Microservices = Agile, Resilient, and Open
Microservices = Agile, Resilient, and Open
Mike LaFleur, Director of Solution Architecture at Provenir, explains how the implementation of microservices better supports an agile approach to development.
Join the DZone community and get the full member experience.Join For Free
Learn why microservices are breaking traditional APM tools that were built for monoliths.
How is your company involved in the creation or use of microservices?
Provenir provides the technology to support real-time, automated risk decisioning in financial institutions. These institutions - whether Tier 1 Banks or FinTechs - must mitigate risk as it enters the organization. As a transaction enters the organization, they must immediately determine the risk that transaction represents. Provenir empowers these financial institutions with the ability to create microservices that can be called, as part of a risk mitigation strategy and process, to evaluate the risk represented by a transaction.
What do you see as the most important elements of microservices?
There are three basic elements of microservices that are crucial:
1) Microservices are agile. Let me paint this as a story. As a Chief Risk Officer, I have my team expose a scorecard as a service to be used as part of the credit underwriting process. The Chief Operations Officer is in charge of that process. As part of the exposure of the scorecard, we agree that if the underwriting process passes seven variables to the scorecard service, the service will return as a score. As long as I don’t violate the contract - give me seven data points, and I’ll return a score - it doesn’t matter to the underwriting process how the score is calculated. This means, if the risk team discovers new data sources they can leverage, or if a new scoring model is created, they are free to implement it; that change will not negatively impact the underwriting process. This level of agility means risk professionals can quickly adapt to a changing risk landscape.
2) Microservices are resilient. In the example above, as long as the service that is exposed adheres to the original contract, the processes that rely on the service will not break. Both sides of the contract - give me seven variables and I will give you a score - are able to best meet terms in the contract. The underwriting process can retrieve the variables any way deemed best, and the scorecard service can calculate the score as deemed best. As long as the contract is adhered to, neither is impacted.
3) Microservices are open. At this point, most microservices are designed to leverage REST as the mechanism for data exchange. REST is showing itself to be secure, lightweight, and flexible. This open nature represents huge potential in building end-to-end processes that best meet the operational needs of the enterprise.
Which programming languages, frameworks, and tools do you, or your company use, to build out microservices?
Provenir implements a development technique called graph theory, rather than implementing a language like Java or Scala. Graphs are designed and developed using Provenir’s Studio and deployed to our Decision Engine. As part of the development, users can expose REST-based endpoints. These endpoints enable decisions, analytics, processes, etc., to be exposed as microservices. We also provide tools that enable the testing and documentation of the exposed services.
How have microservices changed application development?
The vision to create a loosely-coupled enterprise environment has been a Holy Grail for some time. While the same theories and techniques showed promise with XML and SOAP-based web services, the implementation of microservices better supports an agile approach to development. The decomposition of monolithic end-to-end processes gives product and process designers and developers the flexibility to create solutions that are fit for purpose. It enables these professionals to define more discrete capabilities, allowing developers to create discrete functions - a more appropriate solution to the business problem they must solve.
What kind of security techniques and tools do you find most effective for securing microservices?
The efficacy of security techniques and tools depend on the environment in which the microservice is deployed into. An obvious tool for securing endpoints is OAuth. Most big providers of web service endpoints are relying on OAuth for security.
What are some real-world problems you, or your clients, are solving with microservices?
Provenir helps organizations take a wide variety of data - both structured and unstructured - and run it through sophisticated analytical models. In organizations that are not using a tool like Provenir, the undertaking can be tremendously difficult. Aggregation of data, getting that data to the right place at the right time, and running analytical models in real time are challenging, sometimes nearly impossible. Provenir empowers its users to integrate, orchestrate, and evaluate that data. The real-world problem that Provenir helps solve, for institutions from Tier 1 banks to startup FinTechs, is to give data scientists and analysts the ability to write models and deploy them natively so these models can run in real-time. By exposing them as microservices, these organizations can offer a decision-as-a-service or prediction-as-a-service.
What are the most common issues you see affecting the implementation of microservices?
Microservices are yet another operational and developmental paradigm shift. These shifts always present challenges to implementation. The architectural maturity of an organization is often the greatest hindrance to adoption and implementation. If an organization is not in a place to facilitate the exposure of microservices, for example, due to legacy systems not supporting open messaging, it will hinder implementation.
Do you have any concerns regarding the current state of microservices?
My biggest concern regarding the state of microservices is the possibility that an organization may not properly secure its endpoints. Due to the lightweight nature of microservices, it is not a prescriptive technology. By contrast, SOAP is governed by a standards body that ensures prescriptive security recommendations are provided. Microservices aren’t governed, so the potential roll-out is very “wild west.”
What’s the future for microservices from your point of view - where do the greatest opportunities lie?
One of the greatest opportunities in microservices lies in the potential for reuse. For example, all organizations likely require the ability to quickly reference employee information to ensure that the right skill level is applied to a given task. Instead of writing the code to lookup this information each time it is used in a process, an employee look-up service can be written and reused by any process that needs the information.
What do developers need to keep in mind when working on microservices?
When working on microservices, developers must be simple and discrete. A service should not be complicated. It should solve one singular problem. It should be as simple as: Give me seven data points and I will give you a score. Nothing more.
Opinions expressed by DZone contributors are their own.