今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#service

找到 35 篇相关文章

AI 资讯

Microsoft Patches a Record 570 Security Flaws

Microsoft Corp. today released software updates to plug at least 570 security holes in its Windows operating systems and other software, almost triple the number of vulnerabilities the software giant fixed in its record-smashing Patch Tuesday release last month. Microsoft attributed the burgeoning patch counts to vulnerability discoveries aided by artificial intelligence.

2026-07-15 原文 →
开发者

Making ServiceLoader usable: a provider factory

I keep coming back to java.util.ServiceLoader . I have used it to put a JSON layer behind a contract, so the core code carries no direct dependency on any particular JSON library and I can swap the implementation without touching callers. The same shape works for JWT handling, where the concrete library might be jose4j or another JOSE implementation, and you can easily find other decoupling use-cases. The motivation is always the same: the application should depend on a capability, not on a vendor. A while back I wrote about exactly that idea in Rediscovering Java ServiceLoader: Beyond Plugins and Into Capabilities , where the argument was to treat ServiceLoader as capability discovery rather than a plugin system. That piece hit the limitation everyone hits — the no-argument constructor — and worked around it with a default constructor plus a dynamic proxy that built the real object through a factory on each call. It works, but it is indirection bolted on after the fact, not a design. This post is the part I never pinned down back then: turning that workaround into a small, explicit pattern. The running example below is a mock payments system, with Stripe and PayPal specializations, because it is compact enough to show end to end. The JSON and JWT cases cited can be built with the same structure. The two limits ServiceLoader leaves you The first is the no-argument constructor. Whatever ServiceLoader instantiates must have a public, parameterless constructor. My StripePaymentService takes an API key, so it cannot be the class ServiceLoader loads — not unless I bolt on some init-after-construction step, which I would rather avoid. The second is selection, or rather the lack of it. ServiceLoader gives you every implementation it finds, in roughly classpath order. There is no id, nothing to prioritise on, and no way to ask whether a given one even applies in the current environment. With two backends on the classpath and only one configured, working out which to use is

2026-07-14 原文 →
AI 资讯

Microservices vs monolith

Microservices have a marketing problem: they're associated with the engineering cultures of Netflix and Amazon, so ambitious teams assume adopting them is what serious companies do. But those companies moved to microservices to solve problems of enormous scale and huge headcount — problems you almost certainly don't have yet. For most products, splitting too early is one of the most expensive mistakes you can make. Here's the honest trade-off. What a monolith actually gives you A monolith is one deployable application. That simplicity is a feature, not a limitation, especially early: One codebase, one deploy. No orchestration, no service mesh, no distributed tracing just to understand a request. Simple debugging. A stack trace crosses your whole request. You're not correlating logs across five services to find one bug. Fast local development. Run the whole app on your laptop and iterate. Easy transactions. Data consistency is a database transaction, not a distributed saga you have to design and get right. The modern version isn't a big ball of mud. A modular monolith enforces clean internal boundaries — separate modules with clear interfaces — giving you much of the organization of microservices with none of the network overhead. What microservices actually cost Splitting into services doesn't remove complexity; it moves it from your code into the network, where it's harder to see and reason about. You inherit a long list of new problems: Distributed systems failure modes — partial failures, retries, timeouts, and eventual consistency become your daily reality. Data consistency across services — no more easy transactions; you're designing sagas and compensating actions. Operational overhead — every service needs deployment, monitoring, logging, and on-call. Slower local development and debugging — reproducing a bug can mean running half your architecture. For a small team, this overhead can consume the very velocity you were trying to gain. When microservices genuin

2026-07-09 原文 →
AI 资讯

What Google's "Microservices Are Dead" Paper Actually Said (And What It Missed About AI)

