Cloud Native Spring in Action

Cloud Native Spring in Action

by Thomas Vitale
Released January 2023
Publisher(s): Manning Publications
ISBN: 9781617298424

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Build and deliver production-grade cloud-native apps with Spring framework and Kubernetes.

In Cloud Native Spring in Action you’ll learn:

  • Cloud native best practices and design patterns
  • Build and test cloud native apps with Spring Boot and Spring Cloud
  • Handle security, resilience, and scalability in imperative and reactive applications
  • Configure, deploy, and observe applications on Kubernetes
  • Continuous delivery and GitOps to streamline your software lifecycle

Cloud Native Spring in Action is a practical guide to building applications that are designed for cloud environments. You’ll learn effective Spring and Kubernetes cloud development techniques that you can immediately apply to enterprise-grade applications. Follow a detailed and complete cloud native system from first concept right through to production and deployment, learning best practices, design patterns, and little-known tips and tricks for pain-free cloud native development. Including coverage of security, continuous delivery, and configuration, this hands-on guide is the perfect primer for navigating the increasingly complex cloud landscape.

About the Technology
Do you want to learn how to build scalable, resilient, and observable Spring applications that take full advantage of the cloud computing model? If so, Cloud Native Spring in Action is the book for you! It will teach you the essential techniques and practices you need to build efficient Spring Boot applications ready for production in the cloud.

About the Book
In Cloud Native Spring in Action, you’ll learn how to containerize your Spring Boot applications with Cloud Native Buildpacks and deploy them on Kubernetes. This practical guide delivers unique insights into hosting microservices, serverless applications, and other modern architectures on cloud platforms. You’ll learn how to use Spring-based methodologies, practices, and patterns that you won’t find anywhere else.

What's Inside
  • Implement cloud native patterns with Spring
  • Handle security, resilience, and scalability
  • Build and test imperative and reactive applications
  • Configuration and observability on Kubernetes
  • Adopt continuous delivery and GitOps


About the Reader
For intermediate Java developers.

About the Author
Thomas Vitale is a software engineer, open source contributor, and international conference speaker.

Quotes
This book is fantastic. It’s brimming with valuable ideas couched in evident, profound experience. I will be pointing people to this book for the foreseeable future.
- From the Foreword by Josh Long, Spring Developer Advocate, VMware

One of the best I’ve read. I now feel qualified to begin moving applications to a cloud-native architecture.
- Steve Rogers, CGTek

An essential resource for creating the next generation of enterprise apps.
- Conor Redmond, InComm Payments

A welcome collection of insights on building and deploying microservices across various domains.
- George Thomas, Manhattan Associates

