6

I'm currently at the drawing board of a new service cloud we're building with a service oriented architecture. The idea is like this:

  • A cloud of, say 10, services.
  • 3 completely different layers of business logic (BL) that freely can mix and match these services.
  • The BL handles authorization and access management, services only receive and respond.

The question is if this setup is possible with a PaaS (preferably Heroku or Google App Engine) with the main issue being to have multiple services that are non-public but at the same time accessible from different applications (BL).

Basically: How to protect the services from public access (preferrably without auth and tokens) but at the same time let any of my applications reach them?

enter image description here

gust1n
  • 133
  • 2
  • 7

2 Answers2

2

You might want checkout WSO2 Cloud. it consists of an App Cloud and an API Cloud. For your scenario there you can isolate your service cloud with WSO2 API Cloud. You can expose your service cloud fronting WSO2 API Cloud and providing some APIs only to your tenant domain.In WSO2 App Cloud you can deploy your publicly accessible applications, which can consume the service cloud APIs which are isolated to your domain.

Moreover to the solution WSO2 App Cloud is not only hosting, it provides you a development platform as well. You can develops services and apps from scratch. It provides you build facilities, database provisioning, an editor etc.

Both of above clouds have the auto-scaling capability (you don't need to worry about it). App cloud provides you a development, testing and production environment to manage your apps/services lifecycle.WSO2 API Cloud allows you to not only create, manage, and publish your APIs within the developer community, but also enables you to share them in the Cloud

More information can be be found at https://docs.wso2.com/display/AppCloud/WSO2+App+Cloud+Documentation https://docs.wso2.com/display/APICloud/WSO2+API+Cloud+Documentation

Note that WSO2 Cloud is a beta service at the moment.

Disclaimer: I work for WSO2 Cloud.

Rajith Siriwardana
  • 44
  • 4
1

For SOA in App Engine i would check out https://cloud.google.com/appengine/docs/python/microservices-on-app-engine.

In GAE people use either completely different projects or different "modules" within a project which are the services and these can have different "versions" for things like AB testing and easier rollbacks.

A module and its different versions all have separate urls and speak HTTP.

Using modules does mean you end up with a shared global database, you would have to remember not to structure things in such a way that you end up with a "shared database architecture" eg every service library should be the only way of getting to that services data (try not to reach past the http interface/data access layer straight into a services database because you will be able to).

The same goes for other things such as task queues, you will have the ability for modules to use each others queues and you should be vigilant and use different namespaces for each modules queue.

with Heroku i imagine you could have a similar choice with either using completely different Heroku projects which use a shared library that is configured with enviroment variables to talk to another shared heroku project with other code, or one big heroku project. Heroku follows http://12factor.net/ fairly strongly and is well setup for using other peoples microserviecs with addons.

lee penkman
  • 1,160
  • 15
  • 19