A 2023 HotOS paper by Sanjay Ghemawat (MapReduce/Bigtable co-author) and Amin Vahdat (Google Fellow) got repackaged by tech media as "microservices are dead." It said no such thing. Three years later, the misreading has traveled further than the paper itself. This post does three things: reconstructs what the paper actually claims, maps its three structural gaps, and introduces a variable the authors couldn't have predicted — AI code generation — which, I'll argue, undermines the paper's central solution more than any of those gaps. The AI section uses my own open-source project ReqForge as evidence. Flagging the conflict of interest up front: this isn't neutral analysis, it's a design rationale. Which is exactly why it's more honest than a hypothetical example. What the paper actually said The paper is Towards Modern Development of Cloud Applications (HotOS '23, 8 pages). Its core claim in one sentence: The fundamental problem with microservices is that they bind the logical boundary to the physical boundary. You let "how the code is organized" dictate "how the code is deployed" — two questions that should never have been welded together. From that claim, the paper proposes a three-layer solution: Logical monolith — developers write a cleanly modularized monolith; deployment is someone else's problem. Automated runtime — a smart platform that decides at runtime whether components should be merged or split, based on load. Atomic deployment — all components on a request path share one consistent version, avoiding half-old/half-new. Prototype numbers: 15× lower latency, 9× lower cost. That's it. The paper never says "microservices are wrong," never says "everyone should go back to monoliths," and gives no implementable plan. It's a vision paper — written to provoke discussion at a workshop, not an engineering whitepaper. A ruler Before dissecting it, here's a ruler you can apply to any architectural claim (this is a common framing in the engineering literature — you'r

2026-07-04 原文 →
AI 资讯

Mini book: Agentic AI Architecture

In this eMag, we try to establish agentic AI architecture as a new type of software architecture that will likely dominate the industry for years to come. The articles, written by industry experts, cover various elements and aspects of agentic AI architecture. We aim to present the latest trends and developments shaping the new type of architecture as it enters the mainstream. By InfoQ

2026-07-03 原文 →
AI 资讯

What’s New in Oracle Backend for Microservices and AI 2.1.0

Key Takeaways Oracle Backend for Microservices and AI 2.1.0 is a platform modernization release. It updates several shared backend concerns at once, including external access, observability, configuration, messaging, database deployment choices, workflow, samples, enterprise installation planning, and upgrades. Gateway API and Envoy Gateway are now the default external access direction. NGINX Ingress Controller is deprecated, disabled by default, and still available only when explicitly enabled. The release gives platform teams clearer building blocks. OpenTelemetry Operator, Java auto-instrumentation, Spring Config Server, Kafka through Strimzi-managed resources, and clearer database deployment choices supported by Oracle AI Database Operator for Kubernetes make important platform choices easier to see and discuss. Enterprise adoption still needs architecture review. Before adopting or upgrading, teams should review private registry needs, air-gapped installation requirements, multi-tenant installation goals, workflow implications, database deployment choices, and upgrade readiness. OBaaS 2.1.0 is a platform modernization release Oracle Backend for Microservices and AI , or OBaaS , is a backend-as-a-service style platform for teams building microservices and AI-enabled applications with Oracle AI Database as a core data foundation. It brings common backend platform concerns together: service access, telemetry, configuration, messaging, workflow, and database connectivity. That matters because most teams do not want every application squad to rebuild those pieces on its own. They want a platform shape that gives developers useful defaults while still giving architects, DBAs, security teams, and operators the control points they need. This article focuses on the Oracle Backend for Microservices and AI 2.1.0 update. The best way to read OBaaS 2.1.0 is not as a single-feature release. It is a platform modernization release. The update moves the default external access