Table of contents

  1. Cloud Native Spring in Action
  2. Copyright
  3. dedication
  4. contents
  5. front matter
    1. foreword
    2. preface
    3. acknowledgments
    4. about this book
      1. Who should read this book?
      2. How this book is organized: A road map
      3. About the code
      4. liveBook discussion forum
      5. Other online resources
    5. about the author
    6. about the cover illustration
  6. Part 1 Cloud native fundamentals
  7. 1 Introduction to cloud native
    1. 1.1 What is cloud native?
      1. 1.1.1 The Three Ps of Cloud Native
    2. 1.2 The cloud and the cloud computing model
      1. 1.2.1 Infrastructure as a Service (IaaS)
      2. 1.2.2 Container as a Service (CaaS)
      3. 1.2.3 Platform as a Service (PaaS)
      4. 1.2.4 Function as a Service (FaaS)
      5. 1.2.5 Software as a Service (SaaS)
    3. 1.3 Properties of cloud native applications
      1. 1.3.1 Scalability
      2. 1.3.2 Loose coupling
      3. 1.3.3 Resilience
      4. 1.3.4 Observability
      5. 1.3.5 Manageability
    4. 1.4 Culture and practices supporting cloud native
      1. 1.4.1 Automation
      2. 1.4.2 Continuous delivery
      3. 1.4.3 DevOps
    5. 1.5 Is the cloud your best option?
      1. 1.5.1 Speed
      2. 1.5.2 Resilience
      3. 1.5.3 Scale
      4. 1.5.4 Cost
    6. 1.6 Cloud native topologies
      1. 1.6.1 Containers
      2. 1.6.2 Orchestration
      3. 1.6.3 Serverless
    7. 1.7 Architectures for cloud native applications
      1. 1.7.1 From multi-tiered to microservices architectures and beyond
      2. 1.7.2 Service-based architecture for cloud native applications
    8. Summary
  8. 2 Cloud native patterns and technologies
    1. 2.1 Cloud native development principles: 12 Factors and beyond
      1. 2.1.1 One codebase, one application
      2. 2.1.2 API first
      3. 2.1.3 Dependency management
      4. 2.1.4 Design, build, release, run
      5. 2.1.5 Configuration, credentials, and code
      6. 2.1.6 Logs
      7. 2.1.7 Disposability
      8. 2.1.8 Backing services
      9. 2.1.9 Environment parity
      10. 2.1.10 Administrative processes
      11. 2.1.11 Port binding
      12. 2.1.12 Stateless processes
      13. 2.1.13 Concurrency
      14. 2.1.14 Telemetry
      15. 2.1.15 Authentication and authorization
    2. 2.2 Building cloud native applications with Spring
      1. 2.2.1 Overview of the Spring landscape
      2. 2.2.2 Building a Spring Boot application
    3. 2.3 Containerizing applications with Docker
      1. 2.3.1 Introducing Docker: Images and containers
      2. 2.3.2 Running a Spring application as a container
    4. 2.4 Managing containers with Kubernetes
      1. 2.4.1 Introducing Kubernetes: Deployments, Pods, and Services
      2. 2.4.2 Running a Spring application on Kubernetes
    5. 2.5 Polar Bookshop: A cloud native application
      1. 2.5.1 Understanding the requirements of the system
      2. 2.5.2 Exploring patterns and technologies used in the project
    6. Summary
  9. Part 2 Cloud native development
  10. 3 Getting started with cloud native development
    1. 3.1 Bootstrapping a cloud native project
      1. 3.1.1 One codebase, one application
      2. 3.1.2 Dependency management with Gradle and Maven
    2. 3.2 Working with embedded servers
      1. 3.2.1 Executable JARs and embedded servers
      2. 3.2.2 Understanding the thread-per-request model
      3. 3.2.3 Configuring the embedded Tomcat
    3. 3.3 Building a RESTful application with Spring MVC
      1. 3.3.1 REST API first, business logic later
      2. 3.3.2 Implementing a REST API with Spring MVC
      3. 3.3.3 Data validation and error handling
      4. 3.3.4 Evolving APIs for future requirements
    4. 3.4 Testing a RESTful application with Spring
      1. 3.4.1 Unit tests with JUnit 5
      2. 3.4.2 Integration tests with @SpringBootTest
