Configuration Ownership

 Building software at scale is tricky, and when you have lots of software, you have more problems to solve. Several times engineers look for ways to make their lives easier: make it simple, transparent, and easy to use. That sounds like a good idea, right? What can go wrong with that?

Typing is never the bottleneck and will never be. We are all obsessed with reuse; several times, the reuse is marginal and brings way more problems than benefits. Working with an Object-Oriented Language such as Java makes a lot of sense to leverage Dependency. Injection and Ioc(Inversion of Control). Because it's easier to test the Application and also easier to change the Code.


In the past, Spring Framework was all about XML; today, all configuration is pretty much done via Code. It's possible to use property files to configure some aspects of backend services written in Java with Spring, yes, but in reality, most of the Code is in the Code in the form of Java Spring Beans. 


Spring Framework allows you to use annotations such as @Conmfiguration, where we can have a bunch of @Beans and multiple java files for configuration. The issue is when we build libraries and want to make the engineer's life easier by pre-hooking all spring-beans configurations for them. 


@Configuration and Shared Libraries


We have a contention point when we have shared libraries, like a significant bottleneck, more libs, and more bottlenecks. Why? Because libraries have binary coupling with Services, it does not take long to be in the position where changing the libs is expensive; updating all other services and/or libs is neither easier. 


But why it's terrible? Well, it's bad because at some point is not hard to lose control and pretty much have coupled with configuration. At the point that if a Spring Bean changes, you can break several libraries and services.


It's possible to do configuration testing; most companies do not do it. Because spring has a Runtime nature, you only will see problems when you boot up the spring context and reach some parts of the app. You end up in a scenario where you only will see the issues if you write some smart configuration testing or expensive integration test. This could not easily happen, leading to several problems at runtime or upper environments, meaning a high feedback cycle and less agility.


Engineers dont want to break other engineers' codes (not by design), so what happens is that people end up copying and pasting configuration does not take long before this becomes a mess. Now it becomes tough to reason what's going on and what configs are needed or not. 


Services need to Own their Configurations.


Shared libraries should not bundle pre-hooked configurations(Spring Beans @Configuration files). This needs to be done by consumers on their side. There are plenty of reasons why it's better to do this why, such as:

  • You understand what's going on and how your service behaves.
  • During Migrations and Refactorings, there are fewer changes config changes will break you by accident since you own them now.
  • IF different services tweak, their configs will not affect each other; therefore, you get isolation and more autonomy.
  • You can cherry-pick what you need and therefore reduce configuration complexity.
  • Shared-Libs changes can be dealt with in isolation for each service, allowing more paralyzation when change needs to happen. 


Of course, this creates a small problem: Ok, so how do I know what to do now? IMHO this is not a problem but a feature. As engineers, we should understand what we are doing at all times and not take anything for granted. How can we improve this?

  • A good wiki page with documentation.
  • We can record videos explaining how to configure and what options we have for libraries for consumers/users.
  • We can leverage reasonable defaults; therefore, much less config is required.
  • Unit Tests can teach you how to configure and/or use a library.


If something is so hard to use, Configurations can be a big smell. They are pointing out that we have an API Design Problem. I would fix the API Design instead of shipping shared configs with shared libs.


Isolation is the most crucial property of a Service(no Matter is SOA or Microservices or Monolith, Isolation matters the most. Configurations should be isolated as well. 


Cheers,

Diego Pacheco


Popular posts from this blog

Kafka Streams with Java 15

Image
Kafka Streams is a Streaming library similar to Spark and Flink which works with Apache Kafka. Kafka stream can be useful to process historical and near-real-time big data workloads but also for non-realtime analytical computations at scale for the online world as well. Kafka-Streams is elastic, highly scalable, fault-tolerant, and fully integrated with Kafka. You can use Kafka Stream with Java, Scala, Kotlin JVM applications and also have exactly-once processing semantics. Kafka-Streams is being used by the New York Times, Pinterest, Line, Trivago, Zalando, and many other companies. Today I want to share a video of Kafka-Streams running with Kafka 2.6 and Java JDK 15. So Let's get started. 
read more »

Rust and Java Interoperability

Image
Rust does not stop for one second to amaze me. It looks like Rust was designed to talk to every other language so easily. No kidding, it's clear way Web Assembly and rust have lots in common. Java is never an easy lang to interop with. Today I will show how easily we can interop Java & Rust. In order to do so, we will need to use the Java and Rust compilers. For Java, we will not require any other lib than the standard JDK. For Rust, we will need to create a lib project in cargo and we will need to use the crate JNI. I love this feature because java does not allow low-level code on the main language. So if we need to do something low level, efficiently Rust is my first choice, not only for safety reasons but because is really fast.  Let's get started.
read more »

HMAC in Java

Image
In 2018 AWS CTO(Vogels) said : "Security is everyone's job". For the last 2 years, there was so many famous and big data leaks and breaks that made that statement be very true more than ever. Security often could mean worst performance and worst user experience so in order to get it right you really need to think about the designs before jumping into to code and consider performance and user experience has main requirements.  I was thinking about writing about how to do HMAC in Java for a while and recently Redis 6.0.0 come out and to my surprise, there was a refactoring on the password part in order to use HMAC.  Security easily could scare engineers often because it is not something well spread yet but I believe this will change soon. It does not matter if you have to deal with PII Data or not, security is super relevant because everybody is running their workloads at the cloud or with IoT and Edge devices which means more distribution, more code, more points of fail
read more »