Dapr: Abstracting Microservice Applications

Transcript

1. Abstracting Microservice Applications Ahmet Pirimoğlu Software Team Lead |

2. Ahmet Pirimoğlu • 2006 yılından bu yana yazılım geliştiriciyim •

   15 yıldır farklı sektörlerde çalıştım • Finans Çözümleri • Yükseköğretim Çözümleri • Genelde yazılım altyapı ekiplerinde yer aldım • 1.5 yıldır • Şu an Open Banking projesi yazılım altyapı tarafında • biraz yazılım takım lideri • biraz SDM • vakit kalırsa yazılım geliştirici

3. Yıllar yıllar önceydi. O zaman yoktu...

4. 3 yazılımcı arkadaş, piyasada tutunmuş bir e-ticaret ürünü geliştirmişlerdi.

5. Bakım maliyetleri, teknik borçlar, performans sorunları nedenleriyle mikroservis olarak tekrar

   yazmaya karar verdiler.

6. Mikroservis Mimari

7. Mikroservis Mimari ! INTEGRATIONS !

8. Integration Components Prometheus AppInsights Jaeger Zipkin

9. Yazılımcı (Temsili)

10. Çare

11. Dapr • Açılımı: Distributed Application Runtime • Temel Fayda: Abstraction

    • Motto: "simplify microservice connectivity" You can focus on business logic and keep your code simple

12. Dapr • CNCF project • Open Source • https://github.com/dapr/dapr •

    https://github.com/dapr/dotnet-sdk • Announced by Microsoft in 2019 • Version: v1.10 • Sidecar Oriented • Supported SDKs and APIs for Java, .NET, Python, and Go • The source code is written in the Go programming language

13. Dapr Sidecar https://twitter.com/bibryam/status/1662023517863563265

14. Dapr Sidecar

15. "Lego for microservices"

16. Dapr APIs HTTP API gRPC API Microservices written in Any

    cloud or edge infrastructure Application code Any code or framework… Microservices written in virtual or physical machines Service- to-service invocation State management Publish and subscribe Resource bindings and triggers Actors Observability Secrets Configuration Distributed Lock Workflow

17. HashiCorp Vault RabbitMQ Redis On-prem Service 1 Service 2 Service

    3 Platform Agnostic

18. KMS SNS DynamoDB Service 1 Service 2 Service 3 Platform

    Agnostic

19. Azure Key Vault Azure Service Bus Azure Cosmos DB Service

    1 Service 2 Service 3 Platform Agnostic

20. Platform Agnostic

21. Dapr hosting environments • Get started with dapr init -k

    • Integrated Dapr control plane • Deploys dashboard, placement, operator, sentry, and injector pods • Automatically inject Dapr sidecar into all annotated pods • Upgrade with dapr upgrade or Helm • Get started with dapr init • Easy setup with Docker images • Sets up placement, Zipkin, Redis • slim-init available without Docker • Run any application with Dapr sidecar using dapr run • Slim mode does executable deployment (no Docker images) Self-hosted • Self-deploy Dapr control plane per machine • Deploy Hashicorp Consul per machine • Run any application with Dapr sidecar using dapr run • Dapr Installer Package allows for offline/remote deployments with no network connectivity Virtual/Physical Machines

22. Dapr in self-hosted Docker mode Local dev machine or virtual

    machine Actor placement Placement Zipkin tracing Zipkin Redis state store Redis My App State Stores PubSub Brokers Secret Stores Bindings & Triggers Observability Dapr Components dapr run myapp Use components Launch application Launch sidecar process Set env variables Save and retrieve state Publish and subscribe to messages Create mapping table of actor instances to pods Send distributed tracing

23. Dapr Components - Local Usage Dapr CLI • dapr run

    --app-id checkout --app-port 6002 --dapr-http-port 3602 --dapr-grpc-port 60002 dotnet run • dapr run --app-id $AppName --components-path config/dapr/components -- dotnet ef migrations add $MigrationName --project ddd/OpenBanking.SampleService.DbMigrator

24. Dapr Components - Local Usage (Tye Integration)

25. Dapr on Kubernetes Pod Actor partition placement Placement Pod Dapr

    runtime injector Injector Pod Cert authority and identity Sentry Pod Update component changes Operator Pod My App Kubelet Use components Inject Dapr sidecar into annotated pods Inject env variables Manage mTLS between services Assign spiffe identity Create mapping table of actor instances to pods Manage component updates Manage Kubernetes service endpoints Readiness and Liveness probe on healthz API to determine Dapr health state State Stores Pub/Sub Brokers Secret Stores Bindings & Triggers Observability Dapr Components Operator Deploys and manages Dapr Any cloud or edge infrastructure

