Building Microservices

Book description

Distributed systems have become more fine-grained in the past 10 years, shifting from code-heavy monolithic applications to smaller, self-contained microservices. But developing these systems brings its own set of headaches. With lots of examples and practical advice, this book takes a holistic view of the topics that system architects and administrators must consider when building, managing, and evolving microservice architectures.

Microservice technologies are moving quickly. Author Sam Newman provides you with a firm grounding in the concepts while diving into current solutions for modeling, integrating, testing, deploying, and monitoring your own autonomous services. You’ll follow a fictional company throughout the book to learn how building a microservice architecture affects a single domain.

  • Discover how microservices allow you to align your system design with your organization’s goals
  • Learn options for integrating a service with the rest of your system
  • Take an incremental approach when splitting monolithic codebases
  • Deploy individual microservices through continuous integration
  • Examine the complexities of testing and monitoring distributed services
  • Manage security with user-to-service and service-to-service models
  • Understand the challenges of scaling microservice architectures

Publisher resources

View/Submit Errata

Table of contents

  1. Preface
    1. Who Should Read This Book
    2. Why I Wrote This Book
    3. A Word on Microservices Today
    4. Navigating This Book
    5. Conventions Used in This Book
    6. O’Reilly Online Learning
    7. How to Contact Us
    8. Acknowledgments
  2. 1. Microservices
    1. What Are Microservices?
      1. Small, and Focused on Doing One Thing Well
      2. Autonomous
    2. Key Benefits
      1. Technology Heterogeneity
      2. Resilience
      3. Scaling
      4. Ease of Deployment
      5. Organizational Alignment
      6. Composability
      7. Optimizing for Replaceability
    3. What About Service-Oriented Architecture?
    4. Other Decompositional Techniques
      1. Shared Libraries
      2. Modules
    5. No Silver Bullet
    6. Summary
  3. 2. The Evolutionary Architect
    1. Inaccurate Comparisons
    2. An Evolutionary Vision for the Architect
    3. Zoning
    4. A Principled Approach
      1. Strategic Goals
      2. Principles
      3. Practices
      4. Combining Principles and Practices
      5. A Real-World Example
    5. The Required Standard
      1. Monitoring
      2. Interfaces
      3. Architectural Safety
    6. Governance Through Code
      1. Exemplars
      2. Tailored Service Template
    7. Technical Debt
    8. Exception Handling
    9. Governance and Leading from the Center
    10. Building a Team
    11. Summary
  4. 3. How to Model Services
    1. Introducing MusicCorp
    2. What Makes a Good Service?
      1. Loose Coupling
      2. High Cohesion
    3. The Bounded Context
      1. Shared and Hidden Models
      2. Modules and Services
      3. Premature Decomposition
    4. Business Capabilities
    5. Turtles All the Way Down
    6. Communication in Terms of Business Concepts
    7. The Technical Boundary
    8. Summary
  5. 4. Integration
    1. Looking for the Ideal Integration Technology
      1. Avoid Breaking Changes
      2. Keep Your APIs Technology-Agnostic
      3. Make Your Service Simple for Consumers
      4. Hide Internal Implementation Detail
    2. Interfacing with Customers
    3. The Shared Database
    4. Synchronous Versus Asynchronous
    5. Orchestration Versus Choreography
    6. Remote Procedure Calls
      1. Technology Coupling
      2. Local Calls Are Not Like Remote Calls
      3. Brittleness
      4. Is RPC Terrible?
    7. REST
      1. REST and HTTP
      2. Hypermedia As the Engine of Application State
      3. JSON, XML, or Something Else?
