mirror of
https://github.com/LCTT/TranslateProject.git
synced 2025-01-16 22:42:21 +08:00
Merge pull request #6658 from erlinux/master
翻译完成 不知道为什么文件名中有奇怪的字符,这个不是你的问题。
This commit is contained in:
commit
259d48c9f8
@ -1,118 +0,0 @@
|
||||
**translating by [erlinux](https://github.com/erlinux)**
|
||||
|
||||
Why microservices are a security issue
|
||||
============================================================
|
||||
|
||||
### Maybe you don't want to decompose all your legacy applications into microservices, but you might consider starting with your security functions.
|
||||
|
||||
![Why microservices are a security issue](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003601_05_mech_osyearbook2016_security_cc.png?itok=3V07Lpko "Why microservices are a security issue")
|
||||
Image by : Opensource.com
|
||||
|
||||
I struggled with writing the title for this post, and I worry that it comes across as clickbait. If you've come to read this because it looked like clickbait, then sorry.[1][5]I hope you'll stay anyway: there are lots of fascinating[2][6] points and many[3][7]footnotes. What I _didn't_ mean to suggest is that microservices cause [security][15]problems—though like any component, of course, they can—but that microservices are appropriate objects of interest to those involved with security. I'd go further than that: I think they are an excellent architectural construct for those concerned with security.
|
||||
|
||||
And why is that? Well, for those of us with a [systems security][16] bent, the world is an interesting place at the moment. We're seeing a growth in distributed systems, as bandwidth is cheap and latency low. Add to this the ease of deploying to the cloud, and more architects are beginning to realise that they can break up applications, not just into multiple layers, but also into multiple components within the layer. Load balancers, of course, help with this when the various components in a layer are performing the same job, but the ability to expose different services as small components has led to a growth in the design, implementation, and deployment of _microservices_ .
|
||||
|
||||
More on Microservices
|
||||
|
||||
* [How to explain microservices to your CEO][1]
|
||||
|
||||
* [Free eBook: Microservices vs. service-oriented architecture][2]
|
||||
|
||||
* [Secured DevOps for microservices][3]
|
||||
|
||||
So, [what exactly is a microservice][23]? I quite like [Wikipedia's definition][24], though it's interesting that security isn't mentioned there.[4][17] One of the points that I like about microservices is that, when well-designed, they conform to the first two points of Peter H. Salus' description of the [Unix philosophy][25]:
|
||||
|
||||
1. Write programs that do one thing and do it well.
|
||||
|
||||
2. Write programs to work together.
|
||||
|
||||
3. Write programs to handle text streams, because that is a universal interface.
|
||||
|
||||
The last of the three is slightly less relevant, because the Unix philosophy is generally used to refer to standalone applications, which often have a command instantiation. It does, however, encapsulate one of the basic requirements of microservices: that they must have well-defined interfaces.
|
||||
|
||||
By "well-defined," I don't just mean a description of any externally accessible APIs' methods, but also of the normal operation of the microservice: inputs and outputs—and, if there are any, side-effects. As I described in a previous post, "[5 traits of good systems architecture][18]," data and entity descriptions are crucial if you're going to be able to design a system. Here, in our description of microservices, we get to see why these are so important, because, for me, the key defining feature of a microservices architecture is decomposability. And if you're going to decompose[5][8] your architecture, you need to be very, very clear which "bits" (components) are going to do what.
|
||||
|
||||
And here's where security starts to come in. A clear description of what a particular component should be doing allows you to:
|
||||
|
||||
* Check your design
|
||||
|
||||
* Ensure that your implementation meets the description
|
||||
|
||||
* Come up with reusable unit tests to check functionality
|
||||
|
||||
* Track mistakes in implementation and correct them
|
||||
|
||||
* Test for unexpected outcomes
|
||||
|
||||
* Monitor for misbehaviour
|
||||
|
||||
* Audit actual behaviour for future scrutiny
|
||||
|
||||
Now, are all these things possible in a larger architecture? Yes, they are. But they become increasingly difficult where entities are chained together or combined in more complex configurations. Ensuring _correct_ implementation and behaviour is much, much easier when you've got smaller pieces to work together. And deriving complex systems behaviours—and misbehaviours—is much more difficult if you can't be sure that the individual components are doing what they ought to be.
|
||||
|
||||
It doesn't stop here, however. As I've mentioned on many [previous occasions][19], writing good security code is difficult.[7][9] Proving that it does what it should do is even more difficult. There is every reason, therefore, to restrict code that has particular security requirements—password checking, encryption, cryptographic key management, authorisation, etc.—to small, well-defined blocks. You can then do all the things that I've mentioned above to try to make sure it's done correctly.