2026-07-01 原文 →
开发者

Distributed Tracing: The Missing Piece of Your Observability Stack

When Logs and Metrics Aren't Enough You have great dashboards. Your log aggregation is solid. But when a user reports "the checkout page is slow," you still spend 30 minutes jumping between services trying to find the bottleneck. That's the gap distributed tracing fills. What Tracing Actually Shows You A trace is a complete picture of a single request as it flows through your system: User Request → API Gateway → Auth Service → Product Service → DB → Cache → Response 5ms 12ms 45ms 120ms 3ms ^ This is your bottleneck Without tracing, you'd see: API Gateway: latency looks fine Auth Service: latency looks fine Product Service: latency is HIGH but why? With tracing, you see the exact DB query inside Product Service that's taking 120ms. Getting Started with OpenTelemetry OpenTelemetry is the standard. Here's a minimal setup: # Python example with Flask from opentelemetry import trace from opentelemetry.instrumentation.flask import FlaskInstrumentor from opentelemetry.instrumentation.requests import RequestsInstrumentor from opentelemetry.instrumentation.sqlalchemy import SQLAlchemyInstrumentor from opentelemetry.sdk.trace import TracerProvider from opentelemetry.sdk.trace.export import BatchSpanProcessor from opentelemetry.exporter.otlp.proto.grpc.trace_exporter import OTLPSpanExporter # Setup provider = TracerProvider () provider . add_span_processor ( BatchSpanProcessor ( OTLPSpanExporter ( endpoint = " http://otel-collector:4317 " )) ) trace . set_tracer_provider ( provider ) # Auto-instrument everything FlaskInstrumentor (). instrument_app ( app ) RequestsInstrumentor (). instrument () SQLAlchemyInstrumentor (). instrument ( engine = db . engine ) That's it. Three auto-instrumentations cover 80% of what you need. Custom Spans for the Other 20% Auto-instrumentation gives you HTTP calls and DB queries. Add custom spans for business logic: tracer = trace . get_tracer ( __name__ ) def process_order ( order ): with tracer . start_as_current_span ( " process_order " ) as sp

2026-06-29 原文 →
AI 资讯

Orchestrate Saga Compensation Timeouts in Real Time (Kiponos Java SDK)

A checkout saga spans inventory, payment, shipping, and loyalty. Downstream latency shifts every hour. Black Friday is not the day to discover your payment step timeout is baked into application.yml across twelve Spring Boot services. Kiponos.io gives every saga participant the same live orchestration parameters — step timeouts, retry budgets, compensation triggers — via one shared config tree. Each JVM reads locally on every saga step; ops adjusts once in the dashboard; WebSocket deltas propagate without redeploying the fleet. Why sagas break with static config Typical saga coordinator code: if ( step . elapsedMs () > 8000 ) { compensate ( "payment" , sagaId ); } That 8000 usually comes from: Per-service YAML — payment service says 8s, inventory says 12s; nobody agrees during an incident Env vars in Helm — change means rolling twelve deployments Shared DB config table — poll per step adds latency and coupling Saga steps are high-frequency reads inside workflow engines. You need local memory reads and async updates — the same contract as live API rate limits . Architecture: one tree, many participants ┌─────────────────┐ WebSocket deltas ┌──────────────────────┐ │ Kiponos.io UI │ ────────────────────────► │ Inventory service │ │ platform ops │ │ Payment service │ └─────────────────┘ │ Shipping service │ │ (each: in-mem SDK) │ └──────────┬───────────┘ │ .getInt() local ▼ ┌──────────────────────┐ │ saga step executor │ └──────────────────────┘ Every participant connects to profile ['orders']['v2']['prod']['sagas'] . When NOC extends payment.step_timeout_ms , all JVMs see the new value on the next step — no config server poll, no inter-service "what is timeout now?" REST calls. Shared saga config tree sagas/ checkout/ payment/ step_timeout_ms : 8000 max_retries : 2 retry_backoff_ms : 500 compensate_on_timeout : true inventory/ step_timeout_ms : 5000 max_retries : 3 hold_ttl_seconds : 120 shipping/ step_timeout_ms : 12000 fallback_carrier : ups_ground global/ saga_ttl_m

