Istio is an open platform that provides a seamless way to connect, manage, and secure microservices. It supports the traffic flows management between microservices, enforcing access policies and aggregating telemetry data, all without requiring changes to the services source code. It works by defining a special sidecar proxy added on each service that intercepts all the network communication between them, offering the following features:

  • Automatic load balancing for HTTP, gRPC, WebSocket, and TCP-IP traffic;
  • Network refining control behavior with advanced routing rules, retries, failovers, and fault injection;
  • Metrics, logs, and distributed tracing for all traffic within the cluster, including inbound…

MicroProfile is a base platform of specifications and APIs that optimize the Java Enterprise ecosystem for a microservices architecture offering portability for different implementations through different implementations. It was launched in 2016 in an initiative of some Java EE vendors (Red Hat, Payara, Tomitribe, IBM) and Java User Groups (SouJava and London Java Community) whose main goal was to bring innovations faster to the Java Enterprise environment. It is currently in version 2.1 supported by the Java EE 8 platform and includes the following specifications:

Image for post
Image for post
Source: Eclipse MicroProfile blog

Thorntail (formerly Wildfly Swarm) is one of the possible existing implementations of MicroProfile and already…

Microservices have become the hottest topic in software architecture over the past years, and much can be said about their benefits. But there are many challenges related to how to secure them, specially because they are typical distributed systems and most of them are exposed over the Internet using standard Web protocolos and standards, such as REST APIs. And REST itself does not define any specific security procedures and they are pretty exposed as any other Web application vulnerable to many type of issues, such as injection attacks, replay attacks, cross-site scripting, denial of service, man-in-the-middle, etc.

Image for post
Image for post

This post will…

Rodrigo Candido da Silva

Brazilian, Software Developer helping other developers to learn the new cutting edge development technologies. Oracle Dev Champion and GroundBreaker Ambassador.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store