|
||||
|
||||
And yet there's more. We all know that not everybody is great at writing security-related code. By decomposing your architecture such that all security-sensitive code is restricted to well-defined components, you get the chance to put your best security people on that and restrict the danger that J. Random Coder[8][10] will put something in that bypasses or downgrades a key security control.
|
||||
|
||||
It can also act as an opportunity for learning: It's always good to be able to point to a design/implementation/test/monitoring tuple and say: "That's how it should be done. Hear, read, mark, learn, and inwardly digest.[9][11]"
|
||||
|
||||
Should you go about decomposing all of your legacy applications into microservices? Probably not. But given all the benefits you can accrue, you might consider starting with your security functions.
|
||||
|
||||
* * *
|
||||
|
||||
1Well, a little bit—it's always nice to have readers.
|
||||
|
||||
2I know they are: I wrote them.
|
||||
|
||||
3Probably less fascinating.
|
||||
|
||||
4At the time this article was written. It's entirely possible that I—or one of you—may edit the article to change that.
|
||||
|
||||
5This sounds like a gardening term, which is interesting. Not that I really like gardening, but still.[6][12]
|
||||
|
||||
6Amusingly, I first wrote, "…if you're going to decompose your architect…," which sounds like the strapline for an IT-themed murder film.
|
||||
|
||||
7Regular readers may remember a reference to the excellent film _The Thick of It_ .
|
||||
|
||||
8Other generic personae exist; please take your pick.
|
||||
|
||||
9Not a cryptographic digest: I don't think that's what the original writers had in mind.
|
||||
|
||||
_This article originally appeared on [Alice, Eve, and Bob—a security blog][13] and is republished with permission._
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://opensource.com/article/17/11/microservices-are-security-issue
|
||||
|
||||
作者:[Mike Bursell ][a]
|
||||
译者:[译者ID](https://github.com/译者ID)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:https://opensource.com/users/mikecamel
|
||||
[1]:https://blog.openshift.com/microservices-how-to-explain-them-to-your-ceo/?intcmp=7016000000127cYAAQ&src=microservices_resource_menu1
|
||||
[2]:https://www.openshift.com/promotions/microservices.html?intcmp=7016000000127cYAAQ&src=microservices_resource_menu2
|
||||
[3]:https://opensource.com/business/16/11/secured-devops-microservices?src=microservices_resource_menu3
|
||||
[4]:https://opensource.com/article/17/11/microservices-are-security-issue?rate=GDH4xOWsgYsVnWbjEIoAcT_92b8gum8XmgR6U0T04oM
|
||||
[5]:https://opensource.com/article/17/11/microservices-are-security-issue#1
|
||||
[6]:https://opensource.com/article/17/11/microservices-are-security-issue#2
|
||||
[7]:https://opensource.com/article/17/11/microservices-are-security-issue#3
|
||||
[8]:https://opensource.com/article/17/11/microservices-are-security-issue#5
|
||||
[9]:https://opensource.com/article/17/11/microservices-are-security-issue#7
|
||||
[10]:https://opensource.com/article/17/11/microservices-are-security-issue#8
|
||||