      4. Beware Too Much Convenience
      5. Downsides to REST Over HTTP
    8. Implementing Asynchronous Event-Based Collaboration
      1. Technology Choices
      2. Complexities of Asynchronous Architectures
    9. Services as State Machines
    10. Reactive Extensions
    11. DRY and the Perils of Code Reuse in a Microservice World
      1. Client Libraries
    12. Access by Reference
    13. Versioning
      1. Defer It for as Long as Possible
      2. Catch Breaking Changes Early
      3. Use Semantic Versioning
      4. Coexist Different Endpoints
      5. Use Multiple Concurrent Service Versions
    14. User Interfaces
      1. Toward Digital
      2. Constraints
      3. API Composition
      4. UI Fragment Composition
      5. Backends for Frontends
      6. A Hybrid Approach
    15. Integrating with Third-Party Software
      1. Lack of Control
      2. Customization
      3. Integration Spaghetti
      4. On Your Own Terms
      5. The Strangler Pattern
    16. Summary
  6. 5. Splitting the Monolith
    1. It’s All About Seams
    2. Breaking Apart MusicCorp
    3. The Reasons to Split the Monolith
      1. Pace of Change
      2. Team Structure
      3. Security
      4. Technology
    4. Tangled Dependencies
    5. The Database
    6. Getting to Grips with the Problem
    7. Example: Breaking Foreign Key Relationships
    8. Example: Shared Static Data
    9. Example: Shared Data
    10. Example: Shared Tables
    11. Refactoring Databases
      1. Staging the Break
    12. Transactional Boundaries
      1. Try Again Later
      2. Abort the Entire Operation
      3. Distributed Transactions
      4. So What to Do?
    13. Reporting
    14. The Reporting Database
    15. Data Retrieval via Service Calls
    16. Data Pumps
      1. Alternative Destinations
    17. Event Data Pump
    18. Backup Data Pump
    19. Toward Real Time
    20. Cost of Change
    21. Understanding Root Causes
    22. Summary
  7. 6. Deployment
    1. A Brief Introduction to Continuous Integration
      1. Are You Really Doing It?
    2. Mapping Continuous Integration to Microservices
    3. Build Pipelines and Continuous Delivery
      1. And the Inevitable Exceptions
    4. Platform-Specific Artifacts
    5. Operating System Artifacts
    6. Custom Images
      1. Images as Artifacts
      2. Immutable Servers
    7. Environments
    8. Service Configuration
    9. Service-to-Host Mapping
      1. Multiple Services Per Host
      2. Application Containers
      3. Single Service Per Host
      4. Platform as a Service
    10. Automation
      1. Two Case Studies on the Power of Automation
    11. From Physical to Virtual
      1. Traditional Virtualization
      2. Vagrant
      3. Linux Containers
      4. Docker
    12. A Deployment Interface
      1. Environment Definition
    13. Summary
  8. 7. Testing
    1. Types of Tests
    2. Test Scope
      1. Unit Tests
      2. Service Tests
      3. End-to-End Tests
      4. Trade-Offs
      5. How Many?
    3. Implementing Service Tests
      1. Mocking or Stubbing
      2. A Smarter Stub Service
    4. Those Tricky End-to-End Tests
    5. Downsides to End-to-End Testing
    6. Flaky and Brittle Tests
      1. Who Writes These Tests?
      2. How Long?
      3. The Great Pile-up
      4. The Metaversion
    7. Test Journeys, Not Stories
    8. Consumer-Driven Tests to the Rescue
      1. Pact
      2. It’s About Conversations
    9. So Should You Use End-to-End Tests?
    10. Testing After Production
      1. Separating Deployment from Release
      2. Canary Releasing
      3. Mean Time to Repair Over Mean Time Between Failures?
    11. Cross-Functional Testing
      1. Performance Tests
    12. Summary
  9. 8. Monitoring
    1. Single Service, Single Server
    2. Single Service, Multiple Servers
    3. Multiple Services, Multiple Servers
    4. Logs, Logs, and Yet More Logs…
