SlideShare ist ein Scribd-Unternehmen logo

Meetup 2022 - APIs with Quarkus.pdf

Luca Mattia Ferrari
Luca Mattia Ferrari

quickstart on how to build APIs (with all the additional tooling) using quarkus framework

Software
1 von 23
Downloaden Sie, um offline zu lesen
Building a full stack API with DevOps integrated or how to build a complete u-service from scratch in an hour Sergio Gutierrez EMEA Senior Solution Architect Luca Ferrari EMEA Senior Solution Architect
Agenda ➔ APIs in Microservice Architecture patterns ➔ Quarkus as a runtime engine (advantages) ➔ Development approach: API Contract first / Code first ➔ Demos 1. building your first quarkus api 2. adding fault tolerance 3. observing your u-service 4. adding logging to your service 5. adding persistence 6. adding security (developer friendly way)
APIs in Microservice Architecture patterns ● Synchronous Communication ● Asynchronous Message-based Communication 3
MicroProfile and Microservice Basics ● Java for microservices-based architecture ● Portability across multiple runtimes The following components are fundamental for developers creating microservices: ● Contexts and Dependency Injection for Java (CDI) specification ● Jakarta RESTful Web Services (JAX-RS) ● JSON processing Using all three components, you can build basic RESTful web services in a straightforward and declarative manner. 4
Quarkus advantage Advantages compared to other Java-based cloud-native frameworks, Quarkus offers the following benefits: ● Faster response times, in general. ● Lower memory usage. ● Higher throughout in reactive routes. ● Full container image support. ● Compliance to MicroProfile conformance tests. 5
Quarkus advantage 6
Reviewing the JAX-RS Specification JAX-RS, formerly known as Java API for RESTful Web Services, is a specification that provides support for creating web services following the Representational State Transfer (REST) architectural pattern. Annotation Description @Path The relative path for a class or method. @GET, @PUT,@POST, @DELETE, @HEAD The HTTP request type of a method. @Produces, @Consumes The Internet media types for the content consumed as the request parameters or produced as the response. The javax.ws.rs.core.MediaType class specifies the allowed values. Table 2.1. JAX-RS Class and Method-Level Annotations Summary 7
Demo #1 How do you get started with this?? Solution: https://quarkus.io/guides/getting-started and git clone https://github.com/quarkusio/quarkus-quickstarts.git ● Bootstrapping an application ● Creating a JAX-RS endpoint ● Injecting beans ● Functional tests ● Packaging of the application How to create a Hello World API with Quarkus app 8
Demo #1 Bootstrapping the project quarkus create app org.acme:getting-started --extension='resteasy-reactive' Different options to create your project: ● Maven ● https://code.quarkus.io/ ● Quarkus CLI mvn io.quarkus.platform:quarkus-maven-plugin:2.14.1.Final:create -DprojectGroupId=org.acme -DprojectArtifactId=getting-started -Dextensions='resteasy-reactive' Quarkus CLI installation https://quarkus.io/guides/cli-tooling 9
Demo #1 Quarkus scaffold project generated It generates the following in ./getting-started: ● the Maven structure ● an org.acme.GreetingResource resource exposed on /hello ● an associated unit test ● a landing page that is accessible on http://localhost:8080 after starting the application ● example Dockerfile files for both native and jvm modes in src/main/docker ● the application configuration file 10
Demo #2 What if my backend fails?! The recovery procedures defined by the fault tolerance specification include the following: ● Bulkhead (@org.eclipse.microprofile.faulttolerance.Bulkhead) Limits the workload for a microservice to avoid failures caused by concurrency or service overload. ● Retry policy(@org.eclipse.microprofile.faulttolerance.Retry) Defines the conditions for retrying a failing execution. ● Timeout(@org.eclipse.microprofile.faulttolerance.Timeout) Defines the maximum execution time before interrupting a request. ● Circuit breaker (@org.eclipse.microprofile.faulttolerance.CircuitBreaker)Supports a fail-fast approach if the system is suffering from an overload or is unavailable. ● Fallback(@org.eclipse.microprofile.faulttolerance.Fallback) Executes an alternative method if the execution fails for the annotated method. Source: https://quarkus.io/guides/smallrye-fault-tolerance 11
Demo #2 Fault tolerance - Fallback @Fallback(fallbackMethod = "fallbackRecommendations") public List<Coffee> recommendations(int id) { ... } public List<Coffee> fallbackRecommendations(int id) { LOGGER.info("Falling back to RecommendationResource#fallbackRecommendations()"); // safe bet, return something that everybody likes return Collections.singletonList(coffeeRepository.getCoffeeById(1));} @Fallback(fallbackMethod = "fallbackRecommendations") > quarkus dev http://localhost:8080/coffee/2/recommendations quarkus create app org.acme:microprofile-fault-tolerance-quickstart --extension='smallrye-fault-tolerance,resteasy-reactive-jackson --no-code 12 The application built in this guide simulates a simple backend for a gourmet coffee e-shop. It implements a REST endpoint providing information about coffee samples we have on store. In case of a timeout, the page will display a single recommendation that we hardcoded in our fallback method fallbackRecommendations(), rather than two recommendations returned by the original method.
Demo #3 I want to observe my u-services! quarkus create app org.acme:opentelemetry-quickstart --extension='resteasy-reactive,quarkus-opentelemetry' --no-code Source: https://quarkus.io/guides/opentelemetry REST application to demonstrate distributed tracing. <dependency> <groupId>io.quarkus</groupId> <artifactId>quarkus-opentelemetry</artifactId> </dependency> 13
Demo #3 Open Telemetry The OpenTelemetry Collector offers a vendor-agnostic implementation of how to receive, process and export telemetry data. It removes the need to run, operate, and maintain multiple agents/collectors. This works with improved scalability and supports open-source observability data formats (e.g. Jaeger, Prometheus, Fluent Bit, etc.) sending to one or more open-source or commercial back-ends. 14
Demo #3 Open Telemetry 15 quarkus dev -Djvm.args="-Dquarkus.opentelemetry.tracer.exporter.otlp.endpoint=http://localhost:4317"
