Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Spring Data to Spring Cloud to Spring Security:...

Asir Vedamuthu Selvasingh
October 10, 2019
Technology
0
11

Spring Data to Spring Cloud to Spring Security: How Azure Supercharges Spring Boot

Your software systems require a lot more than just business logic. You have to authenticate users, store data, architect for scale and resilience, and make sure to deliver something maintainable. Not easy! Fortunately, Microsoft invests heavily in Spring support, and has a ton of new integrations into core cloud services. Join Asir from Microsoft, Richard from Pivotal, and Vaibhav from Best Buy, as they show off a real-world application that demonstrates:

Spring Security for Azure Active Directory
Reactive data access for Spring Data Cosmos DB
Event processing using Spring Stream Binder for Event Hubs
Remote configuration storage with Spring Config and Azure App Configuration
Short-lived compute with Spring Cloud Function
Live monitoring and troubleshooting of Spring deployments with Azure Monitor

Asir Vedamuthu Selvasingh

October 10, 2019
Tweet

More Decks by Asir Vedamuthu Selvasingh

See All by Asir Vedamuthu Selvasingh
Modernize Java apps on Azure
selvasingh
0
82
Accelerate Spring Boot apps at scale using Azure Spring Cloud
selvasingh
0
29
Migrating Monoliths to Microservices -- M3
selvasingh
0
86
Accelerate Spring Apps to Cloud at Scale
selvasingh
0
43

Other Decks in Technology

See All in Technology
Python(PYNQ)がテーマのAMD主催のFPGAコンテストに参加してきた
iotengineer22
0
510
マルチモーダル / AI Agent / LLMOps 3つの技術トレンドで理解するLLMの今後の展望
hirosatogamo
37
12k
Engineer Career Talk
lycorp_recruit_jp
0
190
いざ、BSC討伐の旅
nikinusu
2
780
組織成長を加速させるオンボーディングの取り組み
sudoakiy
2
220
これまでの計測・開発・デプロイ方法全部見せます! / Findy ISUCON 2024-11-14
tohutohu
3
370
インフラとバックエンドとフロントエンドをくまなく調べて遅いアプリを早くした件
tubone24
1
430
iOS/Androidで同じUI体験をネ イティブで作成する際に気をつ けたい落とし穴
fumiyasac0921
1
110
【令和最新版】AWS Direct Connectと愉快なGWたちのおさらい
minorun365
PRO
5
760
Amazon CloudWatch Network Monitor のススメ
yuki_ink
1
210
誰も全体を知らない ~ ロールの垣根を超えて引き上げる開発生産性 / Boosting Development Productivity Across Roles
kakehashi
1
230
[CV勉強会@関東 ECCV2024 読み会] オンラインマッピング x トラッキング MapTracker: Tracking with Strided Memory Fusion for Consistent Vector HD Mapping (Chen+, ECCV24)
abemii
0
230

Featured

See All Featured
Learning to Love Humans: Emotional Interface Design
aarron
273
40k
We Have a Design System, Now What?
morganepeng
50
7.2k
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
stephaniewalter
280
13k
Building an army of robots
kneath
302
43k
Designing for humans not robots
tammielis
250
25k
Large-scale JavaScript Application Architecture
addyosmani
510
110k
Optimising Largest Contentful Paint
csswizardry
33
2.9k
A Philosophy of Restraint
colly
203
16k
Agile that works and the tools we love
rasmusluckow
327
21k
Code Reviewing Like a Champion
maltzj
520
39k
5 minutes of I Can Smell Your CMS
philhawksworth
202
19k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
25
1.8k

Transcript

  1. Spring Data to Spring Cloud to Spring Security: How Azure

    Supercharges Spring Boot October 7–10, 2019 Austin Convention Center

  2. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Speaker Introductions 2 Richard Seroter Pivotal Asir Selvasingh Microsoft Vaibhav Agrawal Best Buy

  3. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Our Reference Architecture 3 East US (Boston) POS POI Event Hub Update inventory Exec Dashboard UK South (London) SE Asia (Singapore) Notify Event Hub Cosmos DB (read/write) POS POI Event Hub Update inventory Exec Dashboard Notify Event Hub Cosmos DB (read) Azure App Service POS POI Event Hub Update inventory Exec Dashboard Notify Event Hub Cosmos DB (read) Azure App Service Azure App Service

