VDI, Containers, and Microservices

VMs running in a data center instead of dedicated desktops/laptops

Thin clients (minimal computers) for remote connections to the VMs.

Management heaven

Single point of failure

SOA – Service Oriented Architecture

• Then: monolithic (all in one) apps

• Now: Virtualized app components designed around business requirements

• Inputs and outputs

• Sub services

• No external state

• Independent upgrades

• Code independent

• Easier interoperability

• Communication mesh

Containers – Isolated environments designed to run a set of applications

• Docker

• Flexible and fast

• Development: create and destroy test environments

• Packaging and distributing apps

• Infrastructure as Code

• Less secure out of the box than VMs

Microservices

• Split larger, monolithic functionality into individual microservices.

• Replace, upgrade components individually

• Brings the SOA approach to software development (agile)

• No such thing as sub-microservice

• Unix philosophy: each piece of software should do one thing and do it well.

• Containers: #1 solution for a pure microservices based architecture

SOAP

• Microservices (and soa-based solutions) must communicate with each other

• Historically, this was ensured by SOAP – Simple Object Access Protocol

• SOAP manages sending and receiving data in web apps using XML

• Security features: auth, encryptions, async, errors

• Risks:

  • Proving

  • Coercive parsing

  • External references

  • Malware

  • SQL injection

REST APIs

• Used for interaction with services in a programmatic way

• Machine to machine communication

• SOAP (XML) vs REST APIs (HTTP)

• APIs increase attack surface

• API keys

• REST (Representaiton State Transfer)

• Principles:

  • Uniformity

  • Decoupling

  • Statelessness

  • Cacheabiltiy