Demo #4 How can I do simple troubleshooting? As most developers would say, the first tool to troubleshoot when something goes wrong is logging (everything if possible). Quarkus offers JBoss Log Manager and the JBoss Logging facade for this purpose and all the logging configuration can be done inside your application.properties Applications and components may use any of the following APIs for logging, and the logs will be merged: ● JDK java.util.logging (also called JUL) ● JBoss Logging ● SLF4J ● Apache Commons Logging It is possible to change the output format of the console log when for example the output of the application is captured by a service which can, for example, process and store the log information for later analysis (JSON Logging Format) 16 Source: https://quarkus.io/guides/rest-json https://quarkus.io/guides/logging
Demo #4 Configuring Logging We will start from a more comple REST example here https://github.com/quarkusio/quarkus-quickstarts/tree/main/rest-json-quickstart This includes: 2 REST resources, Ser/Des, a simple HTML frontend It also already includes a Logging Filter automatically injected based on ContainerRequestFilter (https://www.baeldung.com/jersey-filters-interceptors ) We will add more logging at the Resource level, to log as WARN if we add Tomato as a fruit import org.jboss.logging.Logger; … private static final Logger LOG = Logger.getLogger(FruitResource.class); … if(fruit.name.equalsIgnoreCase("tomato")){ LOG.warn("Tomato is not a fruit"); } 17
Demo #5 Where to persist data? Not every information can be stored only in memory, thinking about your amazon order and payment? Quarkus provides many options to persist data, we will be highlighting the most important: ● Dev Service for DBs: when testing or running in dev mode Quarkus can provide you with a zero-config database out of the box. Depending on your database type you may need Docker installed in order to use this feature. Dev Services is supported for the following databases: DB2 (container) (requires license acceptance), Derby (in-process), H2 (in-process), MariaDB (container), Microsoft SQL Server (container) (requires license acceptance), MySQL (container), Oracle Express Edition (container), PostgreSQL (container) ● Simple datasource setup: a datasource can be either a JDBC datasource, a reactive one or both. It all depends on how you configure it and which extensions you added to your project. To define a datasource, start by defining the kind in the application.configuration. By using a JDBC driver extension and setting the kind in the configuration, Quarkus resolves the JDBC driver automatically, so you don’t need to configure it yourself ● Support of both Hibernate ORM with Panache: Hibernate ORM is an object–relational mapping tool for the Java programming language. It provides a framework for mapping an object-oriented domain model to a relational database. Panache is a Quarkus-specific library that simplifies the development of your Hibernate-based persistence layer. Similar to Spring Data JPA, Panache handles most of the repetitive boilerplate code for you. Its implementations of the repository and the active record pattern provide methods to create, update, and remove records, perform basic queries, and define and execute your own queries. 18
Demo #5 REST with persistence on Postgres container We will start from a full example which cover everything we have seen in the previous slide https://github.com/quarkusio/quarkus-quickstarts/tree/main/hibernate-orm-panache-quickstart This includes: 1 Hibernate with Panache entity, the corresponding REST resource, all implementing the repository pattern Panache’s repositories provide you with a set of standard methods to find entities by their primary key. You can also persist, update and remove an entity. The only thing you need to do to get this functionality is to define an entity-specific repository class. It has to implement the PanacheRepository or PanacheRepositoryBase interface. We will just modify the configuration so that the db dev service port is fixed, and we can connect to it: quarkus.datasource.devservices.port=45432 19 Source: https://quarkus.io/guides/databases-dev-services https://quarkus.io/guides/datasource https://quarkus.io/guides/hibernate-orm-panache https://quarkus.io/blog/quarkus-devservices-testcontainers-podman/
Demo #6 Somebody is bothering me with Security! As you don’t want to expose your first valuable service publicly without any protection, you might want to think about security. Quarkus offers a full range of security options for your services: ● Basic and Form HTTP authentication ● WebAuthn is an authentication mechanism that replaces passwords. When you write a service for registering new users, or logging them in, instead of asking for a password, you can use WebAuthn, which replaces the password. ● Quarkus also provides mutual TLS (mTLS) authentication so that you can authenticate users based on their X.509 certificates. ● OpenID Connect (OIDC) is an identity layer that works on top of the OAuth 2.0 protocol. OIDC enables client applications to verify the identity of a user based on the authentication performed by the OIDC provider and to retrieve basic information about that user. You can also verify ID and access JWT tokens by using the refreshable JSON Web Key (JWK) set or you can introspect them remotely. However, opaque (binary) tokens can only be introspected remotely. 20 Source: https://quarkus.io/guides/security
Demo #6 OIDC security with Security Dev Services https://github.com/quarkusio/quarkus-quickstarts/tree/main/security-openid-connect-quickstart You can use the Quarkus OpenID Connect (OIDC) extension to secure your JAX-RS applications using Bearer Token Authorization. The Bearer Tokens are issued by OIDC and OAuth 2.0 compliant authorization servers, such as Keycloak. In this example, we are using a very simple microservice which offers two endpoints: /api/users/me /api/admin These endpoints are protected and can only be accessed if a client is sending a bearer token along with the request, which must be valid (e.g.: signature, expiration and audience) and trusted by the microservice. The /api/users/me endpoint can be accessed by any user with a valid token. As a response, it returns a JSON document with details about the user where these details are obtained from the information carried on the token. The /api/admin endpoint is protected with RBAC (Role-Based Access Control) where only users granted with the admin role can access. At this endpoint, we use the @RolesAllowed annotation to declaratively enforce the access constraint. 21 Source: https://quarkus.io/guides/security-openid-connect
Demo #6 BONUS! In case you can’t find that specific protocol or standard to integrate with inside the standard quarkus libraries, You can explore the quarkiverse For example in the case of security we have community support for MFA: https://github.com/quarkiverse/quarkus-mfa 22 Source: https://quarkus.io/blog/quarkiverse/
Thank you for staying with us! 23

