Abstracting Microservice Applications Ahmet Pirimoğlu Software Team Lead |

Ahmet Pirimoğlu • 2006 yılından bu yana yazılım geliştiriciyim • 15 yıldır farklı sektörlerde çalıştım • Finans Çözümleri • Yükseköğretim Çözümleri • Genelde yazılım altyapı ekiplerinde yer aldım • 1.5 yıldır • Şu an Open Banking projesi yazılım altyapı tarafında • biraz yazılım takım lideri • biraz SDM • vakit kalırsa yazılım geliştirici

Yıllar yıllar önceydi. O zaman yoktu...

3 yazılımcı arkadaş, piyasada tutunmuş bir e-ticaret ürünü geliştirmişlerdi.

Bakım maliyetleri, teknik borçlar, performans sorunları nedenleriyle mikroservis olarak tekrar yazmaya karar verdiler.

Mikroservis Mimari

Mikroservis Mimari ! INTEGRATIONS !

Integration Components Prometheus AppInsights Jaeger Zipkin

Yazılımcı (Temsili)

Çare

Dapr • Açılımı: Distributed Application Runtime • Temel Fayda: Abstraction • Motto: "simplify microservice connectivity" You can focus on business logic and keep your code simple

Dapr • CNCF project • Open Source • https://github.com/dapr/dapr • https://github.com/dapr/dotnet-sdk • Announced by Microsoft in 2019 • Version: v1.10 • Sidecar Oriented • Supported SDKs and APIs for Java, .NET, Python, and Go • The source code is written in the Go programming language

Dapr Sidecar https://twitter.com/bibryam/status/1662023517863563265

Dapr Sidecar

"Lego for microservices"

Dapr APIs HTTP API gRPC API Microservices written in Any cloud or edge infrastructure Application code Any code or framework… Microservices written in virtual or physical machines Service- to-service invocation State management Publish and subscribe Resource bindings and triggers Actors Observability Secrets Configuration Distributed Lock Workflow

HashiCorp Vault RabbitMQ Redis On-prem Service 1 Service 2 Service 3 Platform Agnostic

KMS SNS DynamoDB Service 1 Service 2 Service 3 Platform Agnostic

Azure Key Vault Azure Service Bus Azure Cosmos DB Service 1 Service 2 Service 3 Platform Agnostic

Platform Agnostic

Dapr hosting environments • Get started with dapr init -k • Integrated Dapr control plane • Deploys dashboard, placement, operator, sentry, and injector pods • Automatically inject Dapr sidecar into all annotated pods • Upgrade with dapr upgrade or Helm • Get started with dapr init • Easy setup with Docker images • Sets up placement, Zipkin, Redis • slim-init available without Docker • Run any application with Dapr sidecar using dapr run • Slim mode does executable deployment (no Docker images) Self-hosted • Self-deploy Dapr control plane per machine • Deploy Hashicorp Consul per machine • Run any application with Dapr sidecar using dapr run • Dapr Installer Package allows for offline/remote deployments with no network connectivity Virtual/Physical Machines

Dapr in self-hosted Docker mode Local dev machine or virtual machine Actor placement Placement Zipkin tracing Zipkin Redis state store Redis My App State Stores PubSub Brokers Secret Stores Bindings & Triggers Observability Dapr Components dapr run myapp Use components Launch application Launch sidecar process Set env variables Save and retrieve state Publish and subscribe to messages Create mapping table of actor instances to pods Send distributed tracing

Dapr Components - Local Usage Dapr CLI • dapr run --app-id checkout --app-port 6002 --dapr-http-port 3602 --dapr-grpc-port 60002 dotnet run • dapr run --app-id $AppName --components-path config/dapr/components -- dotnet ef migrations add $MigrationName --project ddd/OpenBanking.SampleService.DbMigrator

Dapr Components - Local Usage (Tye Integration)

Dapr on Kubernetes Pod Actor partition placement Placement Pod Dapr runtime injector Injector Pod Cert authority and identity Sentry Pod Update component changes Operator Pod My App Kubelet Use components Inject Dapr sidecar into annotated pods Inject env variables Manage mTLS between services Assign spiffe identity Create mapping table of actor instances to pods Manage component updates Manage Kubernetes service endpoints Readiness and Liveness probe on healthz API to determine Dapr health state State Stores Pub/Sub Brokers Secret Stores Bindings & Triggers Observability Dapr Components Operator Deploys and manages Dapr Any cloud or edge infrastructure

Dapr Components – K8S Usage Configuration Multi-Tenant Support Distributed Lock Pub/Sub State Store Tracing