  4. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Your app includes more than business logic. 4 Business Logic Application Server Compute Infrastructure Storage Application and System Monitoring Identity Management Secrets Store Database Message and Event Broker Configuration API Gateway Application Cache Microservices Machinery Load Balancing Deployment Automation

  5. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 5 Why use Spring ➔ Spring Boot is the most widely used Java framework with 85+ million downloads per month. It provides production-grade opinions and features that make it easier to create and evolve software. ➔ Common approach to every sort of enterprise app. Build scalable, robust web apps, microservices, APIs, streaming apps, batch processors, and functions. ➔ Spring Cloud brings Netflix-style patterns to apps, anywhere. Incorporate best practices—like remote config, service discovery, circuit breakers— on any infrastructure.

  6. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 6 Why use Microsoft Azure ➔ Global infrastructure. Powered by 54 worldwide regions, available in 140 countries. ➔ Powerful managed services. Differentiating services for compute, database, messaging, security, machine learning, IoT, and more. ➔ Hybrid value proposition. Connect on- premises systems to cloud with Active Directory, integration solutions, and more. ➔ Integrated developer tooling. Use popular IDEs, frameworks, and CI/CD tools to interact with Microsoft Azure.

  7. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ How Azure Makes Spring Better

  8. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Extensions for: - Spring Boot coding assistance - Spring boot project start/debug/stop - Spring Initializr experience Use Visual Studio Code extensions 8

  9. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 9 Support for Spring Boot ➔ Virtual Machines and Kubernetes for unopinionated hosting. Both Azure options provide general compute services. ➔ Pivotal Platform or Azure App Service for application-centric hosting. Each provide additional capabilities that are application-aware. ➔ Azure Spring Cloud for first-party experience in cloud. Experience caters to Spring Boot microservices.

  10. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 0 Support for Spring Cloud ➔ Spring Cloud is for distributed systems. These projects bring microservices machinery to your applications. ➔ Azure provides configuration, messaging, function support. Spring Cloud projects get deep integration with Azure services, including App Configuration Service. ➔ Azure Spring Cloud offers managed services. Get managed configuration, service registry, and circuit breaker experiences.

  11. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 1 Introducing Azure Spring Cloud ➔ A fully managed service for Spring Boot microservices powered by Spring Cloud and Azure Kubernetes Service. ➔ Containerizes code, hosts apps, and delivers integrated service discovery, circuit breaker, config store, monitoring, integration with Azure services, and more. ➔ Uses Pivotal-driven components like Cloud Native Buildpacks, kpack, and Spring Cloud Services.

  12. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 2 Support for Spring Cloud Stream ➔ Spring Cloud Stream is for scalable microservices architectures. Interact with shared messaging systems in a consistent way. ➔ Integrate with message brokers. Connect to Azure Service Bus queues and topics. ➔ Integrate with event stream processors. Connect to Azure Event Hubs through native or Kafka-based interface.

  13. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 3 Support for Spring Cloud Function ➔ Spring Cloud Function separates logic from runtime. Run standalone or on serverless platform, with same code for web endpoints, tasks, or stream processors. ➔ Run Functions in Azure. Build and run Spring Cloud Functions on the Azure Functions runtime, including trigger and binding support. ➔ Co-engineered integration. Pivotal and Microsoft worked together to ensure compatibility.

  14. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 4 Support for Spring Data ➔ Spring Data makes data access easier. Get consistent access to data sources, while retaining unique aspects of each. ➔ Works with relational Azure databases. Use Spring Data with Azure SQL, MySQL, PostgreSQL. ➔ Leverage with non-relational databases too. Use Spring Data with CosmosDB, including SQL, MongoDB, Cassandra, and Gremlin interfaces. ➔ New support for R2DBC. Get reactive access to Azure SQL and PostgreSQL.