Empfohlen

eXo Platform SEA - Play Framework Introduction
eXo Platform SEA - Play Framework IntroductioneXo Platform SEA - Play Framework Introduction
eXo Platform SEA - Play Framework Introduction
vstorm83
 
Spring Boot to Quarkus: A real app migration experience | DevNation Tech Talk
Spring Boot to Quarkus: A real app migration experience | DevNation Tech TalkSpring Boot to Quarkus: A real app migration experience | DevNation Tech Talk
Spring Boot to Quarkus: A real app migration experience | DevNation Tech Talk
Red Hat Developers
 
Docker Java App with MariaDB – Deployment in Less than a Minute
Docker Java App with MariaDB – Deployment in Less than a MinuteDocker Java App with MariaDB – Deployment in Less than a Minute
Docker Java App with MariaDB – Deployment in Less than a Minute
dchq
 
Rediscovering Spring with Spring Boot(1)
Rediscovering Spring with Spring Boot(1)Rediscovering Spring with Spring Boot(1)
Rediscovering Spring with Spring Boot(1)
Gunith Devasurendra
 
dokumen.tips_rediscovering-spring-with-spring-boot1 (1).pdf
dokumen.tips_rediscovering-spring-with-spring-boot1 (1).pdfdokumen.tips_rediscovering-spring-with-spring-boot1 (1).pdf
dokumen.tips_rediscovering-spring-with-spring-boot1 (1).pdf
Appster1
 
dokumen.tips_rediscovering-spring-with-spring-boot1.pdf
dokumen.tips_rediscovering-spring-with-spring-boot1.pdfdokumen.tips_rediscovering-spring-with-spring-boot1.pdf
dokumen.tips_rediscovering-spring-with-spring-boot1.pdf
Appster1
 
RESTful Web Applications with Apache Sling
RESTful Web Applications with Apache SlingRESTful Web Applications with Apache Sling
RESTful Web Applications with Apache Sling
Bertrand Delacretaz
 
SpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptxSpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptx
SUFYAN SATTAR
 

Empfohlen

eXo Platform SEA - Play Framework Introduction
eXo Platform SEA - Play Framework IntroductioneXo Platform SEA - Play Framework Introduction
eXo Platform SEA - Play Framework Introduction
vstorm83
 
Spring Boot to Quarkus: A real app migration experience | DevNation Tech Talk
Spring Boot to Quarkus: A real app migration experience | DevNation Tech TalkSpring Boot to Quarkus: A real app migration experience | DevNation Tech Talk
Spring Boot to Quarkus: A real app migration experience | DevNation Tech Talk
Red Hat Developers
 
Docker Java App with MariaDB – Deployment in Less than a Minute
Docker Java App with MariaDB – Deployment in Less than a MinuteDocker Java App with MariaDB – Deployment in Less than a Minute
Docker Java App with MariaDB – Deployment in Less than a Minute
dchq
 