2026-06-28 原文 →
AI 资讯

Don't Repeat Data: Zero Copy

Imagine this - you rely on data that you download every day from some system to your own. That requires a trip to the server asking for information, and then a trip back with the payload we requested. This seems pretty fast since the internet is fast. But we also know the programming concept DRY (Don't Repeat Yourself). So, can we apply this principle to how we handle the scenario described above, creating something like DRD (Don't Repeat Data)? Well, yes. There is something to handle this, and it's called — Zero Copy . What is Zero Copy? As the name suggests, you are copying zero data, and yet, you are getting it on your system. How is this possible? If you think about it, you'll probably come to the conclusion that we are just opening a window. The data is just out there to be looked at by those who are allowed to. There's no need to bring the same data to different people's windows; we're just keeping the data in one place and making it available to anyone who needs it. What does this mean for ServiceNow? When it comes to Operations Management—dealing with data fetched from different databases (like monitoring data from Datadog or Dynatrace, ERP data from SAP or Workday, or cloud platforms like Snowflake, AWS, or Azure)—copying that data has traditionally been a hassle. We were reliant on sometimes complex ETL (Extract, Transform, Load) pipelines or massive data extracts. This complicated the whole process, consumed a lot of time, and required careful checking of data pre- and post-migration. So how exactly does Zero Copy help us here? Virtual Data Fabric Tables. Instead of copying data extracted from other tools, ServiceNow queries the exact data that is requested. It temporarily holds that data in memory for the user to interact with. During that time, the user can leverage that data for various use cases as required—and once they are done, it's gone. So, what exactly are the benefits of Zero Copy?! No need for data duplication on the destination. No need for d

2026-06-27 原文 →
开发者

Service Discovery in Modern .NET Applications and Azure

This article is part of the Comprehensive Guide to Microservices Architecture in .NET Core, Cloud and Azure series. Service Discovery in Kubernetes How Kubernetes DNS Works Kubernetes automatically creates DNS entries for services, enabling simple name-based discovery. A service named order-service in the production namespace becomes accessible at order-service.production.svc.cluster.local . For services within the same namespace, you can use the short name order-service . Service Definition: apiVersion : v1 kind : Service metadata : name : order-service namespace : production labels : app : order-service version : v1 spec : selector : app : order-service ports : - name : http protocol : TCP port : 80 targetPort : 8080 type : ClusterIP Native Service Discovery in .NET 9 .NET 9 introduces enhanced service discovery capabilities with improved configuration and resilience features. Basic Configuration: // Program.cs var builder = WebApplication . CreateBuilder ( args ); // Add service discovery with .NET 9 enhancements builder . Services . AddServiceDiscovery (); // Configure HTTP client with service discovery builder . Services . AddHttpClient < IOrderServiceClient , OrderServiceClient >( client => { // Use service name - discovery resolves to actual endpoint client . BaseAddress = new Uri ( "http://order-service" ); }) . AddServiceDiscovery () . AddStandardResilienceHandler (); // .NET 9 resilience patterns var app = builder . Build (); Advanced Configuration with appsettings.json: { "ServiceDiscovery" : { "Providers" : { "Kubernetes" : { "Namespace" : "production" , "RefreshPeriod" : "00:01:00" } }, "Services" : { "order-service" : { "Scheme" : "https" , "EndpointNames" : [ "http" , "https" ], "HealthCheckPath" : "/health" }, "payment-service" : { "Scheme" : "http" , "AllowAllHosts" : false } }, "AllowAllHosts" : true , "AllowedHosts" : [ "*.svc.cluster.local" ] } } Service-to-Service Communication Patterns Using Typed HTTP Clients: public interface IOrderServiceCli

