Weitere ähnliche Inhalte Ähnlich wie Cloud Native Java with Spring Cloud Services (20) Mehr von Chris Sterling (20) Kürzlich hochgeladen (20) Cloud Native Java with Spring Cloud Services1. Cloud Native Java with
Spring Cloud Services
Chris Sterling
Principal Product Manager Spring Cloud Services
@csterwa
2. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Outline
• Overview of Spring Cloud Services
• The Service Broker
• Service Overviews
• Config Server
• Service Registry
• Circuit Breaker Dashboard
• Client Application Dependencies
• What’s New?
• What’s Coming?
2
We’ve got 30 minutes
so here we go!
4. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Microservices Architecture
4
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
Spring
Boot
App
5. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Common Needs in Microservices Architecture
Netflix learned through running real
world production operations,
deployments and development. Some
of this learning lead to Netflix OSS
contributions that implemented
patterns such as:
• Service Discovery
• Circuit Breakers
• Externalized Configuration
5
Spring Cloud OSS has incorporated
Netflix OSS projects and implemented
additional capabilities to support
Spring developers:
• Eureka
• Hystrix
• Config Server
Developers can deploy their own
Spring Cloud OSS applications and
configure them for their needs.
6. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Services (SCS) for Pivotal
Cloud Foundry packages server-side
components of Spring Cloud OSS
projects and makes them available as
services in the PCF Marketplace. This
frees you from having to implement
and maintain your own managed
services. SCS focuses on:
What is Spring Cloud Services for PCF?
6
Config Server Service RegistryCircuit Breaker
Dashboard
Ease of use
Security
Reliability
7. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Ease of Use: Create Spring Cloud Server
Do it yourself:
• Create a Spring Boot app
• Add Spring Cloud starters
• Add @EnableXxxxServer
• Add configuration
• Add security
• Deploy and…
• Manage updates
7
With Spring Cloud Services:
• `cf create-service …`
8. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Ease of Use: Create Spring Cloud Client App
Do it yourself:
• Create a Spring Boot app
• Add Spring Cloud starters
• Add configuration
• Eureka-first or Config Server-first
bootstrapping?
• Environment profiles?
• Add security
8
With Spring Cloud Services:
• Create a Spring Boot app
• Add Spring Cloud Services starters
• `cf bind-service …`
9. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Security - OAuth2 Service Access
Spring Cloud Services (SCS) service
instances are secured with OAuth2 via a
dedicated identity zone on Pivotal Cloud
Foundry’s UAA service.
Generated client ID and secret is provided
to client applications when binding to a
SCS service instance.
Client applications then exchange client ID
and secret for authorization token via
OAuth2 flow with UAA that enables secure
API access to SCS service instances.
9
Spring Cloud Services
App
Identity Server
2. Generate
1. Bind
3. Token exchange
4. Access API
10. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Reliability - Provided by Pivotal Cloud Foundry
High availability and health management are provided by the platform
10
11. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS is Built on Spring OSS Projects
Spring Boot
Spring Cloud Netflix
Spring Cloud Config Server
Spring Cloud Connectors
Spring Security
11
Spring Security OAuth2
Spring Data JPA
Spring AMQP
Spring Boot CF Service Broker
Cloud Foundry Java Client
13. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Cloud Foundry Service Brokers
Service brokers extend Cloud Foundry
to provide resources that can be
consumed by applications.
http://docs.cloudfoundry.org/services/
Spring Cloud Services provides a
service broker that can provision
service instances.
13
Cloud
Foundry
Service
Broker
provision instance
get catalog
delete binding
delete instance
create binding
14. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Services Service Broker
14
Cloud
Foundry
Broker
App
provision instance
get catalog
create binding
delete binding
delete instance
Worker
App
RabbitMQ
create, delete, configure app and service instances
16. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Config Server Overview
Service
• Enable client applications to consume centralized configuration property values
• Deploys a Spring Cloud Config server for each service instance provisioned
• Supports Git and HashiCorp Vault backends
• Supports Git basic auth and SSH private key authentication
• Allows composition of multiple backends
Security
• Only bound applications are able to access configuration
Client Applications
• SCS Starter automatically adds a property source configured for the Config Server
16
17. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Config Server Composite Configuration
{
"composite": [
{
“vault": {
"host": “vault.example.io”,
"port": 443,
"scheme": “https"
}
},
{
“git": {
"uri": “https://github.com/spring-cloud-services-samples/cook-config"
}
}
]
}
17
18. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Config Server Flow
18
20. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Service Registry Overview
Service
• Enables client applications to discover service instances dynamically
• Deploys a Spring Cloud Netflix Eureka server for each service instance provisioned
Security
• Only the application that originally creates a registration is allowed to update or remove
that registration
• Prevents Man In The Middle attacks against the Registry
Client Applications
• SCS Starter automatically configures a DiscoveryClient
20
21. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Service Registry Flow
21
FortuneTellerService
Where can I find
FortuneTellerService?
