eBook - ePub
Microservices Development Cookbook
Design and build independently deployable, modular services
- 260 pages
- English
- ePUB (mobile friendly)
- Available on iOS & Android
eBook - ePub
Microservices Development Cookbook
Design and build independently deployable, modular services
About this book
Quickly learn and employ practical methods for developing microservices
Key Features
- Get to grips with microservice architecture to build enterprise-ready applications
- Adopt the best practices to find solutions to specific problems
- Monitor and manage your services in production
Book Description
Microservices have become a popular way to build distributed systems that power modern web and mobile apps. Deploying your application as a suite of independently deployable, modular, and scalable services has many benefits. In this book, you'll learn to employ microservices in order to make your application more fault-tolerant and easier to scale and change.
Using an example-driven approach, Microservice Development Cookbook introduces you to the microservice architectural style. You'll learn how to transition from a traditional monolithic application to a suite of small services that interact to provide smooth functionality to your client applications. You'll also learn about the patterns used to organize services, so you can optimize request handling and processing and see how to handle service-to-service interactions. You'll then move on to understanding how to secure microservices and add monitoring in order to debug problems. This book also covers fault-tolerance and reliability patterns that help you use microservices to isolate failures in your applications.
By the end of the book, you'll be able to work with a team to break a large, monolithic codebase into independently deployable and scalable microservices. You'll also study how to efficiently and effortlessly manage a microservice-based architecture.
What you will learn
- Learn how to design microservice-based systems
- Create services that fail without impacting users
- Monitor your services to perform debugging and create observable systems
- Manage the security of your services
- Create fast and reliable deployment pipelines
- Manage multiple environments for your services
- Simplify the local development of microservice-based systems
Who this book is for
Microservice Development Cookbook is for developers who would like to build effective and scalable microservices. Basic knowledge of the microservices architecture is assumed.
Frequently asked questions
Yes, you can cancel anytime from the Subscription tab in your account settings on the Perlego website. Your subscription will stay active until the end of your current billing period. Learn how to cancel your subscription.
No, books cannot be downloaded as external files, such as PDFs, for use outside of Perlego. However, you can download books within the Perlego app for offline reading on mobile or tablet. Learn more here.
Perlego offers two plans: Essential and Complete
- Essential is ideal for learners and professionals who enjoy exploring a wide range of subjects. Access the Essential Library with 800,000+ trusted titles and best-sellers across business, personal growth, and the humanities. Includes unlimited reading time and Standard Read Aloud voice.
- Complete: Perfect for advanced learners and researchers needing full, unrestricted access. Unlock 1.4M+ books across hundreds of subjects, including academic and specialized titles. The Complete Plan also includes advanced features like Premium Read Aloud and Research Assistant.
We are an online textbook subscription service, where you can get access to an entire online library for less than the price of a single book per month. With over 1 million books across 1000+ topics, we’ve got you covered! Learn more here.
Look out for the read-aloud symbol on your next book to see if you can listen to it. The read-aloud tool reads text aloud for you, highlighting the text as it is being read. You can pause it, speed it up and slow it down. Learn more here.
Yes! You can use the Perlego app on both iOS or Android devices to read anytime, anywhere — even offline. Perfect for commutes or when you’re on the go.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Please note we cannot support devices running on iOS 13 and Android 7 or earlier. Learn more about using the app.
Yes, you can access Microservices Development Cookbook by Paul Osman in PDF and/or ePUB format, as well as other popular books in Computer Science & Programming. We have over one million books available in our catalogue for you to explore.
Information
Security
In this chapter, we will cover the following recipes:
- Authenticating your microservices
- Securing containers
- Secure configuration
- Secure logging
- Infrastructure as Code
Introduction
As with many of the topics covered in this book, security in a microservice architecture is about trade-offs. In a microservice architecture, individual code bases have limited responsibilities. If an attacker is able to compromise a single running service, they will only be able to perform actions that are governed by that particular microservice. The distributed nature of a microservice architecture, however, means that there are more targets for an attacker to potentially exploit in services running in separate clusters. The network traffic between those clusters, including traffic between edge services and internal services, presents many opportunities for an attacker to discover vulnerabilities.
Because of the distributed nature of microservice architectures, network topology must be considered when configuring how services are able to communicate with one another. This concern exists in monolithic code bases as well, where a running instance of a single code base needs to communicate over the network with database servers, caches, load balancers, and so on. It could be argued that microservice architectures make these challenges more obvious and therefore force engineers to consider them earlier.
Security is a big topic. This chapter will discuss a number of good practices to consider when building, deploying, and operating microservices, but it's important to note that this is not an exhaustive list of considerations. Good API practices and defense in depth should be considered when developing any system and microservices are no exception. I heartily recommend OWASP (https://www.owasp.org/index.php/Main_Page) as a resource for learning more about web application security.
Authenticating your microservices
S c
$ curl -D - -X POST http://localhost:9292/auth/login -d'[email protected]&password=foobar123'
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
ETag: W/"3675d2006d59e01f8665f20ffef65fe7"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 6660a102-059f-4afe-b17c-99375db305dd
X-Runtime: 0.150903
Transfer-Encoding: chunked
{"auth_token":"eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJleHAiOjE1MzE2ODUxNjR9.vAToW_mWlOnr-GPzP79EvN62Q2MpsnLIYanz3MTbZ5Q"}
Now that we have a token, we can include it in the headers of subsequent requests:
$ curl -X POST -D - -H 'Authorization: eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJleHAiOjE1MzE2ODUxNjR9.vAToW_mWlOnr-GPzP79EvN62Q2MpsnLIYanz3MTbZ5Q' http://localhost:9292/messages -d'body=Hello&user_id=1'
HTTP/1.1 201 Created
Content-Type: application/json; charset=utf-8
ETag: W/"211cdab551e63ca48de48217357f1cf7"
Cache-Control: max-age=0, private, must-revalidate
X-Request-Id: 1525333c-dada-40ff-8c25-a0e7d151433c
X-Runtime: 0.019609
Transfer-Encoding: chunked
{"id":1,"body":"Hello","user_id":1,"created_at":"2018-07-14T20:08:19.369Z","updated_at":"2018-07-14T20:08:19.369Z","from_user_id":1}
Because pichat-api is a monolithic code base, it is playing many different roles to support this flow. It is acting as an Authorization service, an Authentication gateway, a user store, and an Authorization client. This kind of coupling of responsibilities is exactly what we want to avoid in a microservice architecture.
Luckily, it's easy to divide these responsibilities into separate code bases while keeping the flow the same. Encoding information in JSON Web Tokens (JWT) using a shared secret allows individual microservices to securely authenticate requests without having to make requests to a centralized authentication service for each request. Obtaining an authentication token can be the responsibility of a centralized service, but this fact can be made transparent to the client using an API Gateway or a backend for a frontend. The following diagram demonstrates how some of the responsibilities will be divided:
We will create an Authentication Service that handles user registration and exchanges credentials...
Table of contents
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Preface
- Breaking the Monolith
- Edge Services
- Inter-service Communication
- Client Patterns
- Reliability Patterns
- Security
- Monitoring and Observability
- Scaling
- Deploying Microservices
- Other Books You May Enjoy