One of the major task of DevOps is a speedy delivery of Microservice into production. The major objective of QA and Testing is to find as many bugs as possible. Fixing these bugs slows down the delivery. The article describes this conflict in details, outlines problems in testing articulated by Mr Martin Fowler, proposes additional tests and explains how to improve quality of the released Microservices.
The task addressed in the article is about protecting Microservice’s functionality and resources in the inter-Microservice interactions. Known techniques like OpenID Connects, JWT and OAuth2 were reviewed from the perspective of Microservice interactions. It has been found that these techniques cannot be applied as-is to the Microservices either because unanswered questions to them or because of doubtful trustfulness of related workflows.
The article proposes two protective methods for Microservice (or service) that have sensitive functionality and/or resources. While the Basic Protection Method is just a classic identity verification and following access permission control, the method does not require single centralised Identity and Permission Authorities. The latter can be distributed as needed following the distribution of Microservice-based applications. The Closed Optimised Protection Method replaces Identity and Permission Authorities with Dependency Catalogue Service per application and provides full protection with performance comparable with OpenID-JWT/OAuth2.
People like rubbish because it is convenient… Almost a Fairy-Tale about Microservices Are We Clear about What is What? Let’s Expose the ‘Devil’ that is Sitting in Details Distortions 1 to 12 A First Glance on Modelling Distortionless Microservices Almost a Fairy-Tale about Microservices Once upon a time, technology was conquered by marketing buzz and […]
The article briefly observes new risks, pros and cons for REST, gRPC and GraphQL interfaces for API and Microservices.
Article discusses issues with modern light-weight testing applied via automation in DevOps practice and states that such testing is not necessarily enough for quality products, especially in the case of distribution in Cloud.
Published on August 16, 2019 It seems we cannot say explicitly that a Microservice is a Service. Here is a clear (to me) boundary between what Microservice implements and how it is used. At least, we know that Microservice is a small application realising the particular business function and providing a certain outcome. End of […]
Published on July 23, 2019 Part 1 CONTENT Business Case Does Compensating Transaction Compensate? DT Transaction Manager / Orchestrator Orchestrated DT over multiple MS DT Implementation Options (how to) Business Case For many years technology tries to resolve a contest between business operational logic needs and technology means available for the logic implementation. This race […]
Published on May 10, 2019 After several years of using Microservices, people still debate what would be the best or minimally sufficient logging mechanism for independently deployed and loosely-interacting autonomous Microservices. Nowadays, when DevOps are responsible not only for the fast development and deployment, but also are made liable for supporting produced Microservices, the perception […]
Published on July 9, 2019 “…back to the future”. Industry counts many different applications where components have to make automated decisions about something. Typical representatives of such applications are Workflows, Business Process Automation and alike. The values of gathered experience are significant and it would irrational to lose them only because developers use new technologies […]