Building Microservices

Distributed systems have become more fine-grained in the past 10 years, shifting from code-heavy monolithic applications to smaller, self-contained microservices. But developing these systems brings its own set of headaches. With lots of examples and practical advice, this book takes a holistic view of the topics that system architects and administrators must consider when building, managing, and evolving microservice architectures.

Microservice technologies are moving quickly. Author Sam Newman provides you with a firm grounding in the concepts while diving into current solutions for modeling, integrating, testing, deploying, and monitoring your own autonomous services. You’ll follow a fictional company throughout the book to learn how building a microservice architecture affects a single domain.

• Discover how microservices allow you to align your system design with your organization’s goals
• Learn options for integrating a service with the rest of your system
• Take an incremental approach when splitting monolithic codebases
• Deploy individual microservices through continuous integration
• Examine the complexities of testing and monitoring distributed services
• Manage security with user-to-service and service-to-service models
• Understand the challenges of scaling microservice architectures

• Chapter 1: Microservices
• What Are Microservices?
• Small, and Focused on Doing One Thing Well
• Autonomous
• Key Benefits
• Technology Heterogeneity
• Resilience
• Scaling
• Ease of Deployment
• Organizational Alignment
• Composability
• Optimizing for Replaceability
• What About Service-Oriented Architecture?
• Other Decompositional Techniques
• Shared Libraries
• Modules
• No Silver Bullet
• Summary
• Chapter 2: The Evolutionary Architect
• Inaccurate Comparisons
• An Evolutionary Vision for the Architect
• Zoning
• A Principled Approach
• Strategic Goals
• Principles
• Practices
• Combining Principles and Practices
• A Real World Example
• The Required Standard
• Monitoring
• Interfaces
• Architectural Safety
• Governance Through Code
• Examplars
• Tailored Service Template
• Technical Debt
• Exception Handling
• Governance and Leading from the Center
• Building a Team
• Summary
• Chapter 3: How to Model Services
• Introducing MusicCorp
• What Makes a Good Service?
• Loose Coupling
• High Cohesion
• The Bounded Context
• Shared and Hidden Models
• Modules and Services
• Premature Decomposition
• Business Capabilities
• Turtles All the Way Down
• Communication in Terms of Business Concepts
• The Technical Boundary
• Summary
• Chapter 4: Integration
• Looking for the Ideal Integration Technology
• Avoid Breaking Changes
• Keep Your APIs Technology-Agnostic
• Make Your Service Simple for Consumers
• Hide Internal Implementation Details
• Interfacing with Customers
• The Shared Database
• Synchronous Versus Asynchronous
• Orchestration Versus Choreography
• Remote Procedure Calls
• Technology Coupling
• Local Calls Are Not Like Remote Calls
• Brittleness
• Is RPC Terrible?
• REST
• REST and HTTP
• Hypermedia As the Engine of Application State
• JSON, XML, or Something Else!
• Beware Too Much Convenience
• Downsides to REST Over HTTP
• Implementing Asynchronous Event-Based Collaboration
• Technology Choices
• Complexities of Asynchronous Event-Based Collaboration
• Services as State Machines
• Reactive Extensions
• DRY and the Perils of Code Reuse in a Microservice World
• Client Libraries
• Access by Reference
• Versioning
• Defer It for As Long as Possible
• Catch Breaking Changes Early
• Use Semantic Versioning
• Coexist Different Endpoints
• Use Multiple Concurrent Service Versions
• User Interfaces
• Towards Digital
• Constraints
• API Composition
• UI Fragment Composition
• Backends for Frontends
• A Hybrid Approach
• Integrating with Third-Party Software
• Lack of Control
• Customization
• Integration Spaghetti
• On Your Own Terms
• The Strangler Pattern
• Summary
• Chapter 5: Splitting the Monolith
• It’s All About Seams
• Breaking Apart MusicCorp
• The Reasons to Split the Monolith
• Pace of Change
• Team Structure
• Security
• Technology
• Tangled Dependencies
• The Database
• Getting to Grips with the Problem
• Example: Breaking Foreign Key Relationships
• Example: Shared Static Data
• Example: Shared Data
• Example: Shared Tables
• Refactoring Databases
• Staging the Break
• Transactional Boundaries
• Try Again Later
• Abort the Entire Operation
• Distributed Transactions
• So What to Do?
• Reporting
• The Reporting Database
• Data Retrieval via Service Calls
• Data Pumps
• Alternative Destinations
• Event Data Pump
• Backup Data Pump
• Toward Real Time
• Cost of Change
• Understanding Root Causes
• Summary
• Chapter 6: Deployment
• A Brief Introduction to Continuous Integration
• Are You Really Doing It?
• Mapping Continuous Integration to Microservices