Rediscovering Spring with Spring Boot(1)
Rediscovering Spring with Spring Boot(1)Rediscovering Spring with Spring Boot(1)
Rediscovering Spring with Spring Boot(1)
Gunith Devasurendra
 
dokumen.tips_rediscovering-spring-with-spring-boot1 (1).pdf
dokumen.tips_rediscovering-spring-with-spring-boot1 (1).pdfdokumen.tips_rediscovering-spring-with-spring-boot1 (1).pdf
dokumen.tips_rediscovering-spring-with-spring-boot1 (1).pdf
Appster1
 
dokumen.tips_rediscovering-spring-with-spring-boot1.pdf
dokumen.tips_rediscovering-spring-with-spring-boot1.pdfdokumen.tips_rediscovering-spring-with-spring-boot1.pdf
dokumen.tips_rediscovering-spring-with-spring-boot1.pdf
Appster1
 
RESTful Web Applications with Apache Sling
RESTful Web Applications with Apache SlingRESTful Web Applications with Apache Sling
RESTful Web Applications with Apache Sling
Bertrand Delacretaz
 
SpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptxSpringBootCompleteBootcamp.pptx
SpringBootCompleteBootcamp.pptx
SUFYAN SATTAR
 
Java 8 Overview
Java 8 OverviewJava 8 Overview
Java 8 Overview
Nicola Pedot
 
Go swagger tutorial how to create golang api documentation using go swagger (1)
Go swagger tutorial how to create golang api documentation using go swagger (1)Go swagger tutorial how to create golang api documentation using go swagger (1)
Go swagger tutorial how to create golang api documentation using go swagger (1)
Katy Slemon
 
Reactive application using meteor
Reactive application using meteorReactive application using meteor
Reactive application using meteor
Sapna Upreti
 
Pyramid Deployment and Maintenance
Pyramid Deployment and MaintenancePyramid Deployment and Maintenance
Pyramid Deployment and Maintenance
Jazkarta, Inc.
 
Server(less) Swift at SwiftCloudWorkshop 3
Server(less) Swift at SwiftCloudWorkshop 3Server(less) Swift at SwiftCloudWorkshop 3
Server(less) Swift at SwiftCloudWorkshop 3
kognate
 
Openwhisk - Colorado Meetups
Openwhisk - Colorado MeetupsOpenwhisk - Colorado Meetups
Openwhisk - Colorado Meetups
Upkar Lidder
 
Serverless forwardjs
Serverless forwardjsServerless forwardjs
Serverless forwardjs
Upkar Lidder
 
Introduction to node js - From "hello world" to deploying on azure
Introduction to node js - From "hello world" to deploying on azureIntroduction to node js - From "hello world" to deploying on azure
Introduction to node js - From "hello world" to deploying on azure
Colin Mackay
 
Plugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGemsPlugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGems
Sadayuki Furuhashi
 
Laravel development (Laravel History, Environment Setup & Laravel Installatio...
Laravel development (Laravel History, Environment Setup & Laravel Installatio...Laravel development (Laravel History, Environment Setup & Laravel Installatio...
Laravel development (Laravel History, Environment Setup & Laravel Installatio...
Dilouar Hossain
 
Migration Spring Boot PetClinic REST to Quarkus 1.2.0
Migration Spring Boot PetClinic REST to Quarkus 1.2.0Migration Spring Boot PetClinic REST to Quarkus 1.2.0
Migration Spring Boot PetClinic REST to Quarkus 1.2.0
Jonathan Vila
 
Devopstore
DevopstoreDevopstore
Devopstore
Farkhad Badalov
 
Pyramid deployment
Pyramid deploymentPyramid deployment
Pyramid deployment
Carlos de la Guardia
 
Kubernetes Java Operator
Kubernetes Java OperatorKubernetes Java Operator
Kubernetes Java Operator
Anthony Dahanne
 
Spring Live Sample Chapter
Spring Live Sample ChapterSpring Live Sample Chapter
Spring Live Sample Chapter
Syed Shahul
 
Developing Java Web Applications
Developing Java Web ApplicationsDeveloping Java Web Applications
Developing Java Web Applications
hchen1
 
Porting Rails Apps to High Availability Systems
Porting Rails Apps to High Availability SystemsPorting Rails Apps to High Availability Systems
Porting Rails Apps to High Availability Systems
Marcelo Pinheiro
 
Spring boot microservice metrics monitoring
Spring boot microservice metrics monitoringSpring boot microservice metrics monitoring
Spring boot microservice metrics monitoring
Oracle Korea
 
Spring Boot - Microservice Metrics Monitoring
Spring Boot - Microservice Metrics MonitoringSpring Boot - Microservice Metrics Monitoring
Spring Boot - Microservice Metrics Monitoring
DonghuKIM2
 
Django deployment with PaaS
Django deployment with PaaSDjango deployment with PaaS
Django deployment with PaaS
Appsembler
 
Meetup 2023 - Gateway API.pdf
Meetup 2023 - Gateway API.pdfMeetup 2023 - Gateway API.pdf
Meetup 2023 - Gateway API.pdf
Luca Mattia Ferrari
 
Meetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdfMeetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdf
Luca Mattia Ferrari
 

Weitere ähnliche Inhalte

Ähnlich wie Meetup 2022 - APIs with Quarkus.pdf

Spring Live Sample Chapter
Spring Live Sample ChapterSpring Live Sample Chapter
Spring Live Sample Chapter
Syed Shahul
 
Porting Rails Apps to High Availability Systems
Porting Rails Apps to High Availability SystemsPorting Rails Apps to High Availability Systems
Porting Rails Apps to High Availability Systems
Marcelo Pinheiro
 

Ähnlich wie Meetup 2022 - APIs with Quarkus.pdf (20)

Java 8 Overview
Java 8 OverviewJava 8 Overview
Java 8 Overview
 
Go swagger tutorial how to create golang api documentation using go swagger (1)
Go swagger tutorial how to create golang api documentation using go swagger (1)Go swagger tutorial how to create golang api documentation using go swagger (1)
Go swagger tutorial how to create golang api documentation using go swagger (1)
 
Reactive application using meteor
Reactive application using meteorReactive application using meteor
Reactive application using meteor
 
Pyramid Deployment and Maintenance
Pyramid Deployment and MaintenancePyramid Deployment and Maintenance
Pyramid Deployment and Maintenance
 
Server(less) Swift at SwiftCloudWorkshop 3
Server(less) Swift at SwiftCloudWorkshop 3Server(less) Swift at SwiftCloudWorkshop 3
Server(less) Swift at SwiftCloudWorkshop 3
 
Openwhisk - Colorado Meetups
Openwhisk - Colorado MeetupsOpenwhisk - Colorado Meetups
Openwhisk - Colorado Meetups
 
Serverless forwardjs
Serverless forwardjsServerless forwardjs
Serverless forwardjs
 
Introduction to node js - From "hello world" to deploying on azure
Introduction to node js - From "hello world" to deploying on azureIntroduction to node js - From "hello world" to deploying on azure
Introduction to node js - From "hello world" to deploying on azure
 
Plugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGemsPlugin-based software design with Ruby and RubyGems
Plugin-based software design with Ruby and RubyGems
 
Laravel development (Laravel History, Environment Setup & Laravel Installatio...
Laravel development (Laravel History, Environment Setup & Laravel Installatio...Laravel development (Laravel History, Environment Setup & Laravel Installatio...
Laravel development (Laravel History, Environment Setup & Laravel Installatio...
 
Migration Spring Boot PetClinic REST to Quarkus 1.2.0
Migration Spring Boot PetClinic REST to Quarkus 1.2.0Migration Spring Boot PetClinic REST to Quarkus 1.2.0
Migration Spring Boot PetClinic REST to Quarkus 1.2.0
 
Devopstore
DevopstoreDevopstore
Devopstore
 
Pyramid deployment
Pyramid deploymentPyramid deployment
Pyramid deployment
 
Kubernetes Java Operator
Kubernetes Java OperatorKubernetes Java Operator
Kubernetes Java Operator
 
Spring Live Sample Chapter
Spring Live Sample ChapterSpring Live Sample Chapter
Spring Live Sample Chapter
 
Developing Java Web Applications
Developing Java Web ApplicationsDeveloping Java Web Applications
Developing Java Web Applications
 
Porting Rails Apps to High Availability Systems
Porting Rails Apps to High Availability SystemsPorting Rails Apps to High Availability Systems
Porting Rails Apps to High Availability Systems
 
Spring boot microservice metrics monitoring
Spring boot microservice metrics monitoringSpring boot microservice metrics monitoring
Spring boot microservice metrics monitoring
 
Spring Boot - Microservice Metrics Monitoring
Spring Boot - Microservice Metrics MonitoringSpring Boot - Microservice Metrics Monitoring
Spring Boot - Microservice Metrics Monitoring
 
Django deployment with PaaS
Django deployment with PaaSDjango deployment with PaaS
Django deployment with PaaS
 

Mehr von Luca Mattia Ferrari

Lucamaf1 2949-db--winter2013-accomplishment
Lucamaf1 2949-db--winter2013-accomplishmentLucamaf1 2949-db--winter2013-accomplishment
Lucamaf1 2949-db--winter2013-accomplishment
Luca Mattia Ferrari
 
statement of accomplishment - heterogeneous parallel programming
statement of accomplishment - heterogeneous parallel programmingstatement of accomplishment - heterogeneous parallel programming
statement of accomplishment - heterogeneous parallel programming
Luca Mattia Ferrari
 

Mehr von Luca Mattia Ferrari (20)

Meetup 2023 - Gateway API.pdf
Meetup 2023 - Gateway API.pdfMeetup 2023 - Gateway API.pdf
Meetup 2023 - Gateway API.pdf
 
Meetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdfMeetup 2022 - API Gateway landscape.pdf
Meetup 2022 - API Gateway landscape.pdf
 
