book

PHP Microservices

Name: PHP Microservices
ISBN: 9781787125377

by Pablo Solar Vilariño, Carlos Pérez Sánchez

March 2017

Beginner to intermediate

392 pages

8h 19m

English

Packt Publishing

Read now

Unlock full access

PHP Microservices
PHP Microservices
Credits
About the Authors
About the Reviewer
www.PacktPub.com
Why subscribe?
Customer Feedback
Preface
What this book covers
What you need for this book
Who this book is for

Conventions
Reader feedback
Customer support
Downloading the example codeErrataPiracyQuestions
1. What are Microservices?
Monolithic versus microservices
Service Oriented Architectures versus microservices
Microservices characteristics
Successful casesDisadvantages of microservices
How to focus your development on microservices
Always create small logical black boxesNetwork latency is your hidden enemyAlways think about scalabilityUse a lightweight communication protocolUse queues to reduce a service load or make async executionsBe ready for the worst case scenarioEach service is different, so keep different repositories and build environments
Advantages of using PHP on microservices
A short history of PHPPHP milestonesVersion 4.xVersion 5.xVersion 6.xVersion 7.xAdvantagesDisadvantages
Summary
2. Development Environment
Design and architecture to build the basic platform for microservices
Requirements to start working on microservices
Docker installationInstalling Docker on macOSDocker for Mac (alias, native implementation) versus Docker toolboxMinimum requirementsDocker for Mac installation processInstalling Docker on LinuxCentOS/RHELMinimum requirementsInstalling Docker using yumPost-install setup - creating a Docker groupInstalling Docker on UbuntuMinimum requirementsInstalling Docker using aptCommon issues on UbuntuUFW forwardingDNS serverPost-install setup – creating a Docker groupStarting Docker on bootInstalling Docker on WindowsMinimum requirementsInstalling the Docker toolsHow to check your Docker engine, compose, and machine versionsQuick example to check your Docker installationCommon management tasks
Version control – Git versus SVN
GitHostingGitHubBitBucketVersion control strategiesCentralized workFeature branch workflowGitflow workflowForking workflowSemantic versioning
Setting up a development environment for microservices
Autodiscovery serviceMicroservice base core - NGINX and PHP-FPM
Frameworks for microservices
PHP-FIGPSR-7MessagesHeadersHost headerStreamsRequest targets and URIsServer-side requestsUploaded filesMiddlewareAvailable frameworksPhalconSlim frameworkLumenZend ExpressiveSilex (based on Symfony)
Summary
3. Application Design
Microservices structureMicroservice patternsAPI gatewayService discovery and registryShared database or database per serviceDatabase per serviceShared database
RESTful conventions
SecurityStandardsConsumer amenities
Caching strategy
General caching strategyHTTP cachingStatic files caching
Domain-driven design
How domain-driven design worksUsing domain-driver design in microservices
Event-driven architecture
Event-driven architecture in microservices
Continuous integration, continuous delivery, and tools
Continuous integration - CIWhat is continous integration?Benefits of CITools for continuous integrationContinuous delivery Benefits of continuous deliveryTools for a continuous delivery pipeline
Summary
4. Testing and Quality Control
The importance of using tests in your applicationTesting in microservices
Test-driven development
How to do TDD?Why should I use TDD?TDD algorithmRed - writing the unit testsGreen - make the code workRefactor - eliminate redundancy
Behavior-driven development
What is BDD?How does it work?Cucumber as DSL for BDD
Acceptance test-driven development
User storiesATDD algorithmDiscussDistillDevelopDemo
Tools
ComposerPHPUnitUnit testingRunning the testsAssertionsassertArrayHasKeyassertClassHasAttributeassertArraySubsetassertClassHasStaticAttributeassertContains()assertDirectory() and assertFile()assertString()assertRegExp()assertJson()Boolean assertionsType assertionsOther assertionsUnit testing from scratchBehatInstallationTest executionBehat example from scratchSeleniumSelenium WebDriverSelenium IDE
Summary
5. Microservices Development
Dependency management
Routing
PostmanMiddleware
Implementing a microservice call
Request life cycleCommunication between microservices with Guzzle
Database operations
Error handling
ValidationManage exceptions
Async and queue
Caching
Summary
6. Monitoring
Debugging and profilingWhat is debugging?What is profiling?Debugging and profiling in PHP with XdebugDebugging installationDebugging setupDebugging the outputProfiling installationProfiling setupAnalyzing the output file
Error handling
What is error handling?Why is error handling important?Challenges when managing error handling with microservicesBasic die() functionCustom error handlingReport methodRender methodError handling with Sentry
Application logs
Challenges in microservicesLogs in Lumen
Application monitoring
