© 2014!
RECIPES FOR A SUCCESSFUL CLOUDFOUNDRY PRODUCTION DEPLOYMENT!
Vinicius Carvalho – Pivotal @vccarvalho
I am a developer
CF power up
Challenges • Large distributed Systems : Failure becomes the norm not the excepAon
• Enhance developer experience of your API • Enforce security and access control of endpoints • Service discovery • Avoid duplicaAon
Give this to your developers
They will soon as for this
Powered by Swagger
Talking about services
Busin
ess V
alue
Reusability Biz
Services Biz
Services Biz
Services
Core Services
Core Services
Core Services
Core Services
Data Services
Data Services
Data Services
Data Services
Data Services
Data Services
Apps API
Core Biz Services
Who the hell are those?
Service Registry • Stores service informaAon – API endpoints – Security metadata (Access Control Lists, Roles) – Resource relaAonships – Quality of service – Extended Metadata
Service Registry Services
Instances
API
Endpoints
Security
UI Metadata
QOS
Billing
/api/apidocs!
GET /users!PUT /{id}!
GET /users! - ClientId: myapp! - roles: [USER,MANAGER]
!!
User : {! SSN: {! type: “string”,! selectable: false,! editable: false! }!}!
/search : {! limit : {! value : 300,! time: 3600,! unit: “seconds”! } !}!
/search : {! rate : {! currency : “USD”,! value : 0.10,! meterType: “UNIT”,! meterValue: 1000! }!}!
Cloud Controller
DEA Registry
GET /v2/events
GET /api/apidocs
push app + app MD
Router
UAA
NeUy Pipeline
GET /users!Authentication: Bearer <token>!
Service Proxy
User Service
Registry
Obtain metadata
Validate CredenAals QoS Billing
UAA
NeUy Pipeline
GET /users!Authentication: Bearer <token>!
Service Proxy
User Service
Registry
Data Filter
{!“firstname” : “joe”,!“lastname” : “doe”,!“comp” : 135,000.00!}!
Obtain metadata
Validate CredenAals QoS Billing
UAA
NeUy Pipeline
GET /users!Authentication: Bearer <token>!
Service Proxy
User Service
Outbound handler
Registry
Data Filter
Obtain metadata
Validate CredenAals QoS Billing
Outbound handler
{!“firstname” : “joe”,!“lastname” : “doe”,!}!
{!“firstname” : “joe”,!“lastname” : “doe”,!“comp” : 135,000.00!}!
Security • Don’t use LDAP for authorizaAon • Corporate LDAPs can be very polluted, move away from role
mapping and don’t add more noise to them
UAA
LDAP
AuthenAcate
{! "jti":"4657c1a8-b2d0-4304-b1fe-7bdc203d944f",! "aud":["openid","cloud_controller"],! "scope":["read"],! "email":"[email protected]",! "exp":138943173,! "user_id":"41750ae1-b2d0-4304-b1fe-7bdc24256387",! "user_name":"marissa",! "client_id":"vmc"!}!
ACLS
Biz Services
Data Services
Core Services
Make sure your rest client propagates the token for the next service
The Dark side of microservices architectures
• MulAple remote calls • EnAty relaAonships • Great arAcle by Chris Richardson : hUp://
www.infoq.com/arAcles/microservices-‐intro
Biz Services
Biz Services
Data Services
Data Services
Data Services
Data Services
Data Services
Data Services
Apps
Core Services
Core Services
Core Services
Core Services
Respon
se Tim
e
Biz Services
Biz Services
Data Services
Data Services
Data Services
Data Services
Data Services
Data Services
Apps
Core Services
Core Services
Core Services
Core Services
Respon
se Tim
e
Biz Services
Biz Services
Data Services
Data Services
Data Services
Data Services
Data Services
Data Services
Apps
Core Services
Core Services
Core Services
Core Services
Respon
se Tim
e
Biz Services
Biz Services
Data Services
Data Services
Data Services
Data Services
Data Services
Data Services
Apps
Core Services
Core Services
Core Services
Core Services
Respon
se Tim
e
TX Manager
Hibernate Session
TradiAonal web applicaAon
Controller
Service Repo
EnAty EnAty
Cascading operations are managed by the session factory
Ripple effect of enAty relaAonship
Product
Inventory
Orders Users
Event driven data services
Inventory Orders Users
{enAty: Product, Event: UPDATE}
Product
HTTP events
• High efficient server sent events using non blocking containers (JeUy 9, Tomcat 8, Spray, Play, NeUy)
• Use webhooks when comet/conAnuaAons are not possible
• Pubsubhubbub?
Product
GET /{id} PUT /{Id} POST / GET /events à SSE POST /hook/ à callback url
Polyglot persistence
Polyglot persistence
Data Service
{! "posts": [{! "id": "1",! "title": “The four levels of HA on pivotal CF",! "links": [{! ”author": {! "href": "http://blog.gopivotal.com/author/cdavis",! "id":”ffd5b644-b220-4f7c-efad-2dfee6768bb9” ! }]!}! }]!}!
EnAty RelaAonship
Data Service
Data Service
Data Service
Data Service
Thank you!