- Published on
Why ZorroSign Moved to Microservices . . . and Why You Should, Too!
- Shamsh Hadi
At ZorroSign we recently made a major change to our platform architecture!
We have always been built on blockchain—and have always delivered the most private, most secure digital signatures—but we wanted to scale our platform much more aggressively, and that vison required a big change in how we develop and deploy our technology. Specifically, we moved from a centralized, monolithic approach to using microservices and containers.
Let me explain why we choose this new engineering approach and how your company might benefit from a similar move.
What Are Microservices? What Are Containers?
“A microservices architecture splits your application into multiple services that perform fine-grained functions and are part of your application as a whole,” explains IBM. “Each of your microservices will have a different logical function for your application.”
Explained another way, “a microservices framework creates a massively scalable and distributed system, which avoids the bottlenecks of a central database,” says Avi Networks (now part of VMware). “Microservices break an application into independent, loosely-coupled, individually deployable services… allowing for each service to scale or update using the deployment of service proxies without disrupting other services in the application and enabling the rapid, frequent and reliable delivery of large, complex applications.”
There are two types of microservices: Stateless (which do not save data, so any data is lost when the microservice’s container restarts), and Stateful (which do save data and so write to a database).
And where do you put those microservices? In containers.
“Containers are packages of your software that include everything that it needs to run, including code, dependencies, libraries, binaries, and more,” continues IBM. “Docker and Kubernetes are the most popular frameworks to orchestrate multiple containers in enterprise environments”
“Containers are a lightweight alternative to VMs for providing isolated operating environments for your workloads,” says Edward Kisller for JFrog. “Containers avoid the infrastructure overhead of a full-blown OS and provide only those resources (i.e., installations, dependencies, and code) that your applications actually need.” In other words, containers do not use all the CPU or RAM but instead share the operating system kernel for faster boots and less memory consumption.
“A container is a useful resource allocation and sharing technology. It’s something dev-ops people get excited about,” writes Ev Kontsevoy for Teleport. “A microservice is a software design pattern. It’s something developers get excited about.”
Why Develop with Microservices? What Are the Benefits?
“Microservices architectures make applications easier to scale and faster to develop,” notes Amazon Web Services. “Enabling innovation and accelerating time-to-market for new features.”
Such were ZorroSign’s high-level goals: To improve scalability, resilience, and productivity.
“Moving to microservices enabled a polyglot tech stack,” said Priyal Walpita, chief technology officer at ZorroSign. “Which means our engineers could contribute to our development efforts using the technology stacks that they know best, plus we boosted performance and facilitated a continuous delivery pipeline for easier and faster deployments.”
“Applications were traditionally built as monolithic pieces of software,” continues Avi Networks. “Monolithic applications have long life cycles, are updated infrequently and changes usually affect the entire application. Adding new features requires reconfiguring and updating the entire stack — from communications to security. This costly and cumbersome process delays time-to-market and updates in application development.”
In contrast to monolithic apps, microservices/container architectures bring benefits such as greater:
- Agility — Microservices foster the organization of small, independent teams that take ownership of their services. “Best examples of microservices agility are sites like Amazon, eBay, Uber and Netflix, which are active 24×7,” notes AnAr Solutions. “The performance of these sites is a benchmark for other sites and applications. The response time, ability to handle multiple requests and process in minimum time is commendable.”
- Productivity — “The microservice architecture tackles the speed issue of applications and its productivity by dividing it into small parts. In this way, these applications are developed and maintained at a very fast speed,” writes Terralogic. “Different teams work independently without waiting for the other team to finish their chunks of work. In this way, separate microservices are easier to locate and modify. Quality assurance of this microservice architecture is very fast as the programs which are developed early are tested instead of waiting for all the programs to be completed.”
- Resilience — With microservices, an application will still function if part of it goes down because microservices allow for spinning up a replacement, granting the entire system higher resilience. “Three well-known microservices resiliency techniques improve fault tolerance and allow applications to smoothly handle failures,” explains Dr. Alan F. Castillo for Cloud Computing Technologies: Retry patterns, circuit breaker patterns, and timeout design patterns. “Employing these patterns is a very effective resiliency strategy for microservices applications. It doesn’t matter how you apply these patterns; what matters is that you have systems that can properly deal with failures.”
- Continuous integration/continuous delivery (CI/CD) — Microservice facilitate CI/CD for applications and modernize the technology stack. “There are some goals of a strong CI/CD progression to serve in the microservices design, for example, every team of coders independently develop and install their changes or edits owned by them individualistically so that it did not affect or disrupt the work of other teams,” reports DevOps Enabler. “CI/CD best practices include the goal of automating the building process, testing the products, and then releasing the software. Developers must be able to track the performance metrics of DevOps throughout the software delivery lifecycle and warn people so that they can quickly recover if something goes wrong during deployment or release cycle.”
- Scalability — Meeting demand is easier when microservices only have to scale the necessary components, which requires fewer resources. “Since an application is composed of multiple micro services which share no external dependencies, scaling a particular micro service instance in the flow is greatly simplified,” writes Atul Saini for Fiorano Software. “If a particular microservice in a flow becomes a bottleneck due to slow execution, that microservice can be run on more powerful hardware for increased performance if required, or one can run multiple instances of the microservice on different machines to process data elements in parallel.”
- Security — “Migrating to microservices creates an opportunity for a much better security model,” explains Kontsevo. “As every microservice is a specialized process, it is a good idea to only allow it to access resources it needs. This way a vulnerability in just one microservice will not expose the rest of your system to an attacker.”
Not everything is easier with microservices, of course. Three commonly acknowledged challenges of deploying microservices typically include: First, the “complexity from managing microservices written in different languages,” as we’ve done at ZorroSign. Second, the “cost implications of network resource usage from remote calls across multiple services” and third, “investigating root causes or auditing systems becomes challenging when dealing with log management across distributed services, as log aggregators would be required,” suggests BMC.
But complexity, costs, and support all increase when any application grows, so facing those challenges with a microservices architecture is little different than facing the complexity, costs, and support challenges of a larger monolithic app.
Why ZorroSign Choose Microservices—and Why You Should, Too
Our CTO and I have been assessing microservices for several years, and committed to an overhaul of our DevOps a year ago. We spent the first half of 2022 building the next iteration of ZorroSign’s blockchain platform with microservices and containers.
“Beyond the development advantages, microservices allow us to more easily manage complex ZorroSign back-end services and improve our entire system’s resiliency,” said Walpita. “It’s far easier finding and fixing bugs, allowing our development team to focus on single, isolated functionality, and then deploying asynchronously to other development efforts, whenever new functionality is tested and ready.”
From my perspective, I was intrigued to learn how microservices improved our defense-in-depth capabilities, as security can be configured much more granularly and configured at each microservice level. With ZorroSign’s commitment to privacy and security, microservices were another important upgrade to keep our platform ahead of the competition.
“Our team develops in C#, Go, Java, and Python,” adds Walpita. “Being able to deploy all those program languages in a single application, united across AWS cloud tools, Docker, and Kubernetes, gives ZorroSign the flexibility our engineers desire and the scalability our customers demand.”
Finally, I asked Priyal what advice he might give other organizations thinking of deploying microservices. He said: “Make sure your product and development team are mature enough to adopt the complexity of a microservice architecture. At some point, a growing app’s need for scalability, higher resilience, and improved performance may make microservices the best path forward. But ensuring your DevOps are ready to integrate and manage all the pieces of a polyglot tech stack is the key to success.”
I encourage you to consider microservices for your apps, and welcome the chance to talk more about this exciting architecture for new technologies!