Back to articles
December 7, 2024

Using AWS to Create Microservice Architectures

User Interfaces

  • User Interfaces for microservices are typically Javascript
  • Javascript can be chatty and cause latency
  • Caching services are often used to reduce communication overhead

Microservices

  • microservice entry points are typically REST APIs
  • AWS Lambda and Docker containers with AWS Fargate are popular services to build microservices

Private Links

  • AWS PrivateLink privately connects your VPC to supported AWS services without traversing the Internet

Data Store

  • Persist data needed by microservices
  • Session data can be stored in in-memory caches, i.e. memcached or redis
  • Amazon ElastiCache supports both memcached and redis
  • Caches reduce read load on databases, resources can support more load
  • Caches can reduce latency
  • AWS RDS can run MS SQL Server, Oracle, MySQL, MariaDB, PostgreSQL, Amazon Aurora
  • DynamoDB is a managed NoSQL database, fast and infinite scaling
  • DynamoDB Accelerator provides caching and single-digit millisecond performance

API Implementation

  • Amazon API Gateway reduces operating complexity of creating and maintaining REST APIs

Serverless Microservices

  • Lambda is tightly integrated with API Gateway
  • Removes need to design for scale
  • Reduces operations overhead
  • AWS Fargate can be used to run Docker containers on serverless infrastructure

Deploying Lambda-Based Applications

  • Cloudformation can be used to define, deploy and configure serverless applications
  • AWS Serverless Application Model can define serverless applications
  • AWS SAM simplifies syntax for defining serverless resources
  • AWS SAM is natively supported by CloudFormation
  • SAM Local can create a local testing environment that simulates the AWS runtime environment

Distributed Systems Components

  • Cross-Service Challenges with microservice applications
    • service discovery
    • data consistency
    • asynchronous communication
    • distributed monitoring and auditing

Service Discovery

  • DNS-Based Service Discovery can be done using Route53 or by connecting every service to a load balancer
  • Amazon ECS creates and manages a registry of service names
    • maps service names to a set of DNS records
    • based on Route53 Auto Naming API
  • Unified Service Discovery for services managed by Kubernetes
  • AWS CloudMap provides a service registry for resources

Service Meshes

  • AWS App Mesh provides application-level networking
    • allows services to communicate with each other across different compute infrastructure

Distributed Data Management

  • Each microservice should have its own data persistence layer
  • Common for state changes to affect more than one microservice
    • event sourcing is a useful pattern to manage state changes
  • Event sourcing --> persist every application change as an event record
    • benefits: state can be determined and reconstructed at any time
  • Amazon Kinesis Data Streams can serve as the main component in a data store
    • captures app change events and saves them to S3

Asynchronous Communication and Lightweight Messaging

REST-Based Communication

  • microservices usually use RESTful API's with HTTP transport layer
  • API Gateway can host the REST API for your backend services
    • scaling, traffic management, auth, access control, monitoring and api version management are all handled by API GW

Asynchronous Messaging and Event Passing

  • Services can communicate by exchanging messages via a queue
  • No service discovery needed
  • Keeps services loosely coupled
  • Amazon SQS and Amazon SNS can be used together to implement this pattern
    • one message can be delivered to multiple customers
  • Amazon MQ can be used if software is using open standard APIs
    • manages administration and maintenance of ActiveMQ

Orchestration and State Management

  • distributed microservices make it complex to orchestrate workflows
  • adding orchestration code to services can make them tightly coupled, and tight coupling slows down development and innovation
  • AWS Step Functions can build applications out of individual components
    • each component performs a discreted function
  • Step Functions creates a state machine

Distributed Monitoring

  • Amazon CloudWatch
    • collect and track metrics
    • centralize and monitor log files
    • set alarms
    • automatically react to changes in your AWS environment

Monitoring

  • System wide visibility in resource utilization, application performance, operational health
  • Prometheus is an open-source monitoring and alerting toolkit
    • often used with Amazon EKS
    • often used in combination with Grafana to visually collected metrics
    • Kubernetes components store metrics at /metrics, Prometheus can scrape this location at regular intervals

Centralizing Logs

  • AWS services centralize logs files by default
  • Most centralize logs on S3 and/or CloudWatch

Distributed Tracing

  • AWS X-Ray can use correlation Ids
  • trace id added to HTTP request headers: X-Amzn-Trace-Id
  • Using X-Ray SDK any microservice can read and add or update this header

Options for Log Analysis on AWS

  • Amazon CloudWatch Logs Insights: explore, analyze, visualize logs
  • Amazon ElasticSearch plus Kibana can be used to analyze logs
  • Amazon RedShift with Amazon QuickSight can be used for analysis, reporting and visualization

Chattiness

  • Distributed nature of microservices means they communicate frequently over the network
  • REST over HTTP is lightweight, but can cause problems at high message volumes

Caching

  • Caches reduce latency and chattiness
  • Amazon ElastiCache can reduce the volume of calls to other services by caching results locally
  • Amazon API Gateway has a built-in caching layer
  • Caching requires finding the right balance between a good cache hit rate and the timeliness/consistency of data

Auditing

  • To help enforce security policies, it is important to audit both resource access and activities that lead to system changes
  • Changes occur more frequently in microservice applications than in monoliths

Audit Trail

  • AWS CloudTrail tracks changes in microservices
    • enables API calls to be logged
    • logs are sent either to CloudWatch in real-time
    • or sent to Amazon S3 within several minutes
    • CloudTrail can search across accounts in AWS Organizations

Events and Real-Time Actions

  • CloudWatch Events can integrate with CloudTrail to create events for all API calls that make changes.
  • Can generate custom events, or events based on a schedule
  • AWS Config rules define security policies with specific rules to automatically detect, track and alert on policy violations
  • AWS Config rules can write to an SQS queue where Lambda can automatically resolve issue
Loading comments...