      3. 3.4.3 Testing REST controllers with @WebMvcTest
      4. 3.4.4 Testing the JSON serialization with @JsonTest
    5. 3.5 Deployment pipeline: Build and test
      1. 3.5.1 Understanding the commit stage of the deployment pipeline
      2. 3.5.2 Implementing the commit stage with GitHub Actions
    6. Summary
  11. 4 Externalized configuration management
    1. 4.1 Configuration in Spring: Properties and profiles
      1. 4.1.1 Properties: Key/value pairs for configuration
      2. 4.1.2 Profiles: Feature flags and configuration groups
    2. 4.2 Externalized configuration: One build, multiple configurations
      1. 4.2.1 Configuring an application through command-line arguments
      2. 4.2.2 Configuring an application through JVM system properties
      3. 4.2.3 Configuring an application through environment variables
    3. 4.3 Centralized configuration management with Spring Cloud Config Server
      1. 4.3.1 Using Git to store your configuration data
      2. 4.3.2 Setting up a configuration server
      3. 4.3.3 Making the configuration server resilient
      4. 4.3.4 Understanding the configuration server REST API
    4. 4.4 Using a configuration server with Spring Cloud Config Client
      1. 4.4.1 Setting up a configuration client
      2. 4.4.2 Making the configuration client resilient
      3. 4.4.3 Refreshing configuration at runtime
    5. Summary
  12. 5 Persisting and managing data in the cloud
    1. 5.1 Databases for cloud native systems
      1. 5.1.1 Data services in the cloud
      2. 5.1.2 Running PostgreSQL as a container
    2. 5.2 Data persistence with Spring Data JDBC
      1. 5.2.1 Connecting to a database with JDBC
      2. 5.2.2 Defining persistent entities with Spring Data
      3. 5.2.3 Enabling and configuring JDBC auditing
      4. 5.2.4 Data repositories with Spring Data
    3. 5.3 Testing data persistence with Spring and Testcontainers
      1. 5.3.1 Configuring Testcontainers for PostgreSQL
      2. 5.3.2 Testing data persistence with @DataJdbcTest and Testcontainers
      3. 5.3.3 Integration tests with @SpringBootTest and Testcontainers
    4. 5.4 Managing databases in production with Flyway
      1. 5.4.1 Understanding Flyway: Version control for your database
      2. 5.4.2 Initializing a database schema with Flyway
      3. 5.4.3 Evolving a database with Flyway
    5. Summary
  13. 6 Containerizing Spring Boot
    1. 6.1 Working with container images on Docker
      1. 6.1.1 Understanding container images
      2. 6.1.2 Creating images with Dockerfiles
      3. 6.1.3 Publishing images on GitHub Container Registry
    2. 6.2 Packaging Spring Boot applications as container images
      1. 6.2.1 Preparing Spring Boot for containerization
      2. 6.2.2 Containerizing Spring Boot with Dockerfiles
      3. 6.2.3 Building container images for production
      4. 6.2.4 Containerizing Spring Boot with Cloud Native Buildpacks
    3. 6.3 Managing Spring Boot containers with Docker Compose
      1. 6.3.1 Using Docker Compose to manage the container life cycle
      2. 6.3.2 Debugging Spring Boot containers
    4. 6.4 Deployment pipeline: Package and publish
      1. 6.4.1 Building release candidates in the commit stage
      2. 6.4.2 Publishing container images with GitHub Actions
    5. Summary
  14. 7 Kubernetes fundamentals for Spring Boot
    1. 7.1 Moving from Docker to Kubernetes
      1. 7.1.1 Working with a local Kubernetes cluster
      2. 7.1.2 Managing data services in a local cluster
    2. 7.2 Kubernetes Deployments for Spring Boot
      1. 7.2.1 From containers to Pods
      2. 7.2.2 Controlling Pods with Deployments
      3. 7.2.3 Creating a Deployment for a Spring Boot application
    3. 7.3 Service discovery and load balancing
      1. 7.3.1 Understanding service discovery and load balancing
      2. 7.3.2 Client-side service discovery and load balancing