[11]:https://opensource.com/article/17/11/microservices-are-security-issue#9
|
||||
[12]:https://opensource.com/article/17/11/microservices-are-security-issue#6
|
||||
[13]:https://aliceevebob.com/2017/10/31/why-microservices-are-a-security-issue/
|
||||
[14]:https://opensource.com/user/105961/feed
|
||||
[15]:https://opensource.com/tags/security
|
||||
[16]:https://aliceevebob.com/2017/03/14/systems-security-why-it-matters/
|
||||
[17]:https://opensource.com/article/17/11/microservices-are-security-issue#4
|
||||
[18]:https://opensource.com/article/17/10/systems-architect
|
||||
[19]:https://opensource.com/users/mikecamel
|
||||
[20]:https://opensource.com/users/mikecamel
|
||||
[21]:https://opensource.com/users/mikecamel
|
||||
[22]:https://opensource.com/article/17/11/microservices-are-security-issue#comments
|
||||
[23]:https://opensource.com/resources/what-are-microservices
|
||||
[24]:https://en.wikipedia.org/wiki/Microservices
|
||||
[25]:https://en.wikipedia.org/wiki/Unix_philosophy
|
@ -0,0 +1,111 @@
|
||||
为什么微服务是一个安全问题
|
||||
============================================================
|
||||
|
||||
### 你可能并不想把所有的遗留应用全部分解为微服务,或许你可以考虑开始一段安全之旅。
|
||||
|
||||
![Why microservices are a security issue](https://opensource.com/sites/default/files/styles/image-full-size/public/lead-images/rh_003601_05_mech_osyearbook20 16_security_cc.png?itok=3V07Lpko)
|
||||
|
||||
Image by : Opensource.com
|
||||
|
||||
我为这篇文章起个标题,使出 “洪荒之力”,也很担心这会遇到 “好奇心点击”。如果你点击它,是因为激起了你的好奇,那么(我)表示抱歉。[1][5] 我是希望你留下来的 [2][6]:这里有有趣的观点以及很多 [3][7] 注解。我不是故意提出微服务会导致安全问题——尽管如同很多组件一样(都有安全问题)。当然,这些微服务是那些涉及安全(人员)的趣向所在,最佳对象。
|
||||
|
||||
为什么这样说?好(问题),对于我们这些有[系统安全][16] (的人来说),此时这个世界才是一个有趣的地方。我们看到分布式系统的增长,带宽便宜了并且延迟低了。加上
|
||||
"轻松上云"(部署到云的便利性在增加),越来越多的架构师们开始意识到应用是可以分解的。他们可以分解应用程序而不只是多个层,并且层内还能分为多个组件。当然均衡负载,对一个层次内的各个组件协同一个任务有帮助。但是增长揭露不同的服务作为小附件已经导致架构的增长,以及实施微服务的部署。
|
||||
|
||||
更多关于微服务
|
||||
|
||||
* [如何向你的 CEO 首席执行官 解释微服务][1]
|
||||
|
||||
* [免费电子书:微服务与面向服务的体系架构][2]
|
||||
|
||||
* [为微服务的 DevOps 保驾护航][3]
|
||||
|
||||
所以,[什么是微服务][23]?我同意[维基百科的定义][24],尽管有趣的关于安全性没有提起。[4][17]我喜欢微服务的一点是,精心设计符合 Peter H. Salus 描述的 [UNIX 哲学][25] 的前俩点:
|
||||
|
||||
1. 程序应该只关注一个目标,并尽可能把它做好。
|
||||
2. 让程序能够互相协同工作。
|
||||
3. 应该让程序处理文本数据流,因为这是一个通用的接口。
|
||||
|
||||
三者中最后一个小小的不相关,因为 UNIX 哲学 通常被用来指代独立应用,它常有一个命令实例化。但是,它确实包含了微服务的基本要求之一:必须具有定义 "明确" 的接口。
|
||||
|
||||
明确下,我指的不仅仅是很多外部 API 访问的方法,还有正常的微服务输入输出操作——以及,如果有任何副作用。就像我之前的文章描述的,“[五个特征良好的系统架构][18]”,如果你能设计一个系统,数据和描述主体是至关重要的。这里,在我们的微服务描述上,我们得到查看为什么这些是很重要的。因为对我来说,微服务架构的关键未来定义是可分解性。如果你要分解 [5][8] 你的架构,你必须非常非常非常的清楚 "bits"
|
||||
组件要做什么。
|
||||
|
||||
在这里,安全的要来了。准确描述特定组件应该做什么以允许你:
|
||||
|
||||
* 查看您的样图
|
||||
* 确保您的实现符合描述
|
||||
* 提出可重用测试单元来审查功能
|
||||
* 跟踪实施中的错误并纠正错误
|
||||
* 测试意料外的产出
|
||||
* 监视不当行为
|
||||
* 审核未来可能的真实行为
|
||||
|
||||
现在,这些东西(微服务)可能都在一个大架构里了吗?是的。但如果实体是在更复杂的配置中链接或组合在一起,他们会随着越来越难。为确保正确的实施和贯彻,当你有小块一起工作。以及如果你不能确定单个组件正在做他们应正在工作的,那么衍生出复杂系统运行状况和不正确行为就困难的多了。
|
||||
|
||||
不管怎样,它不止于此。由于我已经在许多[以往场合][19]提过,写足够安全的代码是困难的,[7][9] 证实它应该做的更加困难。因此,有理由限制特定安全要求的代码——密码检测、加密、加密密钥管理、授权、等等。——变的小,明确的快。然后你可以执行上面提到所有事情,以确定正确完成。
|
||||
|
||||
以及还有更多。我们都知道并不是每个人都擅长于编写与安全相关的代码。通过分解你的体系架构,你得到机会去把最棒的安全人员去限制 J. 随机编码器 [8][10] 会把一些关键的安全控制措施绕过或降级的危险。
|
