The document summarizes lessons learned about microservices from Vincent Kok's experience at Trello. It covers 6 areas: 1) Basics of designing minimal, stateless microservices; 2) Deployments should be automated and take less than 15 minutes; 3) Services need thorough testing, including mocking dependencies; 4) Security requires standards like OAuth 2.0 and service-to-service authentication; 5) Operations require resilience patterns like circuit breakers and request tracing; 6) Decomposing monoliths into domain-aligned services with independent teams owning each service. The overall message is that microservices impact must be understood, and services should optimize for rapid, sustainable value delivery.
Microservices: 5 Things I Wish I'd Known - Code Motion Milan 2017
1. Microservices; 5 things I wish I’d known
Vincent Kok | @vincentkok
CODEMOTION MILAN - SPECIAL EDITION
10 - 11 NOVEMBER 2017
2. Microservices; 6 things I wish I’d known
Vincent Kok | @vincentkok
CODEMOTION MILAN - SPECIAL EDITION
10 - 11 NOVEMBER 2017
3. Part-time speaker
For fun and zero profit
About me: @vincentkok
Trello
Engineering Manager on the
Trello team
Dutch
You probably heard that already ;)
4. Microservices
Everybody seems to want them. Do we
really know the impact of our choices?
Why do we want them so badly?
Microservices are messy!
https://flic.kr/p/9u5pDA
6. Grow Fat
Code base grows. All
the things slow
down.
Age
Your code base will
become a jurassic
park introducing new
tech becomes hard
Ownership
Who is responsible
for which part and
more important: who
has the pager
Economies of
Scale
The bigger the team
the more they
interrupt each other
Monolithical issues
16. Small
The size will be
reasonable and
manageable
Independent
lifecycle
Nothing will hold the
team back. Go as
fast as you can
Optimise for
the problem
Pick solution and
tech based on the
problem at hand
Replaceable
It is easier to replace
if there is a need for
it
The microservice promise
19. Creating a call-out
Watch the tutorial in the
Presentation Guidelines to learn
how to create call-outs on
screenshots within this template.
20. MINIMAL SERVICE
Health check
200 app is alive. 500 app is unhealthy,
destroy the node
Stateless*
Run as many nodes as you need
Expose a port
Only access to the service
24. Libraries
Feel free to use
shared libraries but
keep them loose
Config
Be aware of the
configuration
lifecycle
Schemas
Make sure that
services are resilient
to schema changes
-> Postel’s law
Testing
Test in isolation.
Keep them decoupled
26. Redeploy
Part of the service
configuration.
Configuration lifecycles
Instant change
Switches you would like to
enable/disable straight away
Rebuild
Rebuild to apply changes
29. Only one person
There is only one person in
the team that owns it
Deployment smells
Takes more then 15
mins
Setting it up should be quick
and initial deployment should
quick
Requires a ticket
A ticket for the deployment
team
30. Always deploy an empty
service into production
ME AND PROBABLY OTHERS
31. Developers in control
Artifact
What is the artifact we’re running.
We’re mostly standardising on Docker
Resources
What resources are requires: RDS,
SQS, Dynamo etc..
Compute
What EC2 instance do we want how
many of those and when to scale
Alarms
What are the alarm thresholds for this
service
Ownership
Who is owning the service
Configuration
We will be adding more icons as need
arises. Speak up if in need!
45. Stable API
If it is external it already
should have a CTK so rely on
it
How to trust your mock?
Contract testing
Internal fast moving API’s an
benefit from this
Rely on monitoring
Small service, low MTTR
therefore low impact
48. OAuth 2.0
Grant a client access to
resources based on a newly
created set of credentials
Common standards
OpenID Connect
Identity on top of OAuth 2
OpenID
Allows identity and some
metadata only
49. How to secure a set of many
services?
SECURING SERVICES
61. Circuit breakers
Write code with failure in
mind
Three must haves
Request tracing
Don’t spend hours debugging
Log aggregations
Stream all logs into one
place.
64. Response times
How much time do services
spend calling other services.
Back pressure
Stop putting pressure on a
system that is in trouble
and fail fast
Fallback
How do you handle failure. A
mandatory step in the
programming model.
Circuit breakers
74. What should you take home?
Basics
Services are cattle not pets.
Testing
Testing a monolith is “easy” think
about your service testing strategy
Deployment
Deploying a service shouldn’t take
longer then 15 minutes
Operations
You build it you run it.
Security
Think how you would like to secure
service to service communications
Focus on value
Optimise for rapid and sustainable
flow of value
75. VINCENT KOK | ENGINEERING MANAGER, TRELLO | @VINCENTKOK
Thanks!