Erik Drolshammer Stig Lau Erik Erik Drolshammer Sivilingeniør i Datateknikk Jobbet med utvikling og arkitektur siden 2004. Har jobbet på flere systemer med lignende problemstillinger som dette systemet tidligere. Dvs. distribuerte systemer som integrerer med hardware-dingser.
Arkitekturerfaringer Whydah Arkitekturerfaringer Steel blue whydah vidua http://ibc.lynxeds.com/files/imagecache/photo_940/pictures/Steel-blue_W_w.jpg
Agenda Hva er IAM, Whydah Arkitekturgjennomgang Whydah intro «Micro service»-arkitektur Inner Integration Outer
Forklare IAM Autentisering – hvem er du Autorisasjon – hva har du lov til å gjøre http://coverize.me/wp-content/uploads/2011/10/i-am-me.jpg
Features User authentication & authorization Single Sign-On Application authentication & authorization Admin GUI Admin API High Availability & High Scalability Features Features http://www.crowwinghistory.org/image_source/our_location/parchment_scroll_bgnd.png
Hvor mange har laget en brukerdatabase eller innloggingsløsning? Flere ganger? Lei av å bygge brukerdatabaser Enklere enn å de store, komplekse og kommersielle produktene. Enklere enn å bygge selv. Sikrere enn å bygge selv Open Source Lite nok til at man kan sette seg inn i og evaluere sikkerhetsløsningene. https://www.flickr.com/photos/deeplifequotes/16132357958/sizes/o/ CC BY-NC-SA 2.0, https://www.flickr.com/photos/deeplifequotes/ CC BY-NC-SA 2.0
“Clear and consistent responsibility power all great architectures” http://commons.wikimedia.org/wiki/File:Great_Wall_of_China.jpeg
Single Sign-On made easy Session control The vault of users and applications Ansvar per modul Administration GUI Administration APIs
Guts on the Outside Inner architecture ” the implementation architecture of the microservices themselves” Outer architecture ”the platform capabilities you need to help all those simple little microservices (and their DevOps teams) work together to make good on the promises of flexible and scalable development and deployment.” Gary Olliffe, http://blogs.gartner.com/gary-olliffe/2015/01/30/microservices-guts-on-the-outside/
Characteristics of a Microservice Architecture Componentization via Services (Team) Organized around Business Capabilities Products not Projects Smart endpoints and dumb pipes Decentralized Governance Decentralized Data Management Infrastructure Automation Design for failure Evolutionary Design James Lewis http://martinfowler.com/articles/microservices.html Martin Fowler
Characteristics of a Microservice Architecture Componentization via Services (Team) Organized around Business Capabilities Products not Projects Smart endpoints and dumb pipes Decentralized Governance Decentralized Data Management Infrastructure Automation Design for failure Evolutionary Design
1. Modulariserer med tjenester og ikke med biblioteker. © 2005, 2006, 2007 by Bjørn Erik Pedersen 1. Modulariserer med tjenester og ikke med biblioteker. libraries: components that are linked into a program and called using in-memory function calls services: out-of-process components who communicate with a mechanism such as a web service request, or remote procedure call. 2. Utviklerne jobber med en eller flere tjenester. Ikke med UI, database, osv. OSS, snakker om produkter, ikke prosjekter. https://wiki.cantara.no/display/architecture/Tre-lags+monolitiske+web-applikasjoner http://commons.wikimedia.org/wiki/File:Monolith_2_200804.jpg © 2005, 2006, 2007 by Bjørn Erik Pedersen
Characteristics of a Microservice Architecture Componentization via Services (Team) Organized around Business Capabilities Products not Projects Smart endpoints and dumb pipes Decentralized Governance Decentralized Data Management Infrastructure Automation Design for failure Evolutionary Design
Smart pipes ESB er et eksempel på smart pipes. Har du en ESB, og bruker funksjonaliteten der, så er det nok ikke en micro service-arkitektur. https://docs.oracle.com/cd/E23943_01/doc.1111/e15020/introduction.htm#OSBCA125
Robustness principle, aka. Postel’s law: "Be conservative in what you send, be liberal in what you accept" En tjeneste kan ha ett eller flere endepunkter. Smarte endepunkter: bygger inn logikk inn i hver enkelt tjeneste i stedet for å samle logikken i en stor klump i midten et sted.
