In relatively recent times, we moved from monolith architecture to microservices. Monolith is the one of the architectures. In monolith, we write the whole code base ( all the functionalities ) within a single service. This makes change difficult so much so that even a small change can take up to weeks to get implemented. In such a situation, updating the monolith to a new technology becomes very tedious and time consuming. Moreover, monoliths are often stand alone application and it is often difficult for them to communication with other applications. Microservices offer a solution to the above problems and have become the popular architecture style.
Microservices are numerous small services that add up to provide the same functionality as the monolith. This makes them easier to implement, update, test and deploy individually. Also, should it be required, we can use different technologies to write individual microservices ( though it is not recommended that we use different technologies for different microservices under the same application. )
Microservices need to communicate with each other, either within the same application or outside the application. The communication techniques can be divided into mainly two subdomains: Synchronous and asynchronous
Synchronous communication is popularly done using REST API or HTTP APIs. A new form of communication is now becoming popular which is GraphQL ( will discuss it in a new article )
Asynchronous is popularly done using AMQP. The messages are sent using message broker systems like Kafka and RabbitMQ.
Each service can have its own database in order to be decoupled from other services. Data consistency between services is maintained using the Saga pattern.
Docker is a popular choice for deployment of microservices as are serverless functions ( AWS Lambda, Azure functions etc. )
To manage a large number of these APIs, we may use some API management tools like Google APIGEE, Amazon API Gateway, Microsoft Azure API Management etc. These platforms provide ways to manage APIs easily, uniformly and provide ways to secure, monetise and provide validations to the APIs.
Finally organizations like OWASP provide ever-updating list of how to improve the security of the APIs.
That’s all Folks!
-Shruti
Top comments (0)