VDI, Containers, and Microservices

VMs running in a data center instead of dedicated desktops/laptops
Thin clients (minimal computers) for remote connections to the VMs.
Management heaven
Single point of failure
SOA – Service Oriented Architecture
- Then: monolithic (all in one) apps
- Now: Virtualized app components designed around business requirements
- Inputs and outputs
- Sub services
- No external state
- Independent upgrades
- Code independent
- Easier interoperability
- Communication mesh
Containers – Isolated environments designed to run a set of applications
- Docker
- Flexible and fast
- Development: create and destroy test environments
- Packaging and distributing apps
- Infrastructure as Code
- Less secure out of the box than VMs
Microservices
- Split larger, monolithic functionality into individual microservices.
- Replace, upgrade components individually
- Brings the SOA approach to software development (agile)
- No such thing as sub-microservice
- Unix philosophy: each piece of software should do one thing and do it well.
- Containers: #1 solution for a pure microservices based architecture
SOAP
- Microservices (and soa-based solutions) must communicate with each other
- Historically, this was ensured by SOAP – Simple Object Access Protocol
- SOAP manages sending and receiving data in web apps using XML
- Security features: auth, encryptions, async, errors
- Risks:
  - Proving
  - Coercive parsing
  - External references
  - Malware
  - SQL injection
REST APIs
- Used for interaction with services in a programmatic way
- Machine to machine communication
- SOAP (XML) vs REST APIs (HTTP)
- APIs increase attack surface
- API keys
- REST (Representaiton State Transfer)
- Principles:
  - Uniformity
  - Decoupling
  - Statelessness
  - Cacheabiltiy

PreviousCloud Automation and Other Cloud Threats NextCI/CD, IaC, DevOps

Last updated 2 years ago

VDI, Containers, and Microservices

VMs running in a data center instead of dedicated desktops/laptops
Thin clients (minimal computers) for remote connections to the VMs.
Management heaven
Single point of failure
SOA – Service Oriented Architecture
- Then: monolithic (all in one) apps
- Now: Virtualized app components designed around business requirements
- Inputs and outputs
- Sub services
- No external state
- Independent upgrades
- Code independent
- Easier interoperability
- Communication mesh
Containers – Isolated environments designed to run a set of applications
- Docker
- Flexible and fast
- Development: create and destroy test environments
- Packaging and distributing apps
- Infrastructure as Code
- Less secure out of the box than VMs
Microservices
- Split larger, monolithic functionality into individual microservices.
- Replace, upgrade components individually
- Brings the SOA approach to software development (agile)
- No such thing as sub-microservice
- Unix philosophy: each piece of software should do one thing and do it well.
- Containers: #1 solution for a pure microservices based architecture
SOAP
- Microservices (and soa-based solutions) must communicate with each other
- Historically, this was ensured by SOAP – Simple Object Access Protocol
- SOAP manages sending and receiving data in web apps using XML
- Security features: auth, encryptions, async, errors
- Risks:
  - Proving
  - Coercive parsing
  - External references
  - Malware
  - SQL injection
REST APIs
- Used for interaction with services in a programmatic way
- Machine to machine communication
- SOAP (XML) vs REST APIs (HTTP)
- APIs increase attack surface
- API keys
- REST (Representaiton State Transfer)
- Principles:
  - Uniformity
  - Decoupling
  - Statelessness
  - Cacheabiltiy

PreviousCloud Automation and Other Cloud Threats NextCI/CD, IaC, DevOps

Last updated 2 years ago