APIs at the Edge
APIs at the EdgeAPIs at the Edge
APIs at the Edge
 
Opa in the api management world
Opa in the api management worldOpa in the api management world
Opa in the api management world
 
How easy (or hard) it is to monitor your graph ql service performance
How easy (or hard) it is to monitor your graph ql service performanceHow easy (or hard) it is to monitor your graph ql service performance
How easy (or hard) it is to monitor your graph ql service performance
 
Covid impact on digital identity
Covid impact on digital identityCovid impact on digital identity
Covid impact on digital identity
 
How do async ap is survive in a rest world
How do async ap is survive in a rest world How do async ap is survive in a rest world
How do async ap is survive in a rest world
 
The new (is it really ) api stack
The new (is it really ) api stackThe new (is it really ) api stack
The new (is it really ) api stack
 
The case for a unified way of speaking to things
The case for a unified way of speaking to thingsThe case for a unified way of speaking to things
The case for a unified way of speaking to things
 
What is the best approach to tdd
What is the best approach to tddWhat is the best approach to tdd
What is the best approach to tdd
 
Leverage event streaming framework to build intelligent applications
Leverage event streaming framework to build intelligent applicationsLeverage event streaming framework to build intelligent applications
Leverage event streaming framework to build intelligent applications
 
Using Streaming APIs in Production
Using Streaming APIs in ProductionUsing Streaming APIs in Production
Using Streaming APIs in Production
 
The independence facts
The independence factsThe independence facts
The independence facts
 
Api observability
Api observability Api observability
Api observability
 
Api service mesh and microservice tooling
Api service mesh and microservice toolingApi service mesh and microservice tooling
Api service mesh and microservice tooling
 
Api design best practice
Api design best practiceApi design best practice
Api design best practice
 
Certificate complexity
Certificate complexityCertificate complexity
Certificate complexity
 
Lucamaf1 2949-db--winter2013-accomplishment
Lucamaf1 2949-db--winter2013-accomplishmentLucamaf1 2949-db--winter2013-accomplishment
Lucamaf1 2949-db--winter2013-accomplishment
 
certificate game theory
certificate game theorycertificate game theory
certificate game theory
 
statement of accomplishment - heterogeneous parallel programming
statement of accomplishment - heterogeneous parallel programmingstatement of accomplishment - heterogeneous parallel programming
statement of accomplishment - heterogeneous parallel programming
 

Kürzlich hochgeladen

CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
anilsa9823
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
Health
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
mohitmore19
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
Delhi Call girls
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
harshavardhanraghave
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Alberto González Trastoy
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
anilsa9823
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
panagenda
 

Kürzlich hochgeladen (20)

CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female serviceCALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
CALL ON ➥8923113531 🔝Call Girls Badshah Nagar Lucknow best Female service
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
CALL ON ➥8923113531 🔝Call Girls Kakori Lucknow best sexual service Online ☂️
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Diamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with PrecisionDiamond Application Development Crafting Solutions with Precision
Diamond Application Development Crafting Solutions with Precision
 