||||
|
||||
它可以作为学校的机会:它总能够指向 设计/实现/测试/监视元组 并且说:“听,读,标记,学习,内在消化。这是应该做的。[9][11] ”
|
||||
|
||||
是否应该将所有遗留应用程序分解为微服务? 你可能可能不会。 但是考虑到所有的好处,你可以考虑从安全功能开始。
|
||||
|
||||
* * *
|
||||
|
||||
1、有一点——有读者总是好的。
|
||||
|
||||
2、我知道他们的意义:我写下了他们。
|
||||
|
||||
3、可能不那么使人着迷。
|
||||
|
||||
4、在写这篇文章时。我或你们中的一个可能会去编辑改变它。
|
||||
|
||||
5、这很有趣,听起来想一个园艺术语。并不是说我很喜欢园艺,但仍然... [6][12]
|
||||
|
||||
6、有趣地,我首先写了 “如果你要分解你的架构....” 这听起来想是一个 IT 主题的谋杀电影标题。
|
||||
|
||||
7、定期的读者可能会记得提到的优秀电影 “The Thick of It”
|
||||
|
||||
8、其他存在的常规人物:请随便选择。
|
||||
|
||||
9、不是加密摘要:我不认同原作者的想法。
|
||||
|
||||
这篇文章最初出在[爱丽丝与鲍伯](https://zh.wikipedia.org/zh-hans/%E6%84%9B%E9%BA%97%E7%B5%B2%E8%88%87%E9%AE%91%E4%BC%AF)——一个安全博客上,并被许可转载。
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
via: https://opensource.com/article/17/11/microservices-are-security-issue
|
||||
|
||||
作者:[Mike Bursell ][a]
|
||||
译者:[erlinux](https://itxdm.me)
|
||||
校对:[校对者ID](https://github.com/校对者ID)
|
||||
|
||||
本文由 [LCTT](https://github.com/LCTT/TranslateProject) 原创编译,[Linux中国](https://linux.cn/) 荣誉推出
|
||||
|
||||
[a]:https://opensource.com/users/mikecamel
|
||||
[1]:https://blog.openshift.com/microservices-how-to-explain-them-to-your-ceo/?intcmp=7016000000127cYAAQ&src=microservices_resource_menu1
|
||||
[2]:https://www.openshift.com/promotions/microservices.html?intcmp=7016000000127cYAAQ&src=microservices_resource_menu2
|
||||
[3]:https://opensource.com/business/16/11/secured-devops-microservices?src=microservices_resource_menu3
|
||||
[4]:https://opensource.com/article/17/11/microservices-are-security-issue?rate=GDH4xOWsgYsVnWbjEIoAcT_92b8gum8XmgR6U0T04oM
|
||||
[5]:https://opensource.com/article/17/11/microservices-are-security-issue#1
|
||||
[6]:https://opensource.com/article/17/11/microservices-are-security-issue#2
|
||||
[7]:https://opensource.com/article/17/11/microservices-are-security-issue#3
|
||||
[8]:https://opensource.com/article/17/11/microservices-are-security-issue#5
|
||||
[9]:https://opensource.com/article/17/11/microservices-are-security-issue#7
|
||||
[10]:https://opensource.com/article/17/11/microservices-are-security-issue#8
|
||||
[11]:https://opensource.com/article/17/11/microservices-are-security-issue#9
|
||||
[12]:https://opensource.com/article/17/11/microservices-are-security-issue#6
|
||||
[13]:https://aliceevebob.com/2017/10/31/why-microservices-are-a-security-issue/
|
||||
[14]:https://opensource.com/user/105961/feed
|
||||
[15]:https://opensource.com/tags/security
|
||||
[16]:https://aliceevebob.com/2017/03/14/systems-security-why-it-matters/
|
||||
[17]:https://opensource.com/article/17/11/microservices-are-security-issue#4
|
||||
[18]:https://opensource.com/article/17/10/systems-architect
|
||||
[19]:https://opensource.com/users/mikecamel
|
||||
[20]:https://opensource.com/users/mikecamel
|
||||
[21]:https://opensource.com/users/mikecamel
|
||||
[22]:https://opensource.com/article/17/11/microservices-are-security-issue#comments
|
||||
[23]:https://opensource.com/resources/what-are-microservices
|
||||
[24]:https://en.wikipedia.org/wiki/Microservices
|
||||
[25]:https://en.wikipedia.org/wiki/Unix_philosophy
|
Loading…
Reference in New Issue
Block a user