book

Building Microservices, 2nd Edition

by Sam Newman

August 2021

Intermediate to advanced

612 pages

18h 45m

English

O'Reilly Media, Inc.

Book available

Read now

Unlock full access

Who Should Read This BookWhy I Wrote This BookWhat’s Changed Since the First Edition?Navigating This BookPart I, “Foundation”Part II, “Implementation”Part III, “People”Conventions Used in This BookO’Reilly Online LearningHow to Contact UsAcknowledgments
Microservices at a GlanceKey Concepts of MicroservicesIndependent DeployabilityModeled Around a Business DomainOwning Their Own StateSizeFlexibilityAlignment of Architecture and OrganizationThe MonolithThe Single-Process MonolithThe Modular MonolithThe Distributed MonolithMonoliths and Delivery ContentionAdvantages of MonolithsEnabling TechnologyLog Aggregation and Distributed TracingContainers and KubernetesStreamingPublic Cloud and ServerlessAdvantages of MicroservicesTechnology HeterogeneityRobustnessScalingEase of DeploymentOrganizational AlignmentComposabilityMicroservice Pain PointsDeveloper ExperienceTechnology OverloadCostReportingMonitoring and TroubleshootingSecurityTestingLatencyData ConsistencyShould I Use Microservices?Whom They Might Not Work ForWhere They Work WellSummary
Introducing MusicCorpWhat Makes a Good Microservice Boundary?Information HidingCohesionCouplingThe Interplay of Coupling and CohesionTypes of CouplingDomain CouplingPass-Through CouplingCommon CouplingContent CouplingJust Enough Domain-Driven DesignUbiquitous LanguageAggregateBounded ContextMapping Aggregates and Bounded Contexts to MicroservicesEvent StormingThe Case for Domain-Driven Design for MicroservicesAlternatives to Business Domain BoundariesVolatilityDataTechnologyOrganizationalMixing Models and ExceptionsSummary
Have a GoalIncremental MigrationThe Monolith Is Rarely the EnemyThe Dangers of Premature DecompositionWhat to Split First?Decomposition by LayerCode FirstData FirstUseful Decompositional PatternsStrangler Fig PatternParallel RunFeature ToggleData Decomposition ConcernsPerformanceData IntegrityTransactionsToolingReporting DatabaseSummary
From In-Process to Inter-ProcessPerformanceChanging InterfacesError HandlingTechnology for Inter-Process Communication: So Many ChoicesStyles of Microservice CommunicationMix and MatchPattern: Synchronous BlockingAdvantagesDisadvantagesWhere to Use ItPattern: Asynchronous NonblockingAdvantagesDisadvantagesWhere to Use ItPattern: Communication Through Common DataImplementationAdvantagesDisadvantagesWhere to Use ItPattern: Request-Response CommunicationImplementation: Synchronous Versus AsynchronousWhere to Use ItPattern: Event-Driven CommunicationImplementationWhat’s in an Event?Where to Use ItProceed with CautionSummary
Looking for the Ideal TechnologyMake Backward Compatibility EasyMake Your Interface ExplicitKeep Your APIs Technology AgnosticMake Your Service Simple for ConsumersHide Internal Implementation DetailTechnology ChoicesRemote Procedure CallsRESTGraphQLMessage BrokersSerialization FormatsTextual FormatsBinary FormatsSchemasStructural Versus Semantic Contract BreakagesShould You Use Schemas?Handling Change Between MicroservicesAvoiding Breaking ChangesExpansion ChangesTolerant ReaderRight TechnologyExplicit InterfaceCatch Accidental Breaking Changes EarlyManaging Breaking ChangesLockstep DeploymentCoexist Incompatible Microservice VersionsEmulate the Old InterfaceWhich Approach Do I Prefer?The Social ContractTracking UsageExtreme MeasuresDRY and the Perils of Code Reuse in a Microservice WorldSharing Code via LibrariesService DiscoveryDomain Name System (DNS)Dynamic Service RegistriesDon’t Forget the Humans!Service Meshes and API GatewaysAPI GatewaysService MeshesWhat About Other Protocols?Documenting ServicesExplicit SchemasThe Self-Describing SystemSummary
Database TransactionsACID TransactionsStill ACID, but Lacking Atomicity?Distributed Transactions—Two-Phase CommitsDistributed Transactions—Just Say NoSagasSaga Failure ModesImplementing SagasSagas Versus Distributed TransactionsSummary
A Brief Introduction to Continuous IntegrationAre You Really Doing CI?Branching ModelsBuild Pipelines and Continuous DeliveryToolingTrade-Offs and EnvironmentsArtifact CreationMapping Source Code and Builds to MicroservicesOne Giant Repo, One Giant BuildPattern: One Repository per Microservice (aka Multirepo)Pattern: MonorepoWhich Approach Would I Use?Summary

