Chassis and AppFactory: Accelerate Development of Cloud-Native Microservices for Enterprises

Chassis & AppFactory
Accelerate Cloud-Native Applications
for Enterprises
October 9, 2019
Austin Convention Center

Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software, Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Scotiabank at a Glance
Founded in 1832
97,000+ Employees
25M Customers
$998B Assets
$8.7B Net Income
$3.3B IT Budget Spent
2

PLATO at a Glance
PLATO delivers platforms critical
to our transformation toward a
Cloud-native Bank.
3

Banking-as-a-Service

The Challenge
Accelerate Secure API
Development for Digital
Transformation
5

Our Team Portfolio Mandate
Deliver self-serve tools and
components that help
development teams build
production-grade microservices
with accelerated velocity
6

Key Design Decisions
Don’t Reinvent
Ease of Integration
Loosely Coupled
Controlled Design
7

Introducing Chassis & AppFactory

Chassis AppFactory
Reusable components
that address
cross-cutting concerns for
Spring Boot-based
microservices
A Cloud-hosted UI that
generates “Apps”
(Microservices) based
on Spring Boot stack

Benefits
• Architecture & Governance as Code
• Uniform Design
• Predictable productivity
• Accelerated Application Development
• Build Products, not Projects
1
0

Chassis

What is Chassis?
A set of re-useable components
that address cross-cutting concerns,
enabling implementation teams to develop
production-grade microservices with increased velocity
& focus solely on coding Business logic

A Production Grade Application

A Production Grade Application ??

Reality …

Microservice without Chassis

Build your Microservice with Chassis

Capabilities – Building Blocks
• Logging
• Security - OAuth
• Distributed Tracing
• Masking
• Audit
• Error Handling
• Microservices Lifecycle
• Caching
• Metrics
• REST Connector
• SOAP Connector
• JPA Connector
• Kafka Connector
• Pub/Sub Connector
• Request Vulnerability
• Health Check
• Key Obfuscation (future)
• Vault Integration (future)

• Chassis logging produces a stream of events to a sink
• It provides an adapter for the SLF4J and uses Logback, with Console appender
directing formatted messages to stdout
• Async Logging – Chassis Logging uses Async logging by default
• Features - with Chassis Logger, you can:
• Levels - Message at different LEVELS
• Tag - Standardized and arbitrary tags can be used to label events, and these tags provide the basis for
log processing.
• Types – You can select from pre-defined Types or even define new TYPES for your log messages
• Java Object – Provides an easy way to log the value of a Java Object
• Throwable – Easy way to log an exception
• Builder Pattern to combine above
Logging
1
9

• Different Log Levels
• LOG.trace(e -> e.message(“Only logged when level is set to TRACE"));
• LOG.debug(e -> e.message(“Only logged when level is set to TRACE or DEBUG"));
• LOG.info(e -> e.message(" Only logged when level is set to INFO, DEBUG or TRACE"));
• LOG.warn(e -> e.message(" Only logged when level is set to WARN, INFO, DEBUG or TRACE"));
• LOG.error(e -> e.message(" Only logged when level is set to ERROR, WARN, INFO, DEBUG or TRACE"));
• Java Object
• LOG.info(e -> e.with(“Cards", cardList).message(“Returned List of Cards”));
• Builder pattern
• LOG.info(e -> e.message(“Some Message") .with("userId", userId).type(“Custom TYPE”));
• Tags
• LOG.info(e -> e.tag("Lifecycle").message("Entered /cards/{key} controller"));
Logging
2
0

• As a request flows from one component to another in a system, through ingress
and egress points, tracers add logic to perpetuate a unique Trace ID
• A trace represents the whole journey of a request, and a span is each individual
hop along the way, each request.
• A trace ID is generated when the first request is made
• A span ID is assigned for each unique component and added to the trace
• Chassis tracing uses Brave in Chassis2 & Spring Cloud Sleuth in Chassis1
• All logs contain the trace ID and span ID. Adds trace and span ids to the Slf4J
MDC
• X-B3-SpanId and X-B3-TraceId
Tracing
2
1

Tracing
2
2

• Masking Strategies
• DO_NOT_EMIT
• TRUNCATE
• REGEX
• ENCRYPT
• Easy to use
• Swagger - Property in Definitions of Swagger can be annotated by x-masking
• Java Object - A field in POJO can be marked with @Mask annotation to enable
this feature
• Getters – masked behaviour
Masking sensitive data in the Logs
2
3

• Swagger definition can be masked by using x-masking custom
property with the appropriate masking strategy
Masking – Swagger Annotation
2
4

Masking – Java Objects Annotation
2
5

Lifecycle
2
6
• Chassis provides a well-defined code structure for the complete lifecycle of a request from its
consumer to a downstream service and back to the consumer
• Lifecycle separates microservice code in three layers with clear separation of concerns with low
coupling and high cohesion:
• Consumer - All concerns related to consumer of the microservice
• Operation - Business Logic
• Connector - All concerns related to downstream service calls

Lifecycle – Consumer Layer
2
7
• Consumer layer consists of Controller and RequestDelegate classes
• Controller includes endpoint methods and its responsibilities include:
• Validation of request parameters
• Gathering and packaging of all of the data received from the cosumer (query params, path
params, headers, form data and request payload) into the ConsumerRequest object
• A place holder method for preparing the response that has to be sent back to the consumer.
This method constructs and populates the ConsumerResponse object that is then returned to
the Consumer. ConsumerResponse object abstracts the response payload object, response
status code and a list of error objects (if any)
• RequestDelegate class implements the business delegate pattern to reduce coupling
between the Consumer layer and Operation layer which encapsulates business logic