  15. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 5 Support for Spring Caching ➔ Spring makes it easy to add caching to your application. Applies transparently to the methods in your applications. ➔ Use Azure Redis Cache explicitly. Packages for working directly with cached values in your code. ➔ Use Azure Redis Cache as @Cacheable backing store. Also leverage the Azure service for transparent caching, and as a backing store for Spring Session.

  16. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 6 Support for Spring Resource ➔ The base Spring “resource” is for abstract access to low-level resources. Extend, or use one of many built in options (e.g. UrlResource, FileSystemResource). ➔ Use Azure Storage as a Resource. Easily read from and write to durable blobs. ➔ Available as a Spring Boot Starter. Add dependency directly, or via Spring Initializr.

  17. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 7 Support for Spring Security ➔ Spring Security is for authentication and authorization. Authenticate and authorize in a variety of ways, include token-based flows. ➔ Integrate with Azure Active Directory via Spring Boot Starter. Applies to both B2B and B2C scenarios thanks to support for Office 365 and Microsoft Accounts. ➔ Integration with Azure Key Vault. Store and retrieve secrets from your Spring Boot applications.

  18. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 1 8 Support for Micrometer ➔ Micrometer is integrated into Spring Boot for metrics collection. Vendor- neutral interface for a variety of dimensional metrics. ➔ Feeds metrics to Azure Application Insights. A variety of metrics flow into monitoring dashboards and Log Analytics. ➔ Use via Spring Boot Starter. Easy inclusion in your projects.

  19. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ • Getting Started guides • Tutorials • Reference documentation • Sample projects in GitHub Documentation for Spring on Azure 1 9

  20. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Our Reference Architecture 2 0 East US (Boston) POS POI Event Hub Update inventory Exec Dashboard UK South (London) SE Asia (Singapore) Notify Event Hub Cosmos DB (read/write) POS POI Event Hub Update inventory Exec Dashboard Notify Event Hub Cosmos DB (read) Azure App Service POS POI Event Hub Update inventory Exec Dashboard Notify Event Hub Cosmos DB (read) Azure App Service Azure App Service

  21. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Demo time! http://aka.ms/ihub 2 1

  22. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Demo time! http://aka.ms/ihub-aad 2 2

  23. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ How Best Buy Instantiated This Architectural Pattern

  24. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Best Buy Co., Inc. is an American multinational consumer electronics retailer headquartered in Richfield, Minnesota. It was originally founded by Richard M. Schulze and James Wheeler in 1966 as an audio specialty store called Sound of Music. In 1983, it was re-branded under its current name with an emphasis placed on consumer electronics. We at Best Buy work hard every day to enrich the lives of consumers through technology, whether they come to us online, visit our stores or invite us into their homes. We do this by solving technology problems and addressing key human needs across a range of areas, including entertainment, productivity, communication, food, security and health. About Best Buy 24

  25. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ A serverless application typically follows the following 4 principles – • Pay-per-use As in a 'pay-as-you-go' phone plan, developers are only charged for what they use. Code only runs when backend functions are needed by the serverless application • Increased velocity Developers can very quickly upload bits of code and release a new product. They can upload code all at once or one function at a time, since the application is not a single monolithic stack but rather a collection of functions provisioned by the vendor. Why Best Buy chose Azure PaaS 25 • Zero administration Although 'serverless' computing does actually take place on servers, developers never have to deal with the servers. They are managed by the vendor. • Auto-scaling Applications built with a serverless infrastructure will scale automatically as the user base grows or usage increases. If a function needs to be run in multiple instances, the vendor's servers will start up, run, and end them as they are needed, often using containers

  26. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ • Azure Event Hub • Azure Functions • Cosmos DB • Azure App Service • App Gateway / Front Door • Azure Key Vault Key components of Azure used by Best Buy 26 2 6 Azure Cloud Notify Event Hub Cosmos DB (read/write) Bestbuy.com Azure App Service Best Buy Data Center POD POD Process Persist Request Azure Key Vault Front Door / App Gateway Carrier 1 Carrier 2 Carrier 3 Carrier 4

  27. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 2 7 Speed of development ➢ Standing the new application from nothing took less then 10 weeks. Typically the hardware procurement itself use to take 6 weeks and the similar application in data center would have taken 16+ weeks ➢ As each functionality is created as an independent function, each function can be worked independently. This is very useful for as each vendor has different rules Benefits of using serverless on Azure