2026-06-26 原文 →
AI 资讯

Service Communication Patterns in .NET Core and Azure

This article is part of the Comprehensive Guide to Microservices Architecture in .NET Core, Cloud and Azure series. Asynchronous Messaging with Azure Service Bus Azure Service Bus provides enterprise-grade messaging infrastructure with advanced features for reliable message delivery, ordering guarantees, and complex routing scenarios. Service Bus vs Azure Queue Storage Azure Service Bus offers enterprise messaging capabilities including: Topics and subscriptions for pub/sub patterns Message sessions for ordered processing Transaction support across operations Dead-letter queues for failed messages Messages up to 100MB (premium tier) Advanced routing with filters and actions Azure Queue Storage provides: Simple FIFO queue operations Lower cost for basic scenarios Messages up to 64KB Best for simple point-to-point messaging When to Choose Service Bus Use Azure Service Bus when you need: Publish-subscribe patterns with multiple subscribers Guaranteed message ordering with sessions Transactional message processing Message size beyond 64KB Advanced routing and filtering Integration with hybrid or on-premises systems Implementation with .NET 9 .NET 9 introduces improved performance and simplified APIs for working with Azure Service Bus: // Producer using .NET 9 with improved performance public class OrderCreatedPublisher { private readonly ServiceBusSender _sender ; public OrderCreatedPublisher ( ServiceBusClient client ) { _sender = client . CreateSender ( "order-events" ); } public async Task PublishOrderCreatedAsync ( Order order , CancellationToken cancellationToken = default ) { var message = new ServiceBusMessage ( JsonSerializer . Serialize ( order )) { MessageId = order . OrderId . ToString (), Subject = "OrderCreated" , ContentType = "application/json" , // .NET 9: Better support for distributed tracing ApplicationProperties = { [ "CorrelationId" ] = Activity . Current ?. Id ?? Guid . NewGuid (). ToString (), [ "OrderDate" ] = order . CreatedAt . ToString ( "O" )

2026-06-26 原文 →
AI 资讯

The Illusion of Microservices: Why the Modular Monolith is Once Again the Gold Standard in Architecture

Throughout my career, transitioning between CTO roles and, more recently, focusing purely on distributed systems architecture and high-performance engineering, I've seen many architectural patterns rise and fall. But few have caused as much silent damage to company bottom lines as the premature adoption of microservices. Over the last decade, the industry bought into the idea that, in order to scale, you needed to split your system into dozens (or hundreds) of independent services. The practical result I find in most companies? The creation of the dreaded "Distributed Monolith." The Anatomy of Waste: Networks vs. Memory The hard truth we need to face with maturity is that microservices primarily solve problems of organizational scale (Conway's Law), not necessarily performance. If your engineering team isn't the size of Netflix or Uber, prematurely fragmenting your codebase is shooting yourself in the foot. Technically, what happens when we break down a monolith without the proper domain boundaries? We trade extremely fast and cheap local function calls (resolved in the processor's L1/L2 Cache) for slow and expensive network calls (TCP/IP). We start spending an absurd amount of computational time on constant JSON serialization and deserialization, and the AWS bill explodes with internal traffic costs (egress/ingress) between Availability Zones (AZs). You haven't scaled your application; you've merely added network latency and infrastructure complexity. The Return of the Modular Monolith True seniority in software engineering isn't about mastering the most complex architecture of the moment, but having the wisdom to know when not to use it. That's why the Modular Monolith has consolidated itself as the initial gold standard for new projects and restructurings. In a well-designed Modular Monolith (and languages with strong type systems and strict scope control, like Rust, shine absurdly well here), you maintain the logical separation of domains. Modules are independen

