This talk provides an architecture overview of data-centric microservices illustrated with an example application. The following Microservices concepts are illustrated - domain driven design, event-driven services, Saga transactions, Application tracing and Health monitoring with different microservices using a variety of data types supported in the database - business data, documents, spatial, graph, and events. A running example of a mobile food delivery application (called GrubDash) is used, with a hands-on-lab that is available for attendees to work through on the Oracle Cloud after these sessions. The rest of the talks will build upon this Microservices architecture framework.
Regulated Reactive - Security Considerations for Building Reactive Systems in...Ryan Hodgin
Ähnlich wie Database@Home : Data Driven Apps - Data-driven Microservices Architecture with Converged Database, Kubernetes and Helidon on Oracle Cloud (20)
9. The Service Mesh
Kubernetes takes care of containers management,
automating application deployment and scaling, but
there is still a lot left up to the developer
The service mesh = data plane + control plane
• Data plane (Envoy): sidecar proxy instances, that
perform service discovery, health checking, routing,
load balancing, authentication/authorization, and
observability.
• Control plane (Istio): sets the policy and
configuration (e.g., routing table, load balancing
policies) to be enacted by all the data plane
instances
Confidential – Oracle Internal/Restricted/Highly Restricted9
Instead of a direct communication model
Sidecar is inserted for every pod/service
10. Observability and Distributed Tracing
Confidential – Oracle Internal/Restricted/Highly Restricted
• Observability: continuous logging and tracing across services
• Trace, Span, SpanContext, SpanId
• OpenTelemetry: OpenTracing + OpenCensus
• Kiali, Jaeger, and Grafana stop at the edge of the DB
• Looking into end-to-end distributed tracing
11. OCI Service Broker for Kubernetes
Oracle Cloud Infrastructure
Add Service Broker to
your Kubernetes Cluster
Use kubectl to provision
and bind to OCI services
>kubectl
ATP
Secret
>kubectl
Secret
App
Use kubectl to deploy apps
that use the OCI services
ADWStream
Obj
Storage…
13. Microservices Data Management Considerations
• Polyglot Persistence
• Single models versus converged database
• Bounded Contexts
• Full fledge database per service
• PDBs, Shards, PDB Sharding
• Shared database
• Tables, Schemas
• Synchronous or Reactive DB Access
• R2DBC, Reactor, RxJava, Akka Streams
• Reactive Streams Ingestion
• API Composition (Queries)
• Front end API Composer queries other services and performs an in-memory join
• CQRS
13
14. Polyglot Persistence - Oracle Converged Database
Multiple Segregated or Joint Data Models for Separated or Mixed Semantics
Spatial Graph OLAPNoSQLRelational XML
Database Cluster Container
PDB 1 PDB 3 PDB 4PDB 2 PDB 5
Converged
Database
Multi Model
Enterprise Grade Operations and Security by
Consolidating to Database As A Service
Database
Cross Model
Consistent “Holistic View” of
Real Time Production Data
15. 15
• Areas where certain business
processes are implemented
• Logical boundaries within
which terms have non-ambiguous
meaning
Design microservices within
bounded contexts
• Services within bounded contexts
have local transactions
• Map monolithic application modules
as services
• Split the monolithic database
along the lines of bounded contexts
Domain Driven Design - Bounded Contexts
16. VeggieDash/GrubDash Microservices App
• Each service in a container, managed by OKE
• Helidon manages liveness and health
• PDBs per service (HOLs show two PDBs in
ATP #alwaysfreetier)
• Event broker built-in to the database (AQ)
• Analytics microservice is UI for Ops insights
• Delivery microservice has Spatial/Graph
optimizations
• Order service has the recommendation
engine and search with Text data; and the
orders are in JSON.
• Saga transactions between Order, Inventory,
and Delivery service; any one’s
failure/unavailability cancels the order
Confidential – Gartner
ATP-S
Order Inventory Delivery
JSON
TEXT
Analytics
JSON
OKE
18. How Oracle Database Addresses the Saga Challenges
• Exactly once message delivery – Oracle/AQ (T.E.Q.)
• Execute all steps or remove any effect
• => Database transaction support for sagas – coming
• Avoid excessive development, maintenance, and testing costs – typically due to compensation
• => Compensate-able data support – coming
• Higher parallelism
• Less venerability to hot-spots – most hot-spots deal with inventory management
• Support ‘complex sagas’ e.g., human interactions, multi-party interaction => Oracle workflow
Learn more about the coming features during future events.
20. Real world challenges of Microservices in DevOps environments
Database House Party #2
21. Real world challenges of Microservices in DevOps environments
25.06.202021
Martin Schmitter, Solutions Architect - Database
§ Information Scientist, application development, Jan 2001
§ ~20y in professional IT (~30y non-professional)
§ HAM radio amateur (14y)
§ My first Oracle version = v7.3
§ Cisco Certified Network Associate – CCNA (2002-2005)
§ DOAG member >2010
§ Working with RWE Supply & Trading GmbH >2015
§ Local Representative DOAG Regio NRW >2016
§ Oracle ACE Associate >2019
#whoami
22. Safe Harbour Statement
• All statements are representing my opinion and
will not represent or reflect any strategy, direction
or architecture of any company I am working
with.
• All statements are made in general purpose,
based on my own observations and personal
experience and will not be specific to an
enterprise, project or an individual.
Real world challenges of Microservices in DevOps environments
25.06.202022
24. Authentication, Authorization and Monitoring
Heterogenous tools and services will lead to complexity in authentication and authorization:
• How to make sure authentication works over all services?
• Is every database engine able to provide the detail of authorization we need (e.g. row level)?
• Do the service have all the necessary interfaces to work with (the) one identity and privilege
management system?
• How to audit access and collect logs for distributed transactions over multiple (data) services?
Real world challenges of Microservices in DevOps environments
25.06.202024
25. Data Privacy and Protection
If data sets are distributed over multiple database engines with
different database types, how do you manage…
• … the right of access, … of accuracy, … right to erasure?
• … to assure that just allowed data is stored in an accurate way?
• schema on write vs. schema on read
• … all financial tax relevant data is known and can be provided
(e.g. German GDPdU/GoBD)
• … to be aware of your data?
Real world challenges of Microservices in DevOps environments
25.06.202025
26. IT product onboarding and allow lists
IT products like (cloud) services, tools and engines to build your microservice need to be onboarded and
allowed:
• In big organizations a new product, vendor or supplier must bypass certain approval steppes, before you
can make use of them:
• E.g.: Workers council, compliance, security, data protection law, risk assessment, business
continuity management, standardization and integration in your major incident system.
• This might become a very time consuming and expensive exercise contradicting the idea of
providing quick to market isolated best-of-breed tools for your microservices. Especially if you need
to restart the process on every major update.
• A consolidation approach, using multi-purpose solutions and products might become famous
again.
Real world challenges of Microservices in DevOps environments
25.06.202026