What are microservices and why should you care about them?
Microservices are an architectural approach to build software applications with a combination of re-usable set of smaller services that run independently. Microservices can be developed in parallel by self-contained, smaller teams much quicker and cheaper than using traditional monolithic architectures where all processes are tightly coupled and run as a single service. Applications using monolithic architectures make it more complex to add or modify features to meet new business requirements. Monolithic architecture-centric applications are also expensive to scale, especially when there is a demand spike in only one process.
Microservices provide significant benefits to organizations including:
- Re-usability across several business functions that reduces development costs
- Agility and faster time-to-market with modern capabilities
- Improved scalability, fault tolerance, data security, and resilience
- Simplicity and better cost-effectiveness for deployments, maintenance, and enhancements
- Ability to innovate and experiment with smaller and nimbler teams
- Long-term flexibility that avoids being locked into a specific technology or programming language
Good news and bad news about Microservices
Firstly, the bad news. If you are building your own microservices, you can create a different set of complexities and frustrations if strong governance and operational agility are not in place for key aspects such as integration testing, interface control, operational levels of service etc. Because you are assembling several individual microservices that comprise an application, the ingestion of microservices also depends on several enterprise factors on how information is organized, stored, managed, and shared. You can overcome this challenge with an understanding of the data relationships across the mission/enterprise applications and how data is originated, appended, validated, consumed, and authorized.
Now for the good news: you don’t always have to build your own microservices. There are numerous commercial and open source based microservices available. And they continue to grow at a rapid pace. Governance, security, and integration are already defined with best practices and optimizations baked in and these microservices are easily deployable with container technology such as Docker, Redshift, etc. You already have access to them within the cloud platforms and services you deployed. By taking advantage of these features of your preferred cloud platform, you can assemble a major portion of your application leveraging readily available microservices.
What is the best approach to focus on microservices that suit your business needs?
Individual microservice at a granular level may appear to be IT-centric and not business-centric, so by assembling each microservice collection with the intent to create a valuable business service, you build necessary capability sets that power the business. This approach solidifies the foundation to meet mission goals and deliver business services using microservices.
You can begin your journey by cataloging the business-centric microservices of existing, new, internal, external, or to-be-developed services based on ranking by various categories such as core business function type, enterprise value, consumption readiness, mission value, potential cost savings, cost of maintenance, and any other categories that help with the investment decisions. With this catalog in place, you can build business centric microservice capability sets or collections that are carefully weaved together for consistent re-use in the context of business services.
Top 10 Microservices Capability Sets You Cannot Live Without
We have curated a “Top 10” list for microservice capability sets you need to be thinking about as you design a sustainable and ideal future based in efficiency and agility.
1. Identity, Authorization, and Security Services
Provides identity services with the ability to enable and track authentication and authorization permissions for users and various resources in an environment with Multi-Factor Authentication (MFA); Maintains the history of security events.
Examples include Azure AD, AWS IAM, AWS Cognito, and Login.gov
2. Real Time Enterprise Cybersecurity Management Services
Transforms Cybersecurity into a very dynamic (real-time) and self-healing/self-remediating environment; Provides automated, rule-based, highly available, and scalable services with context-sensitive dynamic monitoring and remediation.
Examples include Azure Monitor, Azure Reliability, Azure AIOps, Microsoft Sentinel, Microsoft Defender for Cloud, AWS Hub, AWS GuardDuty, AWS Inspector, AWS Audit Manager
3. Communication and Notification Services
Enables centralized configuration endpoints to securely integrate to send emails, SMS, and chat-based notifications within your applications; Minimizes manual notifications enablement for workflows and business process automation while enhancing security posture.
Examples include Azure Communications Services and AWS SNS
4. App Insights, Observability, and User Experience Analytics
Provides performance, security, and sequence of events capturing throughout transaction life cycle; Allows easy integration of various applications/systems as plug-in methods to drive intelligence of how applications transactions traffic and User Experience (UX) metrics goals are met.
Examples include Amazon EventBridge, Amazon Security Hub, Azure Monitor, Azure AppInsights, Google Analytics, and App Dynamics
5. Data Search and Integration Services
Enables effective and efficient information sharing by integrating, securing, and unifying data boundaries by eliminating technical challenges for data retrieval and access; Allows unified control of data authentication and authorization and promotes standardization of technology, schema, and consumption methods for data access.
Examples include Elasticsearch, datadog, Azure Data factory, Azure Data Lakes, AWS Lake Formation, AWS Data Exchange, Google Cloud Search, Google Data Cloud Services and Databricks
6. Payment Services
Provides for secure internal payment collection or external processing with integrated business process flows traversing multiple systems; Enables an enterprise approach for payment services with built in data protection while significantly reducing maintenance costs and increasing performance for payment processing.
Examples include Pay.gov, Stripe, PayPal, Amazon Payments, Square…etc.
7. Asset and Resource Management Services
Provides the ability to manage physical, virtual, IT, non-IT or other assets by increasing data protection and simplifying the overall asset tracking of assets present in different locations across regional, security, data center, and cost pool boundaries.
Examples include DX360°® Security ARMOR®, DX360°® Self-Reporting Asset Auditor, and ServiceNow CMD
8. Employee Information Service
Provides authenticated employee information using “Data as a Service” model by eliminating burdensome data entry and data maintenance requirements while enabling secure information sharing with PII protections.
Examples include Microservices assembled using Microsoft, ServiceNow, and Opensource platforms integrated with Verification, Payroll, Benefits, Skills, Certifications, and Public Records
9. Customer Information Service
Provides consolidated customer (or citizen or external stakeholder) information using “Data as a Service” model by streamlining business processes that collect or process customer data; Provides better security and privacy while eliminating duplication of effort to maintain the information and reducing the IT resource demand.
Examples include MS Power Platform CRM Entities for Contact, Company, User, Login.gov, Email Profile Services (Azure, AWS, Google), and LinkedIn
10. Location Services
Provides whereabouts information of entities in an enterprise to support capturing employees/customers/asset’s location information in real-time; Enables enterprise location services with the ability to connect to geographic maps and satellite maps along with intelligence for asset and resource management teams to track and provide proximity-based value-added services.
Examples include ESRI, Google Maps, and Azure Maps