Dapr Components – K8S Usage

Dapr Dashboard

Dapr Componets – Different Usage

Service invocation Order Processor Checkout DNS Name Resolution component for service discovery (mDNS, Kubernetes DNS, Hashicorp Consul) mTLS encryption POST http://localhost:3500/v1.0/invoke/orderprocessor/method/orders {"data":"order1"} POST http://10.0.0.2:3501/orders {"data":"order1"} Send order

Service invocation

State Management

State Management

corpdb-redis.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: orderstore spec: type: state.redis version: v1 metadata: - name: redisHost value: redis-master.default.svc.cluster.local:6379 - name: redisPassword secretKeyRef: name: redis-secret key: redis-password corpdb-cosmosdb.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: orderstore spec: type: state.azure.cosmosdb version: v1 metadata: - name: url value: corpdb.documents.azure.com - name: masterKey secretKeyRef: name: master-key key: cosmos-key - name: database value: orders - name: collection value: processed

Publish and Subscribe Service B My App Redis Cache Service A POST http://localhost:3500/v1.0/publish/order {"data":"MyOrder"} POST http://10.0.0.4:8000/factory/order {"data":"MyOrder"} POST http://10.0.0.2:8000/order {"data":"MyOrder"} Rabbit MQ

Publish and Subscribe

Bindings

Input bindings My App Twitter POST http://10.0.0.2:8000/newtweet {"data":“📢 We are excited to announce the …"}

Dapr bindings API twitter.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: twitter spec: type: bindings.twitter version: v1 metadata: - name: consumerKey secretKeyRef: name: twitter-secret key: consumerKeys - name: consumerSecret secretKeyRef: name: twitter-secret key: consumerSecret - name: accessToken secretKeyRef: name: twitter-secret key: accessToken - name: accessSecret secretKeyRef: name: twitter-secret key: accessSecret App-to-sidecar Invoke an output binding POST/PUT /v1.0/bindings/twitter Sidecar-to-app Trigger an app OPTIONS/POST /new-tweet

Output bindings My App Twilio POST http://localhost:3500/v1.0/bindings/twilio {"data":”Send message"} Send Message

Custom Binding

Secrets My App GET http://localhost:3500/v1.0/secrets/vault/mysecret "supersecret" HahsiCorp Vault key value mysecret "supersecret"

Secrets

Dapr secrets API vault.yaml apiVersion: dapr.io/v1alpha1 kind: Component metadata: name: vault spec: type: secretstores.hashicorp.vault metadata: - name: vaultAddr value: https://127.0.0.1:8200 - name: caCert value: "ca_cert" - name: caPath value: "/certs/cert.pem" - name: caPem value: "/certs/ca.pem” App-to-sidecar Retrieve a secret GET /v1.0/secrets/vault/mysecret Retrieve secrets in bulk GET /v1.0/secrets/vault/bulk

Secrets

Distributed Lock

Distributed Lock

Configuration My App GET http://localhost:3500/v1.0/configuration/store/appconfig1 "setting A" key value appconfig1 ”setting A" Redis Cache

Configuration

W3C tracing context W3C tracing context W3C tracing context Service C Service A Service B Backend Monitoring Tools Collector Backend Monitoring Tools

No content

Metrics Dapr Metrics features: Call latency CPU/memory usage Error rates Sidecar injection failures System health Built-in monitoring capabilities to understand the behavior of the Dapr sidecar and system services

Resiliency • Resiliency patterns can be applied across Dapr APIs • Retries • Timeouts • Circuit breakers • Declarative and decoupled from application code • Available across all component types, service invocation and actors.

State Management v2 Publish & Subscribe Secret Management Input Binding Output Binding Service Invocation Get state Retrieve secret Publish Subscribe Trigger Call method Get config Application Configuration Resiliency resiliency resiliency resiliency resiliency resiliency resiliency resiliency

Kendin Sor Kendin Cevapla

Dapr, şu bildiğimiz ORM kütüphanesi değil mi? Dapr ≠ Dapper

Dapr'a alternatif var mı?

Dapr için sırada ne var?

Dapr "Service Mesh" ürünü müdür?

Dapr "Service Mesh" ürünü müdür?

Dapr'a güvenebilir miyim? • CNCF • Güçlü community • Diagrid şirketi https://www.diagrid.io • Diagrid Conductor • Diagrid Cloud (Coming)

Dapr'a güvenebilir miyim?

Dapr'a güvenebilir miyim?