• Build Pipelines and Continuous Delivery
• And the Inevitable Exceptions
• Platform-Specific Artifacts
• Operating System Artifacts
• Custom Images
• Image as Artifacts
• Immutable Servers
• Environments
• Service Configuration
• Service-to-Host Mapping
• Multiple Services Per Host
• Application Containers
• Single Service Per Host
• Platforms as a Service
• Automation
• Two Case Studies on the Power of Automation
• From Physical to Virtual
• Traditional Virtualization
• Vagrant
• Linux Containers
• Docker
• A Deployment Interface
• Environment Definition
• Summary
• Chapter 7: Testing
• Types of Tests
• Test Scope
• Unit Tests
• Service Tests
• End-to-End Tests
• Trade-Offs
• How Many?
• Implementing Service Tests
• Mocking or Stubbing
• A Smarter Stub Service
• Those Tricky End-to-End Tests
• Downsides to End-to-End Testing
• Flaky and Brittle Tests
• Who Writes These Tests?
• How Long?
• The Great Pile-up
• The Metaversion
• Test Journeys, Not Stories
• Consumer-Driven Tests to the Rescue
• Pact
• It's About Conversations
• So Should You Use End-to-End Tests?
• Testing After Production
• Separating Deployment from Release
• Canary Releasing
• Mean Time to Repair Over Mean Time Between Failures?
• Cross-Functional Testing
• Performance Tests
• Summary
• Chapter 8: Monitoring
• Single Service, Single Server
• Single Service, Multiple Servers
• Multiple Services, Multiple Servers
• Logs, Logs, and Yet More Logs…
• Metric Tracking Across Multiple Services
• Service Metrics
• Synthetic Monitoring
• Implementing Semantic Monitoring
• Correlation IDs
• The Cascade
• Standardization
• Consider the Audience
• The Future
• Summary
• Chapter 9: Security
• Authentication and Authorization
• Common Single Sign-On Implementations
• Single Sign-On Gateway
• Fine-Grained Authorization
• Service-to-Service Authentication and Authorization
• Allow Everything Inside the Perimeter
• HTTP(S) Basic Authentication
• Use SAML or OpenID Connect
• Client Certificates
• HMAC Over HTTP
• API Keys
• The Deputy Problem
• Securing Data at Rest
• Go with the Well Known
• It's All About the Keys
• Pick Your Targets
• Decrypt on Demand
• Encrypt Backups
• Defense in Depth
• Firewalls
• Logging
• Intrusion Detection (and Prevention) System
• Network Segregation
• Operating System
• A Worked Example
• Be Frugal
• The Human Element
• The Golden Rule
• Baking Security In
• External Verification
• Summary
• Chapter 10: Conway’s Law and System Design
• Evidence
• Loose and Tightly Coupled Organizations
• Windows Vista
• Netflix and Amazon
• What Can We Do with This?
• Adapting to Communication Pathways
• Service Ownership
• Drivers for Shared Services
• Too Hard to Split
• Feature Teams
• Delivery Bottlenecks
• Internal Open Source
• Role of the Custodians
• Maturity
• Tooling
• Bounded Contexts and Team Structures
• The Orphaned Service?
• Case Study: RealEstate.com.au
• Conway’s Law in Reverse
• People
• Summary
• Chapter 11: Microservices at Scale
• Failure Is Everywhere
• How Much Is Too Much?
• Degrading Functionality
• Architectural Safety Measures
• The Antifragile Organization
• Timeouts
• Circuit Breakers
• Bulkheads
• Isolation
• Idempotency
• Scaling
• Go Bigger
• Splitting Workloads
• Spreading Your Risk
• Load Balancing
• Worker-Based Systems
• Starting Again
• Scaling Databases
• Availability of Service Versus Durability of Data
• Scaling for Reads
• Scaling for Writes
• Shared Database Infrastructure
• CQRS
• Caching
• Client-Side, Proxy, and Server-Side Caching
• Caching in HTTP
• Caching for Writes
• Caching for Resilience
• Hiding the Origin
• Keep It Simple
• Cache Poisoning: A Cautionary Tale
• Autoscaling
• CAP Theorem
• Sacrificing Consistency
• Sacrificing Availability
• Sacrificing Partition Tolerance
• AP or CP?
• It's Not All or Nothing
• And the Real World
• Service Discovery
• DNS
• Dynamic Service Registries
• ZooKeeper
• Consul
• Eureka
• Rolling Your Own
• Don't Forget the Humans!
• Documenting Services
• Swagger
• HAL and the HAL Browser
• The Self-Describing System
• Summary
• Chapter 12: Bringing It All Together
• Principles of Microservices
• Model Around Business Concepts
• Adopt a Culture of Automation
• Hide Internal Implementation Details
• Decentralize All the Things
• Independently Deployable
• Isolate Failure
• Highly Observable
• When Shouldn’t You Use Microservices?
• Parting Words

Well, at the start of this book, I thought: What's new? C/S, SOA, Distributed Systems, RPCs, SOAP, etc. But after about half the book, the author manages to give a very good overview of choices and pitfalls in building distributed systems (which nearly everything is today).

Apart from some faulty references, and some errors in the examples, it would say this is a decent introduction to the concepts of Distributed System/SOA/Microservices (or whatever acronym you want to put into it today).