CloudSkew Architecture
2 likes560 views
The document discusses best practices for building microservices including: - Focus on rapid development of features over infrastructure optimization. - Deploy prototypes and experiments quickly using serverless architectures with auto-scaling and zero server management. - Design microservices as independent, stateless services that communicate asynchronously through a service bus. - Instrument services with logging and metrics to monitor performance and observe issues.
![twitter: @MithunShanbhagblog: mithunshanbhag.github.io
One repository per app (microservice)
• Deployapptobothtest &prodenvironmentsfromthatrepository.
• [BAD]Deployapptotest &prodenvironmentsfromdifferentrepositories.
• [BAD]One repositoryforall apps.](https://image.slidesharecdn.com/cloudskewarchitecture-200210050913/85/CloudSkew-Architecture-8-320.jpg)
![twitter: @MithunShanbhagblog: mithunshanbhag.github.io
Package management
• [BAD]Code duplication.
• Usepackageregistries (NPM,Nugetetc) tosharecommon,reusable codebetweenapps.
• [BAD]Alwaysinstalling latestpackageversion duringbuild.
• Usepinnedpackageversions toavoid unexpected/breakingchanges.](https://image.slidesharecdn.com/cloudskewarchitecture-200210050913/85/CloudSkew-Architecture-9-320.jpg)
![twitter: @MithunShanbhagblog: mithunshanbhag.github.io
Externalized configuration (controllability)
• [BAD]Coupling anappandits configurationtogether.
• [BAD]Puttingpasswords,connectionstrings,endpointURLsin sourcecontrol.
• Storeconfigurationin anexternal,secure,centralizedkey/valuestore(e.g. AzureKeyVault).
• Keynamesremain samein all dev/test/prodenvironment, butvalueschange.
• RBAC’edaccessforappidentity.](https://image.slidesharecdn.com/cloudskewarchitecture-200210050913/85/CloudSkew-Architecture-10-320.jpg)
![twitter: @MithunShanbhagblog: mithunshanbhag.github.io
Self-bootstrapping microservices
• [BAD]Runningscriptsor CLIcommandstostartupandconfigureanalreadydeployedapp.
• Deployedappshouldknowhowto startitselfup.
• Deployedappshouldknowhowto configureitself (afterreadingfromexternalconfig).
• Faststartup,gracefulshutdown.
• Verboselogsotherwise.](https://image.slidesharecdn.com/cloudskewarchitecture-200210050913/85/CloudSkew-Architecture-11-320.jpg)
![twitter: @MithunShanbhagblog: mithunshanbhag.github.io
Stateless microservices
• Services canberedeployed,restartedatanytime.
• [BAD]Storingin-memorystatethatcannotbepersistedon exit..
• Stateshouldbepersisted in DBs,cachesonly.
• [BAD]Using stickysessions & affinities.](https://image.slidesharecdn.com/cloudskewarchitecture-200210050913/85/CloudSkew-Architecture-13-320.jpg)
![twitter: @MithunShanbhagblog: mithunshanbhag.github.io
Federatedidentity / External Identity Provider
• Auto-saverequiresuserstobeauthenticated.
• OAuthflow:Implicit grant(SPAs) orAuthorizationcodegrant(server-side apps)
• [BAD]Storingusercredentials(even if salted/hashed/encrypted)
• Useexternalidentityproviders(cognito,okta,auth0,firebase)
• JWTtokens,notsession based.](https://image.slidesharecdn.com/cloudskewarchitecture-200210050913/85/CloudSkew-Architecture-24-320.jpg)
CloudSkew Architecture
- 2. twitter: @MithunShanbhagblog: mithunshanbhag.github.io CloudSkew.com? • Onlinediagrameditor • Cloudarchitecturediagrams • Free • Currentlyin public preview • Disclaimers (patents,roadmapdiscussions)
- 4. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Playbook for Prototypes, Experiments, POCs, MVPs • Customers care about your features, NOT yourefficiently tuned engineering. • Morefocus on features (development), less on infra (devops). • 0 to100 in 6 seconds • Rapidly go fromidea ->development -> deployment -> release. • Release frequently. • Find fastest way toautomate deployments. • Ok if UIis not 100% polished or aesthetic. • No premature optimization.
- 6. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Why Microservices? • Independentunitsof • Deployment • Scaling
- 7. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Why Serverless+ PaaS (instead of IaaS)? • Zeroserver managementoverhead. • Intelligent built-indefaults(load-balancing,firewall etc). • Auto-scaling.
