Microservices? API Gateway?

[mentos1386]

Investigate if this would be worth the effort.

It wouldn't be as hard to implement as we we would just need to remove controllers from each module and replace it with a protocol of choice that would expose *.service.ts public methods.

This way we would have one API Gateway module, with http/websocket (could even split websocket to own gateway?), that would have http controller and just send requests to appropriate microservice.

Benefits:

• Scaling per microservice
• Each microservice in own docker container? Only building if microservice code changed or core changed.

---

1. direct client to microservice communication versus the api gateway pattern
2. microservices - apigateway

[mentos1386]

Current idea is.

Use HTTP, same as now, for API requests. Use Istio to handle proxying to actual services.

For connection between services, instead of using now direct ts calls, we will split all modules to microservices and use gRpc to communicate between them.

Pros:

• Better, per service, scaling
• Better API versioning, with independent versioning for "private" communication
• Fun to implement

Cons:

• Loss of /docs endpoint with swagger. We will have to do this manually somehow (move to graphql?)

[mentos1386]

TODO Code:

• Move to own packages
• Decide on grpc or events for connection between services; Will use GRPC
• Fix code to reflect types from grpc/events
• Look in to events, specifically, how should we handle notification creation and delivery of them to websocket services.
• remove all cqrs things
• Modify all services to be Hybrid services, so that they can be on grpc and redis at once. + we will need http for health check
• Create AuthenticationService
• Create events on notification creations
• Implement HTTP or GraphQL gateway; Will go with HTTP for now
• Implement health checks for all services
• Make sure everything builds using docker (.dockerignore issue...)
• Implement k8s services/deployments/ingress and setup up istio for all services
• ⚠️ Reevaluate JWT authentication changes. Make sure that only tokens obtained through our authentication flow can be used to access api. ⚠️

TODO Pipeline:

• Fix circleci to build all the services
• Autmated dockerfile discovery and creation of jobs for all of them
• Once infra is kinda done, implement automated deployment

TODO Infra:

• Pick a suitable cloud provider
  • AWS - i know this the most, have to pay for EKS/h, also has ECR. Not the best kubernetes.
  • GCP - very good kubernetes, has docker registry. First year 300e free?
  • Digitalocean - expensive but simple. Around 60-75e per month for 2-3 node cluster, postgresql, redis and one loadbalancer. Would have to use docker hub for registry which doesn't have automated registry creation?
• Create managed postgresql and redis (terraform?)
• Create registry
• Create kubernetes cluster with istio
• Setup secret management, helm secrets, vault, something else?
• Monitoring, grafana, prometheus?. Make it all public so that everyone can see everything (but not edit)