      3. 7.3.3 Server-side service discovery and load balancing
      4. 7.3.4 Exposing Spring Boot applications with Kubernetes Services
    4. 7.4 Scalability and disposability
      1. 7.4.1 Ensuring disposability: Fast startup
      2. 7.4.2 Ensuring disposability: Graceful shutdown
      3. 7.4.3 Scaling Spring Boot applications
    5. 7.5 Local Kubernetes development with Tilt
      1. 7.5.1 Inner development loop with Tilt
      2. 7.5.2 Visualizing your Kubernetes workloads with Octant
    6. 7.6 Deployment pipeline: Validate Kubernetes manifests
      1. 7.6.1 Validating Kubernetes manifests in the commit stage
      2. 7.6.2 Automating Kubernetes manifests validation with GitHub Actions
    7. Summary
  15. Part 3 Cloud native distributed systems
  16. 8 Reactive Spring: Resilience and scalability
    1. 8.1 Asynchronous and non-blocking architectures with Reactor and Spring
      1. 8.1.1 From thread-per-request to event loop
      2. 8.1.2 Project Reactor: Reactive streams with Mono and Flux
      3. 8.1.3 Understanding the Spring reactive stack
    2. 8.2 Reactive servers with Spring WebFlux and Spring Data R2DBC
      1. 8.2.1 Bootstrapping a reactive application with Spring Boot
      2. 8.2.2 Persisting data reactively with Spring Data R2DBC
      3. 8.2.3 Implementing the business logic with reactive streams
      4. 8.2.4 Exposing a REST API with Spring WebFlux
    3. 8.3 Reactive clients with Spring WebClient
      1. 8.3.1 Service-to-service communication in Spring
      2. 8.3.2 Understanding how to exchange data
      3. 8.3.3 Implementing REST clients with WebClient
    4. 8.4 Resilient applications with Reactive Spring
      1. 8.4.1 Timeouts
      2. 8.4.2 Retries
      3. 8.4.3 Fallbacks and error handling
    5. 8.5 Testing reactive applications with Spring, Reactor, and Testcontainers
      1. 8.5.1 Testing REST clients with a mock web server
      2. 8.5.2 Testing data persistence with @DataR2dbcTest and Testcontainers
      3. 8.5.3 Testing REST controllers with @WebFluxTest
    6. Summary
  17. 9 API gateway and circuit breakers
    1. 9.1 Edge servers and Spring Cloud Gateway
      1. 9.1.1 Bootstrapping an edge server with Spring Cloud Gateway
      2. 9.1.2 Defining routes and predicates
      3. 9.1.3 Processing requests and responses through filters
    2. 9.2 Fault tolerance with Spring Cloud Circuit Breaker and Resilience4J
      1. 9.2.1 Introducing circuit breakers with Spring Cloud Circuit Breaker
      2. 9.2.2 Configuring a circuit breaker with Resilience4J
      3. 9.2.3 Defining fallback REST APIs with Spring WebFlux
      4. 9.2.4 Combining circuit breakers, retries, and time limiters
    3. 9.3 Request rate limiting with Spring Cloud Gateway and Redis
      1. 9.3.1 Running Redis as a container
      2. 9.3.2 Integrating Spring with Redis
      3. 9.3.3 Configuring a request rate limiter
    4. 9.4 Distributed session management with Redis
      1. 9.4.1 Handling sessions with Spring Session Data Redis
    5. 9.5 Managing external access with Kubernetes Ingress
      1. 9.5.1 Understanding Ingress API and Ingress Controller
      2. 9.5.2 Working with Ingress objects
    6. Summary
  18. 10 Event-driven applications and functions
    1. 10.1 Event-driven architectures
      1. 10.1.1 Understanding the event-driven models
      2. 10.1.2 Using the pub/sub model
    2. 10.2 Message brokers with RabbitMQ
      1. 10.2.1 Understanding AMQP for messaging systems
      2. 10.2.2 Using RabbitMQ for publish/subscribe communications
    3. 10.3 Functions with Spring Cloud Function
      1. 10.3.1 Using the functional paradigm in Spring Cloud Function
      2. 10.3.2 Composing and integrating functions: REST, serverless, data streams
      3. 10.3.3 Writing integration tests with @FunctionalSpringBootTest