- 8. twitter: @MithunShanbhagblog: mithunshanbhag.github.io One repository per app (microservice) • Deployapptobothtest &prodenvironmentsfromthatrepository. • [BAD]Deployapptotest &prodenvironmentsfromdifferentrepositories. • [BAD]One repositoryforall apps.
- 9. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Package management • [BAD]Code duplication. • Usepackageregistries (NPM,Nugetetc) tosharecommon,reusable codebetweenapps. • [BAD]Alwaysinstalling latestpackageversion duringbuild. • Usepinnedpackageversions toavoid unexpected/breakingchanges.
- 10. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Externalized configuration (controllability) • [BAD]Coupling anappandits configurationtogether. • [BAD]Puttingpasswords,connectionstrings,endpointURLsin sourcecontrol. • Storeconfigurationin anexternal,secure,centralizedkey/valuestore(e.g. AzureKeyVault). • Keynamesremain samein all dev/test/prodenvironment, butvalueschange. • RBAC’edaccessforappidentity.
- 11. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Self-bootstrapping microservices • [BAD]Runningscriptsor CLIcommandstostartupandconfigureanalreadydeployedapp. • Deployedappshouldknowhowto startitselfup. • Deployedappshouldknowhowto configureitself (afterreadingfromexternalconfig). • Faststartup,gracefulshutdown. • Verboselogsotherwise.
- 12. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Asynchronous, loosely-coupled microservices • Communicationusing service busorGRPC. • Service bus • Deadlettering • Poisonmessages • Auto-scaledcompeting consumers • Retries/ back-offs/ timeouts/ circuit breaker • BeOKwithweakconsistencymodels(reads lag writes)
- 13. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Stateless microservices • Services canberedeployed,restartedatanytime. • [BAD]Storingin-memorystatethatcannotbepersistedon exit.. • Stateshouldbepersisted in DBs,cachesonly. • [BAD]Using stickysessions & affinities.
- 14. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Horizontally auto-scaling microservices • Horizontalscaling types: • Manualscaling (slider) • Scheduledscaling • Rule-basedscaling • Message queuesize> threshold • Rateofincoming requests> threshold • Dynamicscaling (e.g. Azurefunctionsscale controller)
- 15. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Observability (logging) • Noserver toSSHinto.Orno SSHaccessallowed. • Sologs areall youhave. • Dynamicallychangelog verbosityon-demandvia externalconfig.
- 16. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Telemetry (usermetrics) • Collect custommetrics(anonymized,PII stripped)tounderstandlive usage patterns. • E.g.Icon searchthatdoesn’tgenerateamatch. • Everythingelse canbeminedfrompersisted data.
- 17. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Telemetry (system metrics) • First, ensure you’recollecting critical systemmetrics. • SQL:Avg CPU load,Avg queryexec time, Top5queriesbyCPU,Top5 queriesbydataI/O. • API:5xxerrors,Avg responsetimes • Bus:Deadletters,PoisonMessages, Avg waittime,Avg processing time. • Next,identify“yellow”& “red”thresholds. • Next,createdashboardtovisualizethese. • Next,createset automatedalertswhenthresholdexceeded.
- 18. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Service accounts only • Onlyservice accountscanread/writeto environments. • Createservice accountsfortestenvironmenttoo. • Remember:Nomanualaccesstoprodenvironment. Soerr onthe sideofverboselogging.
- 19. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Dev / Test/ Prod Parity • UseTerraform(orotherIaC solutions)toset up identicalenvironments. • Differenceonlyin configurationvalues(key valuestore)
- 20. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Debouncing calls to server • Throttling(rate-limiting) vsDebouncing • Useifauto-savingdatato server.
- 21. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Queue based load leveling • Smoothoutpeak-usagespikesbyqueuing requests. • Asynchronouslyprocessin batches.
- 22. twitter: @MithunShanbhagblog: mithunshanbhag.github.io API payload compression • Preferbrotli> gzipforresponsecompression • CompressJSON payloadto40% oforiginalsize.
- 23. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Use CDNs • Caching &compressionbenefits forstaticcontent. • PurgePOPsonbreaking(non-additivechanges).
- 24. twitter: @MithunShanbhagblog: mithunshanbhag.github.io Federatedidentity / External Identity Provider • Auto-saverequiresuserstobeauthenticated. • OAuthflow:Implicit grant(SPAs) orAuthorizationcodegrant(server-side apps) • [BAD]Storingusercredentials(even if salted/hashed/encrypted) • Useexternalidentityproviders(cognito,okta,auth0,firebase) • JWTtokens,notsession based.