Surely, you’ve heard the fairytales from microservices and monoliths. Or on a similar note, the tales about distributed (big) balls of mud from people like Simon Brown.
Usually these posts point out what goes wrong and how unexperienced teams go for a "hype-driven/tunnel-vision architecture". But how do you actually cut microservices? How do you design interfaces? What are techniques to find weak points in your application or system architecture?
In this post I digest the intends and views of a talk on the software architecture summit in Munich.
Herbert Dowalil @hdowalil on Twitter
Stefan Zörner @STefanZoerner on Twitter
Microservices vs. Monolith
The spectrum of architecture definitely isn’t as binary as most blog posts suggest it is. There are way more types, here is a short recap of some of the most famous ones.
There are different definitions out there, but most of them share key points like a domain-driven modules cut, outstanding flexibility and network distribution. One (generally accepted) definition in a FAQ-style by Jimmy Bogard.
Self-contained Systems (SCS)
Similar to microservices, but usually bigger services and fewer in a system.
Deployment Monolith(aka. Modulith)
You have a valuable product, but it does not suite a SaaS business model? Most of your customers won’t offer a Kubernetes clusters or you have a hard time building a secure deployment pipeline? This does not stop good architecture! You can still cut your software in great modules and deploy it as one package.
Such a monolith has no defined structure. It consists of modules, but they are referenced across the whole system. Looks like this:
A blueprint of doing application architecture to generate standard services showing actual business processes steps. The main benefit should’ve been the orchestration of services to full processes and composition of new processes.
While SOA might have failed for most, it is "survived by its offsprings" (Anne Thomas Manes: SOA is Dead; Long Live Services). For a comparison between SOA and microservices see this O’REILLY report.
All these types focus on cutting a big software block into modules. Microservices for example focus on the smallest autonomous boundaries, SOA on reusability and composition. Because of this, the following ideas ‘how to define modules’ can be used for microservers, but don’t stop there. You can use them to define Java packages, C++ namespaces or create C# assemblies.
Often we start with question groups like "How many parts do I need?" and "Where do I cut?"
Sometimes we don’t even know if we should initially start with a monolith (Martin Fowler: MonolithFirst) or with microservices (Stefan Tilkov: Don’t start with a monolith). We can answer this particular question now: it doesn’t really matter when designing modules and interfaces. When you need a push for microservices think about upcoming complexity. The speakers phrased it nicely:
Modularization makes complexity manageable. Investment at beginning makes complexity manageable at the end.
For the first questions, we follow an enhanced version of the SOLID criterias by Robert C. Martin. Herbert Dowalil calls them "5C". Such principles sound nice, but what does strong cohesion or lose coupling mean?
"If you can’t measure it – you can’t manage it"
The key here is using "old school" metrics like cyclomatic complexity or average relative visibility. That’s it; here are the 5C:
Cut your modules in a way where they only have one concern/a single responsibility. Try to maximize cohesion inside a module.
Metrics: e.g. LCOM4, Relational-Cohersion, cyclomatic complexity
Hide the internals of a module inside. Nothing outside the module needs to know about the technologies used or any work (changes) done inside.
Metrics: e.g. low relative visibility, low average relative visibility and low global relative visibility
Design small, specific and easy to understand interfaces between modules.
Metrics: e.g. Depth-of-Inherence
Explicitly declare every connections between modules.
Metrics: e.g. RACD and NCCD from John Lakos. Stability from the software package metrics.
Build new modules by connecting modules together. Move from a lower level of modules to a bigger view on the system. For higher level, modules follow the same patterns as for lower level ones.
Metics: e.g. automated tools like ArchUnit, Sonorgraph or Teamscale
For a deeper dive, see the "Architektur Spicker" (GER only) and follow @Herbert Dowalil on Twitter for updates on his new book.
Once you’ve cut your modules you can decide if you want to distribute them over the network. Pros can be:
- Independent technological decisions:
This reduces macro architecture from your software and lets you use specialized tools and languages for each module (like .NET for a web API and python for the underlying data science or spring boot for your user handling and c++ for a calculation core).
- Technology roll-over:
You can upgrade your technology components step by step. An upgrade from the Java or Node.js runtime might improve performance and eliminate security threads or you can change a module from an outdated version to the newest one (Angular.js to Angular). This can be useful when a system runs longer than anticipated.
- Developer autonomy:
Every part of your software can be developed and deployed independently. This shortens feedback cycles and enables developers to evaluate ideas faster.
While this sounds awesome (and it is!), there are also downsides:
- Troubleshooting and debugging:
Following calls and processes through your distributed software is harder than debugging a single component. Tracing makes troubleshooting easier, but replicating an error state across your whole application can be hard.
- Complicated Ops:
Operating your software can be way harder. For example, there might be issues with creating secure pipelines and authorization concepts through company boarders.
There are ways to build around eventual consistency and distribution and sacrifice strong consistency. Examples would be the 2 phase commit (but you shouldn’t) or the saga pattern. While these are working and are proven successful, the initial set up is harder and they certainly don’t simplify troubleshooting.
As usual, this trade-off needs to be evaluated individually.
Modularization is hard. If you decide to go with microservices or any other way, doesn’t really matter in this context. You can distribute your modules to enforce principles, but if you cut your modules wrong, things will only get harder.
Don’t be afraid of "old school" or "university-style" metrics. Identify metrics with your team. Collaboratively search for weak points in your software (architecture). Enforce selected metrics, but never let a metric break the build and never dictate metrics top down!
LITERATURE and FOLLOWUP READING
Das Microservice-Praxisbuch by Eberhard Wolff
Software systems architecture by Nick Rozanski and Eoin Woods
Microservice Patterns by Chirs Richards
[Modulith First Der angemessene weg zu microservices]() by Herbert Dowalil
Microservice FAQ by Jimmy Bogard
SOA is dead; long live services by Anne Thomas Manes