operation takes a few seconds
    • Emphasis on business logic and operations

Stateful vs Stateless Architecture 🏛️

 

  • Lambda Microservice Example

Stateful vs Stateless Architecture 🏛️

 

  • CRUD operations on a database (deployed separately in the ecosystem)
  • Generating and validating JWTs
  • Instant messaging service
  • Fetch and process the weather every 1 minute
  • Fetch and process the weather every 12 hours
  • Running machine learning on a data stream, storing the results and using the results to make predictions

Ecosystem Security 🔑

 

  • How do we maintain authentication and authorisation when everything is split up into different services?
    • SSO
    • Authentication microservice
    • Tokens
  • Centralising points of entry into the ecosystem
    • Internal microservices are on a private network
    • A single public-facing API (usually GraphQL) that handles orchestration
  • Need to consider north-south and east-west traffic

Ecosystem Security 🔑

Trade-offs: Microservice Benefits 😃

  • Freedom for service-specific programming languages / technology stacks
  • Less responsibility, less coupling
  • Easier to test
  • Faster build and release cycles
  • Lower risk per-microservice
  • Not a single point of failure
  • Easier to scale individual services

Trade-offs: Microservice Costs 😓

  • Either everything breaks, or the glue breaks - how much time and money is actually saved?
  • Dealing with distributed systems
  • Overhead, complexity and risk in orchestrating services in an end-to-end use case
  • More complex deployment
  • Security - now need to authenticate for every service, not just one
  • Debugging is more difficult as control flows over different services (distributed tracing)

Summary

  • All Software Architecture is making trade-offs
  • Monoliths grow too large, complex and risky and too difficult to scale
  • Microservices present an alternative, which have their own challenges

References

  • https://blog.dreamfactory.com/microservices-examples/
  • https://medium.com/microservices-learning/how-to-implement-security-for-microservices-89b140d3e555 
  • https://csse6400.uqcloud.net/slides/microservices.pdf
  • https://csse6400.uqcloud.net/slides/service-based.pdf
  • https://csse6400.uqcloud.net/slides/distributed1.pdf
  • https://csse6400.uqcloud.net/slides/distributed2.pdf
  • https://csse6400.uqcloud.net/slides/distributed3.pdf

SENG3011 23T1 - 1.3 - Microservice Ecosystem

By npatrikeos

SENG3011 23T1 - 1.3 - Microservice Ecosystem

  • 561