Implementing Microservices on AWS (2019)

Microservices are a combination of various successful and proven concepts such as:

  • Agile software development
  • Service-oriented architectures
  • API-first design
  • Continuous Integration/Continuous Delivery (CI/CD)

Serverless operational model tenets:

  • No infrastructure to provision or manage
  • Automatically scaling by unit of consumption
  • “Pay for value” billing model
  • Built-in availability and fault tolerance

Simple Microservices Architecture on AWS

User Interface

  • Often use JavaScript, single-page application
  • Communicates with a REST / RESTful API
  • Static web content can be served using Amazon S3 / Amazon CloudFront
  • CDN reduces client/server latency

Microservices

  • APIs serve as an entry point for applications logic
  • Typically RESTful web services API
  • Traffic management, request filtering, routing, caching, authentication, and authorization

Microservices Implementation

  • AWS Lambda
  • AWS Elastic Container Service (ECS)
    • AWS Fargate (Docker containers) - run serverless containers
  • AWS Elastic Kubernetes Service (EKS)

Private Links

  • Allow you to privately connect your VPC to supported AWS services

Data Store

  • Amazon ElastiCache
  • Amazon Aurora, Amazon RDS
  • Amazon DynamoDB
    • DynamoDB Accelerator (DAX)

Reducing Operational Complexity

Amazon API Gateway:

  • Create your APIs programmatically by importing swagger definitions, using AWS API or AWS Management Console
  • Serves as a front door for any web application running on EC2, ECS, Lambda, or any on-premises environment
  • Fully managed API service
  • Integrated with CloudFront
  • Supports Custom Domains
  • Serverless, eliminates operational complexity
  • Tightly integrated with Lambda
  • Can be deployed using AWS CloudFormation
    • AWS Serverless Application Model (AWS SAM) is a convenient way to define serverless applications

Distributed Systems Components

Service Discovery

DNS-Based Service Discovery

  • Amazon ECS creates and manages a registry of service names using Route 53 Auto Naming API
  • Names are automatically mapped to a set of DNS records
  • Services can communicate with each other using service discovery names
  • Use unified service discovery for services managed by Kubernetes
  • Use AWS CloudMap for extended capabilities, e.g. service registry for IPs, URLs, ARNs, with faster change propagation and the ability to use attributes to narrow down the set of discovered resources

Service Discovery using Third-Party Software

  • HashiCorp Consul
  • etcd
  • Netflix Eureka

Service Meshes

  • Additional layer for handling inter-service communication
  • Responsible for monitoring and controlling traffic in microservice architectures
  • AWS App Mesh
    • Provides application-level networking
    • Make it easy for your services to communicate
    • Standardizes how your services communicate
    • Gives you end-to-end visibility and ensuring high availability for you applications
    • Can be used with Fargate, ECS, EKS

Distributed Data Management

  • Each microservice component should have its own data persistence layer
  • Distributed microservices architectures inherently trade off consistency for performance
  • Need to embrace eventual consistency
  • Distributed Saga pattern helps avoid partial executions by orchestrating compensating transactions that undo the changes that were made by the preceding transactions
  • AWS Step Functions can help in implementing Saga execution coordinator
  • Event Sourcing pattern can be used when state changes affect more than a single microservice
    • Represent and persist every application change as an event record
    • State can be reconstructed for any point in time
    • Enables decoupling different parts of an application by using a publish/subscribe pattern
    • Frequently used in conjunction with CQRS

Asynchronous Communication and Lightweight Messaging

REST-based Communication

  • Over HTTP/S protocol
  • Stateless communication, uniform interfaces, and standard methods
  • Use API Gateway
  • GET, POST, PUT request methods
  • Application can be deployed to different stages and can be versioned

Asynchronous Messaging and Event Passing

  • Messaging passing pattern via queue
  • Possible combination of Amazon SQS and Amazon SNS
    • SNS can push a message to multiple subscribers, through push mechanism
  • Amazon MQ can be another solution
    • Protocols supported: JMS, NMS, AMQP, STOMP, MQTT, and WebSocket
    • Managed service for ActiveMQ

Orchestration and State Management

  • Avoid adding orchestration code into the service directly - will introduce tighter coupling and make it harder to replace individual services
  • Use Step Functions to build applications from individual components that each perform a discrete function

Distributed Monitoring

  • Use Amazon CloudWatch to collection logs and build metrics for monitoring
  • Popular choice for Amazon EKS - Prometheus, often used in combination with Grafana to visualize the collected metrics
  • EC2 instance have a daemon to send logs to EC2
  • AWS ECS includes support for awslogs log driver that allow centralization of container logs to CloudWatch Logs
  • AWS KES forwards logs using FluentD to a centralized logging CloudWatch Logs, combined for higher level reporting using Elasticsearch and Kibana
  • Amazon Athena can be used to run ad hoc queries against centralized log files in Amazon S3

Distributed Tracing

  • AWS X-Ray allows tracing all events and messages based on specific unique identifier, attached to all request related to specific event chain
  • Works with EC2, ECS, Lambda and Elastic Beanstalk
  • Supports applications written in Java, Node.js and .NET

Log Analysis on AWS

  • Amazon CloudWatch Insights
  • Amazon ES + Kibana
  • CloudWatch logs can stream logs to Amazon ES through a CloudWatch Logs subscription
  • Amazon Redshift together with Amazon Quicksight
  • Logs can be streamed from CloudWatch Logs to Amazon Redshift using Kinesis Data Firehose

Chattiness

  • Communication overhead increases because microservices have to talk to each other
  • REST over HTTP is a lightweight communication protocol
  • You might consider consolidating services that send many messages back and forth to reduce chattiness

Protocols

  • HTTP for communication
  • Messages can be encoded using JSON or YAML or efficient binary formats like Avro or Protocol buffers

Caching

  • Amazon ElastiCache to reduce volume of calls to other microservices by caching results locally
  • API Gateway providers a built-in caching layer to reduce the load on the backend servers
  • Reduce the load on persistence layer
  • Find the right balance between a good cache hit rate and the timeliness/consistency of data

Auditing

  • Ensure visibility of user actions on each service
  • Being able to get a good overall view across all services at an organizational level
  • AWS CloudTrail - tracking changes in microservices made in AWS Cloud
    • Can be logged and sent to either CloudWatch Logs in real time or to Amazon S3
  • CloudWatch Events with CloudTrail allows to generate events based on certain logs

Resource INventory and Change Management

  • AWS Config rules allow a company to define security policies with specific rules to automatically detect, track, and alert you to policy violations
  • Violations can be detected in AWS Config and remediated by triggering Amazon SNS for example