Book Image

Software Architecture Patterns for Serverless Systems - Second Edition

By : John Gilbert
Book Image

Software Architecture Patterns for Serverless Systems - Second Edition

By: John Gilbert

Overview of this book

Organizations undergoing digital transformation rely on IT professionals to design systems to keep up with the rate of change while maintaining stability. With this edition, enriched with more real-world examples, you’ll be perfectly equipped to architect the future for unparalleled innovation. This book guides through the architectural patterns that power enterprise-grade software systems while exploring key architectural elements (such as events-driven microservices, and micro frontends) and learning how to implement anti-fragile systems. First, you'll divide up a system and define boundaries so that your teams can work autonomously and accelerate innovation. You'll cover the low-level event and data patterns that support the entire architecture while getting up and running with the different autonomous service design patterns. This edition is tailored with several new topics on security, observability, and multi-regional deployment. It focuses on best practices for security, reliability, testability, observability, and performance. You'll be exploring the methodologies of continuous experimentation, deployment, and delivery before delving into some final thoughts on how to start making progress. By the end of this book, you'll be able to architect your own event-driven, serverless systems that are ready to adapt and change.

Related Content you might be interested in

Current Title:

Small book image
Software Architecture Patterns for Serverless Systems - Second Edition
John Gilbert
Feb, 2024 | 488 pages
Small book image
Cloud Native Development Patterns and Best Practices
John Gilbert
Feb, 2018 | 316 pages
Small book image
JavaScript Cloud Native Development Cookbook
John Gilbert
Sep, 2018 | 352 pages
Small book image
Embracing Microservices Design
Nabil Siddiqui | Timothy Oleson | Ovais Mehboob Ahmed Khan
Oct, 2021 | 306 pages
Table of Contents (16 chapters)
Preface
Preface
Who this book is for
What this book covers
To get the most out of this book
1
Architecting for Innovation
Architecting for Innovation
Continuously delivering business value
Dissecting lead time
Dissecting integration styles
Enabling autonomous teams with autonomous services
Summary
Free Chapter
2
Defining Boundaries and Letting Go
Defining Boundaries and Letting Go
Learning the hard way
Building on proven concepts
Thinking about events first
Dividing a system into autonomous subsystems
Creating subsystem bulkheads
Dissecting an autonomous subsystem
Dissecting an autonomous service
Governing without impeding
Summary
3
Taming the Presentation Tier
Taming the Presentation Tier
Presentation tier innovation – zigzagging through time
Breaking up the frontend monolith
Dissecting micro frontends
Designing for offline-first
Summary
4
Trusting Facts and Eventual Consistency
Trusting Facts and Eventual Consistency
Living in an eventually consistent world
Publishing to an event hub
Dissecting the Event Sourcing pattern
Event streams
Processing event streams
Designing for failure
Optimizing throughput
Summary
5
Turning the Cloud into the Database
Turning the Cloud into the Database
Fighting data gravity
Embracing the data life cycle
Turning the database inside out
Dissecting the CQRS pattern
Keeping data lean
Implementing idempotence and order tolerance
Modeling data for operational performance
Leveraging change data capture
Summary
6
A Best Friend for the Frontend
A Best Friend for the Frontend
Focusing on user activities
Dissecting the Backend for Frontend pattern
Dissecting function-level nano architecture
Choosing between REST and GraphQL
Implementing different kinds of BFF services
Summary
7
Bridging Intersystem Gaps
Bridging Intersystem Gaps
Creating an anti-corruption layer
Dissecting the External Service Gateway pattern
Integrating with third-party systems
Integrating with other subsystems
Integrating across cloud providers
Integrating with legacy systems
Providing an open API and SPI
Tackling common data challenges
Summary
8
Reacting to Events with More Events
Reacting to Events with More Events
Promoting inter-service collaboration
Dissecting the Control Service pattern
Orchestrating business processes
Employing the Saga pattern
Calculating event-sourcing snapshots
Implementing complex event processing (CEP) logic
Leveraging machine learning (ML) for control flow
Summary
9
Running in Multiple Regions
Running in Multiple Regions
Justifying multi-regional deployment
Choosing a regional topology
Preparing for regional failover
Checking regional health
Configuring regional routing
Replicating across regions
Dissecting regional failover
Addressing intersystem differences
Implementing multi-regional cron jobs
Summary
10
Securing Autonomous Subsystems in Depth
Securing Autonomous Subsystems in Depth
Shared responsibility model
Securing cloud accounts
Securing CI/CD pipelines
Securing the perimeter
Securing the frontend
Securing BFF services
Redacting sensitive data
Securing ESG services
Auditing continuously
Summary
11
Choreographing Deployment and Delivery
Choreographing Deployment and Delivery
Optimizing testing for continuous deployment
Focusing on risk mitigation
Achieving zero-downtime deployments
Planning at multiple levels
Turning the crank
Dissecting CI/CD pipelines
Summary
12
Optimizing Observability
Optimizing Observability
Failing forward fast
Turning observability inside out
Leveraging FinOps
Collecting resource metrics
Tracking system events
Alerting on work metrics
Observing real user activity
Tuning continuously
Summary
13
Don’t Delay, Start Experimenting
Don’t Delay, Start Experimenting
Gaining trust and changing culture
Funding products, not projects
Dissecting the Strangler pattern
Addressing event-first concerns
Poly everything
Summary
14
Other Books You May Enjoy
Other Books You May Enjoy
15
Index
Index

Redacting sensitive data

Defense in depth means that every layer of a system must do its part to prevent an attack. Encrypting data at rest is the last line of defense, and yet it is where the most shortcuts are taken, as evidenced by all the high-profile data breaches. If a hacker breaches all the other layers of security, the data will still be secure if we have properly redacted the sensitive information.To truly secure data at rest, we cannot stop at simply turning on a datastore's encryption feature. Disk-level encryption only secures the data when the disk is removed from the system. While a disk is attached to the system, the data is automatically decrypted when accessed with sufficient privilege. Unfortunately, this is what happens in most data breaches. A hacker gains privileged access through an alternate channel and the data is automatically decrypted when it is read from the datastore.To prevent this, we must redact sensitive data at the application level. This will ensure...

Previous Section
End of Section 7
Next Section