Edition 0 Updated to asp. Net core 0
Advanced monitoring: visualization, analysis, and alerts
Yüklə 11,82 Mb. Pdf görüntüsü
|
- Bu səhifədəki naviqasiya:
- Additional resources • HealthChecks and HealthChecks UI for ASP.NET Core
|
Advanced monitoring: visualization, analysis, and alerts
The final part of monitoring is visualizing the event stream, reporting on service performance, and alerting when an issue is detected. You can use different solutions for this aspect of monitoring. You can use simple custom applications showing the state of your services, like the custom page shown when explaining the AspNetCore.Diagnostics.HealthChecks . Or you could use more advanced tools like Azure Monitor to raise alerts based on the stream of events. Finally, if you’re storing all the event streams, you can use Mic rosoft Power BI or other solutions like Kibana or Splunk to visualize the data. 319 CHAPTER 7 | Implement resilient applications Additional resources • HealthChecks and HealthChecks UI for ASP.NET Core https://github.com/Xabaril/AspNetCore.Diagnostics.HealthChecks • Introduction to Service Fabric health monitoring https://learn.microsoft.com/azure/service-fabric/service-fabric-health-introduction • Azure Monitor https://azure.microsoft.com/services/monitor/ 320 CHAPTER 8 | Make secure .NET Microservices and Web Applications CHAPTER 8 Make secure .NET Microservices and Web Applications There are so many aspects about security in microservices and web applications that the topic could easily take several books like this one. So, in this section, we’ll focus on authentication, authorization, and application secrets. Implement authentication in .NET microservices and web applications It’s often necessary for resources and APIs published by a service to be limited to certain trusted users or clients. The first step to making these sorts of API-level trust decisions is authentication. Authentication is the proc ess of reliably verifying a user’s identity. In microservice scenarios, authentication is typically handled centrally. If you’re using an API Gateway, the gateway is a good place to authenticate, as shown in Figure 9-1. If you use this approach, make sure that the individual microservices cannot be reached directly (without the API Gateway) unless additional security is in place to authenticate messages whether they come from the gateway or not. Figure 9-1. Centralized authentication with an API Gateway When the API Gateway centralizes authentication, it adds user information when forwarding requests to the microservices. If services can be accessed directly, an authentication service like Azure Active 321 CHAPTER 8 | Make secure .NET Microservices and Web Applications Directory or a dedicated authentication microservice acting as a security token service (STS) can be used to authenticate users. Trust decisions are shared between services with security tokens or cookies. (These tokens can be shared between ASP.NET Core applications, if needed, by implementing cookie sharing .) This pattern is illustrated in Figure 9-2. Figure 9-2. Authentication by identity microservice; trust is shared using an authorization token When microservices are accessed directly, trust, that includes authentication and authorization, is handled by a security token issued by a dedicated microservice, shared between microservices. Yüklə 11,82 Mb. Dostları ilə paylaş:
|