From Logical to PhysicalMultiple InstancesThe DatabaseEnvironmentsPrinciples of Microservice DeploymentIsolated ExecutionFocus on AutomationInfrastructure as Code (IAC)Zero-Downtime DeploymentDesired State ManagementDeployment OptionsPhysical MachinesVirtual MachinesContainersApplication ContainersPlatform as a Service (PaaS)Function as a Service (FaaS)Which Deployment Option Is Right for You?Kubernetes and Container OrchestrationThe Case for Container OrchestrationA Simplified View of Kubernetes ConceptsMultitenancy and FederationThe Cloud Native Computing FederationPlatforms and PortabilityHelm, Operators, and CRDs, Oh My!And KnativeThe FutureShould You Use It?Progressive DeliverySeparating Deployment from ReleaseOn to Progressive DeliveryFeature TogglesCanary ReleaseParallel RunSummary
Types of TestsTest ScopeUnit TestsService TestsEnd-to-End TestsTrade-OffsImplementing Service TestsMocking or StubbingA Smarter Stub ServiceImplementing (Those Tricky) End-to-End TestsFlaky and Brittle TestsWho Writes These End-to-End Tests?How Long Should End-to-End Tests Run?The Great Pile-UpThe MetaversionLack of Independent TestabilityShould You Avoid End-to-End Tests?Contract Tests and Consumer-Driven Contracts (CDCs)The Final WordDeveloper ExperienceFrom Preproduction to In-Production TestingTypes of In-Production TestingMaking Testing in Production SafeMean Time to Repair over Mean Time Between Failures?Cross-Functional TestingPerformance TestsRobustness TestsSummary
Disruption, Panic, and ConfusionSingle Microservice, Single ServerSingle Microservice, Multiple ServersMultiple Services, Multiple ServersObservability Versus MonitoringThe Pillars of Observability? Not So FastBuilding Blocks for ObservabilityLog AggregationMetrics AggregationDistributed TracingAre We Doing OK?AlertingSemantic MonitoringTesting in ProductionStandardizationSelecting ToolsDemocraticEasy to IntegrateProvide ContextReal-TimeSuitable for Your ScaleThe Expert in the MachineGetting StartedSummary
Core PrinciplesPrinciple of Least PrivilegeDefense in DepthAutomationBuild Security into the Delivery ProcessThe Five Functions of CybersecurityIdentifyProtectDetectRespondRecoverFoundations of Application SecurityCredentialsPatchingBackupsRebuildImplicit Trust Versus Zero TrustImplicit TrustZero TrustIt’s a SpectrumSecuring DataData in TransitData at RestAuthentication and AuthorizationService-to-Service AuthenticationHuman AuthenticationCommon Single Sign-On ImplementationsSingle Sign-On GatewayFine-Grained AuthorizationThe Confused Deputy ProblemCentralized, Upstream AuthorizationDecentralizing AuthorizationJSON Web TokensSummary
What Is Resiliency?RobustnessReboundGraceful ExtensibilitySustained AdaptabilityAnd Microservice ArchitectureFailure Is EverywhereHow Much Is Too Much?Degrading FunctionalityStability PatternsTime-OutsRetriesBulkheadsCircuit BreakersIsolationRedundancyMiddlewareIdempotencySpreading Your RiskCAP TheoremSacrificing ConsistencySacrificing AvailabilitySacrificing Partition Tolerance?AP or CP?It’s Not All or NothingAnd the Real WorldChaos EngineeringGame DaysProduction ExperimentsFrom Robustness to BeyondBlameSummary
The Four Axes of ScalingVertical ScalingHorizontal DuplicationData PartitioningFunctional DecompositionCombining ModelsStart SmallCachingFor PerformanceFor ScaleFor RobustnessWhere to CacheInvalidationThe Golden Rule of CachingFreshness Versus OptimizationCache Poisoning: A Cautionary TaleAutoscalingStarting AgainSummary
