Book Image

Software Architecture Patterns for Serverless Systems - Second Edition

By : John Gilbert
Book Image

Software Architecture Patterns for Serverless Systems - Second Edition

By: John Gilbert

Overview of this book

Organizations undergoing digital transformation rely on IT professionals to design systems to keep up with the rate of change while maintaining stability. With this edition, enriched with more real-world examples, you’ll be perfectly equipped to architect the future for unparalleled innovation. This book guides through the architectural patterns that power enterprise-grade software systems while exploring key architectural elements (such as events-driven microservices, and micro frontends) and learning how to implement anti-fragile systems. First, you'll divide up a system and define boundaries so that your teams can work autonomously and accelerate innovation. You'll cover the low-level event and data patterns that support the entire architecture while getting up and running with the different autonomous service design patterns. This edition is tailored with several new topics on security, observability, and multi-regional deployment. It focuses on best practices for security, reliability, testability, observability, and performance. You'll be exploring the methodologies of continuous experimentation, deployment, and delivery before delving into some final thoughts on how to start making progress. By the end of this book, you'll be able to architect your own event-driven, serverless systems that are ready to adapt and change.

Related Content you might be interested in

Current Title:

Small book image
Software Architecture Patterns for Serverless Systems - Second Edition
John Gilbert
Feb, 2024 | 488 pages
Small book image
Cloud Native Development Patterns and Best Practices
John Gilbert
Feb, 2018 | 316 pages
Small book image
JavaScript Cloud Native Development Cookbook
John Gilbert
Sep, 2018 | 352 pages
Small book image
Embracing Microservices Design
Nabil Siddiqui | Timothy Oleson | Ovais Mehboob Ahmed Khan
Oct, 2021 | 306 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
1
Architecting for Innovation
Architecting for Innovation
Continuously delivering business value
Dissecting lead time
Dissecting integration styles
Enabling autonomous teams with autonomous services
Summary
Free Chapter
2
Defining Boundaries and Letting Go
Defining Boundaries and Letting Go
Learning the hard way
Building on proven concepts
Thinking about events first
Dividing a system into autonomous subsystems
Creating subsystem bulkheads
Dissecting an autonomous subsystem
Dissecting an autonomous service
Governing without impeding
Summary
3
Taming the Presentation Tier
Taming the Presentation Tier
Presentation tier innovation – zigzagging through time
Breaking up the frontend monolith
Dissecting micro frontends
Designing for offline-first
Summary
4
Trusting Facts and Eventual Consistency
Trusting Facts and Eventual Consistency
Living in an eventually consistent world
Publishing to an event hub
Dissecting the Event Sourcing pattern
Event streams
Processing event streams
Designing for failure
Optimizing throughput
Summary
5
Turning the Cloud into the Database
Turning the Cloud into the Database
Fighting data gravity
Embracing the data life cycle
Turning the database inside out
Dissecting the CQRS pattern
Keeping data lean
Implementing idempotence and order tolerance
Modeling data for operational performance
Leveraging change data capture
Summary
6
A Best Friend for the Frontend
A Best Friend for the Frontend
Focusing on user activities
Dissecting the Backend for Frontend pattern
Dissecting function-level nano architecture
Choosing between REST and GraphQL
Implementing different kinds of BFF services
Summary
7
Bridging Intersystem Gaps
Bridging Intersystem Gaps
Creating an anti-corruption layer
Dissecting the External Service Gateway pattern
Integrating with third-party systems
Integrating with other subsystems
Integrating across cloud providers
Integrating with legacy systems
Providing an open API and SPI
Tackling common data challenges
Summary
8
Reacting to Events with More Events
Reacting to Events with More Events
Promoting inter-service collaboration
Dissecting the Control Service pattern
Orchestrating business processes
Employing the Saga pattern
Calculating event-sourcing snapshots
Implementing complex event processing (CEP) logic
Leveraging machine learning (ML) for control flow
Summary
9
Running in Multiple Regions
Running in Multiple Regions
Justifying multi-regional deployment
Choosing a regional topology
Preparing for regional failover
Checking regional health
Configuring regional routing
Replicating across regions
Dissecting regional failover
Addressing intersystem differences
Implementing multi-regional cron jobs
Summary
10
Securing Autonomous Subsystems in Depth
Securing Autonomous Subsystems in Depth
Shared responsibility model
Securing cloud accounts
Securing CI/CD pipelines
Securing the perimeter
Securing the frontend
Securing BFF services
Redacting sensitive data
Securing ESG services
Auditing continuously
Summary
11
Choreographing Deployment and Delivery
Choreographing Deployment and Delivery
Optimizing testing for continuous deployment
Focusing on risk mitigation
Achieving zero-downtime deployments
Planning at multiple levels
Turning the crank
Dissecting CI/CD pipelines
Summary
12
Optimizing Observability
Optimizing Observability
Failing forward fast
Turning observability inside out
Leveraging FinOps
Collecting resource metrics
Tracking system events
Alerting on work metrics
Observing real user activity
Tuning continuously
Summary
13
Don’t Delay, Start Experimenting
Don’t Delay, Start Experimenting
Gaining trust and changing culture
Funding products, not projects
Dissecting the Strangler pattern
Addressing event-first concerns
Poly everything
Summary
14
Other Books You May Enjoy
Other Books You May Enjoy
15
Index
Index

Securing CI/CD pipelines

Our serverless systems are composed of cloud resources, such as functions, datastores and messaging channels, and we use the cloud provider's deployment service, such as AWS CloudFormation, to automate the creation of these resources. In Chapter 12, Choreographing Deployment and Delivery, we will cover the GitOps flow we follow for deploying these resources via our CI/CD pipelines. But first, we need the permissions to create, update and delete these kinds of resources. Plus, we typically use SaaS CI/CD service, such as GitHub Actions or GitLab-CI, and these services execute outside our cloud accounts.So, we need an approach that limits the permissions that we give to these tools. We accomplish this by creating separate roles for the pipeline service and the deployment service. We will also introduce the concept of permission boundaries.You can find a template for securing your CI/CD pipelines here: https://github.com/jgilbert01/template-pipeline-resources...

Previous Section
End of Section 3
Next Section