X Evolving Service Endpoint Consumer-Driven Contracts Unngå XSD schemas og annen overdreven typing. Løse kontrakter, String, String Bruk XPATH, JsonPath for å hente ut det man er interessert i ignorer alt annet. REST, spesielt hypermedia-delen gir løs kobling mellom tjeneste og klienter. Godt eksempel på smart-endepunkt. Tjenesten har mye ansvar. Consumer-Driven Contracts Hypermedia as the Engine of Application State (HATEOAS)
Characteristics of a Microservice Architecture Componentization via Services (Team) Organized around Business Capabilities Products not Projects Smart endpoints and dumb pipes Decentralized Governance Decentralized Data Management Infrastructure Automation Design for failure Evolutionary Design
Spring MVC Spring IoC Jetty Jersey Guice Grizzly Javascript Python Java Jersey Guice Grizzly Jersey Spring IoC Jetty Angular Spring MVC Spring IoC Jetty
Characteristics of a Microservice Architecture Componentization via Services (Team) Organized around Business Capabilities Products not Projects Smart endpoints and dumb pipes Decentralized Governance Decentralized Data Management Infrastructure Automation Design for failure Evolutionary Design
Polyglot persistence Hver tjeneste kan velge teknologi for persistering selv. Kun UIB har persistens. LDAP, SQL, Lucene SecurityTokenService bruker Hazelcast for å dele tilstand mellom instanser i HA-oppsett.
Characteristics of a Microservice Architecture Componentization via Services (Team) Organized around Business Capabilities Products not Projects Smart endpoints and dumb pipes Decentralized Governance Decentralized Data Management Infrastructure Automation Design for failure Evolutionary Design
... skal Stig snakke mer om etterpå Enterprise Maven Infrastructure Provisjonering: Ansible + Amazon EC2 Automated deployment (wget, upstart, java –jar) Automatic (automated + cron)
Enterprise Maven Infrastructure Source code repository EMI Maven release for å få kontroll og sporbarhet på det som ble prodsatt. http://commons.wikimedia.org/wiki/File:Maven_logo.svg, Ebraminio Continuous integration Artifact repository
Provisjonering Elastic Compute Cloud (EC2)
Automated deployment Bash script, pull based http://www.mricons.com/icon/15338/128/jar-icon http://upstart.ubuntu.com/
Automatic deployment Job scheduler aka. Continuous delivery http://www.mricons.com/icon/15338/128/jar-icon http://upstart.ubuntu.com/ Job scheduler aka. Continuous delivery
Characteristics of a Microservice Architecture Componentization via Services (Team) Organized around Business Capabilities Products not Projects Smart endpoints and dumb pipes Decentralized Governance Decentralized Data Management Infrastructure Automation Design for failure Evolutionary Design
Tjenester vil feile! Tjenester må kunne startes i vilkårlig rekkefølge Retry-mekanismer hvis en tjeneste er utilgjengelig. Håndtere feilsituasjoner Robuste start/stopp-script Saklig logging under oppstart Logge inngående og utgående kall Bruk log levels aktivt Tjenester kan startes i vilkårlig rekkefølge. Retries hvis en tjeneste ikke er tilgjengelig Hysterix Håndtere feilsituasjoner https://camo.githubusercontent.com/e871b5d002a9699e7a2d9fa0178af5c72f0743e0/68747470733a2f2f6e6574666c69782e6769746875622e636f6d2f487973747269782f696d616765732f687973747269782d6c6f676f2d7461676c696e652d3835302e706e67 https://github.com/Netflix/Hystrix
Infrastruktur HTTPS overalt, alltid! Elastic Load Balancing Web proxy Lastbalanserer Discovery Hazelcast for HA Elastic Load Balancing Web proxy Lastbalanserer Discovery Hazelcast In-memory data grid https://wiki.cantara.no/display/ASE/Discovery Elastic Load Balancing http://hazelcast.com/wp-content/uploads/2014/03/HazelcastLogo-Blue_Dark_Vertical_500w.png
Ett eksempel på hvordan fysisk infrastruktur kan se ut. Kan selvfølgelig gjøres mye enklere.
Characteristics of a Microservice Architecture Componentization via Services (Team) Organized around Business Capabilities Products not Projects Smart endpoints and dumb pipes Decentralized Governance Decentralized Data Management Infrastructure Automation Design for failure Evolutionary Design
db domain Forretning snakker om funksjonsområder, utviklere om teknologi/lag. Mismatch! Tett kobling Lav kohesjon Spaghetti! Måtte rydde for å finne ut hva som kunne trekkes ut! ---- http://www.web4j.com/images/packagebyfeature.jpg http://creativecommons.org/licenses/by-nc-sa/1.0/ http://www.javapractices.com/topic/TopicAction.do?Id=205 web http://www.javapractices.com/topic/TopicAction.do?Id=205, http://www.web4j.com
REST, HATEOAS + ressurstankegangen hjelper
Når? Dele opp? Hvordan? Størrelse / når dele opp ulikt ansvar ulik livsyklus ulik SLA/kvalitetsegenskaper skalering forskjellige team jobber på ulike data, ulike integrasjoner Divide and conquer Latin: Divide et impera http://en.wikipedia.org/wiki/Divide_and_rule --- Public domain: http://commons.wikimedia.org/wiki/File:Whimsy.JPG
Erik Drolshammer erik@fjas.no @Sherriff1 http://www.sxc.hu/photo/1193475 Erik Drolshammer erik@fjas.no @Sherriff1