All geek questions in one place

Microservice architecture - cross-domain chattiness

I have a relatively new project that uses microservice architecture. I feel pretty good about the size and detail of individual services, with the exception of either our security service.

I have three main services, say foo-service , bar-service and baz-service . These services never need to be communicated, but all three services regularly talk over HTTP requests using security-service . I want this to stop for a number of reasons: the biggest one is that each request to my individual services causes a request to the security service, which can turn into several additional flights when you consider load balancing, etc. I read Mark Richards' Software Architecture Templates, and he recommends exchanging databases and violating DRY in these cases: copy the necessary functions to each service. However, he uses this example with smaller “utility” classes that might not apply in this case.

The security service is not so big, so I can definitely copy it to each of the other services. However, it is large enough that I don’t feel great copying and pasting it into the corresponding lines of code according to overalls (java, so there is a much more relevant code ;-). I could easily turn it into a module that each service brings, but then my services have a common addiction, and this has bitten me in the past. Of course, the security code will grow over time when we add authentication methods, but we do not reinvent the wheel when it comes to auth, so it basically integrates with other libraries and authentication services. That is, I do not think that this particular code base is becoming huge.

So my question is: should I copy and paste the code or create a module that brings each service? Thanks!

+6
source share
3 answers

I want this to stop for a number of reasons: the biggest one is that each request to my individual services causes a request to the security service, which can turn into several additional flights when you consider load balancing, etc.

PROS for care as a separate service:
- Changes in the business security logic affect only the security service and do not need to change client services.

PROS for moving security logic to client services:
- Speed ​​/ performance.
“Another management service could mean lower operating costs.”

Speed ​​(performance) may exceed here, depending on requirements, but it will have increased development costs.

If you move the security logic to your own reusable module, which can be called from other services, just do a good job of encapsulating it and following the basic scheme with poor adhesion. In addition, since you may have to defend this decision for years to come, please get a good explanation so that your future boss doesn't fire you when she asks why it is so expensive to update our security logic. They have readily available tests, people lie, no numbers. I once had the results of a one page test for a new database that I requested. I was asked several times from different people about why I went with a new database ... I would just send them one page and no longer hear any additional questions from him.

This video can make you feel better considering that sto will reveal the trend: https://www.youtube.com/watch?v=StCrm572aEs

It shows how and why Netflix was looking for a trend and did not go with the REST architecture for its APIs. Basically, architecture is a client of requirements and value, and not vice versa.

EDIT: Another great PRO to exit as a service is that you may need to create several modules for each supported language. At my work, our security services are used by customer services in several languages.

+4
source

If you embed security logic in other services, then you really can't call it microservice architecture now? I also understand that having an additional and duplicate round-trip server for any other service can be a bit of a drag and drop. Here are some viable alternatives for you.

Put all four microservices behind the firewall. Call a public service that uses the security service to validate an incoming request, and then call other services if the request is valid for credential data. Other services always trust the caller, which is a service that is owned and operated in your trusted environment.

If this is a case of using “fire and swelling” and you feel uncomfortable because the public is faced with a service that has too many orchestration responsibilities, then consider this alternative. The public service sends an incoming request to an unauthorized queue in the message broker. The security service consumes from this queue and performs authentication. If this is true, the security service pauses the message in the authorized queue. Any number of microservices then consumes from an authorized queue and performs their corresponding operation.

+1
source

Security as a separate service, which you need for each request, since you describe it, is a very bad idea. May I refer you to the basic ideas of modulation, which Parnas so eloquently described in the Criteria to be used in decomposition systems in modules . Lack of grip also means lack of grip, and the technique is the search for a sweet spot on this axis.

Contrary to popular belief, micro services should be large enough to be scalable. Scalability limits are mainly related to communications, so they should be designed so as not to be chatty. The main problem (if you are not netflix) is not bandwidth, but delay.

Your security module should be closer to your services than the HTTP request, the connected module may be in order.

0
source

Source: https://habr.com/ru/post/986985/

More articles:


All Articles