Anda di halaman 1dari 94

An overview of designing

microservices based applications on


AWS
Peter Dalbhanjan, Solutions Architect, AWS
Evolution from Monoliths to Microservices

Approaches for Building Microservices Applications on AWS

Core Principles of Microservices

Demo
Marketplace Mgmt. Tools Analytics Dev Tools Artificial IoT Mobile Enterprise Game

The AWS Business


Applications
Monitoring
Query Large
Data Sets
Intelligence Applications Development

Platform DevOps Tools Auditing Elasticsearch

Business Business
Service Catalog
Intelligence Analytics
Server Build, Test, Document
Security Hadoop/Spark Rules Engine
Account Support Management Monitor Apps Sharing
Configuration Real-time Data Private Git Voice & Text Local Compute Push Email &
Support Networking
Tracking Streaming Repositories Chatbots and Sync Notifications Calendaring
Managed Database & Orchestration Continuous Machine Device Build, Deploy, Hosted
Optimization
Services Storage Workflows Delivery Learning Shadows Manage APIs Desktops
Professional SaaS Resource Managed Build, Test, and Device Application 3D Game
Text-to-Speech Device Testing
Services Subscriptions Templates Search Debug Gateway Streaming Engine
Partner Operating Multi-player
Automation Managed ETL Deployment Image Analysis Registry Identity Backup
Ecosystem Systems Backends
Training &
Certification Application Application Database Server
Migration Discovery Migration
Data Migration
Migration Migration
Solution
Data Integrated Identity Resource VMware on Devices & Edge
Architects Hybrid Integration Networking Federation Management AWS Systems
Account
Management Application
Transcoding Step Functions Messaging
Security & Services
Pricing Reports Identity & Key Storage & Active DDoS Application Certificate Web App.
Security Access Management Directory Protection Analysis Management Firewall
Technical Acct.
Management Data
Database Aurora MySQL PostgreSQL Oracle SQL Server MariaDB
Warehousing
NoSQL

Exabyte-scale Managed File


Storage Object Storage Archive
Data Transport
Block Storage
Storage
Virtual Web Event-driven
Compute Machines
Simple Servers
Applications
Auto Scaling Batch Containers
Computing
Isolated Dedicated
Networking Resources Connections
Global CDN Load Balancing Scalable DNS

Availability Points of
Infrastructure Regions
Zones Presence
1,017

516

159
61
2010 2012 2014 2016

* As of 1 March 2017
The Monolith
Challenges with monolithic software

Difficult to Architecture is
scale hard to maintain Lack of agility
and evolve

Long
New releases
Build/Test/Release Lack of innovation
take months
Cycles
(who broke the build?)

Operations
is a nightmare Long time to add Frustrated customers
(module X is failing, new features
whos the owner?)
Challenges with monolithic software

Difficult to Architecture is
scale hard to maintain Lack of agility
and evolve

Long
New releases
Build/Test/Release Lack of innovation
take months
Cycles
(who broke the build?)

Operations
is a nightmare Long time to add Frustrated customers
(module X is failing, new features
whos the owner?)
Challenges with monolithic software

Difficult to Architecture is
scale hard to maintain Lack of agility
and evolve

Long
New releases
Build/Test/Release Lack of innovation
take months
Cycles
(who broke the build?)

Operations
is a nightmare Long time to add Frustrated customers
(module X is failing, new features
whos the owner?)
20080219BonMorningDSC_0022B by Sunphol Sorakul . No alterations other than cropping. https://www.flickr.com/photos/83424882@N00/3483881705/
Image used with permissions under Creative Commons license 2.0, Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
Monolith development lifecycle
app
developers (aka themonolith)
delivery pipeline

build test release

Photo by Sage Ross. No alterations other than cropping. https://www.flickr.com/photos/ragesoss/2931770125/


Image used with permissions under Creative Commons license 2.0, Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
IMG_1760 by Robert Couse-Baker. No alterations other than cropping. https://www.flickr.com/photos/29233640@N07/14859431605/
Image used with permissions under Creative Commons license 2.0, Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
service-oriented
architecture
composed of
loosely coupled
elements
that have
bounded contexts
Adrian Cockcroft (VP, Cloud Architecture Strategy at AWS)
service-oriented Services communicate with
each other over the
architecture network
composed of
loosely coupled
elements
that have
bounded contexts
Adrian Cockcroft (VP, Cloud Architecture Strategy at AWS)
service-oriented
architecture
composed of
loosely coupled You can update the services
elements independently; updating
one service doesnt require
that have changing any other services.
bounded contexts
Adrian Cockcroft (VP, Cloud Architecture Strategy at AWS)
service-oriented
architecture
composed of
loosely coupled
elements
that have
Self-contained; you can
bounded contexts update the code without
knowing anything about the
Adrian Cockcroft (VP, Cloud Architecture Strategy at AWS)
internals of other
microservices
Do one thing, and do it well