2026-06-26 原文 →
AI 资讯

A Practical Guide to Decomposing Legacy Java Monoliths

How to Decompose a Legacy Java Monolith Without Disrupting Business Operations The Java monolithic applications have been supporting businesses for years. In these applications, the entire business logic, presentation layer, and data access layer are bundled into a single unit. These architectures are functional but hard to scale, maintain, and improve due to changing business needs. An expert Java app development company helps growing organizations in addressing this issue through Java modernization services. Instead of developing a whole software application from scratch, firms can transform their software in stages with the right boundaries. The biggest challenge here is to determine where to make those cuts in a bundle. Poorly chosen service boundaries create operational complexity issues and long-term maintenance problems. Understanding how to identify seams in the monolith application helps in achieving modernization successfully. Let's take a look at what contributes to the success of monolith decomposing and how organizations can approach it wisely. Why Organizations Are Modernizing Legacy Java Monoliths The legacy Java monolith applications were built during a time when monolithic architecture was common. They were optimized for easy deployment and centralized management. But today, businesses require flexibility. This is due to challenges such as Slow release cycles Increasing maintenance costs Limited scalability Complex dependency management Difficult onboarding new developers Growing technical debt These issues have increased the demand for software architecture modernization in business sectors. Modern architecture gives the following advantages to the teams: Deploy features independently Scale services individually Improve system resilience Accelerate development cycles Support cloud-native environments The objective of architecture modernization is to create a technical foundation that supports future business growth. Understanding business goals of

2026-06-25 原文 →
AI 资讯

Why API Breaking Changes Still Reach Production Even With CI/CD

Why API Breaking Changes Still Reach Production Even With CI/CD A few years ago I watched a "tiny" API change take down checkout for about forty minutes. The change was a one-liner. The pull request had two approvals. CI was green across the board. And it still broke production, because the thing that actually mattered was never tested. If you run microservices at any real scale, you have lived some version of this. Let's talk about why it keeps happening even with a mature pipeline, and what the teams who don't keep getting paged do differently. The Problem Here's the change that caused the outage. A payments service had a response that looked like this: { "status" : "ok" , "transaction_id" : "txn_8842" , "amount_cents" : 4200 } Someone renamed amount_cents to amount and switched it to a decimal, because "cents is confusing." Cleaner field, better docs. The producing service's tests were updated to match, everything passed, it shipped. The problem: three downstream services still read amount_cents . One of them was the order service, which now received undefined , multiplied it by a quantity, and wrote NaN into the database. The failures didn't even surface in the payments service. They surfaced two hops away, in a service the original author had never opened. This is the core issue. A breaking change is not defined by the service that makes it. It's defined by the consumers who depend on it. And the producer's CI pipeline has no idea those consumers exist. Why Existing Approaches Fail The natural reaction is "we need more tests." But look at what each layer actually checks. Unit tests verify the code does what the author intended. The author intended to rename the field. The unit tests were updated to expect amount . They passed because they were testing the new, broken behavior. Green unit tests told us nothing. Integration tests verify the service works with its own dependencies — its database, its cache, the APIs it calls. They almost never spin up the services

2026-06-25 原文 →
AI 资讯

Cinema Seat Reservation System — Part 2: Transitioning To Production-Scale and Deploying on Azure Cloud

Introduction This is the second part of sharing my journey to create a microservices-based backend system, in the previous part, I introduced the system and its services. In this part I am going to mention the main things that happened with me from then until now. Transitioning to online DBaaS platforms The first main thing was to transition my databases from my local device to accessible over the internet. I used Neon and MongoDB Atlas . Although performance-wise it is better to deploy the database on the same server that the whole system so all services can access the databases without network overhead , This solution is better from a point, that is avoiding consuming the free VM instance that I got to host my main services, as with DBaaS platforms I will not require storage for databases or additional overhead to handle the DBMS on a free small resources-constrained VM. Observability Observability is one of the main concerns in any system, it gives the ability for the system to expose what happens inside it without any need to guess and manually trace the code to determine where the error may happened. I utilized OpenTelemetry , as I found it is most used and accepted tool to log, trace and collect metrics about the system and the traffic. Also, I loved that it is not related to specific framework, that is .NET by the way, I loved the idea that it is standalone tool. But logging and tracing and metrics collection will not be beneficial if we do not see it actually and can achieve monitoring from those telemetry data, so I used Grafana Cloud to export the telemetry data to some place that is accessible online and a tool that can generate dashboards and visualizing for the metrics ( Prometheus ), and UI that can show all the telemetry data easily. Deployment Until this point, we have a system that is fully functional and have consistent docker configuration for its services via Docker Compose, and it database is already there and available. Now this is the point at

2026-06-24 原文 →