apidays LIVE JAKARTA - 10 commandments for scalable microservices by Archanaa Ravikumar & Pooja Subramanian
0 likes49 views
The document outlines ten commandments for building scalable microservices, emphasizing the importance of service boundaries, API management, and the right communication protocols. It stresses the need for observability, robust testing coverage, and thorough documentation, while also highlighting security measures and the risks of creating a distributed monolith. The guidelines aim to enhance performance, maintainability, and integrity across microservices architectures.
apidays LIVE JAKARTA - 10 commandments for scalable microservices by Archanaa Ravikumar & Pooja Subramanian
- 1. 10 Commandments for Scalable Mircoservices Archanaa Ravikumar Lead Engineer, BCG Digital Ventures Pooja Subramanian Lead Consultant, ThoughtWorks Technologies
- 2. ● Do not share the data stores outside the service ● Always separate data models from contracts ● Expose data via well defined APIs 1. Stick to your service boundaries Product Name Category Price Address Delivery Address Slots Payment Order Refund Exchange User CredentialsProfile Catalog PromotionVouchers
- 3. 2. Expose your APIs via a gateway ● Restrict the business logic in the gateway ● Ensure routing & rate limiting are applied ● Leverage service mesh to keep application logic light Service Service Sidecar Sidecar Service Service Sidecar Sidecar API Gateway
- 4. Service ● Synchronous vs Asynchronous ● REST vs gRPC ● JSON vs protobuf Service Service Service Client 1 Client 2 API Gateway REST calls gRPC calls Brokered messages Message Broker 3. Choose the right communication protocol
- 5. 4. Version your APIs ● Maintain backward compatibility ● Do not discount the maintenance overhead ● Remember to decommission APIs appropriately ● Follow a consistent strategy for versioning for all services Service Service V1 Service V2 Client 1 Client 2 Client 1 Client 2 v1 v2 v1 v2
- 6. ● Cache data where possible ● Optimise data storage based on access patterns (read or write optimised) ● Leverage parallelism & asynchronous calls ● Employ the service mesh for load balancing & scaling 5. Don’t forget to make services performant
- 7. 6. Remember, observability matters
- 8. ● Choose the observability levels appropriate to your application ● Ensure consistent logging & aggregation across all components ● Utilize centralised dashboards for unified views ● Remember the importance of tracing of requests & responses Correlation ID Request/Response Tracers Aggregation Profiling Monitoring Troubleshooting TelemetryLogs Health Checks Alerting 6. Remember, observability matters
- 9. ● There’s always the usual suspects: ○ Unit tests ○ Integration Tests ○ End to end tests ● Leverage service virtualisation for predictable integration tests ● Use consumer driven contract testing when the producer and consumer are rapidly evolving at the same time Unit Tests Service Virtualisation / Integration Tests End to End Tests Contract Tests UI Tests Service Service Service Service Client 1 Client 2 API Gateway Service 7. Ensure sufficient test coverage at all layers
- 10. ● Use Architecture Decision Records (ADRs) to track all major system design decisions ● Provide consistent API Documentation with ○ Request contracts ○ Response contracts ○ Error codes ● Tests are documentation too! So write good descriptive tests 8.Do not discount documentation
- 11. Container ● Always use TLS to secure communication when APIs exposed to external consumers ● Ensure that access & identity tokens get validated for every incoming request ● Encrypt sensitive data passing between services ● Encrypt sensitive data being stored ● Use rate limiting to prevent DDoS ● Don’t forget to secure your infrastructure 9. Protect the application ecosystem at every layer Service API Gateway Service token https https Client https Container Container Cluster encrypt
- 12. 10. Do not build a distributed monolith ● Watch out for deployment complexities where ○ services are not independently deployable ○ Services are not independantly scalable ● Look out for increased chattiness between services ● Avoid duplicate data in each data store since this affects data integrity Service Service Service Service Client 1 Client 2 API Gateway Service Service v 80.1.5 v 250.2.0 v 1.18.2 v 25.2.0 v 25.2.0 v 25.2.0
- 13. 1. Stick to your service boundaries 2. Expose your APIs via a gateway 3. Choose the right communication protocol 4. Version your APIs 5. Don't forget to make services performant 6. Remember, observability matters 7. Ensure sufficient test coverage at all layers 8. Do not discount documentation 9. Protect the application ecosystem at every layer 10. Do not build a distributed monolith The 10 commandments
- 14. Thank You! Archanaa Ravikumar Lead Engineer, BCG Digital Ventures archanaa.ravikumar@bcgdv.com https://www.linkedin.com/in/ravikumar-archanaa/ Pooja Subramanian Lead Consultant, ThoughtWorks Technologies poojasub@thoughtworks.com https://www.linkedin.com/in/pooja-subramanian-17bbba3b/