Swiss Army by by Jim Pennucci. No alterations other than cropping. https://www.flickr.com/photos/pennuja/5363518281/


Image used with permissions under Creative Commons license 2.0, Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
Do one thing, and do it well

Tools by Tony Walmsley: No alterations other than cropping. https://www.flickr.com/photos/twalmsley/6825340663/


Image used with permissions under Creative Commons license 2.0, Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
Anatomy of a Micro-service
Anatomy of a Micro-service

Data Store
(eg, RDS, DynamoDB
ElastiCache, ElasticSearch)
Anatomy of a Micro-service

Data Store Application/Logic


(eg, RDS, DynamoDB (code, libraries, etc)
ElastiCache, ElasticSearch)
Anatomy of a Micro-service

Public API
POST /micro-service
GET /micro-service

Data Store Application/Logic


(eg, RDS, DynamoDB (code, libraries, etc)
ElastiCache, ElasticSearch)
Avoid Software Coupling
Ecosystem of microservices
Restaurant
micro-service

Payments
micro-service Location
micro-service

Drivers Ordering
micro-service micro-service
Thousands of teams
Microservice architecture
Continuous delivery
Multiple environments

= 50 million deployments a year


(5708 per hour, or every 0.63 second)
Typical microservices application
Restaurant
micro-service

Payments
micro-service Location
micro-service

Drivers Ordering
micro-service micro-service
Micro-service Design

Approach #1
EC2
Micro-service Design

EC2
Micro-service Design

EC2
Micro-service Design

EC2 EC2 EC2 EC2


Micro-service Design

Elastic Load
Balancer

EC2 EC2 EC2 EC2


Micro-service Design

Elastic Load
Balancer

EC2 EC2 EC2 EC2

AWS Elastic
Beanstalk
Elastic Beanstalk vs. DIY
On-instance configuration

Focus on building your application Your code

HTTP server
Elastic Beanstalk configures each
EC2 instance in your environment
Application server
with the components necessary to
run applications for the selected
Language interpreter
platform. No more worrying about
logging into instances to install and
Operating system
configure your application stack.
Host

Provided by you

Provided and managed by Elastic Beanstalk


Micro-service Design

Approach #2
Containers
Using ECS
Amazon
EC2 Container Service (ECS)
is the cluster management system to
run your Docker containers
Use Amazon EC2 Container Service for container workloads

Cluster Management Made Easy


Nothing to run
Complete state Amazon
EC2 Container
Service (ECS)

Control and monitoring


Scale
Use Amazon EC2 Container Service for container workloads

Flexible Scheduling
Applications
Batch jobs Amazon
EC2 Container
Service (ECS)

Multiple schedulers
Use Amazon EC2 Container Service for container workloads

Designed for Use with Other AWS Services


Elastic Load Balancing
Amazon Elastic Block Store Amazon
EC2 Container
Service (ECS)
Amazon Virtual Private Cloud
AWS Identity and Access Management
AWS CloudTrail
Micro-service Design

Elastic Load
Balancer

EC2 EC2 EC2 EC2


Micro-service Design

Elastic Load
Balancer

EC2 EC2 EC2 EC2


Micro-service Design

Elastic Load
Balancer

EC2 EC2 EC2 EC2 Amazon


EC2 Container
Service (ECS)
to manage
containers
Micro-service Design

Approach #3
API Gateway
+ Lambda
AWS Lambda
lets you run code
without managing servers
Upload your code Set up your code to Lambda Pay for only the
(Java, JavaScript, trigger from other AWS automatically compute time
Python) scales you use
services, webservice (sub-second
calls, or app activity metering)
AWS API Gateway
is the easiest way to
deploy micro-services
Create a unified Authenticate and Handles DDoS as well as
API frontend for authorize protection and monitoring,
multiple requests API throttling logging, rollbacks,
micro-services client SDK
generation
Principle 1

Micro-services only rely


on each others public API

Contracts by NobMouse. No alterations other than cropping.


https://www.flickr.com/photos/nobmouse/4052848608/
Image used with permissions under Creative Commons license 2.0, Attribution Generic
License (https://creativecommons.org/licenses/by/2.0/)
Principle 1: Microservices only rely on each others public API

Micro-service A Micro-service B

DynamoDB

public API public API


Principle 1: Microservices only rely on each others public API
(Hide Your Data)

Micro-service A Micro-service B

DynamoDB

public API public API


Principle 1: Microservices only rely on each others public API
(Hide Your Data)

Nope!
Micro-service A Micro-service B

DynamoDB

public API public API


Principle 1: Microservices only rely on each others public API
(Hide Your Data)