    5. Metric Tracking Across Multiple Services
    6. Service Metrics
    7. Synthetic Monitoring
      1. Implementing Semantic Monitoring
    8. Correlation IDs
    9. The Cascade
    10. Standardization
    11. Consider the Audience
    12. The Future
    13. Summary
  10. 9. Security
    1. Authentication and Authorization
      1. Common Single Sign-On Implementations
      2. Single Sign-On Gateway
      3. Fine-Grained Authorization
    2. Service-to-Service Authentication and Authorization
      1. Allow Everything Inside the Perimeter
      2. HTTP(S) Basic Authentication
      3. Use SAML or OpenID Connect
      4. Client Certificates
      5. HMAC Over HTTP
      6. API Keys
      7. The Deputy Problem
    3. Securing Data at Rest
      1. Go with the Well Known
      2. It’s All About the Keys
      3. Pick Your Targets
      4. Decrypt on Demand
      5. Encrypt Backups
    4. Defense in Depth
      1. Firewalls
      2. Logging
      3. Intrusion Detection (and Prevention) System
      4. Network Segregation
      5. Operating System
    5. A Worked Example
    6. Be Frugal
    7. The Human Element
    8. The Golden Rule
    9. Baking Security In
    10. External Verification
    11. Summary
  11. 10. Conway’s Law and System Design
    1. Evidence
      1. Loose and Tightly Coupled Organizations
      2. Windows Vista
    2. Netflix and Amazon
    3. What Can We Do with This?
    4. Adapting to Communication Pathways
    5. Service Ownership
    6. Drivers for Shared Services
      1. Too Hard to Split
      2. Feature Teams
      3. Delivery Bottlenecks
    7. Internal Open Source
      1. Role of the Custodians
      2. Maturity
      3. Tooling
    8. Bounded Contexts and Team Structures
    9. The Orphaned Service?
    10. Case Study: RealEstate.com.au
    11. Conway’s Law in Reverse
    12. People
    13. Summary
  12. 11. Microservices at Scale
    1. Failure Is Everywhere
    2. How Much Is Too Much?
    3. Degrading Functionality
    4. Architectural Safety Measures
    5. The Antifragile Organization
      1. Timeouts
      2. Circuit Breakers
      3. Bulkheads
      4. Isolation
    6. Idempotency
    7. Scaling
      1. Go Bigger
      2. Splitting Workloads
      3. Spreading Your Risk
      4. Load Balancing
      5. Worker-Based Systems
      6. Starting Again
    8. Scaling Databases
      1. Availability of Service Versus Durability of Data
      2. Scaling for Reads
      3. Scaling for Writes
      4. Shared Database Infrastructure
      5. CQRS
    9. Caching
      1. Client-Side, Proxy, and Server-Side Caching
      2. Caching in HTTP
      3. Caching for Writes
      4. Caching for Resilience
      5. Hiding the Origin
      6. Keep It Simple
      7. Cache Poisoning: A Cautionary Tale
    10. Autoscaling
    11. CAP Theorem
      1. Sacrificing Consistency
      2. Sacrificing Availability
      3. Sacrificing Partition Tolerance?
      4. AP or CP?
      5. It’s Not All or Nothing
      6. And the Real World
    12. Service Discovery
      1. DNS
    13. Dynamic Service Registries
      1. Zookeeper
      2. Consul
      3. Eureka
      4. Rolling Your Own
      5. Don’t Forget the Humans!
    14. Documenting Services
      1. Swagger
      2. HAL and the HAL Browser
    15. The Self-Describing System
    16. Summary
  13. 12. Bringing It All Together
    1. Principles of Microservices
      1. Model Around Business Concepts
      2. Adopt a Culture of Automation
      3. Hide Internal Implementation Details
      4. Decentralize All the Things
      5. Independently Deployable
      6. Isolate Failure
      7. Highly Observable
    2. When Shouldn’t You Use Microservices?
    3. Parting Words
  14. Index

Product information

  • Title: Building Microservices
  • Author(s): Sam Newman
  • Release date: February 2015
  • Publisher(s): O'Reilly Media, Inc.
  • ISBN: 9781491950357