Meetup 2022 - APIs with Quarkus.pdf

  • 1. Building a full stack API with DevOps integrated or how to build a complete u-service from scratch in an hour Sergio Gutierrez EMEA Senior Solution Architect Luca Ferrari EMEA Senior Solution Architect
  • 2. Agenda ➔ APIs in Microservice Architecture patterns ➔ Quarkus as a runtime engine (advantages) ➔ Development approach: API Contract first / Code first ➔ Demos 1. building your first quarkus api 2. adding fault tolerance 3. observing your u-service 4. adding logging to your service 5. adding persistence 6. adding security (developer friendly way)
  • 3. APIs in Microservice Architecture patterns ● Synchronous Communication ● Asynchronous Message-based Communication 3
  • 4. MicroProfile and Microservice Basics ● Java for microservices-based architecture ● Portability across multiple runtimes The following components are fundamental for developers creating microservices: ● Contexts and Dependency Injection for Java (CDI) specification ● Jakarta RESTful Web Services (JAX-RS) ● JSON processing Using all three components, you can build basic RESTful web services in a straightforward and declarative manner. 4
  • 5. Quarkus advantage Advantages compared to other Java-based cloud-native frameworks, Quarkus offers the following benefits: ● Faster response times, in general. ● Lower memory usage. ● Higher throughout in reactive routes. ● Full container image support. ● Compliance to MicroProfile conformance tests. 5
  • 7. Reviewing the JAX-RS Specification JAX-RS, formerly known as Java API for RESTful Web Services, is a specification that provides support for creating web services following the Representational State Transfer (REST) architectural pattern. Annotation Description @Path The relative path for a class or method. @GET, @PUT,@POST, @DELETE, @HEAD The HTTP request type of a method. @Produces, @Consumes The Internet media types for the content consumed as the request parameters or produced as the response. The javax.ws.rs.core.MediaType class specifies the allowed values. Table 2.1. JAX-RS Class and Method-Level Annotations Summary 7
  • 8. Demo #1 How do you get started with this?? Solution: https://quarkus.io/guides/getting-started and git clone https://github.com/quarkusio/quarkus-quickstarts.git ● Bootstrapping an application ● Creating a JAX-RS endpoint ● Injecting beans ● Functional tests ● Packaging of the application How to create a Hello World API with Quarkus app 8
  • 9. Demo #1 Bootstrapping the project quarkus create app org.acme:getting-started --extension='resteasy-reactive' Different options to create your project: ● Maven ● https://code.quarkus.io/ ● Quarkus CLI mvn io.quarkus.platform:quarkus-maven-plugin:2.14.1.Final:create -DprojectGroupId=org.acme -DprojectArtifactId=getting-started -Dextensions='resteasy-reactive' Quarkus CLI installation https://quarkus.io/guides/cli-tooling 9
  • 10. Demo #1 Quarkus scaffold project generated It generates the following in ./getting-started: ● the Maven structure ● an org.acme.GreetingResource resource exposed on /hello ● an associated unit test ● a landing page that is accessible on http://localhost:8080 after starting the application ● example Dockerfile files for both native and jvm modes in src/main/docker ● the application configuration file 10
  • 11. Demo #2 What if my backend fails?! The recovery procedures defined by the fault tolerance specification include the following: ● Bulkhead (@org.eclipse.microprofile.faulttolerance.Bulkhead) Limits the workload for a microservice to avoid failures caused by concurrency or service overload. ● Retry policy(@org.eclipse.microprofile.faulttolerance.Retry) Defines the conditions for retrying a failing execution. ● Timeout(@org.eclipse.microprofile.faulttolerance.Timeout) Defines the maximum execution time before interrupting a request. ● Circuit breaker (@org.eclipse.microprofile.faulttolerance.CircuitBreaker)Supports a fail-fast approach if the system is suffering from an overload or is unavailable. ● Fallback(@org.eclipse.microprofile.faulttolerance.Fallback) Executes an alternative method if the execution fails for the annotated method. Source: https://quarkus.io/guides/smallrye-fault-tolerance 11
  • 12. Demo #2 Fault tolerance - Fallback @Fallback(fallbackMethod = "fallbackRecommendations") public List<Coffee> recommendations(int id) { ... } public List<Coffee> fallbackRecommendations(int id) { LOGGER.info("Falling back to RecommendationResource#fallbackRecommendations()"); // safe bet, return something that everybody likes return Collections.singletonList(coffeeRepository.getCoffeeById(1));} @Fallback(fallbackMethod = "fallbackRecommendations") > quarkus dev http://localhost:8080/coffee/2/recommendations quarkus create app org.acme:microprofile-fault-tolerance-quickstart --extension='smallrye-fault-tolerance,resteasy-reactive-jackson --no-code 12 The application built in this guide simulates a simple backend for a gourmet coffee e-shop. It implements a REST endpoint providing information about coffee samples we have on store. In case of a timeout, the page will display a single recommendation that we hardcoded in our fallback method fallbackRecommendations(), rather than two recommendations returned by the original method.
  • 13. Demo #3 I want to observe my u-services! quarkus create app org.acme:opentelemetry-quickstart --extension='resteasy-reactive,quarkus-opentelemetry' --no-code Source: https://quarkus.io/guides/opentelemetry REST application to demonstrate distributed tracing. <dependency> <groupId>io.quarkus</groupId> <artifactId>quarkus-opentelemetry</artifactId> </dependency> 13
  • 14. Demo #3 Open Telemetry The OpenTelemetry Collector offers a vendor-agnostic implementation of how to receive, process and export telemetry data. It removes the need to run, operate, and maintain multiple agents/collectors. This works with improved scalability and supports open-source observability data formats (e.g. Jaeger, Prometheus, Fluent Bit, etc.) sending to one or more open-source or commercial back-ends. 14
  • 15. Demo #3 Open Telemetry 15 quarkus dev -Djvm.args="-Dquarkus.opentelemetry.tracer.exporter.otlp.endpoint=http://localhost:4317"
  • 16. Demo #4 How can I do simple troubleshooting? As most developers would say, the first tool to troubleshoot when something goes wrong is logging (everything if possible). Quarkus offers JBoss Log Manager and the JBoss Logging facade for this purpose and all the logging configuration can be done inside your application.properties Applications and components may use any of the following APIs for logging, and the logs will be merged: ● JDK java.util.logging (also called JUL) ● JBoss Logging ● SLF4J ● Apache Commons Logging It is possible to change the output format of the console log when for example the output of the application is captured by a service which can, for example, process and store the log information for later analysis (JSON Logging Format) 16 Source: https://quarkus.io/guides/rest-json https://quarkus.io/guides/logging