    4. 10.4 Processing messages with Spring Cloud Stream
      1. 10.4.1 Configuring the integration with RabbitMQ
      2. 10.4.2 Binding functions to message channels
      3. 10.4.3 Writing integration tests with a test binder
      4. 10.4.4 Making messaging resilient to failures
    5. 10.5 Producing and consuming messages with Spring Cloud Stream
      1. 10.5.1 Implementing event consumers, and the problem of idempotency
      2. 10.5.2 Implementing event producers, and the problem of atomicity
    6. Summary
  19. 11 Security: Authentication and SPA
    1. 11.1 Understanding the Spring Security fundamentals
    2. 11.2 Managing user accounts with Keycloak
      1. 11.2.1 Defining a security realm
      2. 11.2.2 Managing users and roles
    3. 11.3 Authentication with OpenID Connect, JWT, and Keycloak
      1. 11.3.1 Authenticating users with OpenID Connect
      2. 11.3.2 Exchanging user information with JWT
      3. 11.3.3 Registering an application in Keycloak
    4. 11.4 Authenticating users with Spring Security and OpenID Connect
      1. 11.4.1 Adding the new dependencies
      2. 11.4.2 Configuring the integration between Spring Security and Keycloak
      3. 11.4.3 Basic Spring Security configuration
      4. 11.4.4 Inspecting the authenticated user context
      5. 11.4.5 Configuring user logout in Spring Security and Keycloak
    5. 11.5 Integrating Spring Security with SPAs
      1. 11.5.1 Running an Angular application
      2. 11.5.2 Controlling the authentication flow
      3. 11.5.3 Protecting against Cross-Site Request Forgery
    6. 11.6 Testing Spring Security and OpenID Connect
      1. 11.6.1 Testing OIDC authentication
      2. 11.6.2 Testing CSRF
    7. Summary
  20. 12 Security: Authorization and auditing
    1. 12.1 Authorization and roles with Spring Cloud Gateway and OAuth2
      1. 12.1.1 Token relay from Spring Cloud Gateway to other services
      2. 12.1.2 Customizing tokens and propagating user roles
    2. 12.2 Protecting APIs with Spring Security and OAuth2 (imperative)
      1. 12.2.1 Securing Spring Boot as an OAuth2 Resource Server
      2. 12.2.2 Role-based access control with Spring Security and JWT
      3. 12.2.3 Testing OAuth2 with Spring Security and Testcontainers
    3. 12.3 Protecting APIs with Spring Security and OAuth2 (reactive)
      1. 12.3.1 Securing Spring Boot as an OAuth2 Resource Server
      2. 12.3.2 Testing OAuth2 with Spring Security and Testcontainers
    4. 12.4 Protecting and auditing data with Spring Security and Spring Data
      1. 12.4.1 Auditing data with Spring Security and Spring Data JDBC
      2. 12.4.2 Testing data auditing with Spring Data and @WithMockUser
      3. 12.4.3 Protecting user data with Spring Security and Spring Data R2DBC
      4. 12.4.4 Testing data auditing and protection with @WithMockUser and Spring Data R2DBC
    5. Summary
  21. Part 4 Cloud native production
  22. 13 Observability and monitoring
    1. 13.1 Logging with Spring Boot, Loki, and Fluent Bit
      1. 13.1.1 Logging with Spring Boot
      2. 13.1.2 Managing logs with Loki, Fluent Bit, and Grafana
    2. 13.2 Health probes with Spring Boot Actuator and Kubernetes
      1. 13.2.1 Defining health probes for Spring Boot applications using Actuator
      2. 13.2.2 Configuring health probes in Spring Boot and Kubernetes
    3. 13.3 Metrics and monitoring with Spring Boot Actuator, Prometheus, and Grafana
      1. 13.3.1 Configuring metrics with Spring Boot Actuator and Micrometer
      2. 13.3.2 Monitoring metrics with Prometheus and Grafana
      3. 13.3.3 Configuring Prometheus metrics in Kubernetes
    4. 13.4 Distributed tracing with OpenTelemetry and Tempo
      1. 13.4.1 Managing traces with Tempo and Grafana
      2. 13.4.2 Configuring tracing in Spring Boot with OpenTelemetry
    5. 13.5 Application management and monitoring with Spring Boot Actuator