  28. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 2 8 Auto Scaling ➢ Application scaled from 10K events/hour to 2M events/hour without any overheads. ➢ Functions scaled from 3 – 100 functions for the 6 hour period and then scaled down to 3 functions ➢ At its peak the average event processing took about 507 microseconds Benefits of using serverless on Azure

  29. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 2 9 Agility ➢ Team was able to deploy each function independently. We moved from monthly deployments to weekly deployments ➢ Testing cycle is significantly reduced. We only need to test changed function not the whole application ➢ Fixes and patches can be applied very fast Benefits of using serverless on Azure

  30. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 3 0 Application performance metrics – Everyday load

  31. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ 3 1 Application performance metrics – Peak load

  32. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Q&A

  33. Stay Connected. Bootiful Azure Spring Cloud [Wednesday 3:20pm]​ --- spring.io

    https://docs.microsoft.com/en-us/java/azure/spring-framework​ https://pivotal.io/spring-app-framework​ #springon e @s1p

  34. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ APPENDIX

  35. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Richard - Why Java or why Spring? Vaibhav – To build the application on Azure we only required java and Spring skills which were already available in my team. No Azure proprietary skills were required Asir - How long did it take to build it? Vaibhav - Standing the new application from nothing took less then 10 weeks. Typically the hardware procurement itself use to take 6 weeks and the similar application in data center would have taken 16+ weeks Richard - Did the scope of the project change as you build? How did you adjust? Vaibhav – The project scope and prioritization was changing almost every week. As each component was built as independent functions, we only need to test changed function not the whole application. Testing cycle is significantly reduced. Team was able to deploy each function independently. Questions

  36. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Asir - How often did you deploy? Vaibhav - We moved from monthly deployments to weekly deployments. Fixes and patches can be applied very fast. Richard - Did Microsoft help you in any way? Vaibhav – Microsoft was with Best Buy for the complete journey. The Product Managers worked closely with Best Buy on choosing the right components. Using the right components are critical to the success of any cloud application Asir - What were your security considerations? Vaibhav – We didn’t store any PII data. For the application security we used both RBAC and Managed Service Identities. We managed the secrets using Azure Key Vault Questions

  37. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Richard - How did your application scale during peak loads? Vaibhav – I have some wonderful metrics slides for it. Typically, as the load grows perf degrades. The daily performance hovers around 10-15ms. As the load is not even, there is a bit of warmup overhead. However during the peak loads we saw the number of functions scale and the average performance broke the sub millisecond barrier. Asir - Did you have to reserve any capacities for heavy loads? Vaibhav – We didn’t reserve any capacities. The functions & app services auto scaled based on the load. We however had to raise the cosmos DB RUs appropriately beforehand. Richard - What is the cost profile between before and after running in cloud? Vaibhav – We typically had to buy 10’s of servers and incur their costs for months. With the cloud, we will only incur costs as per the usage. Questions

  38. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Asir - Tell us about your experience troubleshooting in cloud? Typically, they say it is hard, what is your experience? Vaibhav – At first it did feel a bit overwhelmed. However once the team got used to the application insights, it was quite easy. And again, Microsoft did help us here in using the right toolset. Richard - What advice would you have for Spring developers who are considering cloud? Vaibhav – Spring has some very good integration with the cloud providers. Before writing any code, you may want to check the integration with Spring modules. Like connecting to Cosmos DB using Spring Data was a breeze. Lot of the proprietary stuff is hidden behind the integration and the Spring developer may not need any new skills. However, please ensure to use the right module with the integration. For example, we initially used Spring Cloud Functions for the Azure Functions. It worked great when we were in dedicated capacity. But once we moved to “pay as you use” model, we found some overheads during light loads. Questions

  39. Unless otherwise indicated, these slides are © 2013-2019 Pivotal Software,

    Inc. and licensed under a Creative Commons Attribution-NonCommercial license: http://creativecommons.org/licenses/by-nc/3.0/ Directory Data Services Logo Parking Zone Redis Cache Compute Messaging Storage Monitor