Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.
Josh Long (⻰龙之春)
@starbuxman
jlong@gopivotal.com
slideshare.net/joshlong
github.com/joshlong
http://spring.io


MICROSERVI...
@starbuxman
Spring Developer Advocate
Josh Long (⻰龙之春)
@starbuxman josh.long@springsource.com|
Jean Claude
van Damme! Java...
@starbuxman
@starbuxman
@starbuxman
@starbuxman
WEB
Controllers, REST,

WebSocket
INTEGRATION
Channels, Adapters,

Filters, Transformers
BATCH
Jobs, Steps,

R...
@starbuxman
Microservices - just SOA redux? 



What does the DRY principle, microservices, SOA, and
Unix command line too...
@starbuxman
Singly focused? 



Do as little as possible.
Express and expose a service, isolated and
encapsulated. 



@starbuxman
How do you expose a service? 

How do you do so simply?

Title Text
@starbuxman
…when somebody
says SOAP is
“SIMPLE”
@starbuxman
REST has no hard and fast rules.
REST is an architectural style, not a standard.
REST uses Headers to describe...
@starbuxman
status codes convey the result of the server’s attempt to
satisfy the request. 



Categories:
1xx: informatio...
@starbuxman
The Richardson Maturity Model is a way to grade your
API according to the REST constraints with 4 levels of
in...
@starbuxman
The Richardson Maturity Model 



Level 0: swamp of POX

http://martinfowler.com/articles/richardsonMaturityMo...
@starbuxman
The Richardson Maturity Model 



Level 1: resources

http://martinfowler.com/articles/richardsonMaturityModel...
@starbuxman
The Richardson Maturity Model 



Level 2: HTTP verbs

http://martinfowler.com/articles/richardsonMaturityMode...
Demonstration
Our first @RestController
Demonstration
What about headers and status codes??
@starbuxman
The Richardson Maturity Model 



Level 3: Hypermedia Controls (aka, HATEOAS)

http://martinfowler.com/article...
@starbuxman
Links provide possible navigations from a given resource
!
Links are dynamic, based on resource state.
!
<link...
Demonstration
Working with Hypermedia and 

Spring HATEOAS
@starbuxman
Security is hard. Don’t reinvent
the wheel!
!
Things to worry about when developing
web applications? EVERYTHI...
@starbuxman
Usernames and Passwords
!
If you can trust the client to keep a secret like a password, then it
can send the p...
@starbuxman
Tim Bray says: Passwords don’t scale
!
Too easy to compromise.
!
Updating all your clients whenever you change...
@starbuxman
OAuth is a way for one (automated) client to securely identify
itself to another service
!
Assumes a user cont...
@starbuxman
@starbuxman
@starbuxman
Demonstration
OAuth
@starbuxman
So, SSL/TLS is...?
!
an implementation of public key
cryptography:
!
!
!
public key cryptography only works be...
@starbuxman
SSL/TLS is used routinely to verify the identify of servers.
!
Normally, the client confirms the server, but t...
@starbuxman
from “Release It!”: feature complete != production ready
!
A microservice needs to be able to slot into a syst...
Demonstration
Designing (or configuring!) for production
@starbuxman
What about routing? Load balancing? Enter the smart
service host, or, PaaS
!
You don’t want to handle this in ...
@starbuxman
Questions?
References
spring.io
github.com/joshlong/bookmarks
github.com/joshlong/boot-it-up
github.com/joshlo...
Próxima SlideShare
Cargando en…5
×

Microservices with Spring Boot

14.834 visualizaciones

Publicado el

A talk introducing Microservices with Spring Boot

Publicado en: Tecnología
  • Sé el primero en comentar

Microservices with Spring Boot

  1. 1. Josh Long (⻰龙之春) @starbuxman jlong@gopivotal.com slideshare.net/joshlong github.com/joshlong http://spring.io 
 MICROSERVICES BOOTIFUL
  2. 2. @starbuxman Spring Developer Advocate Josh Long (⻰龙之春) @starbuxman josh.long@springsource.com| Jean Claude van Damme! Java mascot Duke some thing’s I’ve authored...
  3. 3. @starbuxman
  4. 4. @starbuxman
  5. 5. @starbuxman
  6. 6. @starbuxman WEB Controllers, REST,
 WebSocket INTEGRATION Channels, Adapters,
 Filters, Transformers BATCH Jobs, Steps,
 Readers, Writers BIG DATA Ingestion, Export,
 Orchestration, Hadoop DATA NON-RELATIONALRELATIONAL CORE GROOVYFRAMEWORK SECURITY REACTOR GRAILS Full-stack, Web XD Stream, Taps, Jobs BOOT Bootable, Minimal, Ops-Ready
  7. 7. @starbuxman Microservices - just SOA redux? 
 
 What does the DRY principle, microservices, SOA, and Unix command line tools have in common? 
 
 They promote singly-focused*, loosely-connected systems In object-oriented programming, the single responsibility principle states that every class should have a single responsibility, and that responsibility should be entirely encapsulated by the class. All its services should be narrowly aligned with that responsibility.! * http://en.wikipedia.org/wiki/Single_responsibility_principle
  8. 8. @starbuxman Singly focused? 
 