Monitoring by levelsApplication levelDatadogInfrastructure levelPrometheusWeave ScopeHardware/hypervisor monitoring
Summary
7. Security
Encryption in microservicesDatabase encryptionEncryption in MariaDBInnoDB encryptionPerformance overheadTSL/SSL protocolsHow the TSL/SSL protocol worksTSL/SSL terminationTSL/SSL with NGINX
Authentication
OAuth 2How to use OAuth 2 on LumenOAuth 2 installationSetupLet's try OAuth2JSON Web TokenHow to use JWT on LumenSetting up JWTLet's try JWT
Access Control List
What is ACL?How to use ACL
Security of the source code
Environment variablesExternal services
Tracking and monitoring
Best practices
File permissions and ownershipPHP execution locationsNever trust usersSQL injectionCross-site scripting XSSSession hijackingRemote filesPassword storagePassword policiesSource code revelationDirectory traversal
Summary
8. Deployment
Dependency managementComposer require-devThe .gitignore fileVendor folderDeployment workflowsVendor folder on repositoryComposer in productionFrontend dependenciesGruntGulpSASSBower
Deploy automation
Simple PHP scriptAnsible and AnsistranoAnsible requirementsAnsible installationWhat is Ansistrano?How does Ansistrano work?Deploying with AnsistranoOther deployment tools
Advanced deployment techniques
Continuous integration with JenkinsBlue/Green deploymentCanary releasesImmutable infrastructure
Backup strategies
What is backup?Why is it important?What and where we need to back upBackup typesFull backupIncremental and differential backupsBackup toolsBaculaPercona xtrabackupCustom scriptsValidating backupsBe ready for the apocalypse
Summary
9. From Monolithic to Microservices
Refactor strategiesStop divingDivide frontend and backendExtraction servicesHow to extract a module
Tutorial: From monolithic to microservices
Stop divingDivide frontend and backendExtraction services
Summary
10. Strategies for Scalability
Capacity planningKnowing the limits of your applicationAvailability math
Load testing
Apache JMeterInstalling Apache JMeterExecuting load tests with Apache JMeterLoad testing with ArtilleryInstalling ArtilleryExecuting loading tests with ArtilleryCreating Artillery scriptsAdvanced scriptingLoad testing with siegeInstalling siege on RHEL, CentOS, and similar operating systemsInstalling siege on Debian or UbuntuInstalling siege on other OSQuick siege example
Scalability plan
Step #0Step #1Step #2Step #3Step #4Step #5
Summary
11. Best Practices and Conventions
Code versioning best practices
Caching best practices
Performance impactHandle cache missesGroup requestsSize of elements to be stored in cacheMonitor your cacheChoose your cache algorithm carefully
Performance best practices
Minimize HTTP requestsMinimize HTML, CSS, and JavaScriptImage optimizationUse spritesUse lossless image compressionScale your imagesUse data URIsCache, cache, and more cacheAvoid bad requestsUse Content Delivery Networks (CDNs)
Dependency management
Semantic versioning
How semantic versioning worksSemantic versioning in actionWe have been told to add a new feature to the projectWe have been told that there is a bug in our projectWe have been asked for a big change
Error handling
Client request successfulRequest redirectedClient request incompleteServer errors
Coding practices
Dealing with stringsSingle quotes versus double quotesSpaces versus tabsRegular expressionsConnection and queries to a databaseUsing the === operator
Working with release branches
Quick example
Summary
12. Cloud and DevOps
What is Cloud?Autoscalable and elasticLower management effortsCheaperGrow fasterTime to market
Select your Cloud provider
Amazon Web Services (AWS)Microsoft AzureRackspaceDigitalOceanJoyentGoogle Compute Engine
Deploying your application to the Cloud
Docker SwarmInstalling Docker SwarmAdding services to our SwarmScaling your services in SwarmApache Mesos and DC/OSKubernetesDeploying to Joyent Triton
What is DevOps?
Summary

Content preview from PHP Microservices

Best practices

As with any other part of the application, when you are dealing with security, there are some well-known best practices you need to follow or at least be aware of to avoid future issues. Here, you can find the most common ones related to web development.

File permissions and ownership

One of the most basic security mechanisms is file/folder permissions and ownership. Assuming that you are working on a Linux/Unix system, the main recommendation is to assign the ownership of your source code to the web server or PHP engine user. Regarding file permissions, you should be using the following setting:

500 permissions for directories (dr-x------): This setting prevents any accidental deletion or modification of files in the directory.
400 ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781787125377

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

PHP Microservices

by Pablo Solar Vilariño, Carlos Pérez Sánchez

Best practices

File permissions and ownership

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.