Kindle Notes & Highlights
consider costs and the scalability of the API and data store, meaning that you typically need a DevOps team that sets up, monitors, and maintains the Continuous Integration/Continuous Deployment (CI/CD) pipelines, Kubernetes (https://kubernetes.io/) container-orchestration platform, and monitoring systems. Things are looking better recently, as AWS has announced Amazon Elastic Container Service (ECS) for Kubernetes (https://aws.amazon.com/eks/), but there is still
the flexibility of microservices, with the benefits of serverless computing, to maximize developer productivity.
microservices as a lightweight version of SOA but enriched with more recent architectures, such as the event-driven architecture,
Each service needs to have a clear business activity
Anybody consuming the service does not need to understand the inner workings.
All the information and systems are self-containe...
This highlight has been truncated due to consecutive passage length restrictions.
the service may consist of other under...
This highlight has been truncated due to consecutive passage length restrictions.
Some services will also be stateless. That means that, if you call a service, passing
in a request, you will get a response and you would also get an exception if there is a problem with the service or the payload.
This is what's called event-stream processing or complex-event processing. Essentially, everything is driven by events throughout the whole architecture.
bounded context, which is where there is a strict model of consistency that relies in its bounds for each service.
a REST endpoint or application programming interface using JSON standards.
This is what is called a dumb pipeline but a smart endpoint, and you can see why
the microservice emits customer-support events.
These are sent out on a publish-subscribe mechanism or using other publishing-event frameworks, such as Command Query Responsibility Segregation (CQRS).
First, there's a lot of complexity in terms of distributed development and testing. In addition, the services talk a lot more, so there's more network traffic. Latency and networks become very important in microservices.
The DevOps team has to maintain and monitor the time it takes to get a response from another service.
both SOA and microservices can use synchronous and asynchronous communication. SOA typically relied on Simple Object Access Protocol (SOAP) or web services.
Microservices tend to be more modern and widely use REpresentational State Transfer (REST) Application Programming Interfaces (APIs).
Functions as a Service (FaaS). This is where you deploy your business logic code within a function and everything around it, such as the security and the scalability, is managed by the cloud provider.
The drawback is that these are stateless,
All you have to do is subscribe the Lambda event source to a Kinesis Stream and the data will get pushed to your Lambda with its business logic code, which allows you to decide how you process and analyze that data.
Save
Microservice applications are distributed by nature, so they heavily rely on the authorizations network.
When dealing with communications, you also need to think about whether your call is blocking or non-blocking.
You need to think about dealing with receiving too many requests and throttling them to not overwhelm your service,
At an individual microservice level, the data management pattern is composed of a suite of small services, with its own local data store, communicating with a REST API or via publish/subscribe:
Async is generally preferred and much more scalable, as it does not hold an open connection (non-blocking), and makes better use of the central processing unit (CPU) and input/output (I/O) operations.
For many-to-many communication, we use publish/subscribe, which is a messaging pattern.
First, you identify the business capability, that is, what an organization does in order to generate value, rather than how.
you define a service for each capability or capability group.
you need to architect how the services will communicate.
The drawbacks are that the data can span multiple services, it might not be optimum communication or shared code, and needs a centralized enterprise-language model.
There are three steps to apply the decomposition pattern by bounded context: first, identify the domain, which is what an organization does. Then identify the subdomain, which is to split intertwined models into logically-separated subdomains according to their actual functionality. Finally, find the bounded context to mark off where the meaning of every term used by the domain model is well understood.
The main idea of using event-driven computing is that it easily allows you to transform data as it arrives into the cloud, or we can perform data-driven auditing analysis notifications, transformations,
or parse Internet of Things (IoT) device events. Serverless also means that you don't need to have an always-on running service in order to do that, you can actually trigger it based on the event.
Open Web Application Security Project (OWASP) at https://www.owasp.org. The OWASP security by design principles (https://www.owasp.org/index.php/Security_by_Design_Principles) apply
Key Management Service (KMS) can be used for the encryption/decryption of data at rest in DynamoDB or RDS, but also to encrypt passwords or keys, for example, should you need them to integrate with a third party API or database.
If you get requests from a domain other than the API's own domain, you must enable cross-origin resource sharing (CORS).
It is better to list specific actions, table names, and constraints explicitly when possible.
API Gateway, DynamoDB, and Lambda functions all have built-in support for CloudWatch and X-Ray for that specific task.
CloudWatch allows you to track metrics and monitor log files, set specific alarms, and automatically react to changes in your AWS resources. X-Ray is a service that traces requests and can also generate specific service maps.
CloudTrail is another service that allows you to monitor all APIs and access to resources by any user or system.
If you want to find out more, here are some links to white papers and best practice guides. I recommend reading the following white papers: https://aws.amazon.com/whitepapers/aws-security-best-practices/ https://aws.amazon.com/products/security/ https://aws.amazon.com/whitepapers/#security http://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html