      1. 13.5.1 Monitoring Flyway migrations in Spring Boot
      2. 13.5.2 Exposing application information
      3. 13.5.3 Generating and analyzing heap dumps
    6. Summary
  23. 14 Configuration and secrets management
    1. 14.1 Configuring applications on Kubernetes
      1. 14.1.1 Securing the configuration server with Spring Security
      2. 14.1.2 Refreshing configuration at runtime with Spring Cloud Bus
      3. 14.1.3 Managing secrets with Spring Cloud Config
      4. 14.1.4 Disabling Spring Cloud Config
    2. 14.2 Using ConfigMaps and Secrets in Kubernetes
      1. 14.2.1 Configuring Spring Boot with ConfigMaps
      2. 14.2.2 Storing sensitive information with Secrets (or not)
      3. 14.2.3 Refreshing configuration at runtime with Spring Cloud Kubernetes
    3. 14.3 Configuration management with Kustomize
      1. 14.3.1 Using Kustomize to manage and configure Spring Boot applications
      2. 14.3.2 Managing Kubernetes configuration for multiple environments with Kustomize
      3. 14.3.3 Defining a configuration overlay for staging
      4. 14.3.4 Customizing environment variables
      5. 14.3.5 Customizing ConfigMaps
      6. 14.3.6 Customizing image name and version
      7. 14.3.7 Customizing the number of replicas
    4. Summary
  24. 15 Continuous delivery and GitOps
    1. 15.1 Deployment pipeline: Acceptance stage
      1. 15.1.1 Versioning release candidates for continuous delivery
      2. 15.1.2 Understanding the acceptance stage of the deployment pipeline
      3. 15.1.3 Implementing the acceptance stage with GitHub Actions
    2. 15.2 Configuring Spring Boot for production
      1. 15.2.1 Defining a configuration overlay for production
      2. 15.2.2 Configuring CPU and memory for Spring Boot containers
      3. 15.2.3 Deploying Spring Boot in production
    3. 15.3 Deployment pipeline: Production stage
      1. 15.3.1 Understanding the production stage of the deployment pipeline
      2. 15.3.2 Implementing the production stage with GitHub Actions
    4. 15.4 Continuous deployment with GitOps
      1. 15.4.1 Implementing GitOps with Argo CD
      2. 15.4.2 Putting it all together
    5. Summary
  25. 16 Serverless, GraalVM, and Knative
    1. 16.1 Native images with Spring Native and GraalVM
      1. 16.1.1 Understanding GraalVM and native images
      2. 16.1.2 Introducing GraalVM support for Spring Boot with Spring Native
      3. 16.1.3 Compiling Spring Boot applications as native images
    2. 16.2 Serverless applications with Spring Cloud Function
      1. 16.2.1 Building serverless applications with Spring Cloud Function
      2. 16.2.2 Deployment pipeline: Build and publish
      3. 16.2.3 Deploying serverless applications on the cloud
    3. 16.3 Deploying serverless applications with Knative
      1. 16.3.1 Setting up a local Knative platform
      2. 16.3.2 Deploying applications with the Knative CLI
      3. 16.3.3 Deploying applications with the Knative manifests
    4. Summary
  26. Appendix A Setting up your development environment
    1. A.1 Java
    2. A.2 Docker
    3. A.3 Kubernetes
    4. A.4 Other tools
      1. A.4.1 HTTPie
      2. A.4.2 Grype
      3. A.4.3 Tilt
      4. A.4.4 Octant
      5. A.4.5 Kubeval
      6. A.4.6 Knative CLI
  27. Appendix B Kubernetes in production with DigitalOcean
    1. B.1 Running a Kubernetes cluster on DigitalOcean
    2. B.2 Running a PostgreSQL database on DigitalOcean
    3. B.3 Running Redis on DigitalOcean
    4. B.4 Running RabbitMQ using a Kubernetes Operator
    5. B.5 Running Keycloak using a Helm chart
    6. B.6 Running Polar UI
    7. B.7 Deleting all cloud resources
  28. index

Product information

  • Title: Cloud Native Spring in Action
  • Author(s): Thomas Vitale
  • Release date: January 2023
  • Publisher(s): Manning Publications
  • ISBN: 9781617298424