 Do as little as possible. Express and expose a service, isolated and encapsulated. 
 

  9. 9. @starbuxman How do you expose a service? 
 How do you do so simply?

  10. 10. Title Text @starbuxman …when somebody says SOAP is “SIMPLE”
  11. 11. @starbuxman REST has no hard and fast rules. REST is an architectural style, not a standard. REST uses Headers to describe requests & responses REST embraces HTTP verbs. (DRY)
  12. 12. @starbuxman status codes convey the result of the server’s attempt to satisfy the request. 
 
 Categories: 1xx: informational
 2xx: success
 3xx: redirection
 4xx: client error 
 5xx: server error 

  13. 13. @starbuxman The Richardson Maturity Model is a way to grade your API according to the REST constraints with 4 levels of increasing compliance ! http://martinfowler.com/articles/richardsonMaturityModel.html
  14. 14. @starbuxman The Richardson Maturity Model 
 
 Level 0: swamp of POX
 http://martinfowler.com/articles/richardsonMaturityModel.html Uses HTTP mainly as a tunnel through one URI
 e.g., SOAP, XML-RPC
 
 Usually features on HTTP verb (POST)

  15. 15. @starbuxman The Richardson Maturity Model 
 
 Level 1: resources
 http://martinfowler.com/articles/richardsonMaturityModel.html Multiple URIs to distinguish related nouns 
 e.g., /articles/1, /articles/2, vs. just /articles
 

  16. 16. @starbuxman The Richardson Maturity Model 
 
 Level 2: HTTP verbs
 http://martinfowler.com/articles/richardsonMaturityModel.html leverage transport-native properties to enhance service 
 e.g., HTTP GET and PUT and DELETE and POST
 
 Uses idiomatic HTTP controls like status codes, headers 

  17. 17. Demonstration Our first @RestController
  18. 18. Demonstration What about headers and status codes??
  19. 19. @starbuxman The Richardson Maturity Model 
 
 Level 3: Hypermedia Controls (aka, HATEOAS)
 http://martinfowler.com/articles/richardsonMaturityModel.html No a priori knowledge of service required
 Navigation options are provided by service and hypermedia controls
 
 Promotes longevity through a uniform interface
 

  20. 20. @starbuxman Links provide possible navigations from a given resource ! Links are dynamic, based on resource state. ! <link href=“http://...:8080/users/232/customers” 
 rel= “customers”/>
  21. 21. Demonstration Working with Hypermedia and 
 Spring HATEOAS
  22. 22. @starbuxman Security is hard. Don’t reinvent the wheel! ! Things to worry about when developing web applications? EVERYTHING ! (cross-site scripting, session fixation, identification, authorization, and authentication, encryption, and SO much more.)
  23. 23. @starbuxman Usernames and Passwords ! If you can trust the client to keep a secret like a password, then it can send the password using: 
 ...HTTP Basic - passwords are sent plaintext! ... HTTP Digest - hashed passwords, but still plaintext. 
 SSL/TLS encryption helps prevent man-in-the-middle attacks
  24. 24. @starbuxman Tim Bray says: Passwords don’t scale ! Too easy to compromise. ! Updating all your clients whenever you change your password would be a nightmare! !
  25. 25. @starbuxman OAuth is a way for one (automated) client to securely identify itself to another service ! Assumes a user context: ! “I authorize $CLIENTX to act on $USER_Y’s behalf” ! OAuth is a way of authorizing a client with particular access (scopes) !
  26. 26. @starbuxman
  27. 27. @starbuxman
  28. 28. @starbuxman
  29. 29. Demonstration OAuth
  30. 30. @starbuxman So, SSL/TLS is...? ! an implementation of public key cryptography: ! ! ! public key cryptography only works because we all agree to trust well known root CAs so trust! wow
  31. 31. @starbuxman SSL/TLS is used routinely to verify the identify of servers. ! Normally, the client confirms the server, but the server rarely requires the client to transmit a certificate. ! It’s easy enough to setup SSL/TLS on your web server. !
  32. 32. @starbuxman from “Release It!”: feature complete != production ready ! A microservice needs to be able to slot into a system’s monitoring, management, and other infrastructure ! How do you add health checks? ! JMX support? Analytics like Graphite?
  33. 33. Demonstration Designing (or configuring!) for production
  34. 34. @starbuxman What about routing? Load balancing? Enter the smart service host, or, PaaS ! You don’t want to handle this in your code. ! You could build a platform that handles these things for you like Netflix, Foursquare, eBay, Google and others did. ! Or you could simply use a Platform-as-a-Service, like 
 Cloud Foundry, Heroku, OpenShift, or Azure SPRING WORKS WELL IN THE CLOUD
  35. 35. @starbuxman Questions? References spring.io github.com/joshlong/bookmarks github.com/joshlong/boot-it-up github.com/joshlong/boot-examples docs.spring.io/spring-boot/ ! Josh Long (⻰龙之春) @starbuxman jlong@gopivotal.com slideshare.net/joshlong github.com/joshlong http://spring.io

×