Abstract
Nowadays, microservices architecture has increased its popularity within software development. This architecture is considered as a refinement and simplification of the service-oriented architecture (SOA). In microservices, the development approach is given by the functional decomposition into small services, where each one makes use of its own computational resources and light communication mechanisms, such as HTTP. Compared to monolithic architectures, microservices can be developed using different code bases. Therefore, performance and security are two of the quality attributes that must be taken into account when building microservices. The objective of this work is to define a DevOps Pipeline that allows us to use best practices at the development level to improve performance and security in pre-production environments. For deployment, two open-source containers are selected to evaluate under which situations it is more convenient to use Docker or Containerd, especially at the base image level.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Smith, M., Saunders, P.R., Lyons, L.: A Practical Guide to Microservices and Containers (2018)
Industrial Internet Consortium: Industrial Internet Reference Architecture, p. 101 (2015)
Fernandez, E.B., Monge, R., Hashizume, K.: Building a security reference architecture for cloud systems. Requirements Eng. 21(2), 225–249 (2015). https://doi.org/10.1007/s00766-014-0218-7
Newman, S.: Building Microservices. O’Reilly Media Inc., United States of America (2015)
Esposito, C., Castiglione, A., Choo, K.-K.R.: Challenges in delivering software in the cloud as microservices. IEEE Cloud Comput. 3(5), 10–14 (2016)
Schwartz, A.: Microservices. Informatik-Spektrum 40(6), 590–594 (2017). https://doi.org/10.1007/s00287-017-1078-6
Amaral, M., Polo, J., Carrera, D., Mohomed, I., Unuvar, M., Steinder, M.: Performance evaluation of microservices architectures using containers. In: Proceedings of the 2015 IEEE 14th International Symposium on Network Computing and Applications, NCA 2015, pp. 27–34 (2016)
Dua, R., Raja, A.R., Kakadia, D.: Virtualization vs containerization to support PaaS. In: Proceedings of the 2014 IEEE International Conference on Cloud Engineering, IC2E 2014, pp. 610–614 (2014)
Hogg, S.: Software Containers: Used More Frequently than Most Realize, 26 May 2014
Open Container Initiative: Open Container Initiative (2015)
Brown, M., Liu, L.: Containerd Brings More Container Runtime Options for Kubernetes, 2 November 2017
CoreOS: rkt, a security-minded, standards-based container engine (2014)
Containerd: containerd, an industry-standard container runtime with an emphasis on simplicity, robustness and portability (2019)
CRI-O: CRI-O, lightweight container runtime for Kubernetes (2018)
Docker: Get started, part 1: orientation and setup (2019)
Xie, X.L., Wang, P., Wang, Q.: The performance analysis of Docker and rkt based on Kubernetes. In: 13th International Conference on Natural Computation, Fuzzy Systems and Knowledge Discovery, ICNC-FSKD 2017, pp. 2137–2141 (2018)
Crosby, M.: What is containerd? 7 August 2017
Turnbull, J.: The Docker book: containerization is the new virtualization (2014)
Brown, R.: CRI-O is now our default container runtime interface, 17 September 2018
Vohra, D.: Kubernetes Microservices With Docker. Apress (2016)
Chung, M.T., Quang-Hung, N., Nguyen, M.-T., Thoai, N.: Using docker in high performance computing applications. In: 2016 IEEE 6th International Conference on Communications and Electronics (ICCE), pp. 52–57 (2016)
Souppaya, M., Morello, J., Scarfone, K.: NIST Special Publication 800-190 - Application container security guide. NIST Special Publication, vol. 1, p. 63 (2017)
Snyk: Snyk, develop fast. Stay secure (2020)
Liz, R.: Container Image Immutability and the Power of Metadata (2016)
Docker: Content trust in Docker (2019)
Aggarwal, B.: Authentication and Authorization in Microservices, 19 March 2019
Taylor, T.: 8 Best Practices for Container Secrets Management, 22 April 2019
Koziolek, H.: Performance evaluation of component-based software systems: a survey. Perform. Eval. 67(8), 634–658 (2010)
Khazaei, H., Barna, C., Beigi-Mohammadi, N., Litoiu, M.: Efficiency analysis of provisioning microservices. In: Proceedings of the International Conference on Cloud Computing Technology and Science, CloudCom, pp. 261–268 (2017)
Indrasiri, B.K.: Microservices in Practice - Key Architectural Concepts of an MSA, July 2019
Ebert, C., Gallardo, G., Hernantes, J., Serrano, N.: DevOps. IEEE Softw. 33(3), 94–100 (2016)
XebiaLabs: Periodic Table of DevOps Tools (2019)
TypeScript: TypeScript, JavaScript that scales (2012)
NestJS: Hello, nest! A progressive Node.js framework for building efficient, reliable and scalable server-side applications (2017)
MongoDB: The database for modern applications (2020)
Mongoose: Mongoose, elegant mongodb object modeling for node.js (2016)
Paypal Developer: Install the REST SDK (2020)
Istio Autores: What is Istio (2019)
Acknowledgment
This work has been sponsored by Universidad Técnica Particular de Loja (Computer Science Department).
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Castillo Rivas, D.A., Guamán, D. (2021). Performance and Security Evaluation in Microservices Architecture Using Open Source Containers. In: Botto-Tobar, M., Montes León, S., Camacho, O., Chávez, D., Torres-Carrión, P., Zambrano Vizuete, M. (eds) Applied Technologies. ICAT 2020. Communications in Computer and Information Science, vol 1388. Springer, Cham. https://doi.org/10.1007/978-3-030-71503-8_37
Download citation
DOI: https://doi.org/10.1007/978-3-030-71503-8_37
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-71502-1
Online ISBN: 978-3-030-71503-8
eBook Packages: Computer ScienceComputer Science (R0)