How to build microservice which is based on OCI Function and ATP with Terraform

A lot of people around the world believe the serverless approach is the ultimate future of cloud computing. I am also such a believer, but it will be a gradual move, sort of evolution within the next couple of years. Some time ago I have published a blog about private endpoints for ATP.

Pic. Topology Diagram

I have used the code related to this blog post and I have refactored it a bit. The idea behind was to eliminate VM-based web server with Flask microservice. This old school technology could be replaced by OCI Function and API Gateway (btw. check Kranthi blog post). I guess this refactoring has been pretty successful. Below in this 15 minutes video, you will see my hard work on this topic. Hope it will be tasty 🙂

Bon Appetit,

Martin, The Cook.

Subscribe to get access

For now video is blocked, but you can watch it immediately when you subscribe!

OCI-Ballerina module

What is Ballerina?

Ballerina is an open-source, general-purpose, cloud-native programming language that incorporates concepts of distributed systems and micro-service development with both textual and graphical syntax. So why a completely new language? In the current micro-services world, I believe the language should have more capabilities to deal with creating containers, storing and deploying them to cloud platforms. The trend seems to be similar to the frameworks around JavaScript. Angular and React were born to incorporate the best practices to write clean and efficient code. One could argue that those are frameworks or libraries that could also be added to the language, but what if those features are available already in the language? It is all up to the developer to decide to choose the capabilities available in the language (Remember “import” in java?). For more details and discussions, check here

The OCI-Ballerina GitHub module:

The GitHub module provides the language to interact with OCI resources for a seamless native cloud application development process. The module would enable a user to efficiently provision and manage infrastructure resources on OCI. For example, a user might write business logic code or configuration code (e.g. provisioning scripts).

Risk Events Service from Oracle CASB

The Oracle Cloud Access Security Broker gives visibility into the entire cloud stack and acts as the security automation tool for the IT needs. For more details, check the details here. There are different modules like threat detection, predictivity analytics, and Security configuration available in CASB. In this example, we will take advantage of CASB’s risk events API to get the risk event data for the cloud tenancy. We will save this data to OCI Object Storage, which then could be leveraged to integrate with any other security and monitoring systems like Splunk, QRadar, or Oracle Management Cloud.

Prerequisites:

Once the module is downloaded from the GitHub, we need to configure the tenancy details as mentioned below. Once configured and tested, we can create an ociClient object to interact with OCI.

Image – Prerequisites to interact with OCI

JSON to CSV Transform:

Once we acquire the risk event data in JSON format, we can take the advantage of the native JSON to CSV file (shown below) converter available in the Ballerina language, to upload the file to object storage.

Image: JSON to CSV converter built in the language

Image: CSV file uploaded to OCI object storage

Summary:

To create a micro-service that fetches risk event data from Oracle CASB, we took advantage of the GitHub module for OCI-Ballerina interaction. We obtained the risk events data in a JSON format, converted into a CSV file, and uploaded it to the OCI object storage. The GitHub module also allows a user to interact with other OCI resources to develop and deploy on OCI.

How to Create API Gateway in OCI using Terraform

In microservices-based applications, business logic is spread across multiple services. Different clients like mobile and web browsers interact with these services. Such interactions might require protocol conversion, handling network latency, protecting from malicious traffic, etc. To handle such scenarios, complex distributed applications like Netflix use API Gateway to optimize the API interaction and improve the performance of the system.

In this video, we will discuss more about Oracle Cloud Infrastructure API Gateway in detail and how to create it using Terraform available in this Github module.