Geek Answers Handbook

Implement SOA with RESTful APIs and Application APIs?

At the moment, we have one huge API that is used by our backoffice, our interface, as well as our public API.

This causes me a lot of headaches, because when I create new endpoints, I find a lot of application-specific logic in the code, which I don’t necessarily want to include in my endpoint. For example, the code for creating a user may contain code for sending a greeting message, but since this is not required for the backoffice endpoint, I will then need to add a new endpoint without this logic.

I was thinking of a large refactor to break our code base into several smaller specialized APIs, and then create a set of small application APIs on top of them.

So, for example, the endpoint of an application to create a new user can do something like this after the refactor:

customerService.createCustomer(); paymentService.chargeCard(); emailService.sendWelcomeEmail();

The APIs of applications and services will be completely separate code bases (possibly a separate code base for each service), they can also be created using different languages. They will only interact through REST API calls. They will be on the same local network, so latency should not be a big problem.

It is a bad idea? I have never seen / worked on the code base that used to separate them, so maybe there is a better architecture to achieve the flexibility and maintainability I'm looking for?

Counseling, links or comments will be appreciated.

+7
rest api architecture soa
source share
3 answers

Your idea of ​​creating several well-defined services sounds, and in fact, this is the best way to approach this. Walking using a purely microservice approach, although this may seem fashionable, it turns out that it is most often excessive. That's why I just redesigned existing APIs / services properly and follow the solid and sound SOA design principles below. Good resources can be found at serviceorientation.com and soapatterns.org. I have always used them as a link in my career.

Consider what types of services you need.

Service Types and Layers (image from serviceorientation.com)

  • Services - this is usually your client, payment services - for example. services focused on objects in your domain. They must be business agnostics and be able to use them in all scenarios. They could sometimes be called customers directly, if enough for their needs. They can be called by Task services.
  • The utilities contain logic that you are likely to reuse in other services, but are usually not called directly by clients. Rather, they will be called by the Task and Entity services. An example is the transliteration service.
  • A task integrates and reuses Entity and Utility services in meaningful tasks. Most often they are not agnostics, and they implement a certain business logic. They have significant business operations, and it is they who most often call customers.

Principles to be followed when redesigning

I highly recommend translating over this deception sheet and making sure that everything that is covered there when you do your redesign. This is a great help.

In general, you should make sure that:

  • Each service has a common context and follows the principle of separation of concerns . For example. Clients service is intended only for operations related to customers, etc.

  • Each of the Entity and Utility services is business agnostic and quite basic . Therefore, it can be reused in several scenarios and contexts without change. The contract should be simple - CRUD and only general operations that make sense in most use cases.

  • Services follow a common data model β€” make sure that all the data structures you use are used uniformly across all services to prevent future integration and help bring services together for customers. If you need to get a client that another service returns, this should happen without the need for conversion

OK, but where to put non-diagnostic logic?

Now you have several options for abstracting business logic when you have a need for complex business functions. It depends on your scenario, what you are going to choose:

  • Leave the logic to all customers. Let them combine your simplified services.
  • If there is business logic that is typically implemented in multiple applications and can be reused, you can implement a composite service that reuses several existing core services and exposes the logic.

Resistance to services. Concern over multiple API calls causes communication overhead.

Well, this is a centuries-old question - should you make some API calls when they are likely to create some overhead? The answer is that it depends on how complex your script is, how much reuse you expect and how flexible you want to be. Also critical speed? To what extent? In a service-oriented architecture, this is a very common approach β€” reuse existing services and combine them in new configurations as needed. Yes, this adds some overhead, but I have seen implementations in very complex environments such as Telecoms, where through the use of ESB solutions, message queues, etc. Overhead is negligible compared to benefits. Here's a general approach to architecture (image from serviceorientation.com):

Designing Web Services to Solve a Bigger Problem

Mandatory obsolete heads-up refactoring

Most often, changing the existing contract for several existing client systems is a messy business and may well lead to a lot of refactoring and the need to look for needle functionality on the stack, somewhere in the depths of (possibly) outdated code. Business logic can be scattered everywhere. Therefore, make sure that you are ready, and you have control, time and desire to wage this battle.

Hope this helps

+2
source share

It is a bad idea?

No, but it is a big general question to be able to give very specific advice.

I would like to divide this into 3 areas:

  • An approach
  • Design
  • Technology

Work in the opposite direction Technology is the final and most specific part and completely depends on what your current environment (platforms, skills) is and (I hope) it will be reasonable obvious for you to do other things sometime.