26. Dapr Components – K8S Usage Configuration Multi-Tenant Support Distributed Lock

    Pub/Sub State Store Tracing

27. Dapr Components – K8S Usage

28. Dapr Dashboard

29. Dapr Componets – Different Usage

30. Service invocation Order Processor Checkout DNS Name Resolution component for

    service discovery (mDNS, Kubernetes DNS, Hashicorp Consul) mTLS encryption POST http://localhost:3500/v1.0/invoke/orderprocessor/method/orders {"data":"order1"} POST http://10.0.0.2:3501/orders {"data":"order1"} Send order

31. Service invocation

32. State Management

33. State Management

34. corpdb-redis.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: orderstore spec: type:

    state.redis version: v1 metadata: - name: redisHost value: redis-master.default.svc.cluster.local:6379 - name: redisPassword secretKeyRef: name: redis-secret key: redis-password corpdb-cosmosdb.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: orderstore spec: type: state.azure.cosmosdb version: v1 metadata: - name: url value: corpdb.documents.azure.com - name: masterKey secretKeyRef: name: master-key key: cosmos-key - name: database value: orders - name: collection value: processed

35. Publish and Subscribe Service B My App Redis Cache Service

    A POST http://localhost:3500/v1.0/publish/order {"data":"MyOrder"} POST http://10.0.0.4:8000/factory/order {"data":"MyOrder"} POST http://10.0.0.2:8000/order {"data":"MyOrder"} Rabbit MQ

36. Publish and Subscribe

37. Bindings

38. Input bindings My App Twitter POST http://10.0.0.2:8000/newtweet {"data":“📢 We are

    excited to announce the …"}

39. Dapr bindings API twitter.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name:

    twitter spec: type: bindings.twitter version: v1 metadata: - name: consumerKey secretKeyRef: name: twitter-secret key: consumerKeys - name: consumerSecret secretKeyRef: name: twitter-secret key: consumerSecret - name: accessToken secretKeyRef: name: twitter-secret key: accessToken - name: accessSecret secretKeyRef: name: twitter-secret key: accessSecret App-to-sidecar Invoke an output binding POST/PUT /v1.0/bindings/twitter Sidecar-to-app Trigger an app OPTIONS/POST /new-tweet

40. Output bindings My App Twilio POST http://localhost:3500/v1.0/bindings/twilio {"data":”Send message"} Send

    Message

41. Custom Binding

42. Secrets My App GET http://localhost:3500/v1.0/secrets/vault/mysecret "supersecret" HahsiCorp Vault key value

    mysecret "supersecret"

43. Secrets

44. Dapr secrets API vault.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name:

    vault spec: type: secretstores.hashicorp.vault metadata: - name: vaultAddr value: https://127.0.0.1:8200 - name: caCert value: "ca_cert" - name: caPath value: "/certs/cert.pem" - name: caPem value: "/certs/ca.pem” App-to-sidecar Retrieve a secret GET /v1.0/secrets/vault/mysecret Retrieve secrets in bulk GET /v1.0/secrets/vault/bulk

45. Secrets

46. Distributed Lock

47. Distributed Lock

48. Configuration My App GET http://localhost:3500/v1.0/configuration/store/appconfig1 "setting A" key value appconfig1

    ”setting A" Redis Cache

49. Configuration

50. W3C tracing context W3C tracing context W3C tracing context Service

    C Service A Service B Backend Monitoring Tools Collector Backend Monitoring Tools
51. None

52. Metrics Dapr Metrics features: Call latency CPU/memory usage Error rates

    Sidecar injection failures System health Built-in monitoring capabilities to understand the behavior of the Dapr sidecar and system services

53. Resiliency • Resiliency patterns can be applied across Dapr APIs

    • Retries • Timeouts • Circuit breakers • Declarative and decoupled from application code • Available across all component types, service invocation and actors.

54. State Management v2 Publish & Subscribe Secret Management Input Binding

    Output Binding Service Invocation Get state Retrieve secret Publish Subscribe Trigger Call method Get config Application Configuration Resiliency resiliency resiliency resiliency resiliency resiliency resiliency resiliency

55. Kendin Sor Kendin Cevapla

56. Dapr, şu bildiğimiz ORM kütüphanesi değil mi? Dapr ≠ Dapper

57. Dapr'a alternatif var mı?

58. Dapr için sırada ne var?

59. Dapr "Service Mesh" ürünü müdür?

60. Dapr "Service Mesh" ürünü müdür?

61. Dapr'a güvenebilir miyim? • CNCF • Güçlü community • Diagrid

    şirketi https://www.diagrid.io • Diagrid Conductor • Diagrid Cloud (Coming)