Micro-service A Micro-service B

DynamoDB

public API public API


Principle 1: Microservices only rely on each others public API
(Evolve API in backward-compatible wayand
document!)
Version 1.0.0
storeRestaurant (id, name, cuisine)
Micro-service A

public API
Principle 1: Microservices only rely on each others public API
(Evolve API in backward-compatible wayand
document!)
Version 1.0.0
storeRestaurant (id, name, cuisine)
Micro-service A
Version 1.1.0
storeRestaurant (id, name, cuisine)
storeRestaurant (id, name,
public API arbitrary_metadata)
addReview (restaurantId, rating, comments)
Principle 1: Microservices only rely on each others public API
(Evolve API in backward-compatible wayand
document!)
Version 1.0.0
storeRestaurant (id, name, cuisine)
Micro-service A
Version 1.1.0
storeRestaurant (id, name, cuisine)
storeRestaurant (id, name,
public API arbitrary_metadata)
addReview (restaurantId, rating, comments)
Version 2.0.0
storeRestaurant (id, name,
arbitrary_metadata)
addReview (restaurantId, rating, comments)
Principle 2

Use the right tool for the


job

Tools #2 by Juan Pablo Olmo. No alterations other than cropping.


https://www.flickr.com/photos/juanpol/1562101472/
Image used with permissions under Creative Commons license 2.0, Attribution Generic
License (https://creativecommons.org/licenses/by/2.0/)
Principle 2: Use the right tool for the job
(Embrace polyglot persistence)

Micro-service A Micro-service B

DynamoDB

public API public API


Principle 2: Use the right tool for the job
(Embrace polyglot persistence)

Micro-service A Micro-service B

DynamoDB

public API public API


Amazon
Elasticsearch
Service
Principle 2: Use the right tool for the job
(Embrace polyglot persistence)

Micro-service A Micro-service B

RDS
Aurora

public API public API


Amazon
Elasticsearch
Service
Principle 2: Use the right tool for the job
(Embrace polyglot programming frameworks)

Micro-service A Micro-service B

RDS
Aurora

public API public API


Amazon
Elasticsearch
Service
Principle 2: Use the right tool for the job
(Embrace polyglot programming frameworks)

Micro-service A Micro-service B

RDS
Aurora

public API public API


Amazon
Elasticsearch
Service
Principle 3

Secure Your Services

security by Dave Bleasdale. No alterations other than cropping.


https://www.flickr.com/photos/sidelong/3878741556/
Image used with permissions under Creative Commons license 2.0,
Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
Principle 3: Secure Your Services
Defense-in-depth
Network level (e.g. VPC, Security Groups, TLS)
Server/container-level
Amazon App-level
EC2 Container IAM policies
Service (ECS) IAM roles on ECS tasks
CloudTrail logs

Authentication & Authorization


Client-to-service, as well as service-to-service
IAM-based Authentication

Secrets management
Parameter Store
S3 bucket policies + KMS + IAM
Open-source tools (e.g. Vault, Keywhiz)
Principle 3: Secure Your Services
Defense-in-depth
Network level (e.g. VPC, Security Groups, TLS)
API Gateway Server/container-level
App-level
IAM policies

Gateway (Front door)

API Throttling
Stage-level and Method-level throttling

Authentication & Authorization


Client-to-service, as well as service-to-service
AWS Cognito: user pools, federated identities
API Gateway: custom Lambda authorizers
IAM-based Authentication
Token-based auth (JWT tokens, OAuth 2.0)

Secrets management
S3 bucket policies + KMS + IAM
Open-source tools (e.g. Vault, Keywhiz)
Principle 4

Be a good citizen
within the ecosystem

Lamington National Park, rainforest by Jussarian. No alterations other than cropping.


https://www.flickr.com/photos/kerr_at_large/87771074/
Image used with permissions under Creative Commons license 2.0,
Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
Principle 4: Be a good citizen within the ecosystem

Micro-service A Micro-service B

public API public API

Hey Sally, we need to Sure Paul. Which APIs you


call your micro- need to call? Once I know
service to fetch better your use cases Ill give
restaurants details. you permission to register
your service as a client on
our services directory entry.
Principle 4: Be a good citizen within the ecosystem
(Have clear SLAs)

Restaurant
Micro-service

Before we let you call


our micro-service we
need to understand
your use case, expected
load (TPS) and accepted 20 TPS 5 TPS 100 TPS 15 TPS
latency
Principle 4: Be a good citizen within the ecosystem
(Distributed monitoring, logging and tracing)

Distributed monitoring and tracing


Is the service meeting its SLA?
Which services were involved in a request?
How did downstream dependencies perform?