The design you described above seems like a good end state - with several specific, oriented APIs, each of which bears its own responsibility. Again, the design details will depend on the skills of you and your organization, as well as the existing platforms that you have. For example. if you already use TIBCO (for example) and invest a lot (licenses, platforms, tools, people), then using some of their published templates / templates / templates makes sense; but (possibly) not if you do not already have TIBCO exposure.

In the abstract, the REST API services seem to be a good starting point - at all levels of the system there are many tools and platforms for ensuring security, deployment, monitoring, scalability, etc. If you are NGINX users, they have many (platform-independent) thoughts on how to do this, the NGINX blog , including smart thinking about scalability and performance. If you are more adventurous and have a smart, impatient team, look at the event-driven architecture - see this

An approach (or process) is a keyword . Ultimately, this is refactoring, although your description of the β€œbig refactor” is a little scary to me - so it seems you are talking about changes with big changes and call it refactoring. Perhaps this is just a language, but, in my opinion, this is the "evolution" of one huge API "into several specific, oriented APIs (by reorganizing the architecture)." One place to start is Martin Fowler , while this book is dedicated to software refactoring, the principles and approach are the same, just at a higher level. Indeed, he talks about it here

IBM will talk about refactoring for microservices and make it easy to do in one step, but it never happens (outside the lab).

You have an existing API serving several internal and external clients. I suggest you keep this interface for these clients - separate implementation refactoring from additional problems associated with linking and coordinating external systems / groups. My high-level starting approach:

  • define a small (3-7) number of related methods in the API
    • ideally, if in any case with these methods a significant change is required with limited coverage, which is good - business value with a code change.
  • design / specify a new standalone API specifically for these methods
    • first clone an existing model / name / style
  • enter a new service only for these
    • with proper automated testing and deployment methods for CI / CD.
    • with appropriate monitoring
  • modify the existing API so that calls to these methods are redirected to call the new service
    • there may be a runtime switch for changing between the old implementation and the new implementation.
  • remove the old implementation from the code base
  • capture problems, assumptions and problems along the way
    • The first pass will include a lot of knowledge about what works and doesn't work.
  • then repeat the process over and over again each time adding improvements.

At some point in the future, when it is necessary due to other business-oriented needs, the API published for internal, external and / or public clients may change, but this is a completely different project.

As you can see, if the API is huge (1000 methods => 140 releases), this is a multi-month process, and it is important to have a very frequent release schedule. And there can be no value-enhancing code that works reliably and will never change, so (potentially) most of the existing API can remain just wrapped in a new API.

Other considerations:

  • open API? Perhaps a new version (significant changes) will be needed earlier than the internal API
    • focus on the methods / services he uses
  • which parts / services are changing the most (most upgrade requests approved)
    • these are the bits that are likely to change, and can benefit the most from the best process / architecture
  • what are the future plans for change and where will the API affect
    • eg. changes in user management, change in payment processors, change in execution systems.
    • eg. new business plans (new products / services)
    • consider the affected methods in the API
  • See also:

Probably the biggest 4 tips I can give:

  • think about refactoring: small changes that do not affect the function
  • think of flexibility: small increments that are valuable, verifiable, achievable
  • think continuously: have a vision of where you will be (in the end), and then continuously work on the process
    • script and automate processes from code, documentation, testing, deployment, monitoring ...
    • improving it every time!
  • You have an application / API that works - keep it operational!
    • This is always the first priority (you just need to work to reduce the time / budget for maintenance)
+1
source share

Nice idea at all.

Also what you are looking for is a microservice arch. and that begs the question of how you break your system down into well-defined services.

We use Archos Design Driven Design. break our system into microservices and the lagom framework, which allows each service to be in diff. code base and event-driven arch. between microservices.

Now consider your problem at a low level: you said that the service contains code, for example, creating a user and sending email, and the other is just creating a user, as well as another code.

First we need to understand how many types of code you write:

  • The logic of domain objects (for example: User object) - which parameters are valid and that's it - it should be independent of the endpoint of the service and should be encapsulated in one class as a user class, and we say that this is aggregation in terms based on the domain
  • Business reactions β€” for example, when creating a user, send an email β€” using an event-driven arch. these types of logics are divided into process managers or sagas, which in most cases can work conditionally, they send mail for a user created from the outside, and send an email for a user created internally with additional data in the event

Also, how do you do this, how do you process a transaction through services?

+1
source share

More articles:


All Articles