62. Dapr'a güvenebilir miyim?

63. Dapr'a güvenebilir miyim?

64. Dapr'a güvenebilir miyim? "Mark Russinovich – MSBuild 2023"

65. 17.9k GitHub stars 4k Discord members +1M Docker Hub monthly

    pulls 1810 Contributors 97 Community Components +10k Monthly Docs views

66. ZEISS Group “Dapr really simplifies the case of distributed application

    architectures. With Dapr, any developer can do it. Dapr made it much faster for us to build an app on Azure Kubernetes Service” - Kai Walter, Lead Architect, ZEISS Deployment regions Azure Kubernetes Service Sidecar Microservice Application pods Azure Front Door Customer order Azure Key Vault Azure Service Bus Azure API Management Azure Cosmos DB ZEISS location Confirm order Forward to nearest deployment Send order request Zeiss ESB Azure API Management Actor state Secrets Pub/sub Multiple ZEISS SAP Systems ZEISS Identity Management ZEISS plant Customer metadata • Worldwide order processing solution • Original system based on SAP and was slow to update business rules • Needed agility to manufacture close to customer location • Workflow, event driven architecture, built using Actors with replicated state in CosmosDB • Microservices deployed to AKS in each region

67. Man Group ▪ Modernize existing 10 yr old, highly transactional,

    operations platform for trading and risk reporting ▪ Requirements: Support mobile apps, rolling upgrades, easier secrets management & rotation, polyglot languages, improve diagnostics/telemetry ▪ Run on VMs using cloud native technologies ▪ Incremental evolution strategy using Dapr, with minimal code changes ▪ Central API Gateway for Apps supports Windows Auth/Oauth with service discovery ▪ Dapr deployed in self-hosted VM mode giving every service the following features: ─ Service discovery, invocation and identity propagation using JWT Bearer Token. Eliminates Load Balancer for services ─ Secure encrypted traffic over mTLS w ith automatic certificate rotation ─ Secret Store access (Vault) ─ Distributed Telemetry (OpenTelemetry, Zipkin) w ith Metrics (Prometheus, Grafana) ─ Actor Platform for Python, Java, C# Windows Auth App Python Service .NET F 4.0 WCF TCP, XML Win Svc Service .NET F 3.5 WCF TCP, XML Win Svc App .NET F 3.5 WPF Service .NET F 4.8 WCF TCP, XML Win Svc Service .NET F 4.8 WCF HTTP, JSON Win Svc App Java Service .NET C 3.1 ASP.NET C HTTP, JSON Win Svc Service .NET C 3.1 ASP.NET C HTTP, JSON Container OAuth Infrastructure SQL Server MSMQ Kafka Docker JAVA API Gateway VM #1 VM #2 VM #3 VM #4 VM #5 VM #6 Placement Sentry Consul mTLS JWT Bearer Token Vault Telemetry Client Server Windows Authentication (Impersonation) App Py thon Service .NET F 4.0 WCF TCP, XML Win Svc Service .NET F 3.5 WCF TCP, XML Win Svc App .NET F 3.5 WPF Service .NET F 4.8 WCF TCP, XML Win Svc Service .NET F 4.8 WCF HTTP, JSON Win Svc Service .NET C 3.1 ASP.NET C HTTP, JSON Win Svc Load Balancer Appliance Service .NET C 3.1 ASP.NET C HTTP, JSON Container OAuth x Infrastructure SQL Serv er MSMQ Kaf ka Docker X 100 App Jav a JAVA

68. Alibaba Cloud “At Alibaba Cloud, we believe that Dapr will

    lead the way in microservice development. By adopting Dapr, our customers can build portable and robust distributed systems faster." - Li Xiang, Senior Staff Engineer, Alibaba Cloud Internal Dapr use cases at Alibaba Cloud: • FaaS and serverless platform • Required multi-language application integration - Node, go, C, C++, Java, Rust • With conventional class library model, applications become bloated due to large number of SDKs. FaaS and company acquisitions accelerated multi- language needs • Modernize complex Java legacy systems • Cloud-to-Cloud migrations and portability • Migrated DingTalk communication app from internal to public cloud • Dapr AliCloud components for pub/sub and storage

69. Ignition Group Dapr components Azure API Management Azure Load Balancer

    Azure Kubernetes Service Virtual Machine Scale Set node pool Sidecar Microservice Application pods Azure Queue Storage Azure Cache for Redis Kubernetes Secret store MongoDB Azure DevOps Azure Container Registry Traces, logs, metrics Integration “Using Dapr with Azure makes it very easy to bolt in new pieces of infrastructure without changing anything else. It changed our business” - Russell Stather, Chief Digital Transformation Officer, Ignition Group

70. Dapr kaynaklı yavaşlık yaşar mıyım?

71. None

72. Teşekkürler😊

73. Kaynaklar • https://dapr.io/ • https://docs.dapr.io/ • https://medium.com/design-microservices-architecture-with-patterns/microservices-architecture- 2bec9da7d42a • https://learn.microsoft.com/en-us/dotnet/architecture/dapr-for-net-developers/

    • https://stackshare.io/dapr/alternatives • https://learn.microsoft.com/en-us/dotnet/architecture/dapr-for-net-developers/dapr-at-20000-feet