I'm using Application Insights (AI) to instrument my code. AI uses Activity to provide some data. Activity.ParentId can be used as a per-transaction identifier, across multiple services, so that a single API call can be tracked through the code, to the database and other HTTP services etc.
MassTransit has a message ConsolidationId, to track (I believe) Sagas, but I don't think it is using the Activity.ParentId.
Am I right?
How can I get MT to use the Activity.ParentId as a ConsolidationId, both as a publisher and consumer?
MassTransit supports Open Telemetry, which can easily be configured to push data to Azure Application Insights.
There is a complete sample that shows how to configure it.
I'm looking to implement a event-based communication pattern between my microservices and I'm looking to use Azure Service Bus to handle the messaging. In the examples I've seen so far (e.g. Microsoft's eShopOnContainers) the events are handled by a common library that handles the event subscription/publishing. I'm wondering if the common library could be replaced with Azure's Event Grid service (I realise this could generate an opinion-based answer, so please remove this question if it is deemed so)?
I like how Event Grid has retry capabilities, receives events from Azure Service Bus, push-like functionality (meaning my microservice doesn't need to poll), as well as other features, so in my mind it seems like a good fit. However, I'm fairly new to the event-based communication concept so I'm well aware I could be missing something.
If Azure Event Grid could be used to handle the events, is it possible to send the event to a Web Api endpoint? Once again, the examples I've seen so far all send the event to a Azure Function trigger, but I'm not planning on using any Azure Functions for my microservices.
If anyone had any examples they could point me to where Azure Service Bus and Event Grid were used for communication between microservices, that would be appreciated.
I m building a spring boot microservices, and i have some questions
I have an account microservice, a payment microservice, a product microservices... in these microservices, some requests sometimes need to use a mailing api, an sms sending api, or a push notification api..
What i have done now is create a microservice for mailing, microservice for sending sms and microservice for push notification.
What i can't seem to solve is how to make these microservices used only internally. for example, forbid users to directly call the mailing microservice.
before creating this question on stackoverflow, i dud myself, why i'll not put the code for sending sms in a library, and the same for sending emails and push notifications and add them to the microservice .. and when a microservice has need to use one of these apis i add the needed library .. for example i create a push notification library, and i add it to each microservice that needs to do a push notification ..
what is the best approach to integrate these mailing, sms and notification services into my microservice project, and respecting security by forbidding users to use them directly
I don't know what to do, can someone advise me?
Well it is not exactly clear to me what do you mean by "forbidding users to use them directly" but usually as it is pointed out #kavhakaran's answer you should put the security measures to prevent your services from abuses.
In that answer only network related part is focused as far as I can see. There should also be a second level which is about user authorization. That means you can/should have proper roles and authorization definitions for the services you would like to secure. And based on provided roles you can authorize the client to use the services.
That is how it works for cloud services usually as well. You will be provided an api-key in order to consume some cloud service and they will check if the api-key is authorized for the requested service etc.
You shouldn't worry about other micro services calling the mailing microservice or sms microservice in the application code. If you think about this concern, this will apply to any internal mircoservice. This concern can be handled in infrastructure level
Let me give you an example, you have a database running somewhere, does your microservice does anything to make sure, it is the only one talking to that database. The answer is no. At infrastructure level, whatever cloud infrastructure you are using, they allow to define security rules/ network policies, that lets you define who can talk to who. ie. rules for incoming traffic and rules for outgoing traffic
If they are public facing microservices, that is a different question. These are internal services
Some examples based on infrastructure
AWS SecurityGroups
AWS subnets
Kubernetes Network Policy
And also I want to add a point which may not be directly related to your question. The services in question seems to be very good candidates as asynchronous services. Then no services talk to them directly, sending services put the notifications in queue or kafka topic and these services consume from the topic. So now it is making sure only relevant services send it to queue or topic at network level
I would not recommend to use libraries for sending sms, emails and push notifications across your Microservices. This would lead to dependencies on source code level which I would try to avoid in a Microservices architecture if possible.
Concerning the architectural issues of your question:
From my experience it is a good idea to have separate services for handling notifications such as sms, email, etc. because with that you create an abstraction between your Microservices and the concrete notification infrastructure such as third party sms, email or push notification services.
Usually the core requirements to, for instance, sending an email will more or less be the same over time. But you might come into a situation where you want to exchange one third party service for another - for instance due to cost concerns, performance concerns or other reasons.
If you choose to directly communicate with the notification infrastructure from each Microservice that needs to send emails you would have to adapt all these Microservices when you switch from one email service to another, no matter if you use a shared library or each Microservices implements the communication with that service on its own.
But if you have a separate Email Microservice that is used by all your Microservices that need to send email notifications, you only have to change the Email Microservice itself to communicate with, for instance SendGrid instead of MailJet (just to name two third-party Email services). Your other Microservices aren't even concerned with that change.
Concerning the security aspects:
As it was already mentioned, if you choose to communicate with your notification services asynchronously the security aspects will be addressed on the infrastructure level by allowing the Microservices to access messaging infrastructure based on the authentication and access control mechanisms provided by the corresponding messaging services (be it RabbitMQ, Azure Service Bus, Kafka, AWS SQS, etc.)
Or if you choose to call your notification services via REST APIs from your Microservices you can look into token-based authentication via OpenID Connect (e.g. via Client credentials flow for machine-to-machine security).
One other thing to consider:
I would also think about other shared functionality that could be common to sms, email and push notification services such as user preferences - e.g. which kinds of notification does a user want to receive. This could also be some functionality you do not want all of your Microservices have to know about. So you could think of a notification service that is concernced with this kind of responsibility and would be responsible to delivery the notifications over the different kinds of channels (email, sms, push) based on the user prferences. Or you could have separate Microservice for user preferences which is than accessed by your sms, email and push notification Microservices. But there is no obvious answer to which option is better because this strongly depends on the use cases you have to deal with.
I am well aware of the fact that east/west, or service to service synchronous communication between services is not the gold standard, and should only be used sparingly in a microservice architecture. However, in every real world implementation of a microservice architecture, I have seen some use-cases which require it. For example, the user service is often needs to be communicated with by other services to get up the millisecond details on the user (I'm aware that event based sharing of that data is also a possibility, but in some cases that isn't always the right approach).
My question is, what is the best way to do function to function, service to service communication in a Lambda + API Gateway style architecture?
My guess is that making an http request back out on the domain name is not ideal, since it will require going back out over the internet to resolve DNS.
Is it using the SDK to do an invoke on the downstream function directly? Will this cause issue if the downstream function depends on an API Gateway Proxy Event structure?
I am implementing an application using Prism.
The application has a few distributed components that resides on various machines or servers. In order to communicate them, I am planning to implement messaging service using Event Aggregator. But before I start working on that I would like to have a few clarifications:
Can Event Aggregator be used on a distributed environment. If yes
than how to define the server or hub where the message would be
published or subscribed?
What is the performance impact on the applications using Event
Aggregator? I feel it is negligible but still I would like to know.
Is Event Aggregator approach is good for future expansion in an
enterprise environment?
Thanks and Regards,
Ashish Sharma
PRISM is client-side technology. So, EventAggregator as it is won't do what you need. This is mechanism to communicate between modules in a loosely-coupled way. It is not about communicating between different clients.
For what you need - I would look into HTTP Polling Duplex
http://www.devproconnections.com/article/silverlight-40/using-http-polling-duplex-in-silverlight-applications
If you use PRISM on front end - you can write your own service and subscribe/publish EventAggregator events from that service while making server calls and receiving responses back.