Toward DigitalOwnership ModelsDrivers for Dedicated Frontend TeamsToward Stream-Aligned TeamsSharing SpecialistsEnsuring ConsistencyWorking Through Technical ChallengesPattern: Monolithic FrontendWhen to Use ItPattern: Micro FrontendsImplementationWhen to Use ItPattern: Page-Based DecompositionWhere to Use ItPattern: Widget-Based DecompositionImplementationWhen to Use ItConstraintsPattern: Central Aggregating GatewayOwnershipDifferent Types of User InterfacesMultiple ConcernsWhen to Use ItPattern: Backend for Frontend (BFF)How Many BFFs?Reuse and BFFsBFFs for Desktop Web and BeyondWhen to UseGraphQLA Hybrid ApproachSummary
Loosely Coupled OrganizationsConway’s LawEvidenceTeam SizeUnderstanding Conway’s LawSmall Teams, Large OrganizationOn AutonomyStrong Versus Collective OwnershipStrong OwnershipCollective OwnershipAt a Team Level Versus an Organizational LevelBalancing ModelsEnabling TeamsCommunities of PracticeThe PlatformShared MicroservicesToo Hard to SplitCross-Cutting ChangesDelivery BottlenecksInternal Open SourceRole of the Core CommittersMaturityToolingPluggable, Modular MicroservicesChange ReviewsThe Orphaned ServiceCase Study: realestate.com.auGeographical DistributionConway’s Law in ReversePeopleSummary
What’s in a Name?What Is Software Architecture?Making Change PossibleAn Evolutionary Vision for the ArchitectDefining System BoundariesA Social ConstructHabitabilityA Principled ApproachStrategic GoalsPrinciplesPracticesCombining Principles and PracticesA Real-World ExampleGuiding an Evolutionary ArchitectureArchitecture in a Stream-Aligned OrganizationBuilding a TeamThe Required StandardMonitoringInterfacesArchitectural SafetyGovernance and the Paved RoadExemplarsTailored Microservice TemplateThe Paved Road at ScaleTechnical DebtException HandlingSummary
What Are Microservices?Moving to MicroservicesCommunication StylesWorkflowBuildDeploymentTestingMonitoring and ObservabilitySecurityResiliencyScalingUser InterfacesOrganizationArchitectureFurther ReadingLooking ForwardFinal Words

Overview

As organizations shift from monolithic applications to smaller, self-contained microservices, distributed systems have become more fine-grained. But developing these new systems brings its own host of problems. This expanded second edition takes a holistic view of topics that you need to consider when building, managing, and scaling microservices architectures.

Through clear examples and practical advice, author Sam Newman gives everyone from architects and developers to testers and IT operators a firm grounding in the concepts. You'll dive into the latest solutions for modeling, integrating, testing, deploying, and monitoring your own autonomous services. Real-world cases reveal how organizations today manage to get the most out of these architectures.

Microservices technologies continue to move quickly. This book brings you up to speed.

Get new information on user interfaces, container orchestration, and serverless
Align system design with your organization's goals
Explore options for integrating a service with your system
Understand how to independently deploy microservices
Examine the complexities of testing and monitoring distributed services
Manage security with expanded content around user-to-service and service-to-service models