Give me a
random fortune
<application>
<name>FortuneTellerService</
name>
<instance>
<hostName>chip</hostName>
<ipAddr>fortune-
service.blue.springapps.io</
ipAddr>
…
<application>
GET http://fortune-service.blue.springapps.io/random
23. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Circuit Breaker Dashboard Overview
Service
• Provides visibility into a collection of application’s circuit breakers status
• Deploys the following for each service instance provisioned:
• Spring Cloud Netflix Hystrix dashboard application
• Spring Cloud Netflix Turbine server application
• Pivotal RabbitMQ for PCF service instance
Client Applications
• Starter automatically configures a Turbine AMQP client
23
24. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Circuit Breaker Dashboard Flow
24
26. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Services Client Dependencies
26
<dependencies>
<dependency>
<groupId>io.pivotal.spring.cloud</groupId>
<artifactId>spring-cloud-services-starter-config-client</artifactId>
</dependency>
<dependency>
<groupId>io.pivotal.spring.cloud</groupId>
<artifactId>spring-cloud-services-starter-service-registry</artifactId>
</dependency>
<dependency>
<groupId>io.pivotal.spring.cloud</groupId>
<artifactId>spring-cloud-services-starter-circuit-breaker</artifactId>
</dependency>
</dependencies>
28. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Services for PCF v1.2 (Nov 2016)
• Service Registry service instances can now be configured to replicate service
registrations across PCF organization and space boundaries, as well as across
multiple PCF installations and availability zones.
• Service Registry service instances now allow multiple apps within a single space
to register with the same app name. This allows registered apps to use a blue/
green deployment strategy.
• Service Registry service instance dashboards display the URI, and if operating in
HA mode, the local node count of the service instance.
• Added enhanced security to the Service Registration by requiring consistency
across Eureka’s appname, virtualHostname, and secureVirtualHostname
properties.
28
29. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Service Registry Peer Replication
29
30. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Services for PCF in 2017
SCS v1.3 (Feb 2017)
• Updated to Spring Cloud OSS Camden
support
• Config Server encryption support
• Allow access to `/encrypt` endpoint
• Symmetric and asymmetric keys
supported
30
SCS v1.4 (Sep 2017)
• Updated to Spring Cloud OSS Dalston
support
• Config Server supports HashiCorp
Vault as backend
• Added support for composite
configuration of multiple backends
(Vault + Git)
• Improved Config Server
troubleshooting information in logs and
dashboard
31. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
SCS Cloud Foundry CLI Plugin
Enables CLI interaction with SCS service
instances.
To install:
$ cf install-plugin -r CF-Community "Spring Cloud Services"
31
Current Commands:
• config-server-encrypt-value
• scs-stop
• scs-start
• scs-restart
• scs-restage
• service-registry-list
• service-registry-enable
• service-registry-deregister
• service-registry-disable
https://github.com/pivotal-cf/spring-cloud-services-cli-plugin
32. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Services Client Connectors
• v1.4.x
• Support for instance specific
routing
• Support for experimental `direct`
routing to enable Container-to-
Container (C2C) networking rather
than via PCF grouter mapped
routes
32
• v1.5.x
• Automatically renew Vault
application configured tokens via
bound Config Server service
instance
• Redact properties sourced from
Vault backend in the bound Config
Server’s `/env` actuator endpoint
https://github.com/pivotal-cf/spring-cloud-services-connector
34. Unless otherwise indicated, these slides are © 2013-2016 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Safe Harbor Statement
The following is intended to outline the general direction of Pivotal's offerings. It is
intended for information purposes only and may not be incorporated into any
contract. Any information regarding pre-release of Pivotal offerings, future updates or
other planned modifications is subject to ongoing evaluation by Pivotal and is subject
to change. This information is provided without warranty or any kind, express or
implied, and is not a commitment to deliver any material, code, or functionality, and
should not be relied upon in making purchasing decisions regarding Pivotal's
offerings. These purchasing decisions should only be based on features currently
available. The development, release, and timing of any features or functionality
described for Pivotal's offerings in this presentation remain at the sole discretion of
Pivotal. Pivotal has no obligation to update forward looking information in this
presentation.
34
35. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Services for PCF v1.5 (COMING SOON)
• Update to Spring Cloud OSS Edgware support
• Adds support for Cloud Foundry’s CredHub service to secure service instance credentials
• Service broker stores service instance credentials in CredHub
• Client applications with SCS Connectors use Spring CredHub to automatically resolve
CredHub credentials
• Configurable Data Services
• Make MySQL & RabbitMQ services used for SCS service broker configurable
• Config Server Backend Enhancements
• Adds `pattern` and `searchPaths` to composite Git backend properties to support same
capabilities as Multi-repository Git configuration `git.repos`
• Recommend Config Servers v1.5.0+ use `composite` rather than `git.repos` going forward
35
36. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Data Flow for PCF v1.0 (COMING SOON)
• Create Data Flow servers via standard Cloud Foundry Service Broker
• Integration with Pivotal Cloud Foundry (PCF) UAA security model for Data Flow server
dashboard and shell
• Based on upcoming Spring Cloud Data Flow OSS version 1.3.0 release
• Works with the following Pivotal managed data services out of the box:
• MySQL for PCF
• RabbitMQ for PCF
• Redis for PCF
• Ability to configure alternative data services per Data Flow service instance
• Integrated Metrics collector and Skipper package manager with each Data Flow service
instance
36
37. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Spring Cloud Data Flow OSS
Here are some resources to learn more about SCDF:
• SCDF Project site - http://cloud.spring.io/spring-cloud-dataflow/
• Github sample repository - https://github.com/spring-cloud/spring-cloud-dataflow-
samples
• Data Microservices with SCDF - https://www.youtube.com/watch?v=Z6_ttC33N0U
• SCDF shell tips and tricks - https://www.youtube.com/watch?v=uyN8ttlTvUM
• Skipper package manager - https://github.com/spring-cloud/spring-cloud-skipper
37
38. Learn More. Stay Connected.
Chris Sterling
@csterwa
Thank you!
38
#springone@s1p
39. Unless otherwise indicated, these slides are © 2013-2018 Pivotal Software, Inc. and licensed under a Creative Commons
Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/
Other Sessions You Might Be Interested In…
39