Shared metrics
e.g. service dependency, request/response time

Distributed tracing
AWS X-Ray
3rd party: Zipkin, OpenTracing

User-experience metrics and many,


Status codes, latency, error counts, time to first byte many
others!
AWS X-Ray
Distributed tracing service that
enables developers to analyze the
behavior of their applications
X-Ray service

AWS X-Ray X-Ray collects data X-Ray combines View the service Drill into the
traces requests about the request the data map to see service showing
made to your from each of the gathered from trace data such unusual
application underlying each service as latencies, behavior to
applications services into singular HTTP statuses, identify the root
it passes through units called and metadata issue
traces for each service
Principle 5

More than just


technology transformation

rowing on the river in Bedford by Matthew Hunt. No alterations other than cropping.
https://www.flickr.com/photos/mattphotos/19189529/
Image used with permissions under Creative Commons license 2.0,
Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
Conways Law

Any organization that designs a system will


inevitably produce a design whose structure is
a copy of the organizations
communication structure.

Melvin E. Conway, 1967


Silod functional teams silod application architectures

Image from Martin Fowlers article on microservices, at


http://martinfowler.com/articles/microservices.html
No alterations other than cropping.
Permission to reproduce: http://martinfowler.com/faq.html
Cross functional teams self-contained services

Image from Martin Fowlers article on microservices, at


http://martinfowler.com/articles/microservices.html
No alterations other than cropping.
Permission to reproduce: http://martinfowler.com/faq.html
Cross functional teams self-contained services
(Two-pizza teams at Amazon)
Full ownership

Full accountability

Aligned incentives

DevOps

Non-pizza image from Martin Fowlers article on microservices, at


http://martinfowler.com/articles/microservices.html
No alterations other than cropping.
Permission to reproduce: http://martinfowler.com/faq.html
Principle 6

Automate Everything

Robot by Robin Zebrowski. No alterations other than cropping.


https://www.flickr.com/photos/firepile/438134733/
Image used with permissions under Creative Commons license 2.0,
Attribution Generic License (https://creativecommons.org/licenses/by/2.0/)
Focused agile teams

2-pizza team delivery pipeline service

build test release


Focused agile teams

2-pizza team delivery pipeline service

build test release

build test release


Focused agile teams

2-pizza team delivery pipeline service

build test release

build test release

build test release


Focused agile teams

2-pizza team delivery pipeline service

build test release

build test release

build test release

build test release


Focused agile teams

2-pizza team delivery pipeline service

build test release

build test release

build test release

build test release

build test release


Focused agile teams

2-pizza team delivery pipeline service

build test release

build test release

build test release

build test release

build test release

build test release


Principle 6: Automate everything

CloudWatch Cloud Trail API Gateway


RDS DynamoDB ElastiCache

AWS CodeCommit AWS CodePipeline AWS CodeDeploy SNS SES


SQS SWF

Auto Elastic
EC2 Lambda Scaling ELB Beanstalk Kinesis
ECS
Its a journey

Expect challenges along the way

Understanding of business domains


Eventual Consistency
Service discovery
Lots of moving parts requires increased
coordination
Complexity of testing / deploying /
operating a distributed system
Cultural transformation
Principles of Microservices

1. Rely only on the public API 4. Be a good citizen within the ecosystem
Hide your data Have SLAs
Document your APIs Distributed monitoring, logging, tracing
Define a versioning strategy

2. Use the right tool for the job 5. More than just technology transformation
Container journey? (use ECS) Embrace organizational change
Polyglot persistence (data layer) Favor small focused dev teams
Polyglot frameworks (app layer)

3. Secure your services 6. Automate everything


Defense-in-depth Adopt DevOps
Authentication/authorization
Benefits of microservices

Easier to scale
each
individual
micro-service

Rapid
Build/Test/Release
Cycles

Clear ownership and


accountability
Benefits of microservices

Easier to scale Easier to


each maintain and
individual evolve system
micro-service

Rapid New releases


Build/Test/Release take minutes
Cycles

Clear ownership and Short time to add


accountability new features
Benefits of microservices

Easier to scale Easier to


Increased agility
each maintain and
individual evolve system
micro-service

Rapid New releases


Build/Test/Release take minutes Faster innovation
Cycles

Clear ownership and Short time to add


Delighted customers
accountability new features
Additional resources

https://aws.amazon.com/devops/
Additional AWS resources:
Microservices on AWS whitepaper:
https://d0.awsstatic.com/whitepapers/microservices-on-
aws.pdf
Serverless Webapp - Reference Architecture:
https://github.com/awslabs/lambda-refarch-webapp
Microservices with ECS:
https://aws.amazon.com/blogs/compute/using-amazon-
api-gateway-with-microservices-deployed-on-amazon-ecs/
Microservices without the Servers
https://aws.amazon.com/blogs/compute/
microservices-without-the-servers

Popular open-source tools:


Serverless http://serverless.com
Apex http://apex.run/
Thank you!
Peter Dalbhanjan
dalbhanj@amazon.com