Lifecycle – Operation Layer
2
8
• Operation Layer purpose is to encapsulate Business Logic. It interacts with both
Consumer & Connector layers and keeps them completely separated from each other.
• An Operation class is created for each endpoint in the swagger spec.
• The Operation class has an entrypoint method that is invoked by the Consumer layer.
This method receives a ConsumerRequest object and returns a ConsumerResponse
• The Operation class is responsible for:
• Orchestrating calls to all the required downstream services for the given endpoint through
connectors
• Preparing ConnectorRequest Objects for each connector call
• And finally, preparing ConsumerResponse object to send back to the consumer layer
• Lifecycle code has well defined methods for each of the above responsibilities

Lifecycle – Connector Layer
2
9
• Connector Layer’s purpose is to facilitate calls to the downstream services
• It provides the following capabilities
• Connection code - Abstract complexities of actual connection code and technology. For example, it uses RestTemplate for
Rest Connection calls; WebServiceTemplate for SOAP connection calls; JPA methods for SQL databases etc.
• Audit of Request and Response payloads for connector calls
• Distributed Tracing – Propagation of Trace Id and Span Id to downstream services
• Authentication – OAuth2 and Basic-Auth
• Caching – Ability to easily cache the connector response
• The connector layer has two classes.
• ConnectorDelegate
• Connector
• Operation class invokes the Connector layer by calling the delegate method of the ConnectorDelegate class and
passing in a ConnectorRequest object.
• RestConnectorRequest, SoapConnectorRequest and RestConnectorResponse, SoapConnectorResponse objects are provided
as part of Lifecycle which are used to pass the required data to and from the connector
• Each Connector has a concrete connector implementation which is called by the ConnectorDelegate

Lifecycle – Sequence
3
0
Layer Class Method
Consumer CardsController getCards
- CardsRequestDelegate . getCards
Operation - - GetCardsOperation . . Operation entry point method
. . . Orchestration method – conn1
. . . . Prepare Connector Request – conn1
Operation - - - CustomerServiceInquiryOpsSoapConnectorDelegate . . . . Delegate
- - - - CustomerServiceInquiryOpsSoapConnector . . . . . Connector method
- - - CustomerServiceInquiryOpsSoapConnectorDelegate . . . . Delegate method
Operation - - GetCardsOperation . . . Orchestration method – conn1
. . Operation entry point
. . Prepare Consumer Response
Consumer - CardsRequestDelegate . getCards
CardsController getCards

OAuth2 – Chassis Components
3
1
Resource Server Support – Token Validation
• Ability to quickly convert your microservice into OAuth2 resource server
• Token parsing & validation – signature validation & expiry: Denies access if any validation fails
• Scope based Authorization - @Preauthorize or @Secured annotation
• Principal – Use @AuthenicationPrincipal annotation to conveniently get the complete profile of authenticated user inside controller
• Custom Token Claims – Define your own Custom Token Claim Converter object to get custom claims from decoded Jwt token
OAuth2 Client – Auth Code Flow Orchestration
• Secures a user facing application using Authorization Code Grant
• Redirect any unauthenticated user to login page before allowing access to any protected resource
• Authorization – Add roles/authorities to AuthenticatedPrincipal – allow access to resources to only authorized users
• Auth Code Flow orchestration between UI, Server and Auth Server
Service-to-Service Auth - Client Credential Flow Orchestration
• REST Connector provides feature to orchestrate client credential flow and automatically get OAuth2 token from the Auth server and add
it to the rest request
• Caches token in memory and re-negotiates access-token from auth server upon expiry

AppFactory

What is AppFactory?
A Cloud-hosted UI that provides
low-code-experience
for developers to
generate “Apps” (Microservices)
within minutes with back-end
orchestration, based on Chassis
components and bank-
compliant API Spec

Demo

Use case – Cards Microservice
Features /
Endpoints
Description Back-end Orchestration Target Operation
getCards Retrieve a LIST of all
cards belonging to the
customer
Customer WebService (SOAP)
Customer.zip provided by provider
Customer Query
getCard Get DETAILS of a
selected card
Debit & Credit Card WebService
(SOAP)
Cards.zip provided by provider
Debit Card Query

Benefits
• Architecture & Governance as Code
• Uniform Design
• Predictable productivity
• Accelerated Application Development
• Build Products, not Projects
3
6

Adoption Journey
Growth
Customer Use Case
Cost Benefits

Current Consumption
3
8
Chassis Beta Rollout AppFactory Rollout

Cost Savings - $$$$$$$
• Capabilities Building
• Maintenance
• IT Risk
• Rapid Application Development
3
9

Thank You
Michelle Zhang Maan Mehta

Chassis and AppFactory: Accelerate Development of Cloud-Native Microservices for Enterprises

More Related Content

What's hot (20)

Similar to Chassis and AppFactory: Accelerate Development of Cloud-Native Microservices for Enterprises (20)

More from VMware Tanzu (20)

Recently uploaded (20)

Chassis and AppFactory: Accelerate Development of Cloud-Native Microservices for Enterprises