  • 17. Demo #4 Configuring Logging We will start from a more comple REST example here https://github.com/quarkusio/quarkus-quickstarts/tree/main/rest-json-quickstart This includes: 2 REST resources, Ser/Des, a simple HTML frontend It also already includes a Logging Filter automatically injected based on ContainerRequestFilter (https://www.baeldung.com/jersey-filters-interceptors ) We will add more logging at the Resource level, to log as WARN if we add Tomato as a fruit import org.jboss.logging.Logger; … private static final Logger LOG = Logger.getLogger(FruitResource.class); … if(fruit.name.equalsIgnoreCase("tomato")){ LOG.warn("Tomato is not a fruit"); } 17
  • 18. Demo #5 Where to persist data? Not every information can be stored only in memory, thinking about your amazon order and payment? Quarkus provides many options to persist data, we will be highlighting the most important: ● Dev Service for DBs: when testing or running in dev mode Quarkus can provide you with a zero-config database out of the box. Depending on your database type you may need Docker installed in order to use this feature. Dev Services is supported for the following databases: DB2 (container) (requires license acceptance), Derby (in-process), H2 (in-process), MariaDB (container), Microsoft SQL Server (container) (requires license acceptance), MySQL (container), Oracle Express Edition (container), PostgreSQL (container) ● Simple datasource setup: a datasource can be either a JDBC datasource, a reactive one or both. It all depends on how you configure it and which extensions you added to your project. To define a datasource, start by defining the kind in the application.configuration. By using a JDBC driver extension and setting the kind in the configuration, Quarkus resolves the JDBC driver automatically, so you don’t need to configure it yourself ● Support of both Hibernate ORM with Panache: Hibernate ORM is an object–relational mapping tool for the Java programming language. It provides a framework for mapping an object-oriented domain model to a relational database. Panache is a Quarkus-specific library that simplifies the development of your Hibernate-based persistence layer. Similar to Spring Data JPA, Panache handles most of the repetitive boilerplate code for you. Its implementations of the repository and the active record pattern provide methods to create, update, and remove records, perform basic queries, and define and execute your own queries. 18
  • 19. Demo #5 REST with persistence on Postgres container We will start from a full example which cover everything we have seen in the previous slide https://github.com/quarkusio/quarkus-quickstarts/tree/main/hibernate-orm-panache-quickstart This includes: 1 Hibernate with Panache entity, the corresponding REST resource, all implementing the repository pattern Panache’s repositories provide you with a set of standard methods to find entities by their primary key. You can also persist, update and remove an entity. The only thing you need to do to get this functionality is to define an entity-specific repository class. It has to implement the PanacheRepository or PanacheRepositoryBase interface. We will just modify the configuration so that the db dev service port is fixed, and we can connect to it: quarkus.datasource.devservices.port=45432 19 Source: https://quarkus.io/guides/databases-dev-services https://quarkus.io/guides/datasource https://quarkus.io/guides/hibernate-orm-panache https://quarkus.io/blog/quarkus-devservices-testcontainers-podman/
  • 20. Demo #6 Somebody is bothering me with Security! As you don’t want to expose your first valuable service publicly without any protection, you might want to think about security. Quarkus offers a full range of security options for your services: ● Basic and Form HTTP authentication ● WebAuthn is an authentication mechanism that replaces passwords. When you write a service for registering new users, or logging them in, instead of asking for a password, you can use WebAuthn, which replaces the password. ● Quarkus also provides mutual TLS (mTLS) authentication so that you can authenticate users based on their X.509 certificates. ● OpenID Connect (OIDC) is an identity layer that works on top of the OAuth 2.0 protocol. OIDC enables client applications to verify the identity of a user based on the authentication performed by the OIDC provider and to retrieve basic information about that user. You can also verify ID and access JWT tokens by using the refreshable JSON Web Key (JWK) set or you can introspect them remotely. However, opaque (binary) tokens can only be introspected remotely. 20 Source: https://quarkus.io/guides/security
  • 21. Demo #6 OIDC security with Security Dev Services https://github.com/quarkusio/quarkus-quickstarts/tree/main/security-openid-connect-quickstart You can use the Quarkus OpenID Connect (OIDC) extension to secure your JAX-RS applications using Bearer Token Authorization. The Bearer Tokens are issued by OIDC and OAuth 2.0 compliant authorization servers, such as Keycloak. In this example, we are using a very simple microservice which offers two endpoints: /api/users/me /api/admin These endpoints are protected and can only be accessed if a client is sending a bearer token along with the request, which must be valid (e.g.: signature, expiration and audience) and trusted by the microservice. The /api/users/me endpoint can be accessed by any user with a valid token. As a response, it returns a JSON document with details about the user where these details are obtained from the information carried on the token. The /api/admin endpoint is protected with RBAC (Role-Based Access Control) where only users granted with the admin role can access. At this endpoint, we use the @RolesAllowed annotation to declaratively enforce the access constraint. 21 Source: https://quarkus.io/guides/security-openid-connect
  • 22. Demo #6 BONUS! In case you can’t find that specific protocol or standard to integrate with inside the standard quarkus libraries, You can explore the quarkiverse For example in the case of security we have community support for MFA: https://github.com/quarkiverse/quarkus-mfa 22 Source: https://quarkus.io/blog/quarkiverse/
  • 23. Thank you for staying with us! 23