Dapr'a güvenebilir miyim? "Mark Russinovich – MSBuild 2023"

17.9k GitHub stars 4k Discord members +1M Docker Hub monthly pulls 1810 Contributors 97 Community Components +10k Monthly Docs views

ZEISS Group “Dapr really simplifies the case of distributed application architectures. With Dapr, any developer can do it. Dapr made it much faster for us to build an app on Azure Kubernetes Service” - Kai Walter, Lead Architect, ZEISS Deployment regions Azure Kubernetes Service Sidecar Microservice Application pods Azure Front Door Customer order Azure Key Vault Azure Service Bus Azure API Management Azure Cosmos DB ZEISS location Confirm order Forward to nearest deployment Send order request Zeiss ESB Azure API Management Actor state Secrets Pub/sub Multiple ZEISS SAP Systems ZEISS Identity Management ZEISS plant Customer metadata • Worldwide order processing solution • Original system based on SAP and was slow to update business rules • Needed agility to manufacture close to customer location • Workflow, event driven architecture, built using Actors with replicated state in CosmosDB • Microservices deployed to AKS in each region

Man Group ▪ Modernize existing 10 yr old, highly transactional, operations platform for trading and risk reporting ▪ Requirements: Support mobile apps, rolling upgrades, easier secrets management & rotation, polyglot languages, improve diagnostics/telemetry ▪ Run on VMs using cloud native technologies ▪ Incremental evolution strategy using Dapr, with minimal code changes ▪ Central API Gateway for Apps supports Windows Auth/Oauth with service discovery ▪ Dapr deployed in self-hosted VM mode giving every service the following features: ─ Service discovery, invocation and identity propagation using JWT Bearer Token. Eliminates Load Balancer for services ─ Secure encrypted traffic over mTLS w ith automatic certificate rotation ─ Secret Store access (Vault) ─ Distributed Telemetry (OpenTelemetry, Zipkin) w ith Metrics (Prometheus, Grafana) ─ Actor Platform for Python, Java, C# Windows Auth App Python Service .NET F 4.0 WCF TCP, XML Win Svc Service .NET F 3.5 WCF TCP, XML Win Svc App .NET F 3.5 WPF Service .NET F 4.8 WCF TCP, XML Win Svc Service .NET F 4.8 WCF HTTP, JSON Win Svc App Java Service .NET C 3.1 ASP.NET C HTTP, JSON Win Svc Service .NET C 3.1 ASP.NET C HTTP, JSON Container OAuth Infrastructure SQL Server MSMQ Kafka Docker JAVA API Gateway VM #1 VM #2 VM #3 VM #4 VM #5 VM #6 Placement Sentry Consul mTLS JWT Bearer Token Vault Telemetry Client Server Windows Authentication (Impersonation) App Py thon Service .NET F 4.0 WCF TCP, XML Win Svc Service .NET F 3.5 WCF TCP, XML Win Svc App .NET F 3.5 WPF Service .NET F 4.8 WCF TCP, XML Win Svc Service .NET F 4.8 WCF HTTP, JSON Win Svc Service .NET C 3.1 ASP.NET C HTTP, JSON Win Svc Load Balancer Appliance Service .NET C 3.1 ASP.NET C HTTP, JSON Container OAuth x Infrastructure SQL Serv er MSMQ Kaf ka Docker X 100 App Jav a JAVA

Alibaba Cloud “At Alibaba Cloud, we believe that Dapr will lead the way in microservice development. By adopting Dapr, our customers can build portable and robust distributed systems faster." - Li Xiang, Senior Staff Engineer, Alibaba Cloud Internal Dapr use cases at Alibaba Cloud: • FaaS and serverless platform • Required multi-language application integration - Node, go, C, C++, Java, Rust • With conventional class library model, applications become bloated due to large number of SDKs. FaaS and company acquisitions accelerated multi- language needs • Modernize complex Java legacy systems • Cloud-to-Cloud migrations and portability • Migrated DingTalk communication app from internal to public cloud • Dapr AliCloud components for pub/sub and storage

Ignition Group Dapr components Azure API Management Azure Load Balancer Azure Kubernetes Service Virtual Machine Scale Set node pool Sidecar Microservice Application pods Azure Queue Storage Azure Cache for Redis Kubernetes Secret store MongoDB Azure DevOps Azure Container Registry Traces, logs, metrics Integration “Using Dapr with Azure makes it very easy to bolt in new pieces of infrastructure without changing anything else. It changed our business” - Russell Stather, Chief Digital Transformation Officer, Ignition Group

Dapr kaynaklı yavaşlık yaşar mıyım?

No content

Teşekkürler😊

Kaynaklar • https://dapr.io/ • https://docs.dapr.io/ • https://medium.com/design-microservices-architecture-with-patterns/microservices-architecture- 2bec9da7d42a • https://learn.microsoft.com/en-us/dotnet/architecture/dapr-for-net-developers/ • https://stackshare.io/dapr/alternatives • https://learn.microsoft.com/en-us/dotnet/architecture/dapr-for-net-developers/dapr-at-20000-feet