Search code examples
javaphparchitecturemicroservices

A microservices architecture design problem?

Problem background:

Currently, we are designing a unified authority mid-stage system for the group's business systems. Due to the large number of systems designed, the corresponding authority division business rules are fine. From the previous "distributed across various business systems", it is now planned to be "unified in the authority center Assign User Behavior. " When doing architecture design, an architecture diagram is roughly divided as follows:

Architecture diagram

Problems:

  1. The lower-level services do not rely directly on each other. The upper-level aggregation services provide external services in a unified manner. This architecture can reduce the coupling between the lower-level services to a certain extent. But the existence of aggregation services has turned into a "big collection" and other systems; how should this step be optimized?
  2. After the aggregation service is unified, it becomes the main entrance of the business, and thus it is a single point. How should this step be optimized?
  3. Under this architecture, the upper-layer aggregation service feels like a gateway. Is there still a need for an ingress gateway?

Thx~😊

Solution
    1. Ingress gateway required to receive request on server side , you can use ELB or any ingress controller for this .
    2. You need to authenticate each request across all micro services but not need to send all request to aggregation service.
    3. You can write authentication service that authenticate user and get roles from role micro service to continue RBAC.

    4. Once aggregation service authenticated user than no need to send request to aggregation micro service, token creation time you can set token's TTL.

    5. However, request can be send to any micro service through ingress gateway directly, destination service can check token from REDIS with TTL , if token expired then send revocation notice, remove key in REDIS otherwise continue to use any micro service based on role.

    6. Yes, you need ingress gateway, and aggregation micro service can be treat as micro service not as upper layer of all micro service.